SlideShare uma empresa Scribd logo

Cyber Threats Landscape and Defense Guide

Transferir como PPTX, PDF
fantaghost
fantaghost

This document summarizes Andrea Minigozzi's presentation on cyber threats landscape and defense. It discusses the evolution of threats from early computer viruses to modern advanced persistent threats. Various threat vectors are examined, including malware, social engineering, and zero-day exploits. Common attack methods like watering hole attacks and the Heartbleed bug are explained. Defensive strategies are proposed, such as previewing shortened URLs and avoiding malicious QR codes. The presentation aims to increase understanding of modern cybersecurity challenges and threats.

InternetTecnologia
1 de 29
Cyber Threats: Landscape and Defense Ing. Andrea Garavaglia Andrea Minigozzi, CISSP – OPST ISIS “C. Facchinetti” Castellanza – VA 14 – 04 - 2014
Cyber Threats Landscape and Defense Andrea Minigozzi is a certified CISSP and OPST Security Expert with fourteen years experience, encompassing SIEM, malware analysis, investigating security incidents, computer and network forensics, ISO 27001/NIST/COBIT audits and hardening of various devices on civil and military programs. Andrea is the owner of FantaGhost web site and develops FG-Scanner project. About US…. #whoami Andrea Minigozzi – Andrea Garavaglia Andrea Garavaglia supported for years Law Enforcement with analysis tools used to discover patterns, trends, associations and hidden networks in any number and type of data sources. He worked also with voice and ip interceptions, traffic reconstruction, forensics analisys. Actually is a Network Security Monitor lover.
Cyber Threats Landscape and Defense A Real problem for today’s industries Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense Who can become a Victim ? Andrea Minigozzi – Andrea Garavaglia Source: http://www.tietoturvapaiva.fi/uploads/Tietoturva%202012/stonesoft.pdf
Cyber Threats Landscape and Defense From virus to Advanced Persistent Threats: the timeline 1971 Creeper 1987 Jerusalem 1982 Elk Cloner 1992 Michelangelo 2005 MyTob 2000 I love you 2001 Code Red 2004 Sasser 1999 Melissa 2007 Storm BotNet 2009 Conficker 1970 1980 1990 2000 - 2009 Source: http://blogs.csoonline.com/1421/40_years_after_the_first_computer_virus 1986 Brain Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense From virus to Advanced Persistent Threats: the timeline 2010 - Today 2010 Stuxnet 2010 VBMania 2010 Kenzero 2010 SpyEye + Zeus 2011 Zero Access 2011 Duqu 2012 Flame 2012 Shamoon 2012 NGRBot 2013 CryptoLocker 2014 ................ Source: http://en.wikipedia.org/wiki/Timeline_of_computer_viruses_and_worms Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense Terms and definitions: viruses and worms Andrea Minigozzi – Andrea Garavaglia VIRUS A program that “infects” computer files, usually executable programs, by inserting a copy of itself into the file. These copies are usually executed when the infected files is loaded into memory, allowing the virus to infect other files. A virus requires human involvement (usually unwitting) to propagate. WORM An independent computer program that reproduces by copying itself from one system to another across a network. Unlike computer viruses, worms do not require human involvement to propagate and exploit vulnerabilities to bypass security systems.
Cyber Threats Landscape and Defense Terms and definitions: trojan horses and 0-day exploits TROJAN HORSE A computer program that conceals harmful code. A Trojan horse usually masquerades as a useful program that a user would wish to execute. 0-DAY EXPLOIT An exploit that takes advantage of a security vulnerability previously unknown to the general public. In many cases, the exploit code is written by the same person who discovered the vulnerability. Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense Terms and definitions: malware MALWARE A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim's data, applications, or operating system or of otherwise annoying or disrupting the victim and often violates one or more of the following fundamental principles: Consent: Malware may be installed even though the user did not knowingly ask for that to happen. Privacy-Respectfulness: Malware may violate a user's privacy, perhaps capturing user passwords or credit card information. Non-Intrusiveness: Malware may annoy users by popping up advertisements, changing web browser's home page, making systems slow or unstable and prone to crash, or interfering with already installed security software. Harmlessness: Malware may be software that hurts users (such as software that damages our system, sends spam emails, or disables security software). Respect for User Management: If the user attempts to remove the software, it may reinstall itself or otherwise override user preferences. Source: http://itlaw.wikia.com/wiki/Malware Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense Malicious code spreading vectors and attack surface 1980 1990 2000 - 2014 Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense New malware in the last two years Andrea Minigozzi – Cyber Threats Landscape and Defense Source: http://www.mcafee.com/uk/resources/reports/rp-quarterly-threat-q3-2013.pdf
Cyber Threats Landscape and Defense New malwares for emerging operating systems Andrea Minigozzi – Cyber Threats Landscape and Defense Source: http://www.mcafee.com/uk/resources/reports/rp-quarterly-threat-q3-2013.pdf
Cyber Threats Landscape and Defense Global Email Volume, in Trillions of messages Source: http://www.mcafee.com/uk/resources/reports/rp-quarterly-threat-q3-2013.pdf Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense Hacking motivations HACKERS : They need to understand how the systems works and how to improve security and performances HACKTIVISTS: They use computers and computer networks to promote political ends, chiefly free speech, human rights, and information ethics. STATE SPONSORED HACKERS: Governments around the globe realize that it serves their military objectives to be well positioned online. SPY HACKERS: Corporations hire hackers to infiltrate the competition and steal trade secrets. CYBER TERRORISTS: These hackers, generally motivated by religious or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures. Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense Attack Diagram: the past Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense Andrea Minigozzi – Andrea Garavaglia Attack Diagram: the present
Cyber Threats Landscape and Defense Terms and definitions: advanced persistent threats ADVANCED PERSISTENT THREATS Advanced Persistent Threat (APT) is a set of stealthy and continuous hacking processes often orchestrated by human targeting a specific entity. APT usually targets organizations and or nations for business or political motives. APT processes require high degree of covertness over a long period of time. Source: https://www.academia.edu/6309905/Advanced_Persistent_Threat_-_APT The advanced process signifies sophisticated techniques using malware to exploit vulnerabilities in systems and Advanced Evasion Technique to avoid detection. The persistent process suggests that an external command and control is continuously monitoring and extracting data off a specific target. The threat process indicates human involvement in orchestrating the attack Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense Andrea Minigozzi – Andrea Garavaglia APT Teams and Connections B-TeamA-Team More senior? Malware writers? Beaconing & Latching Command & Control; Agent transfer Command & Control; Agent transfer www.hackedsite1.com Agent Download & Install www.hackedsite2.com Data transfer Data transfer Stage 0 Infection Stage 1 Generate Intermediaries Stage 2 Setup Relay Agents Stage 3 Data Exfiltration RDP & Other Transfer HostIntermediary HostFoothold Host Data Host
Cyber Threats Landscape and Defense Advanced Persistent Threats LifeCycle Source: http://en.wikipedia.org/wiki/Advanced_persistent_threat#History_and_targets Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense A great video from TrendMicro explain how the attacks works Source: http://www.youtube.com/watch?v=fpeMR1214t0 Andrea Minigozzi – Andrea Garavaglia This video describe a real successful attack happended some time ago: the attacked company lost about 60 Million dollar$
Cyber Threats Landscape and Defense Live Demo Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense QR Codes and Shortened URLs: when the threats get short ! http://goo.gl/pJ0sKw Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense QR Codes and Shortened URLs: when the threats get short ! STAY AWAY FROM MALICIOUS QR CODES! Scanning QR codes in the form of stickers placed randomly on the street's walls is most dangerous. It is a very common way that scammers use to get people scan the code just because of curiosity. Reports say, “46% just said they were curious what this odd little jumbled cube could do.” So, we should not scan any QR codes that are not from trusted sources. LOOK CLOSELY TO A QR CODE BEFORE DO ANYTHING ELSE! Andrea Minigozzi – Andrea Garavaglia The are few apps on the stores you can use to analyze the Qrcode.....
Cyber Threats Landscape and Defense QR Codes and Shortened URLs: when the threats get short ! http://goo.gl/pJ0sKw http://goo.gl/ZFm5u6 Are you able to see if the two shortened URLs above lead us to trusted websites? http://goo.gl/pJ0sKw http://goo.gl/ZFm5u6 Malicious URL FantaGhost Web Page Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense QR Codes and Shortened URLs: when the threats get short ! Are there any solutions for this problem? YES! WE SHOULD PREVIEW THE SHORTENED URLS BEFORE USING THEM. Several website tools help us to get a full URL address from the shortened URL, an example is http://unshort.me/ In addition, some URL shortening services, such as goo.gl, give us an option to preview the shortened URL first by add a “+” at the end of the URL. Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense The most dangerous (and commons) vulnerabilities 1. Email Social Engineering/Spear Phishing 2. Infection Via a Drive-By Web Download: Watering Hole Attack 3. USB Key Malware 4. Scanning Networks for Vulnerabilities and Exploitment 5. Guessing or Social Engineering Passwords 6. Wifi Compromises 7. Stolen Credentials From Third-Party Sites 8. Compromising Web-Based Databases 9. Exploiting Password Reset Services to Hijack Accounts 10. Insiders Andrea Minigozzi – Andrea Garavaglia
Cyber Threats Landscape and Defense Understanding HeartBleed Bug Andrea Minigozzi – Andrea Garavaglia CVE-2014-0160 Source: http://www.xkcd.com/1354 - http://regmedia.co.uk/2014/04/09/openssl_haertbleed_diagram.png
Cyber Threats Landscape and Defense Questions ? Andrea Minigozzi – Andrea Garavaglia
@FantaGhost andrea@fantaghost.com http://www.fantaghost.com THANK YOU! Ing. Andrea Garavaglia Andrea Minigozzi, CISSP - OPST garanews@gmail.com

Recomendados

Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAbhishekDas794104
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityPriyanshu Ratnakar
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptxDawood Faheem Abbasi
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
 

Recomendados

Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAbhishekDas794104
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityPriyanshu Ratnakar
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptxDawood Faheem Abbasi
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Cyber Security Presentation
Cyber Security PresentationCyber Security Presentation
Cyber Security PresentationHaniyaMaha
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityVivek Agarwal
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeMuhammad Osama Khalid
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber SecurityNikunj Thakkar
 
Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsSergey Soldatov
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
CYBER SECURITY
CYBER SECURITY CYBER SECURITY
CYBER SECURITY Ashish prashar
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
A military perspective on cyber security
A military perspective on cyber securityA military perspective on cyber security
A military perspective on cyber securityJoey Hernandez
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYVaishak Chandran
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityrahulbhardwaj312501
 
Cyber security threats and trends
Cyber security threats and trendsCyber security threats and trends
Cyber security threats and trendsHadeel Sadiq Obaid
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligencePrachi Mishra
 
Cyber threats
Cyber threatsCyber threats
Cyber threatskelsports
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 

Mais conteúdo relacionado

Mais procurados

kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Cyber Security Presentation
Cyber Security PresentationCyber Security Presentation
Cyber Security PresentationHaniyaMaha
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber SecurityNikunj Thakkar
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsSergey Soldatov
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
A military perspective on cyber security
A military perspective on cyber securityA military perspective on cyber security
A military perspective on cyber securityJoey Hernandez
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Cyber security threats and trends
Cyber security threats and trendsCyber security threats and trends
Cyber security threats and trendsHadeel Sadiq Obaid
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligencePrachi Mishra
 

Mais procurados (20)

kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
Cyber Security Presentation
Cyber Security PresentationCyber Security Presentation
Cyber Security Presentation
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber Security
 
Information security
Information securityInformation security
Information security
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operations
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
CYBER SECURITY
CYBER SECURITY CYBER SECURITY
CYBER SECURITY
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
A military perspective on cyber security
A military perspective on cyber securityA military perspective on cyber security
A military perspective on cyber security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber security threats and trends
Cyber security threats and trendsCyber security threats and trends
Cyber security threats and trends
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 

Destaque

Cyber threats
Cyber threatsCyber threats
Cyber threatskelsports
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
Project manager MBA cyber security
Project manager MBA cyber securityProject manager MBA cyber security
Project manager MBA cyber securityGarry Wood
 
Cyberspace slide show
Cyberspace slide showCyberspace slide show
Cyberspace slide showBeckusq
 
Pirater un compte facebook
Pirater un compte facebookPirater un compte facebook
Pirater un compte facebookzabakpolak
 
Rapport Bockel sur la cyber-défense
Rapport Bockel sur la cyber-défenseRapport Bockel sur la cyber-défense
Rapport Bockel sur la cyber-défenseFrançois Bourboulon
 
Cybertech 2014, Irsaël
Cybertech 2014, IrsaëlCybertech 2014, Irsaël
Cybertech 2014, IrsaëlFSJU AUJF
 
Valdes cyberguerre-barcamp2012
Valdes cyberguerre-barcamp2012Valdes cyberguerre-barcamp2012
Valdes cyberguerre-barcamp2012Valdes Nzalli
 
Fiche type nouveau media il fr
Fiche type nouveau media il frFiche type nouveau media il fr
Fiche type nouveau media il frFSJU AUJF
 
Présentation Cyber espace
Présentation Cyber espacePrésentation Cyber espace
Présentation Cyber espaceadelvigne
 
Sécuriser son espace Cyber-base face aux usages illicites - ExplorCamp (2009)
Sécuriser son espace Cyber-base face aux usages illicites - ExplorCamp (2009)Sécuriser son espace Cyber-base face aux usages illicites - ExplorCamp (2009)
Sécuriser son espace Cyber-base face aux usages illicites - ExplorCamp (2009)Ardesi Midi-Pyrénées
 
Cyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the ThreatCyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the ThreatIBM Government
 
Les nouveaux usages géographiques du cyberespace
Les nouveaux usages géographiques du cyberespaceLes nouveaux usages géographiques du cyberespace
Les nouveaux usages géographiques du cyberespaceJérémie34
 
Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseRishu Mehra
 
L'année 2014 de la cyberdéfense
L'année 2014 de la cyberdéfenseL'année 2014 de la cyberdéfense
L'année 2014 de la cyberdéfensencaproni
 
Cyberdéfense-Eldorado-Emplois-Reconversion-v2r0
Cyberdéfense-Eldorado-Emplois-Reconversion-v2r0Cyberdéfense-Eldorado-Emplois-Reconversion-v2r0
Cyberdéfense-Eldorado-Emplois-Reconversion-v2r0Eric DUPUIS
 

Destaque (20)

Cyber threats
Cyber threatsCyber threats
Cyber threats
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 
Project manager MBA cyber security
Project manager MBA cyber securityProject manager MBA cyber security
Project manager MBA cyber security
 
Cyberspace slide show
Cyberspace slide showCyberspace slide show
Cyberspace slide show
 
Pirater un compte facebook
Pirater un compte facebookPirater un compte facebook
Pirater un compte facebook
 
Rapport Bockel sur la cyber-défense
Rapport Bockel sur la cyber-défenseRapport Bockel sur la cyber-défense
Rapport Bockel sur la cyber-défense
 
Cybertech 2014, Irsaël
Cybertech 2014, IrsaëlCybertech 2014, Irsaël
Cybertech 2014, Irsaël
 
Valdes cyberguerre-barcamp2012
Valdes cyberguerre-barcamp2012Valdes cyberguerre-barcamp2012
Valdes cyberguerre-barcamp2012
 
Fiche type nouveau media il fr
Fiche type nouveau media il frFiche type nouveau media il fr
Fiche type nouveau media il fr
 
Présentation Cyber espace
Présentation Cyber espacePrésentation Cyber espace
Présentation Cyber espace
 
Aerospace Defense Cyber Security Executive Search
Aerospace Defense Cyber Security Executive SearchAerospace Defense Cyber Security Executive Search
Aerospace Defense Cyber Security Executive Search
 
Sécuriser son espace Cyber-base face aux usages illicites - ExplorCamp (2009)
Sécuriser son espace Cyber-base face aux usages illicites - ExplorCamp (2009)Sécuriser son espace Cyber-base face aux usages illicites - ExplorCamp (2009)
Sécuriser son espace Cyber-base face aux usages illicites - ExplorCamp (2009)
 
Cyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the ThreatCyber defense: Understanding and Combating the Threat
Cyber defense: Understanding and Combating the Threat
 
Les nouveaux usages géographiques du cyberespace
Les nouveaux usages géographiques du cyberespaceLes nouveaux usages géographiques du cyberespace
Les nouveaux usages géographiques du cyberespace
 
Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber Defense
 
L'année 2014 de la cyberdéfense
L'année 2014 de la cyberdéfenseL'année 2014 de la cyberdéfense
L'année 2014 de la cyberdéfense
 
Cyberwar22092011
Cyberwar22092011Cyberwar22092011
Cyberwar22092011
 
Cyberdéfense-Eldorado-Emplois-Reconversion-v2r0
Cyberdéfense-Eldorado-Emplois-Reconversion-v2r0Cyberdéfense-Eldorado-Emplois-Reconversion-v2r0
Cyberdéfense-Eldorado-Emplois-Reconversion-v2r0
 

Semelhante a Cyber Threats Landscape and Defense Guide

Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Security
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Cyber Malware Programs And The Internet
Cyber Malware Programs And The InternetCyber Malware Programs And The Internet
Cyber Malware Programs And The InternetHeidi Maestas
 
The Modern Malware Review March 2013
The Modern Malware Review March 2013The Modern Malware Review March 2013
The Modern Malware Review March 2013- Mark - Fullbright
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking OverviewSubhoneel Datta
 
Ethical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptxEthical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptxMaheshDhope1
 
Check point 2015-securityreport
Check point 2015-securityreportCheck point 2015-securityreport
Check point 2015-securityreportEIINSTITUT
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxVishnuVarma47
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hackingijtsrd
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security reportMarco Antonio Agnese
 
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]AngelGomezRomero
 
Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...Deb Birch
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking pptshreya_omar
 
Practical Incident Response - Work Guide
Practical Incident Response - Work GuidePractical Incident Response - Work Guide
Practical Incident Response - Work GuideEduardo Chavarro
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptxmuskaangoel15
 
Spyware presentation by mangesh wadibhasme
Spyware presentation by mangesh wadibhasmeSpyware presentation by mangesh wadibhasme
Spyware presentation by mangesh wadibhasmeMangesh wadibhasme
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxAnshumaanTiwari2
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 

Semelhante a Cyber Threats Landscape and Defense Guide (20)

Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion Guide
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Cyber Malware Programs And The Internet
Cyber Malware Programs And The InternetCyber Malware Programs And The Internet
Cyber Malware Programs And The Internet
 
The Modern Malware Review March 2013
The Modern Malware Review March 2013The Modern Malware Review March 2013
The Modern Malware Review March 2013
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking Overview
 
Ethical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptxEthical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptx
 
Check point 2015-securityreport
Check point 2015-securityreportCheck point 2015-securityreport
Check point 2015-securityreport
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
 
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
 
Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
 
Practical Incident Response - Work Guide
Practical Incident Response - Work GuidePractical Incident Response - Work Guide
Practical Incident Response - Work Guide
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptx
 
Spyware presentation by mangesh wadibhasme
Spyware presentation by mangesh wadibhasmeSpyware presentation by mangesh wadibhasme
Spyware presentation by mangesh wadibhasme
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)
 

Último

Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationMarko4394
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 

Último (17)

Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentation
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 

Cyber Threats Landscape and Defense Guide

  • 1. Cyber Threats: Landscape and Defense Ing. Andrea Garavaglia Andrea Minigozzi, CISSP – OPST ISIS “C. Facchinetti” Castellanza – VA 14 – 04 - 2014
  • 2. Cyber Threats Landscape and Defense Andrea Minigozzi is a certified CISSP and OPST Security Expert with fourteen years experience, encompassing SIEM, malware analysis, investigating security incidents, computer and network forensics, ISO 27001/NIST/COBIT audits and hardening of various devices on civil and military programs. Andrea is the owner of FantaGhost web site and develops FG-Scanner project. About US…. #whoami Andrea Minigozzi – Andrea Garavaglia Andrea Garavaglia supported for years Law Enforcement with analysis tools used to discover patterns, trends, associations and hidden networks in any number and type of data sources. He worked also with voice and ip interceptions, traffic reconstruction, forensics analisys. Actually is a Network Security Monitor lover.
  • 3. Cyber Threats Landscape and Defense A Real problem for today’s industries Andrea Minigozzi – Andrea Garavaglia
  • 4. Cyber Threats Landscape and Defense Who can become a Victim ? Andrea Minigozzi – Andrea Garavaglia Source: http://www.tietoturvapaiva.fi/uploads/Tietoturva%202012/stonesoft.pdf
  • 5. Cyber Threats Landscape and Defense From virus to Advanced Persistent Threats: the timeline 1971 Creeper 1987 Jerusalem 1982 Elk Cloner 1992 Michelangelo 2005 MyTob 2000 I love you 2001 Code Red 2004 Sasser 1999 Melissa 2007 Storm BotNet 2009 Conficker 1970 1980 1990 2000 - 2009 Source: http://blogs.csoonline.com/1421/40_years_after_the_first_computer_virus 1986 Brain Andrea Minigozzi – Andrea Garavaglia
  • 6. Cyber Threats Landscape and Defense From virus to Advanced Persistent Threats: the timeline 2010 - Today 2010 Stuxnet 2010 VBMania 2010 Kenzero 2010 SpyEye + Zeus 2011 Zero Access 2011 Duqu 2012 Flame 2012 Shamoon 2012 NGRBot 2013 CryptoLocker 2014 ................ Source: http://en.wikipedia.org/wiki/Timeline_of_computer_viruses_and_worms Andrea Minigozzi – Andrea Garavaglia
  • 7. Cyber Threats Landscape and Defense Terms and definitions: viruses and worms Andrea Minigozzi – Andrea Garavaglia VIRUS A program that “infects” computer files, usually executable programs, by inserting a copy of itself into the file. These copies are usually executed when the infected files is loaded into memory, allowing the virus to infect other files. A virus requires human involvement (usually unwitting) to propagate. WORM An independent computer program that reproduces by copying itself from one system to another across a network. Unlike computer viruses, worms do not require human involvement to propagate and exploit vulnerabilities to bypass security systems.
  • 8. Cyber Threats Landscape and Defense Terms and definitions: trojan horses and 0-day exploits TROJAN HORSE A computer program that conceals harmful code. A Trojan horse usually masquerades as a useful program that a user would wish to execute. 0-DAY EXPLOIT An exploit that takes advantage of a security vulnerability previously unknown to the general public. In many cases, the exploit code is written by the same person who discovered the vulnerability. Andrea Minigozzi – Andrea Garavaglia
  • 9. Cyber Threats Landscape and Defense Terms and definitions: malware MALWARE A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim's data, applications, or operating system or of otherwise annoying or disrupting the victim and often violates one or more of the following fundamental principles: Consent: Malware may be installed even though the user did not knowingly ask for that to happen. Privacy-Respectfulness: Malware may violate a user's privacy, perhaps capturing user passwords or credit card information. Non-Intrusiveness: Malware may annoy users by popping up advertisements, changing web browser's home page, making systems slow or unstable and prone to crash, or interfering with already installed security software. Harmlessness: Malware may be software that hurts users (such as software that damages our system, sends spam emails, or disables security software). Respect for User Management: If the user attempts to remove the software, it may reinstall itself or otherwise override user preferences. Source: http://itlaw.wikia.com/wiki/Malware Andrea Minigozzi – Andrea Garavaglia
  • 10. Cyber Threats Landscape and Defense Malicious code spreading vectors and attack surface 1980 1990 2000 - 2014 Andrea Minigozzi – Andrea Garavaglia
  • 11. Cyber Threats Landscape and Defense New malware in the last two years Andrea Minigozzi – Cyber Threats Landscape and Defense Source: http://www.mcafee.com/uk/resources/reports/rp-quarterly-threat-q3-2013.pdf
  • 12. Cyber Threats Landscape and Defense New malwares for emerging operating systems Andrea Minigozzi – Cyber Threats Landscape and Defense Source: http://www.mcafee.com/uk/resources/reports/rp-quarterly-threat-q3-2013.pdf
  • 13. Cyber Threats Landscape and Defense Global Email Volume, in Trillions of messages Source: http://www.mcafee.com/uk/resources/reports/rp-quarterly-threat-q3-2013.pdf Andrea Minigozzi – Andrea Garavaglia
  • 14. Cyber Threats Landscape and Defense Hacking motivations HACKERS : They need to understand how the systems works and how to improve security and performances HACKTIVISTS: They use computers and computer networks to promote political ends, chiefly free speech, human rights, and information ethics. STATE SPONSORED HACKERS: Governments around the globe realize that it serves their military objectives to be well positioned online. SPY HACKERS: Corporations hire hackers to infiltrate the competition and steal trade secrets. CYBER TERRORISTS: These hackers, generally motivated by religious or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures. Andrea Minigozzi – Andrea Garavaglia
  • 15. Cyber Threats Landscape and Defense Attack Diagram: the past Andrea Minigozzi – Andrea Garavaglia
  • 16. Cyber Threats Landscape and Defense Andrea Minigozzi – Andrea Garavaglia Attack Diagram: the present
  • 17. Cyber Threats Landscape and Defense Terms and definitions: advanced persistent threats ADVANCED PERSISTENT THREATS Advanced Persistent Threat (APT) is a set of stealthy and continuous hacking processes often orchestrated by human targeting a specific entity. APT usually targets organizations and or nations for business or political motives. APT processes require high degree of covertness over a long period of time. Source: https://www.academia.edu/6309905/Advanced_Persistent_Threat_-_APT The advanced process signifies sophisticated techniques using malware to exploit vulnerabilities in systems and Advanced Evasion Technique to avoid detection. The persistent process suggests that an external command and control is continuously monitoring and extracting data off a specific target. The threat process indicates human involvement in orchestrating the attack Andrea Minigozzi – Andrea Garavaglia
  • 18. Cyber Threats Landscape and Defense Andrea Minigozzi – Andrea Garavaglia APT Teams and Connections B-TeamA-Team More senior? Malware writers? Beaconing & Latching Command & Control; Agent transfer Command & Control; Agent transfer www.hackedsite1.com Agent Download & Install www.hackedsite2.com Data transfer Data transfer Stage 0 Infection Stage 1 Generate Intermediaries Stage 2 Setup Relay Agents Stage 3 Data Exfiltration RDP & Other Transfer HostIntermediary HostFoothold Host Data Host
  • 19. Cyber Threats Landscape and Defense Advanced Persistent Threats LifeCycle Source: http://en.wikipedia.org/wiki/Advanced_persistent_threat#History_and_targets Andrea Minigozzi – Andrea Garavaglia
  • 20. Cyber Threats Landscape and Defense A great video from TrendMicro explain how the attacks works Source: http://www.youtube.com/watch?v=fpeMR1214t0 Andrea Minigozzi – Andrea Garavaglia This video describe a real successful attack happended some time ago: the attacked company lost about 60 Million dollar$
  • 21. Cyber Threats Landscape and Defense Live Demo Andrea Minigozzi – Andrea Garavaglia
  • 22. Cyber Threats Landscape and Defense QR Codes and Shortened URLs: when the threats get short ! http://goo.gl/pJ0sKw Andrea Minigozzi – Andrea Garavaglia
  • 23. Cyber Threats Landscape and Defense QR Codes and Shortened URLs: when the threats get short ! STAY AWAY FROM MALICIOUS QR CODES! Scanning QR codes in the form of stickers placed randomly on the street's walls is most dangerous. It is a very common way that scammers use to get people scan the code just because of curiosity. Reports say, “46% just said they were curious what this odd little jumbled cube could do.” So, we should not scan any QR codes that are not from trusted sources. LOOK CLOSELY TO A QR CODE BEFORE DO ANYTHING ELSE! Andrea Minigozzi – Andrea Garavaglia The are few apps on the stores you can use to analyze the Qrcode.....
  • 24. Cyber Threats Landscape and Defense QR Codes and Shortened URLs: when the threats get short ! http://goo.gl/pJ0sKw http://goo.gl/ZFm5u6 Are you able to see if the two shortened URLs above lead us to trusted websites? http://goo.gl/pJ0sKw http://goo.gl/ZFm5u6 Malicious URL FantaGhost Web Page Andrea Minigozzi – Andrea Garavaglia
  • 25. Cyber Threats Landscape and Defense QR Codes and Shortened URLs: when the threats get short ! Are there any solutions for this problem? YES! WE SHOULD PREVIEW THE SHORTENED URLS BEFORE USING THEM. Several website tools help us to get a full URL address from the shortened URL, an example is http://unshort.me/ In addition, some URL shortening services, such as goo.gl, give us an option to preview the shortened URL first by add a “+” at the end of the URL. Andrea Minigozzi – Andrea Garavaglia
  • 26. Cyber Threats Landscape and Defense The most dangerous (and commons) vulnerabilities 1. Email Social Engineering/Spear Phishing 2. Infection Via a Drive-By Web Download: Watering Hole Attack 3. USB Key Malware 4. Scanning Networks for Vulnerabilities and Exploitment 5. Guessing or Social Engineering Passwords 6. Wifi Compromises 7. Stolen Credentials From Third-Party Sites 8. Compromising Web-Based Databases 9. Exploiting Password Reset Services to Hijack Accounts 10. Insiders Andrea Minigozzi – Andrea Garavaglia
  • 27. Cyber Threats Landscape and Defense Understanding HeartBleed Bug Andrea Minigozzi – Andrea Garavaglia CVE-2014-0160 Source: http://www.xkcd.com/1354 - http://regmedia.co.uk/2014/04/09/openssl_haertbleed_diagram.png
  • 28. Cyber Threats Landscape and Defense Questions ? Andrea Minigozzi – Andrea Garavaglia
  • 29. @FantaGhost andrea@fantaghost.com http://www.fantaghost.com THANK YOU! Ing. Andrea Garavaglia Andrea Minigozzi, CISSP - OPST garanews@gmail.com