Observations on Modern Cyber Crime and Espionage - Wade Baker, Verizon
Upcoming SlideShare
Loading in...5
×
 

Observations on Modern Cyber Crime and Espionage - Wade Baker, Verizon

on

  • 4,724 views

Based on forensic evidence collected while investigating some of the largest data breaches in history, Wade Baker will present a rare view into the world of cyber crime & espionage. Over the last ...

Based on forensic evidence collected while investigating some of the largest data breaches in history, Wade Baker will present a rare view into the world of cyber crime & espionage. Over the last seven years, Baker and his colleagues have compiled one of the largest and most detailed security incident repositories in the world. Their research has been used by law enforcement agencies around the world to prosecute criminals as well as by numerous organizations to assess and improve their security program. The presentation will discuss the evolution of cybercrime & espionage and delve into the people, methods, and motives that drive it today. See Wade Baker's Edge Presentation: http://www.akamai.com/html/custconf/edgetv.html#wade-baker

The Akamai Edge Conference is a gathering of the industry revolutionaries who are committed to creating leading edge experiences, realizing the full potential of what is possible in a Faster Forward World. From customer innovation stories, industry panels, technical labs, partner and government forums to Web security and developers' tracks, there’s something for everyone at Edge 2013.

Learn more at http://www.akamai.com/edge

Statistics

Views

Total Views
4,724
Slideshare-icon Views on SlideShare
4,722
Embed Views
2

Actions

Likes
0
Downloads
6
Comments
0

2 Embeds 2

https://twitter.com 1
http://www.pinterest.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Observations on Modern Cyber Crime and Espionage - Wade Baker, Verizon Observations on Modern Cyber Crime and Espionage - Wade Baker, Verizon Presentation Transcript

    • Are modern threats so advanced, diverse, and unpredictable that we can’t mount any meaningful defense against them? > Let’s explore that question today Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.
    • Data Breach Investigations Report An ongoing study that analyzes forensic evidence to uncover how sensitive data is stolen from organizations, who’s doing it, why they’re doing it, and what might be done to prevent it. --------------------------------------------------------------2013 CONTRIBUTORS-------------------------------------------------------------• • • • • • • • • • Australian Federal Police CERT Insider Threat Center Consortium of Cybersecurity Action Danish Ministry of Defence Danish National Police Deloitte Dutch Police Electricity Sector ISAC European Cyber Crime Center G-C Partners, LLC • • • • • • • • • Guardia Civil Industrial Control Systems CERT Irish Reporting & InfoSec Service Malaysia CERT National Cybersecurity & Communications Integration Center ThreatSim US CERT US Secret Service Verizon
    • All threat actions defined within VERIS Adware , Backdoor , Brute force , Capture app data , Capture stored data , Client-side , C2 , Destroy data , Disable controls , DoS , Downloader , Exploit vuln , Export data , Packet sniffer , Password dumper , Ram scraper , Ransomware , Rootkit , Scan network , Spam , Spyware , SQL injection , Utility , Worm , Abuse of functionality , Brute force , Buffer overflow , Cache poisoning , Credential/session prediction , Cross-site request forgery , Cross-site scripting , Cryptanalysis , Denial of service , Footprinting and fingerprinting , Forced browsing , Format string attack , Fuzz testing , HTTP request smuggling , HTTP request splitting , HTTP response smuggling , HTTP Response Splitting , Integer overflows , LDAP injection , Mail command injection , Man-in-the-middle attack , Null byte injection , Offline cracking , OS commanding , Path traversal , Remote file inclusion , Reverse engineering , Routing detour , Session fixation , Session replay , Soap array abuse , Special element injection , SQL injection , SSL injection , URL redirector abuse , Use of backdoor or C2 , Use of stolen creds , XML attribute blowup , XML entity expansion , XML external entities , XML injection , XPath injection , XQuery injection , Baiting , Bribery , Elicitation , Extortion , Forgery , Influence , Scam , Phishing , Pretexting , Propaganda , Spam , Knowledge abuse , Privilege abuse , Embezzlement , Data mishandling , Email misuse , Net misuse , Illicit content , Unapproved workaround , Unapproved hardware , Unapproved software , Assault , Sabotage , Snooping , Surveillance , Tampering , Theft , Wiretapping , Classification error , Data entry error , Disposal error , Gaffe , Loss , Maintenance error , Misconfiguration , Misdelivery , Misinformation , Omission , Physical accidents , Capacity shortage , Programming error , Publishing error , Malfunction , Deterioration , Earthquake , EMI , ESD , Temperature , Fire , Flood , Hazmat , Humidity , Hurricane , Ice , Landslide , Lightning , Meteorite , Particulates , Pathogen , Power failure , Tornado , Tsunami , Vermin , Volcano , Leak , Wind
    • Top 20 threat actions observed across 2000+ data breaches Overall Larger orgs 47% Brute force (Hacking) Spyware (Malware) 9% 41% 19% Use of stolen creds (Hacking) 29% 23% Export data (Malware) 28% 22% Backdoor (Malware) 23% Use of backdoor or C2 (Hacking) 27% 21% Tampering (Physical) 23% 19% Disable controls (Malware) 42% 12% Capture stored data (Malware) 10% Phishing (Social) 8% 10% C2 (Malware) 9% Password dumper (Malware) 8% Unknown (Hacking) 7% Rootkit (Malware) 7% Unknown (Malware) 6% 21% 9% Downloader (Malware) 13% 23% 21% 17% 6% 11% 1% Privilege abuse (Misuse) 4% Adminware (Malware) 4% Embezzlement (Misuse) 4% 1% Unapproved hardware (Misuse) 4% 2% 8% 4%
    • Cluster analysis measuring similarity of incidents across industries Nonstore Retailers (454) Other Information Services (519) Credit Intermediation and Related Activities (522) Administrative and Support Services (561) Publishing Industries (except Internet) (511) Data Processing, Hosting, and Related Ser vices (518) Telecommunications (517) Executive, Legislative, and Other General Government Support (921) Miscellaneous Store Retailers (453) FoodGasoline Stations (447) and Beverage Stores (445) Clothing and Clothing Accessor ies Stores (448) Professional, Scientific, and Technical Services (541) Ambulatory Health Care Ser vices (621) Health and Personal Care Stores (446) Food Services and Drinking Places (722) Accommodation (721) Computer and Electronic Product Man ufacturing (334) Transportation Equipment Manufacturing (336) Pipeline Transportation (486)
    • Top threat scenarios observed across 2000+ data breaches 11% Something else 6% State espionage 9% Insider misuse 9% 26% Spyware (Malware) Backdoor (Malware) 24% 19% Export data (Malware) 19% Use of stolen creds (Hacking) Web app hacks Brute force (Hacking) 19% C2 (Malware) 15% Capture app data (Malware) 13% Downloader (Malware) 13% Client-side (Malware) 11% Extortion (Social) 11% Other (Hacking) 11% Phishing (Social) 11% Use of backdoor or C2 (Hacking) 22% Skimming devices 11% Pretexting (Social) 9% Capture stored data (Malware) 43% POS intrusions 7% Other (Malware) 7% Theft (Physical) 7% Unknown (Hacking) 6% Adminware (Malware) 4% Destroy data (Malware) 4%
    • Threats to your data? 47% Brute force (Hacking) Spyware (Malware) 41% Use of stolen creds… 29% Export data (Malware) < or > 28% Backdoor (Malware) 23% Use of backdoor or C2… 21% Tampering (Physical) Disable controls… Capture stored data… Phishing (Social) 19% 12% 10% 10% C2 (Malware) 9% Downloader (Malware) 9% Password dumper… 8%