cyber scrapings putting our 2 cents in
DESCRIPTION
CYBER scrapings putting our 2 cents in . Christian Van Heurck CERT.be coordinator CERT.be team. Telenet Security Day. Mechelen - 06/02/2014. goals. t he cyber t hreat is real a lso in .be everybody is a target we all are losing the battle this costs € - PowerPoint PPT PresentationTRANSCRIPT
Mechelen - 06/02/2014Telenet Security Day
CYBER scrapingsputting our 2 cents in ..
Christian Van HeurckCERT.be coordinator
CERT.be team
2Mechelen - 06/02/2014 CERT.beTelenet Security Day
goals
• the cyber threat is real• also in .be• everybody is a target• we all are losing the battle• this costs €• lack of awareness at all
levels• be prepared• act now!
2
3Mechelen - 06/02/2014 CERT.beTelenet Security Day3
the cyber threat is real
4Mechelen - 06/02/2014 CERT.beTelenet Security Day
types of cyber threats - historical
4
cyber security cyber crime
others
5Mechelen - 06/02/2014 CERT.beTelenet Security Day
types of cyber threats – anno 2014
5
6Mechelen - 06/02/2014 CERT.beTelenet Security Day6
almost all cyber security issues lead to cyber crime
espionage included
reality 2013
7Mechelen - 06/02/2014 CERT.beTelenet Security Day7
the cyber threat isalso real in .be
8Mechelen - 06/02/2014 CERT.beTelenet Security Day
CERT.be anthology
• Belgacom• DDoS on the rise • open DNS resolvers abused
for amplification attacks• ntp servers abused• phishing & spearphishing• identity theft• mobile targeted• every (with an) OS targeted
8
9Mechelen - 06/02/2014 CERT.beTelenet Security Day
CERT.be anthology
• hacktivism• blackmail (Rex Mundi)• botnet drones• botnet C&C• hacked servers abused for
attacks and malware distribution
• waterhole attacks• top level DNS compromise• ransomware
9
10
Mechelen - 06/02/2014 CERT.beTelenet Security Day
CERT.be anthology
• mass compromise of vulnerable websites
• Diginotar• abuse of forged and/or stolen
certificates• Bit9, RSA, Microsoft, Twitter,
Facebook, Apple, Google, Adobe, ..
• IXP targeted• hosters under daily attacks
10
11
Mechelen - 06/02/2014 CERT.beTelenet Security Day
CERT.be anthology
• citizens targeted• big companies targeted• intermediate companies
targeted• SME’s targeted• Port of Antwerp• Critical Infrastructure• GOV targeted• Banks targeted• NMBS
11
12
Mechelen - 06/02/2014 CERT.beTelenet Security Day12
EU legislationPrivacycommission
BIPT-IBPT
and there’s more happening ..
13
Mechelen - 06/02/2014 CERT.beTelenet Security Day13
all the old school stuff is still out there too
and one more thing ..
14
Mechelen - 06/02/2014 CERT.beTelenet Security Day14
everybody is a target
15
Mechelen - 06/02/2014 CERT.beTelenet Security Day15
time for some numbers
16
Mechelen - 06/02/2014 CERT.beTelenet Security Day16
# Reports & Incidents / Year
2010 2011 2012 20130
1000
2000
3000
4000
5000
6000
7000
8000
Reports/YearIncidents/Year
17
Mechelen - 06/02/2014 CERT.beTelenet Security Day17
# Reports & Incidents / Month
2010 2011 2012 Q1-Q3 2013
00
100
200
300
400
500
600
Reports/MonthIncidents/Month
18
Mechelen - 06/02/2014 CERT.beTelenet Security Day
types of incidents in 2013
18
19
Mechelen - 06/02/2014 CERT.beTelenet Security Day19
# Zombies
500.000 in 2013
20
Mechelen - 06/02/2014 CERT.beTelenet Security Day20
21
Mechelen - 06/02/2014 CERT.beTelenet Security Day21
we are losing this battle
22
Mechelen - 06/02/2014 CERT.beTelenet Security Day22
this costs €
23
Mechelen - 06/02/2014 CERT.beTelenet Security Day23
WT .. ????
24
Mechelen - 06/02/2014 CERT.beTelenet Security Day24
lack of awareness at all levels
25
Mechelen - 06/02/2014 CERT.beTelenet Security Day25
this is how we perceive it
Image courtesy of tropical.pete – Flickr.com
26
Mechelen - 06/02/2014 CERT.beTelenet Security Day26
this is how we perceive it
Image courtesy of tropical.pete – Flickr.com
27
Mechelen - 06/02/2014 CERT.beTelenet Security Day27
acknowledgethe cyber threat
28
Mechelen - 06/02/2014 CERT.beTelenet Security Day28
= create awareness
29
Mechelen - 06/02/2014 CERT.beTelenet Security Day29
then act efficiently
30
Mechelen - 06/02/2014 CERT.beTelenet Security Day30
NOW!
31
Mechelen - 06/02/2014 CERT.beTelenet Security Day31
please …
Mechelen - 06/02/2014 34
35
Mechelen - 06/02/2014 CERT.beTelenet Security Day
brochure & 1-pager
35
36
Mechelen - 06/02/2014 CERT.beTelenet Security Day
download links
brochure:https://www.cert.be/pro/files/Brochure_FRA.pdfhttps://www.cert.be/pro/files/Brochure_NDL.pdfhttps://www.cert.be/pro/files/Brochure_ENG.pdf
1-pager:https://www.cert.be/pro/files/Onepager_FRA.pdfhttps://www.cert.be/pro/files/Onepager_NDL.pdfhttps://www.cert.be/pro/files/Onepager_ENG.pdf
36