• Like
  • Save
Ipv6 and cyber security Cisco-DOT workshop - 10th july 2013
Upcoming SlideShare
Loading in...5
×
 

Ipv6 and cyber security Cisco-DOT workshop - 10th july 2013

on

  • 886 views

 

Statistics

Views

Total Views
886
Views on SlideShare
886
Embed Views
0

Actions

Likes
0
Downloads
35
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Ipv6 and cyber security Cisco-DOT workshop - 10th july 2013 Ipv6 and cyber security Cisco-DOT workshop - 10th july 2013 Presentation Transcript

    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Prakash Kumar Director, Cisco Consulting Services IPv6 DoT Workshop
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2 Cisco Confidential – Redistribution Prohibited  Cyber Security: Landscape & Trends  Evolving Security Framework  Recommended Plan of Action
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 Cisco Confidential – Redistribution Prohibited  Cyber Security: Landscape & Trends  Evolving Security Framework  Recommended Plan of Action
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 Cisco Confidential – Redistribution Prohibited “Cyber Security is the analysis, warning, information sharing, vulnerability reduction, risk management and recovery efforts to detect, protect against and mitigate the impact of threats that leverage the Cyber domain” Based on World Economic Forum 2012
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 Policy/ regulatory environment & lack of coordination amongst agencies Evolving threat landscape increasingly difficult to detect and mitigate Technology transitions leading to greater security challenges  Changing IT landscape  Network perimeter v/s Human perimeter  Mobility/ BYOD/ Cloud  Virus/ Worms to Directed attacks  Botnets  Internally propagating malware
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 624,000 2007 2,600,000 2010 5,700,000 (projected) 2013 Cisco Confidential – Redistribution Prohibited
    • Cisco Confidential© 2012 Cisco and/or its affiliates. All rights reserved. 7 MOBILITYMOBILITY THE NETWORK COLLABORATIONCOLLABORATION CLOUD EXPANDED ATTACK SURFACE COMPLIANCE OBLIGATIONS REDUCED VISIBILITY AND CONTROL
    • Cisco Confidential© 2012 Cisco and/or its affiliates. All rights reserved. 8 Espionage DisruptionManipulation Script Kiddies Hacktivist Groups Organized Crime Nation States
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13 Cisco Confidential – Redistribution Prohibited Source: www.darkreading.com Attacker steals Username/ password of a trusted partner Registers nine SSL certificates for high-value domains including Google, Skype, Yahoo Attacker uses phishing attack, infects employee with a trojan using Excel spreadsheet Databaseof 40m SecurID seeds breached, that are used in 2-factor authentication. Attacker breaks into Sony network in retaliation to a lawsuit Playstation network down for more than a month Attacker hacks servers run by a partner. Steal WordPress source code , part of which is proprietary Attacker uses bad website design, changes credit-card nos in URL Steal information of 2m + customers Attackers/ researchers send friend requests Get access to 250GB data from more than 3000 profiles.
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14 Cisco Confidential – Redistribution Prohibited Credit card data was stored in plain text, got hit three times in two years. More than 600,000 credit card numbers, $10.5 b in fraudulent transactions. More than 400,000 plaintext passwords Union-based SQL injection to collect the data More than a million Unique Device Identifiers snagged from an FBI computer. Leveraged a Java vulnerability. Network penetration, Theft of approx 1.5 million credit cards, including Track 2 data, which can be used to clone credit cards. Approximately 1.6 million government and contractor accounts involving aerospace, the defense industry, financial services and law enforcement.
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15 Cisco Confidential – Redistribution Prohibited Approximately 6.5 million passwords stolen, which were comprised of unsalted SHA-1 hashes. Attack on a network used by Nationwide Insurance Company breached personal information of an estimated 1.1 million customers and applicants, including names, Social Security numbers, driver's license numbers, date of birth and possibly marital status, gender, occupation and employment information. Approximately 3.8 million tax records and nearly 400,000 credit card numbers stolen. Spearphishing exploit, Improper password policies, failure to encrypt social security numbers Personal details of 24 million people were hacked and stolen. 268 individual data breaches over a period of roughly three years. Governments reportedly exposed more than 94 million records containing personally identifiable information.
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16 Cisco Confidential – Redistribution Prohibited
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17 Cisco Confidential – Redistribution Prohibited
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18 Cisco Confidential – Redistribution Prohibited • Loss of brand image (Website defacing) 112 Indian govt websites hacked (Dec 2011 – Feb 2012)1 Websites of Supreme Court hacked (May 2012) 3 Website of Congress defaced (Dec 2011) 3 • Financial losses Reported losses in Internet frauds in India in 2011 (Rs 787 lakh) 1 E-commerce sites, Cyber-bullying • Loss of communication medium DDoS attacks on government sites hosted by NIC (May 2012) 2 • Loss of privacy US Defence data on Internet hijacked by China Telecom (2010) 2 10-25% of internet traffic originated from India or destined for India gets diverted through unknown autonomous systems 2 • Data Losses 174m data records stolen in 855 incidents investigated by Verizon 4 100m records of Sony compromised (Apr 2011) 3 Credit card data at Citigroup breached (Jun 2011) 3 Source 1 Statement in Indian Parliament 2 CERT-IN 3 News reports 4 Verizon 20120 Data breach investigation report
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19 Find users from public sites like Facebook / LinkedIn 1 Attacker sends targeted email with malicious attachment 2 You Got Mail!!! Naïve user open the exploit that installs backdoor 3 Attacker targets other servers / devices to escalate privileges 4 Data acquired from targeted servers 5 Data transferred externally 6 • Social networking • Untrusted Links • Internet Access • Data privileges
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20 Initial Compromise to Data Exfiltration Initial Attack to Initial Compromise Initial Compromise to Discovery Discovery to Containment/ Restoration Seconds Minutes Hours Days Weeks Months Years 10% 8% 0% 0% 75% 38% 0% 1% 12% 14% 2% 9% 2% 25% 13% 32% 0% 8% 29% 38% 1% 8% 54% 17% 1% 0% 2% 4% Timespan of events by percent of breaches + Data is stolen in hours in 60% of breaches 85% of breaches are not discovered for weeks
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21  Cyber Security: Landscape & Trends  Evolving Security Framework  Recommended Plan of Action
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22 INTERNAL EXTERNAL Social Networking Network reconnaissance Malware Cross site scripting Data leakage Attacks Security Policy Identity management Admission Control, Encryption, Anomaly Detection Endpoint security, Antivirus Vulnerability exploit, Mail filtering, Visibility & Control Security People Network Host Application Data
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23 Anomaly Detection & Mitigation Encryption Software App Vulnerability Assessment Access Control & Video Surveillance Vulnerability Scan Risk Management Facility Management Virus Scanning - Host & Server Endpoint Security Web Security Security Monitoring Security Monitoring App Security & Identity Management Event Logging Malware Protection Network Security Secure Access Control Secure Mobility Security Management Anomaly Detection and Mitigation Email Security Endpoint Security Firewalls Identity Management Integrated Router/Switch Security Intrusion Detection & Prevention Systems (IDS/IPS) Multi-Function Security Network Admission Control (NAC) Cisco Policy Management Security Management Virtual Private Networks (VPN) Web Security Security Metrics Cisco Confidential – Redistribution Prohibited Architectural Approach
    • Cisco Confidential© 2012 Cisco and/or its affiliates. All rights reserved. 24 Sees All Traffic Routes All Requests Sources All Data Controls All Flows Handles All Devices Touches All Users Shapes All Streams
    • Cisco Confidential© 2012 Cisco and/or its affiliates. All rights reserved. 25 Offers Comprehensive Visibility and Scalable Control Global and Local Threat Intelligence Common Policy and Management Information Enforcement Behavioral Analysis Encryption Identity Awareness Device Visibility Policy Enforcement Access Control Threat Defense Sees All Traffic Routes All Requests Sources All Data Controls All Flows Handles All Devices Touches All UsersShapes All Streams Network Enforced Policy
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26  Cyber Security: Landscape & Trends  Evolving Security Framework  Recommended Plan of Action
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27 Plan • Define the Security policy • Identify assets, vulnerabilities & threats, intelligence sharing • Create the Security Architecture Build • Create Risk management strategies, acceptable use policies • Secure and monitor assets, Plan incident responses • Conducting Security Posture Assessments Manage • Continuous Monitoring and review of security policies • Updating intelligence about changing threats & vulnerabilities • Optimization of network/ security policies
    • Cisco Confidential© 2012 Cisco and/or its affiliates. All rights reserved. 28 • Deploy end-to-end technology solutions to meet your business needs Product/Technology Solutions Optimization • Maximize value of security investment • Gain visibility into security architecture and posture Audits & Assessments Plan, Design, & Implement • Protect your business with new security technology Business Transformation • Secure and enable new business opportunities Operate • Address day-to-day operations and ever changing security threats Delivered by Cisco and Our Partners
    • Cisco Confidential© 2012 Cisco and/or its affiliates. All rights reserved. 29 Product/Technology Solutions Optimization Audits & Assessments Plan, Design, & Implement Business Transformation Operate Delivered by Cisco and Our Partners • Security Architecture Assessment • Security Posture Assessment • Network Device Security Assessment • Security Optimization • Network Optimization • TrustSec - ISE - 802.1x • ASA Migration • Email and Web Content Security • Security Plan, Design & Implement • Secure Data Center Plan and Design • Secure Unified Communications Plan & Design • IT GRC • Teleworker • Cloud Security • SMARTnet • Remote Management Services • Services for IPS • Cisco IntelliShield Alert Manager Service
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30 Cisco Confidential – Redistribution Prohibited • Entire network designed by Cisco • SoC was designed and operated by Cisco • There was no interruption even though thousands of attacks were attempted
    • Cisco Confidential© 2012 Cisco and/or its affiliates. All rights reserved. 31 Security Expertise Collaborative Partner Approach Smart Personalized Services Innovative Security Solutions Security solutions to protect collaborative environments and applications Reduce operating costs with recommendations to improve efficiency and operations Services that support IT efficiency, agility, and overall network health Deploy a highly available, secure converged architecture
    • © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32 Cisco Confidential – Redistribution Prohibited Thank you.Thank you. prakasku@cisco.com, harprsin@cisco.com