mechelen - 06/02/2014 telenet security day cyber scrapings putting our 2 cents in.. christian van...

Mechelen - 06/02/2014Telenet Security Day

CYBER scrapingsputting our 2 cents in ..

Christian Van HeurckCERT.be coordinator

CERT.be team

2Mechelen - 06/02/2014 CERT.beTelenet Security Day

goals

• the cyber threat is real• also in .be• everybody is a target• we all are losing the battle• this costs €• lack of awareness at all

levels• be prepared• act now!

2


3

the cyber threat is real


types of cyber threats - historical

4

cyber security cyber crime

others


types of cyber threats – anno 2014

5


6

almost all cyber security issues lead to cyber crime

espionage included

reality 2013


7

the cyber threat is

also real in .be


CERT.be anthology

• Belgacom• DDoS on the rise • open DNS resolvers abused

for amplification attacks• ntp servers abused• phishing & spearphishing• identity theft• mobile targeted• every (with an) OS targeted

8


CERT.be anthology

• hacktivism• blackmail (Rex Mundi)• botnet drones• botnet C&C• hacked servers abused for

attacks and malware distribution

• waterhole attacks• top level DNS compromise• ransomware

9

10

Mechelen - 06/02/2014 CERT.beTelenet Security Day

CERT.be anthology

• mass compromise of vulnerable websites

• Diginotar• abuse of forged and/or stolen

certificates• Bit9, RSA, Microsoft, Twitter,

Facebook, Apple, Google, Adobe, ..

• IXP targeted• hosters under daily attacks

10

11


CERT.be anthology

• citizens targeted• big companies targeted• intermediate companies

targeted• SME’s targeted• Port of Antwerp• Critical Infrastructure• GOV targeted• Banks targeted• NMBS

11

12


12

EU legislation

Privacycommission

BIPT-IBPT

and there’s more happening ..

13


13

all the old school stuff is still out there too

and one more thing ..

14


14

everybody is a target

15


15

time for some numbers

16


16

# Reports & Incidents / Year

2010 2011 2012 20130

1000

2000

3000

4000

5000

6000

7000

8000

Reports/YearIncidents/Year

17


17

# Reports & Incidents / Month

2010 2011 2012 Q1-Q3 2013

00

100

200

300

400

500

600

Reports/MonthIncidents/Month

18


types of incidents in 2013

18

19


19

# Zombies

500.000 in 2013

20


20

21


21

we are losing this battle

22


22

this costs €

23


23

WT .. ????

24


24

lack of awareness at all levels

25


25

this is how we perceive it

Image courtesy of tropical.pete – Flickr.com

26


26

this is how we perceive it

Image courtesy of tropical.pete – Flickr.com

27


27

acknowledgethe cyber threat

28


28

= create awareness

29


29

then act efficiently

30


30

NOW!

31


31

please …

32


32

report [email protected]

33


33

[email protected]

[email protected]

Mechelen - 06/02/2014 34

35


brochure & 1-pager

35

36


download links

brochure:https://www.cert.be/pro/files/Brochure_FRA.pdfhttps://www.cert.be/pro/files/Brochure_NDL.pdfhttps://www.cert.be/pro/files/Brochure_ENG.pdf

1-pager:https://www.cert.be/pro/files/Onepager_FRA.pdfhttps://www.cert.be/pro/files/Onepager_NDL.pdfhttps://www.cert.be/pro/files/Onepager_ENG.pdf

36

https://www.cert.be/pro/files/Brochure_ENG.pdf





https://www.cert.be/pro/files/Onepager_ENG.pdf



mechelen - 06/02/2014 telenet security day cyber scrapings putting our 2 cents in.. christian van...

Documents

telenet security day

telenet security day

awareness slide

real slide

battle slide

target slide

team slide

cyber threat slide