lrato - it4legal · 2013. 3. 12. · 81% breaches involved hacking 79% victims opportunity targets...
TRANSCRIPT
o Threats Overview
o Threat Agents
Hacktivism
Determined Adversaries and Targeted Attacks (DA/TA) …a.k.a. APT
o Lexcel v5 Standard
o Defining a CyberSecurity Agenda
o MS Services CyberSecurity
• Motivation:
• Notoriety
• Havoc
• LANs
• 1st PC virus
• Boot sector viruses
• Slow propagation
• 16-bit DOS
• Motivation:
• Notoriety
• Havoc
• Internet era
• Macro viruses
• Script viruses
• Key loggers
• Faster propagation
• 32-bit windows
• Motivation:
• Financial
• Broadband prevalent
• Internet
wide impact
• Spyware and spam
• Phishing
• Botnets and Rootkits
• War driving
• 32-bit Windows
• Motivation:
• Financial
• Espionage *.*
• P2P
• Social engineering
• Application attacks
• Targeted & Persistent
attacks
• Network device attacks
• Consumerization of IT
& BYOD
• 64-bit Windows
• Hyper jacking
• Big Data
• Cloud
TOP 5:
• HTML / Javascript
• Java
• Documents
• Operating System
• Shell code
TOP 5:
• Unwanted software
• Trojans
• Adware
• Worms
• Trojan Downloaders & Dropers
Increasingly Sophisticated MalwareAnti-malware alone is not sufficient
The Threat Environment
Source: Microsoft Security Intelligence Report v13 (H1-2012)
$$$ MONEY $$$
FBI Seized Swiss account with $14.8M
Sam Jay is still
on the loose
Exploits blocked by Microsoft AntimalwareHTML/Javascript exploits delivered through infected web pages
Sep 2012 - CVE-2012-4681: ~1 billion Java users affected
81%breaches
InvolvedHacking
79%victims
OpportunityTargets
4%
Internal
94%data theft/loss
InvolvedServers
92%incidents
Discovered by3rd-parties
98%
External
58%data theft
Linked toHacktivism
69%attacks
involvedMalware
96%attacks
Not highlydifficult
85%breaches
Took longto discover
97%avoidable
through simplecontrols
96%PCI DSS Victims
Not compliant!
https://twitter.com/#!/LulzSecPortugal
https://twitter.com/#!/AntiSecPT
https://twitter.com/#!/LusitanianLeaks
http://twitter.com/anonymouspt
“I consider myself to be a hacktivist” …”I am 19 y3ars 0ld and I started hack!ng wh3n I was 16.”
I read somewhere that you retired from the hacking business. Is this true? If not, are you ever going to retire?
“…I am quitting the name Ardhapagal, not hacking. My protests will always stand by.”
“My hacktivism includes governments and evil corporations…”
“I’m not afraid because I know my rights. No ******* government can take an action against me without some proof”
A few years ago it was fun, but now it’s hacktivism, only targeting governments and corrupted companies.
…They steal money and make choices for people, choices that people don’t approve of.
“I do fear getting caught, but that’s what’s keeping me from not getting caught.I’m paranoid about hacking important things so I protect myself a lot with tunnels, cracked Wi-Fi's, VPNs, etc.”
“I’m almost 30 now and I don’t think I’ll stop hacking until I get caught. It’s kinda in my blood”
WE ARE ANONYMOUS.
EXPECT US!
WE DO NOT FORGIVE.
WE DO NOT FORGET.
WE ARE LEGION.
Are you afraid of getting caught¿ Or do you use some sophisticated measures to hide your identity…?
“Other than SSH tunneling and using frequent VPN's… I'm n0t afra!d 0f g3tt!ng arrested ”
....,,oowwss..
....**aaOO######MM,,..
....,,aaHH##############KK..
....ssKK######################ss..
..,,LLMM##########################HH..
....ssMM################################oo
..ooHH####################################LL..
..LL########################################MM,,
..OO##########################################LL..
..,,MM##########################################**.. ..
..**##########################################KK.. ....,,oowwww
..aa##########################################oo.. ....**LLHH######HH..
..OO####################################HHKKKK,,,,aaHH##########HHss..
..oo##############################MMKKLLOOMM##MM##########HHaa**....
..KK########################HHLLKKMM##############OOww**..
**MM################HHKKKKOO################KK**..
..oo##########MMKKLLOOMM############MMHHKKLLKKaa**..
..LL##MMOOLLKKHH############MMOOwwoo,,........aaLL,,
..,,LLKKHH############MMHHKKssssaa.... ....**LL,,
..,,aaMM##########MMHHOOwwoo....wwMMwwssssssssaaLL,,**ww
..,,ssOO##########MMHHOOKKss,,..LL,, ..wwMMMMKKwwLLKKOO....LL..
..**KKMM########MM##HHOOLL**,,ssaassOOoo ..ssLLooaawwHHOO,,..ss**..
..OO##########KKsswwMMOOss..oowwwwooooOOaa.. ooKK**....**ww.. **KK.. ooww..
..HH####HHaa**....HHHHaa..,,wwooss,,**ssLL** ,,KK,,....ssaa**oossHH,, ..ssOO..
..ssKKoo...... **MMOO,,**LL**aa**,,ssss**ww.. ..**wwLLLLwwww########HHwwooLLHH.. ....
...... ssHHww,,wwOOooss,,ooss****LL ..ssLLKKwwaa####wwooLLOO####OO**.. **wwssoossaa..
aaHHssaaHHMMaa**,,ssss,,ssww..,,OO########HH##LL....ssoo........ ooss ..aa**
aaHH**ss,,wwww,,ooss**oossss..OO##HHaaLL##LLwwssss..aaoo ooss......aa**
aaHH******..wwssssoo**aaww..oo##OO,,,,,,**,,,,,,KK..LL** **ww,,**ssLL**
aaHH****oo ..aaLLaawwaa....LL##**,,OOooLLLLaa..aa,,OO,, ,,MMHHHHHHHH,,
aaHH****oo ........ooLL**MMww..,,HHooaaww**......OO.. ..ssHHHHHHaa..
aaHH**..ss.. ..aaOOOOMM,, ..****...... **KK.. ..LLHHss..
ooMMss..aa.. ..****.... .... ..aaoo ....HHOO....
..HHLL..aa.. ,,KK.. ....ssLL##MM..
..ssHH**aa.. ,,LLoo.. ,,HHLL**aaOO..
..wwOOww.. ..**OOss.. ..LLww.. ,,ww
,,OOMMaa,,.. ..aaMMww.. ,,HH......**LL....
,,KKMMOOss,,.. ..**KKHHMMoo.. ..wwss....ooaawwss..
..ssKKMMHHLLaasssssssssswwKKHHMMssss**HHss.. **KK..
..wwMMOOKKHHwwooaaLLaa##KKKKLLww,,KKMMOOLLoo.. ..OOoo..
..ssaa..,,aa,,..aawwMMww,,HHwwssssLL,,aaMMKK**,,KKss..
..aass..ooaa,,ssHHHHKK**wwoooossLLoo..,,aaHHHHoo..
,,OO**,,wwKKoossooMMOOOO**aa..LLKK............
,,MMLL..**ss**ss,,OOOOLLaaooLLsswwaa..
oo##MM,,**ww**aa,,HHaa..KK**LL,,,,KK..
..KKooHHss..,,aaaa**MMss..aaooaa**..LL**
,,KK..OOww ..**OOooHHww..**ssssoo ooaa
..aaaa..KKww ..ooaaLLOO..,,ssaa** ,,ww..
..OO,,..LLww........ssaaHHssoowwaa,, ..ww..
,,OO....OOHHKKKKoooossOOaawwLL,,ss.. oo**
sswwaaOO##KKKKMMHHLL,,**ss..ss,,ss.. **ss
..LL##LL**OOLLaa,,.... ..ssLLLL,,.. ,,ww
..,,**..,,MMww** ....ss,, ,,KK..
**MMaa,, .... ..KK..
111111111111 11110000111111
11110000000000000000111111 110011 11000000000000000011 000011
000000 111111111111 11000011 00000000 00001 1100000000
110000000000 11000011 0000000000 110000000000000000 000000000 00000000000000
1111000000000000000000000011 110000000011 11000000000000000011 00000000000000000000000000000000 11 0000 11 1100000000000000000000000000001111
1100000000000000000000000000000000 0000 110000000000000000000000000000000000 0000000000000000000000000000000000 000011 110000000000000000000000000000000000000000000000000000000000000000000000 000000 110000000000000000000000000000000000000000000000000000000000000000000000 1000000 11000000000000000000000000000000000000
110000000000000000000000000000000000 100000001 0000000000000000000000000000000000000011000000000000000000000000000000000011 000000000 0000000000000000000000000000000000000011 00000000000000000000000000000000000011 0000000011 0000000000000000000000000000000000000011 00000000000000000000000000000000000000 0000000011 0000000000000000000000000000000000000011 00000000000000000000000000000000000000 11000000011 110000000000000000000000000000000000000000
1100000000000000000000000000000000000000 10000000000 000000000000000000000000000000000000000000 110000000000000000000000000000000000000011 1100000000001 000000000000000000000000000000000000000000 110000000000000000000000000000000000000000 1100000000001 1100000000000000000000000000000000000000000011 00000000000000000000000000000000000000000011 1100000000001 0000000000000000000000000000000000000000000011 00000000000000000000000000000000000000000000 1100000000001 0000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000011 1100000000001 000000000000000000000000000000000000000000000011
110000000000000000000000000000000000000000000000 11000000000011000000000000000000000000000000000000000000000011 0000000000000000000000000000000000000000000000000011000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
110000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 11000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
1100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 1100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 1100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 1100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 1100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 11000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011
000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011 11000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011 1100000000000000000000000000000000000000000000000000000000000000000000000000000000000000
110000000000000000000000000000000000000000000000000000000000000000000000000000000011 11000000000000000000000000000000000000000000000000000000000000000000000000000000 11000000000000000000000000000000000000000000000000000000000000000000000000000011 11000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000
1100000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000011 000000000000000000000000000000000000000000000000000000000000000000000000000000000011 000000000000000000000000000000000000000000000000000000000000000000000000000000000011 000000000000000000000000000000000000000000000000000000000000000000000000000000000000
11000000000000000000000000000000000000000000000000000000000000000000000000000000000000 11000000000000000000000000000000000000000000000000000000000000000000000000000000000000 110000000000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000000000000000011 11000000000000000000000000000000000000000000000000000000000000000000000000 11000000000000000000000000000000000000000000000000000000000000000000000000 11000000000000000000000000000000000000000000000000000000000000000000000000 11000000000000000000000000000000000000000000000000000000000000000000000011 11000000000000000000000000000000000000000000000000000000000000000000000011
0000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000 1100000000000000000000000000000000000000000000000000000000000000000000 1100000000000000000000000000000000000000000000000000000000000000000011 1100000000000000000000000000000000000000000000000000000000000000000011 000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000011 110000000000000000000000000000000000000000000000000000000000000011 1100000000000000000000000000000000000000000000000000000000000000 1100000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000011 00000000000000000000000000000000000000000000000000000000000011 110000000000000000000000000000000000000000000000000000000000 110000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000011
Military
objective
Political
objective -
Dalay Lama, etc
IT industry -
get info to
assist other
vulnerabilities
Natural
resources and
energy industry
Defense,
research and
government
institutes
Research and
political
objectives
• 5 years spy operation
• 69 countries been hit
• PORTUGAL included!
• Gov’s, embassies, nuclear and
energy research, Oil, Gas and
Aerospace.
Reduce Risk
8 areas of Practice
Security Principles
Business ObjectivesCyberSecurity
agenda
Integrity Confidentiality Availability
CyberSecurity agenda
Business
Objectives
Prioritize data | assets Classify data
Legislation
Processes
Solutions Safeguards Countermeasures
Audit Controls
Identify data assets
Assess vulnerabilities Assess application code
Assess functionality
Emergency Response
Assess risks
Penetration testing
Support
Awareness Program Policies & Standards
Application Security Infrastructure Security Operations Incident Response
Strategic Advisory
Services
Architecture Plan and
Deploy
Security Development
Lifecycle
Security Training
Strategy:
Support:
Integrated
Control & Protection
Identity
Security
Address Risk Minimize Downtime Streamline Operations
Business Transformation Technology Thought Leadership
Maximize Value of Microsoft Technologies
• Comprehensive
security and identity
services to help
protect your business
from current and
emerging threats
• Offering you
strategic, proactive
and reactive services
based on your
specific needs
Short term Mid term Long term
Enterprise Strategy
Service Delivery Management & Support
CyberSecurity Architecture
Training
Enterprise Strategy
Premier Support
MCS
Emergency Response
SDL
Deploy / ImplementDevelop / Stabilize
Premier Ops Cons
Processes & Operations
Key Services
Incident
Response
Post Incident
Architectural
Remediation's
Infrastructure Security
Assessment
Application
Security
Assessment
SDL Security
Training
Strategic
Advisory
Services
Service Family Tactical Strategic
Enterprise
StrategyX X
Premier X X X X
MCS X X X X X
Premier Ops
ConsX X X
Remediation
Design/
Implementation
Assessment
Operations
Training