Black Hat Conference 2009 Findings:
What Can the Network Security Industry
           Expect in 2010?

                Chr...
Focus Points


•   About Vulnerability Research
•   Overview of the Black Hat Conference
•   Major Highlights of the Confe...
About Vulnerability Research


•   Vulnerability research is the foundation for numerous network
    security solutions su...
Overview of the Black Hat Conference




•   The Black Hat Conference is the largest, and best known security
    conferen...
Overview of the Black Hat Conference (cont.)

•   Historic Black Hat Conference events:
    - Dan Kaminsky’s DNS cache poi...
Major Highlights of the 2009 Black Hat Conference


•   MMS and SMS flaws (mobile phone hijack via text message)
•   iPhon...
MMS and SMS Flaws


•   MMS and SMS data use has grown at a high rate over the years,
    and is forecasted to continue to...
MMS and SMS Flaws (cont.)


           •   Luis Miras and Zane Lackey, of iSec Partners,
               presented a vulner...
Rootkits


•   A rootkit is software designed to secretly control a computer.
•   A rootkit uses advanced techniques to ta...
Rootkits (cont.)


•   Security researcher Dino Dai Zovi demonstrated how to load an
    advanced rootkit on Mac OS X mach...
SSL Encryption Issues


•   SSL is a trusted, secure protocol for encryption and
    authentication.
•   Dan Kaminsky pres...
SSL Encryption Issues (cont.)


•   In a similar presentation, security researcher Moxie Marlinspike
    showed how an att...
Fake ATM/Card Skimmer


•   A card skimmer was installed on an ATM near
    the hotel that the Black Hat Conference
    at...
Conficker Discussion


•   Conficker is a computer worm that infected up to 10 million
    machines.
•   The botnet had an...
Expected Trends


•   What are customer and vendor plans for SSL communications?
•   What this SSL vulnerability means for...
Major Industry Participants




                              16
Key Conclusions


•   The demand for original vulnerability research will only grow as
    the race to defeat hackers inte...
Next Steps


 Request a proposal for a Growth Partnership Service to support you
 and your team to accelerate the growth o...
Your Feedback is Important to Us


          What would you like to see from Frost & Sullivan?

Growth Forecasts?

Competi...
For Additional Information



Jake Wengroff                Craig Hays
Global Director              Sales Manager
Corporate...
Upcoming SlideShare
Loading in …5
×

Black Hat Conference 2009 Findings: What Can the Network Security Industry Expect in 2010?

1,748 views

Published on

A presentation focusing on vulnerability research, the recent Black Hat security conference highlights, and expected future trends in the network security industry.

Published in: Business, Technology
1 Comment
2 Likes
Statistics
Notes
No Downloads
Views
Total views
1,748
On SlideShare
0
From Embeds
0
Number of Embeds
28
Actions
Shares
0
Downloads
5
Comments
1
Likes
2
Embeds 0
No embeds

No notes for slide

Black Hat Conference 2009 Findings: What Can the Network Security Industry Expect in 2010?

  1. 1. Black Hat Conference 2009 Findings: What Can the Network Security Industry Expect in 2010? Chris Rodriguez Research Analyst, Network Security September 15, 2009
  2. 2. Focus Points • About Vulnerability Research • Overview of the Black Hat Conference • Major Highlights of the Conference • Expected Trends • Key Conclusions 2
  3. 3. About Vulnerability Research • Vulnerability research is the foundation for numerous network security solutions such as IPS devices and endpoint protection software. • Vulnerability research is the frontline of defense from malicious code writers and cyber attackers. 3
  4. 4. Overview of the Black Hat Conference • The Black Hat Conference is the largest, and best known security conference series in the world. • This conference is designed to serve the information security community by “delivering timely, actionable security information in a friendly, vendor-neutral environment.” 4
  5. 5. Overview of the Black Hat Conference (cont.) • Historic Black Hat Conference events: - Dan Kaminsky’s DNS cache poisoning vulnerability - Cisco IOS flaw that resulted in a lawsuit - Using virtualization to create undetectable malware - Weaknesses in network security technology, i.e. NAC - Vertical-specific exploits, (GSM, ATMs, public transportation) Black Hat NAC Cisco Blue Pill, the Kaminsky’s called “a series bashed sues undetectable DNS attacks of rock throwing incidents” rootkit 2000 2000 2005 2005 2006 2006 2007 2007 2008 2008 2009 2009 5
  6. 6. Major Highlights of the 2009 Black Hat Conference • MMS and SMS flaws (mobile phone hijack via text message) • iPhone code execution/denial-of-service MMS attack • Advanced Mac OS X rootkits • Factory-installed BIOS rootkits • Apple keyboard rootkit • SSL encryption protocol flaws • SSL spoofing • Fake ATM/card skimmer • Conficker discussion sanitization 6
  7. 7. MMS and SMS Flaws • MMS and SMS data use has grown at a high rate over the years, and is forecasted to continue to grow significantly. • 900 billion SMS messages sent/received in 2008 (an increase of 132% from 2007) 7
  8. 8. MMS and SMS Flaws (cont.) • Luis Miras and Zane Lackey, of iSec Partners, presented a vulnerability in the way mobile phones handle SMS messages. • This flaw enables an attacker to hijack smartphones, with varying degrees of control. • An app called There’s an Attack For That (TAFT) is a suite of hacking tools for jailbroken iPhones. • A related presentation demonstrated an attack that uses a corrupt MMS message to kill iPhones. 8
  9. 9. Rootkits • A rootkit is software designed to secretly control a computer. • A rootkit uses advanced techniques to take full control of a system, obscure itself, and survive most attempts to remove it. • Rootkits are very dangerous, and are often used by hackers to make malware more effective and nefarious. • Researchers at CoreSecurity announced that they discovered factory installed software that behaved as a rootkit. • Absolute Software’s CompuTrace LoJack for Laptops is designed to protect and help locate stolen laptops. • While not inherently malicious, the researchers claim that it’s not very secure - leaving the possibility for devastating attacks. 9
  10. 10. Rootkits (cont.) • Security researcher Dino Dai Zovi demonstrated how to load an advanced rootkit on Mac OS X machines. • This is a severe issue with Mac OS X, which has been struggling for market share against Windows. • An Apple keyboard was also discovered to be susceptible to a rootkit attack through its firmware update system. 10
  11. 11. SSL Encryption Issues • SSL is a trusted, secure protocol for encryption and authentication. • Dan Kaminsky presented on problems with X.509 certificates, which are used for SSL encryption and authentication. • X.509 certificates use an outdated and weak cryptographic hash function, MD2. • VeriSign, the leading provider of digital certificates, downplayed this announcement, saying that they no longer use MD2. • Regardless, businesses have invested millions of dollars in X.509, and yet it suffers both from technical and structural issues. 11
  12. 12. SSL Encryption Issues (cont.) • In a similar presentation, security researcher Moxie Marlinspike showed how an attacker could spoof SSL certificates. • Marlinspike was able to trick a Web browser into accepting code, which can give an attacker a number of attacks to perpetrate. 12
  13. 13. Fake ATM/Card Skimmer • A card skimmer was installed on an ATM near the hotel that the Black Hat Conference attendees were using. • Chris Paget, an security expert for Google, was attending the conference when he discovered the device and reported it to authorities. • This follows the recent report of a complete, working, fake ATM that was placed at the DefCon convention. • Coincidentally, a presentation about this banking technology was pulled in order to give the affected vendors time to resolve the issue. 13
  14. 14. Conficker Discussion • Conficker is a computer worm that infected up to 10 million machines. • The botnet had an activation date of April 1, 2009, but nothing happened after all. • The security community is still trying to track down the perpetrators. • Conficker uses numerous advanced malware techniques to avoid detection and deletion. • A presentation about the Conficker worm was censored to avoid tipping off the malware’s authors. 14
  15. 15. Expected Trends • What are customer and vendor plans for SSL communications? • What this SSL vulnerability means for browser developers. • Attackers continue to become increasingly nefarious, while their tools grow in sophistication and complexity. • Is criticism of factory installed grayware warranted? • Mobile phones are the next major platform to be targeted for attacks. • How will cell phone manufacturers react to these security threats? • Who’s responsibility is it to secure third-party apps? • The security industry is becoming more responsible and cooperative in its efforts of defeating hackers. 15
  16. 16. Major Industry Participants 16
  17. 17. Key Conclusions • The demand for original vulnerability research will only grow as the race to defeat hackers intensifies. • Key Internet infrastructure still has high risk vulnerabilities that have not been fixed yet. • As mobile devices become more connected and powerful, these devices will become primary targets of hackers. • Mobile phone developers generally have less experience with QA and security testing, which may leave this attack vector exposed. • With mobile devices, third-party applications are unregulated, which introduces a critical attack vector. • Responsible reporting and cooperation indicates an immense potential for success against cyber threats. 17
  18. 18. Next Steps Request a proposal for a Growth Partnership Service to support you and your team to accelerate the growth of your company. (myfrost@frost.com) 1-877-GoFrost (1-877-463-7678) Register for the next Chairman’s Series on Growth: The Growth Excellence Model: Competitive Benchmarking & Growth Investing (October 6th) (http://www.frost.com/growth) Register for Frost & Sullivan’s Growth Opportunity Newsletters and keep abreast of innovative growth opportunities. (www.frost.com/news) 18
  19. 19. Your Feedback is Important to Us What would you like to see from Frost & Sullivan? Growth Forecasts? Competitive Structure? Emerging Trends? Strategic Recommendations? Other? Please inform us by taking our survey. 19
  20. 20. For Additional Information Jake Wengroff Craig Hays Global Director Sales Manager Corporate Communications Information & Communication (210) 247-3806 Technologies jake.wengroff@frost.com (210) 247-2460 chays@frost.com Robert Ayoub Industry Manager Network Security (210) 247-3808 robert.ayoub@frost.com 20

×