This document discusses cybersecurity challenges and provides an overview of key concepts. It covers the CIA security model of confidentiality, integrity and availability. It also discusses identification, authentication and authorization. Additional sections outline cybersecurity elements like people, processes, technology and policies. Cybersecurity statistics on data breaches and spending are presented. Common security threats like SQL injection, password attacks, phishing and ransomware are analyzed. Approaches for both reacting to and avoiding security problems are proposed. The document promotes the services of Cyber Gates for cyber defense.

1. CYBERSECURITY
challenges
Copyright 2016 © CYBER GATES
Samvel Gevorgyan
CEO, CYBER GATES
MSc Cyber Security

2. Cybersecurity components
CIA model
 Confidentiality: Keep secret from those not authorized,
 Integrity: Prevent unauthorized tampering,
 Availability: Ensure authorized parties can access the
data.
 Identification: Who I claim to be (e.g. username,
digital cert),
 Authentication: How I prove it (password, signature),
 Authorization: What is that person allowed to do e.g.
role-based security.
WWW.CYBERGATES.ORG
IAA model

3. Cybersecurity elements
Resources
 People
 Process
 Technology
 Policies and procedures
 Roles and responsibilities
 Risk management
WWW.CYBERGATES.ORG
Governance

4. Cybersecurity statistics
statistics around the Worldwide
Data breaches, by the dollar
 $21,155: The average cost of a data breach, per day
 $7.7 million: The average annualized cost to detect, respond to, and mitigate
a breach globally.
Malware and attack trends, by percentage
 66%: The proportion of a survey of professionals who identified phishing and
social engineering as top threats
 20%: The scope of confirmed data breaches involving social engineering at one
large telecom company.
Cybersecurity spend: Follow the money
 $75.4 billion: The estimated worldwide spending on cybersecurity in 2015
 $19 billion: The proposed federal cybersecurity budget for 2016.
WWW.CYBERGATES.ORG
Source: https://techbeacon.com/resources/cybersecurity-2016-trend-report-ubm-ponemon-study

5. Web security attack statistics
Over 4K hacked websites since 2011.
Top attacks
 Jan 2011 (379)
 Jul 2012 (364)
 Feb 2013 (275)
 Feb 2014 (359)
 Apr 2015 (129)
 Dec 2016 (188)
Attacks around the Worldwide
 Over 1 Billion active websites (NetCraft reports)
 Over 1 Million hacked websites / year (Zone-H reports)
WWW.CYBERGATES.ORG
Attacks in Armenia

6. Target websites of mass attacks
Top 5 categories
 Websites that use same CMS (WordPress,
Joomla, etc.)
 Websites built by the same developer(s)
 Websites that use same technology,
library or certain component
 Websites hosted by the same Hosting
Provider
 Websites of agencies/companies working in
the same industry
WWW.CYBERGATES.ORG

7. Target websites of targeted attacks
Top 5 categories
 Online banks and financial institutions
 Cloud services (dropbox, Gmail, iCloud,
etc.)
 Government agencies, hospitals
 Hosting and Internet Service Providers
(ISP)
 Small outdated websites that are easy to
hack
WWW.CYBERGATES.ORG

8. Cybersecurity threads
Common threads
 Information Leakages
 SQL Injection
 Password bruteforce
attacks
 Phishing
 Social Engineering
 SPAM
 Malicious softwares
 Blacklists
 Botnets
 DoS/DDoS attacks
 Ransomware
WWW.CYBERGATES.ORG

9. Information Leakages
 The revelation of the 1 billion accounts
hack could have implications for the $4.8
billion sale of Yahoo to Verizon, which
has yet to close
 Around 167 million LinkedIn accounts are
now for sale
 Armenian telecom (vivacell, armentel,
orange) databases are free to download
 Armenian online banking system codes has
been stolen by an employee
WWW.CYBERGATES.ORG

10. SQL Injection
 Smart homes can open the doors to
unauthorized people
 98% of Stolen Medical Records due to
Hacking
 Hackers use SQL
Injection attacks
against banks
WWW.CYBERGATES.ORG
Image source: http://www.asianmirror.lk/news/item/16544-commercial-bank-of-ceylon-hacked

11. Password bruteforce attacks
 Hackers target websites or IoT devices
with weak or default passwords
 Authentication systems with no limits for
login attempts
WWW.CYBERGATES.ORG

12. Social Engineering & Phishing
Phishing is a Social Engineering technique to steal
confidential information about the victim such as user login
credentials, credit card information, etc. through the use of
fake login page.
Why social engineering?
- Hacking a human is
much easier than hacking
a business
- Attackers prey on your
human weakness
WWW.CYBERGATES.ORG

13. SPAM
WWW.CYBERGATES.ORG
 Corporate emails used in forums and
social networks
 Corporate emails found in leaked sources
 Email addresses found using dictionary
based bruteforce attacks

14. Malicious software
WWW.CYBERGATES.ORG
 Cloacking: malicious code in a webpage
displays porn for certain IP addresses
 Malicious code redirects to a malicious
website asking to update your system or
displays an advertisement
 Malicious software steals credentials
 Malicious software spreads within your
corporate network

15. Blacklists
WWW.CYBERGATES.ORG
 Realtime Blackhole Lists (RBL's)
-Centralized databases to prevent SPAM
 Google backlist
-Site loses nearly 95% of its organic
traffic
-Modern web browsers display warning
message when someone open your website

16. Botnets
WWW.CYBERGATES.ORG
 Your infected machine becomes a proxy
server, spreads adwares or used for
DoS/DDoS attacks
 Make sure your device firmware does not
have an in-build backdoor
 Make sure you have already changed your
device default password

17. Denial-of-service attack
WWW.CYBERGATES.ORG
 CloudFlare protects you from web-based
denial-of-service attacks
 BBC became the target of 602 Gbps DDoS
attack
 DDoS attack that disrupted internet was
largest of its kind in history: Dyn
published on Wednesday, Mirai was the
“primary source of malicious attack
traffic”

18. Ransomware
WWW.CYBERGATES.ORG
 A malicious software encrypts your files.
You must pay to recover them.
 Tens of thousands of variants of over 40
ransomware families including Locky,
CryptoWall, TeslaCrypt, and Cerber.

19. Plan A: fixing the problem
Reactive approaches
 Computer Emergency Response Team (CERT)
E-mail notifications about an incident
Online support (SIP calls)
 Support
 Investigation (Digital Forensics)
 Consultancy
WWW.CYBERGATES.ORG

20. Plan B: avoiding the problem
Proactive approaches
 Testing
Network/Host Vulnerability Assessment
Penetration Testing
Source Code Auditing
 Protecting (WebShark, PinCat)
 Training
Corporate trainings
University programs
WWW.CYBERGATES.ORG

21. Swiss Army Knife to help you
defend against hackers
WWW.CYBERGATES.ORG

22. CYBER GATES
 Corporate website
www.cybergates.org
 Company profile on Twitter
www.twitter.com/CyberGatesLLC
 Company fan page on Facebook
www.facebook.com/Cyber.Gates.page
 Company profile on LinkedIn
www.linkedin.com/company/CyberGates-LLC
 Company channel on Vimeo
www.vimeo.com/CyberGates
 Company channel on YouTube
www.youtube.com/TheCyberGates
Contacts