Tt 06-ck

498 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
498
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
15
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Tt 06-ck

  1. 1. www.cdicconfere n ce. c om Cyber Defense Initiative Conference 2011 20 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok “Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity” รับมือภัยยุคใหม่ดวย ้MDM และ Deep Network Traffic Analysis อ.ไชยกร อภิวฒโนกุล ั CISSP, CSSLP, GCFA, (IRCA:ISMS) Chief Executive Officer, S-Generation Co., Ltd.Committee, Thailand Information Security Association (TISA)
  2. 2. Name: Chaiyakorn Apiwathanokul ไชยกร อภิวัฒโนกุล Title: Chief Executive Officer Company: S-GENERATION Company Limited Asia Forensic Hub Company Limited Certificates: CISSP, CSSLP, IRCA:ISMS (ISO27001), SANS:GCFA• CSO ASEAN Award 2010 by Ministry of Information and Communications and Ministry of Public Security, Vietnam• 2010 Asia-Pacific Information Security Leadership Achievements (ISLA) by (ISC)2, Honoree in the Senior Information Security Professional category• Security Sub-commission under Thailand Electronic Transaction Commission (ET Act B.E. 2544)• Contribute to Thailand Cyber Crime Act B.E.2550• Workgroup for CA service standard development• Committee of national standard adoption of ISO27001/ISO27002• Committee of Thailand Information Security Association (TISA)• Committee of Cybersecurity workforce development, Division of Skill Development, Ministry of Labour chaiyakorna@hotmail.com• Advisor to Department of Special Investigation (DSI)• Advisor to Ministry of Defense, Cyber Operation Center 1997 1999 2000 2004 2006 2011
  3. 3. Press Release“ปั จจุบันโทรศัพ ท์มอ ถือกลายเป็ นปั จ จั ยพื้นฐานทีสาคัญสาหรั บหลายๆ คน ื ่นอกจากจะใชเป็ นโทรศัพท์แล ้ว ยังเป็ นเสมือนเครืองคอมพิวเตอร์เล็ กๆ ทีม ี ้ ่ ่ ิ ่ ่ ้ ื่ ่ประสทธิภาพสูงเครืองหนึงทีใชในการเชอมต่อเข ้าสูโลกอินเทอร์เน็ ต สามารถ ่ท ากิจ กรรมหลากหลายทั ง ส ่ว นตั ว เรื่อ งงาน และธุ ร กรรมต่ า งๆ จึง ท าให ้ ้โทรศัพ ท์มอ ถือ กลายเป็ นเป้ าหมายใหม่ทสาคัญสาหรั บด ้านมืด ของโลกไซ ื ี่ ัเบอร์ เพราะโทรศพท์มอถือในปั จจุบันแทบไม่ตางอะไรกับเครือง PC เครือง ื ่ ่ ่หนึงเลย เพียงแต่ขนาดเล็กลงและสามารถพกพาไปได ้อย่างสะดวกบนฝ่ ามือ ่ ่ ัจึงนาไปสูคาถามว่าแล ้วโทรศพท์มอถือเหล่านี้ได ้รับการปกป้ องคุ ้มครองจาก ื ่ ่ ่ภัยต่างๆ เหมือนกับทีเราปกป้ องเครือง PC ของเราหรือไม่ เชน การ patchOS, โปรแกรมป้ องกันไวรัส และ ไฟร์วอล ทีป้องกันไม่ให ้เครืองเราถูกโจมตี ่ ่ ่หรือสงข ้อมูลจากเครืองของเราออกไปโดยทีเราไม่รู ้ตัว” ่ ่... ไชยกร อภิวัฒโนกุล
  4. 4. Agenda Mobile challenges for enterprises What to look for in MDM solution Advanced threats over the network Advanced tool for advanced analysis 4
  5. 5. www.cdicconfere n ce. c omCyber Defense Initiative Conference 201120 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok“Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity” 5
  6. 6. Simple Questions Do you LOCK your mobile device? Do you have Anti-malware installed? How many Apps in you device? Are them all Trustworthy? Have you ROOTED/Jail-broken your device? 6
  7. 7. The lost cell phone project  What would you do if you found a smartphone?  Symantec researchers intentionally drop 50 smartphones in 5 cities  Some traps and tracking apps were installed to observe the behavior of the phone finders  Contact, banks info, HR files, saved passwordhttp://digitallife.today.msnbc.msn.com/_news/2012/03/08/10595092-exclusive-the-lost-cell-phone-project-and-the-dark-things-it-says-about-us
  8. 8. This map shows where one finder moved the phone; a chart on the right shows what apps and files were accessed.
  9. 9. Findings 43% of finders clicked on an app labeled "online banking.“ 53% clicked on a filed named "HR salaries." 57% opened a file named "saved passwords” 60% checked on social networking tools and personal e-mail 72% tried on folder labeled "private photos”
  10. 10. Findings 89% of finders clicked on something they probably shouldnt have. Only 50% of finders offered to return the gadgets 30% of finders in NY return the gadgets 70% of finders in Ottawa return the gadgets The person who returned the phone also tamper to personal information
  11. 11. Studies show 50% of smartphone users do not have password-protect their phones “Convenience” supersedes “Security” 100% of those who lost their phones never thought they would After 1 phone lost, behavior changes
  12. 12. The Common Fails! Lost  Free WiFi lovers Stolen  Lots of apps Left unattended (trusted/untrusted) No passcode  Location service protected  Just click Full time WiFi on and with “Auto connect”
  13. 13. Common Mobile Spyware Features Call Log  Cell ID Locations Each incoming and outgoing number is logged  ID information on all cell towers that the along with duration and time stamp. device enters into range of is recorded. SMS (Text Messages) Log E-Mail Log Every text message is logged even if the phones  All inbound & outbound email activity from the logs are deleted. Includes full text. primary email account is recorded. GPS Locations Log Calendar Events GPS postions are uploaded every thirty minutes  Every calendar event is logged. Date, time, with a link to a map. and locations are recorded. Contacts URL (Website) Log Every contact on the phone is logged. New  All URL website addresses visited using the contacts added are also recorded. phones browser are logged. Tasks Photo & Video Log All personal tasks that are created are logged  All photos & videos taken by the phone are and viewable. recorded & are viewable. Memos Every memo input into the phone is logged and viewable.
  14. 14. ดักฟั งการสนทนา
  15. 15. Mobile device + Camera + GPS + social media = ? ่ ้โปรแกรมถ่ายรูปบนมือถือ ทีใชอยู่ บอกข ้อมูลอย่างอืนด ้วยหรือ ?? ่ Exif Meta Dataความเสยงี่- ถูกติดตามได ้จากใครก็ได ้ แฟนคลับ ?? ี- มิจฉาชพ ผู ้ไม่หวังดี ??- ขบวนการค ้ามนุษย์
  16. 16. SSL Strip  https > http  https (without awareness) = http  Man-in-the-Middle Attackhttp://surajonunix.wordpress.com/2012/02/24/man-in-the-middle-using-ssl-strip/
  17. 17. Free WiFi…Are you sure ?
  18. 18. There are ways to compromise your mobile device 18
  19. 19. Where is your business data? 76% of smartphone and tablet users access business information on their mobile devices. Source: globalthreatcenter.com Where to draw the line? Corporate Data/App Personal Devices
  20. 20. One phone for personaland one for work?  unlikely
  21. 21. Take Control and Respect Privacy Mixture Environment Corporate Personal ownedissued devices Corporate Data/App devices Personal Data/App 21
  22. 22. Facts about Consumerization 600 surveys US, DE, JP June 2011Source: Cesare Garlati @ Trend Micro
  23. 23. Take The BalanceSecurity Risk  IT Risk  Business Risk Business SECURITY Enablement
  24. 24. Solution Administrative Control – Corporate policy – Standard/Guideline – Process/Procedure Physical Control –Tools Logical Control –Tools ISACA, BMIS (Business Model for Information Security
  25. 25. ISO27001 Compliance RequirementA.7 Asset management A.7.2 Information classificationA.9 Physical and environmental security A.9.2 Equipment security A.9.2.5 Security of equipment off-premises A.9.2.6 Secure disposal or re-use of equipmentA.11 Access control A.11.7 Mobile computing and teleworking A.11.7.1 Mobile computing and communications A.11.7.2 Teleworking
  26. 26. Tool to use for controlling mobile devices in enterprise MDM Mobile Device Management 26
  27. 27. www.cdicconfere n ce. c omCyber Defense Initiative Conference 201120 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok“Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity” 27
  28. 28. 28
  29. 29. URGENT: End-to-End Mobile Security Framework
  30. 30. Example of Policy Implementation
  31. 31. Example of Policy Implementation
  32. 32. 10 Questions to ask1. Does your solution feature end-to-end security across mobile devices, apps, the network, and data?2. Beyond setting security policies, does your solution give me the option to set dynamic, context-aware policies?3. Beyond application security and access policies, does your MDM solution let me grant granular access to mobile apps on an app-by-app basis, and can I segregate my critical business apps from non-compliant or potentially malicious apps? 34
  33. 33. 10 Questions to ask4. Can your solution monitor and profile mobile network traffic and user behavior, and can we integrate it with our Security Information and Event Management (SIEM) solution?5. If we use your MDM solution, can our IT department support employee devices remotely?6. Is your solution architected for security, and will my data reside behind my firewall? 35
  34. 34. 10 Questions to ask7. Can your solution scale to support multiple locations and all of my employees? Tell me about your largest deployment (size, hardware required to support), and how many large production deployments do you have, and how long have you had them?8. Is your solution highly available at all tiers: web, app, data, and, in the case of cloud, at the data center? Do you back that up with a 100% uptime service level agreement for cloud?9. Does your solution feature flexible deployment options? 36
  35. 35. 10 Questions to ask10. Does your solution feature Mobile Data Leakage Prevention, or prevent leakage of my sensitive business data via mobile devices? 37
  36. 36. www.cdicconfere n ce. c omCyber Defense Initiative Conference 201120 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok“Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity” 39
  37. 37. Intelligence-driven security 40
  38. 38. Intelligence-driven security 41
  39. 39. www.cdicconfere n ce. c omCyber Defense Initiative Conference 201120 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok“Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity” 42
  40. 40. 43
  41. 41. The Need for Best-of-Breed 44
  42. 42. To Look For 45
  43. 43. Key Questions Key challenge of network security today? Network awareness? Building perimeter around data? Intelligent-driven security? Network intelligence into business intelligence? How to analyze encrypted/obfuscated traffic? 46
  44. 44. Conclusion The war continues The bad guys are still out there Technology changes, strategy changes If you are out of the speed, you will lose 47
  45. 45. www.cd iccon f e r en c e.c o m Cyber Defense Initiative Conference 2011 20 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok “Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity”© 2012 S-Generation Co., Ltd.
  46. 46. Please visith t t p : / / w w w. S - G E N E R AT I O N . c o m for more information Thank You www.cdicconference.com 49

×