Cyber Security


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cyber Security

  1. 1. Cyber Security:Threats and CountermeasuresKah-Kin HoHead of Cyber Security Business DevelopmentGlobal Government Solutions Group9th Oct 2012© 2011 Cisco and/or its affiliates. All rights reserved. 1
  2. 2. Agenda Threat Landscape – Technical, Social, Political Lead Methodology Cisco Security Intelligence Operations Concluding Remarks 2
  3. 3. Recent Trends Security conscious users are targeted. Bad guys getting better in evading detection. Legitimate sites used by bad guys for profit making activities. Overwhelming AV companies. Social networks targeting. 3
  4. 4. Legitimate alert 4
  5. 5. Copied Alert 5
  6. 6. Which one is real? 6
  7. 7. Or this ? 7
  8. 8. They are all Fake. 8
  9. 9. Intelligence Evasion
  10. 10. Intelligence Evasion
  11. 11. $ echo "aHR0cDovL2JpdC5seS9SNlNUViAgaHR0cDovL2JpdC5seS8yS29Ibw==" | openssl base64 -dhxxp:// hxxp://
  12. 12. 12
  13. 13. Unique Malware Content 13
  14. 14. The Facebook Vector
  15. 15. Hackerville: The Romanian cybercriminalhotspot Râmnicu Vâlcea
  16. 16. Tallinn Estonia 2007
  17. 17. Russia – Georgia War 2008
  18. 18. China’s Emergence
  19. 19. Motivation: Status and Ego
  20. 20. Lead Capacity Resource surge capacity Degraded organization capacityMethodology Shock Normality line event Impact reduction Respond Recover
  21. 21. Picking a Needle out of a HaystackCustomized ThreatBypasses Security Customized Threat Gateways Enters from Inside Firewall Threat Spreads Inside Perimeter IPS N-AV Threat Spreads to Devices Web Sec Email Sec Perimeter security stops many threats but Sophisticated Cyber Threats Evade Existing Security Constructs Fingerprints of Threat are Found Only in Network Fabric
  22. 22. Detection is key to Respond and Recover 25
  23. 23. Cisco Cyber Threat Defense NetFlow Stealth ISE Watch Threat Profile
  24. 24. Cisco Cyber Threat Defense Traffic: P2P Destination: Reputation: -6 Threat Malware: Zeus User: Jane Smith Access Group: Guest Device: Laptop Context Location: Campus HQ Access Method: Wireless User: John Doe Access Group: Finance Threat Device: Android Phone Context Profile Location: Remote Access Method: VPN
  25. 25. Lead Methodology Resource surge capacity Degraded organization capacity Capacity shock Normality event Likelihood of Attack and Vulnerability Reduction Impact Reduction Prevent Prepare Detection Respond Recover Intelligence-led approach Cisco Security Intelligence Operation
  26. 26. SensorBase Threat Operations Center Dynamic Updates
  27. 27. Security Support Operations Current SSO Presence in the Following Regions: • California • Texas • Ohio • Idaho • China • Ukraine • UK • Canada • India • AustraliaLanguages: Arabic, Farsi/Persian, Hebrew, Syriac, Urdu, Bengali, Gujarati, Gurmukhi, Hindi, Marathi, Sinhala, Tamil, Thai, Chinese, Japanese, Korean,Belarusian, Bulgarian, Kazakh, Macedonian, Russian, Ukrainian, Greek, Armenian, Georgian, Basque, Catalan, Croatian, Czech, Danish, Dutch,English, Estonian, Filipino, Finnish, French, German, Hungarian, Icelandic, Indonesian, Italian, Malay, Norwegian, Polish, Portuguese, Romanian,Slovak, Slovene, Spanish, Swedish, Turkish, Vietnamese
  28. 28. Global Context: Data Makes a Difference Cisco SIO Context Aware Policy Nexus 1K and Cloud Connected Network AnyConnect TrustSec TrustSec Cisco Aware Enforcement Context Infrastructure Network Application Programming Interfaces Management Services Partners
  29. 29. Context Inspection• Where’s it coming from? From• How many others have seen it? :Aunt Jenny 234 Any St.• How new is it? Anytown, CA• Who owns the package?• What else have they sent us?• Is the sender even a real person?
  30. 30. Deny 13. Allow Everything Else.
  31. 31. Feeds Endpoint Email TelemetryWeb Corpora IPS Cloud Human Intel Firewall
  32. 32. Targeted attacks 42
  33. 33. Cisco
  34. 34. Concluding Remarks
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.