• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
02. R U Sure U R Secure
 

02. R U Sure U R Secure

on

  • 563 views

This presentation presentated by Gildas Deograt Lumy "Simulasi Scirital Information Infrastructure Protection (CIIP)" , Bandung, Indonesia 10th September 2013 on #IISF2013

This presentation presentated by Gildas Deograt Lumy "Simulasi Scirital Information Infrastructure Protection (CIIP)" , Bandung, Indonesia 10th September 2013 on #IISF2013

Statistics

Views

Total Views
563
Views on SlideShare
556
Embed Views
7

Actions

Likes
1
Downloads
85
Comments
0

2 Embeds 7

https://twitter.com 6
https://web.tweetdeck.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    02. R U Sure U R Secure 02. R U Sure U R Secure Presentation Transcript

    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? R U Sure U R Secure?
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Oil and Gas SCADA/DCS Case: Gazprom, April 2000  Gazprom is the world's largest natural gas producer and Western Europe's largest source.  “ Russian authorities revealed this week that Gazprom, a state-run gas utility, came under the control of malicious hackers.  The intruders succeeded in defeating the company's security and breaking into systems controlling gas pipelines, Interior Ministry spokesman Colonel Konstantin Machabeli said.  The flow of natural gas was under the control of outsiders for some time, Machabeli reported. The Colonel said the intruders used some type of Trojan to gain access, but didn't name it. “
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Oil and Gas SCADA/DCS Case: Olympic Pipe Line Co., July 1999  Breakdowns in the Olympic Pipe Line Co. computer system just before and during last month's deadly accident in Bellingham have so alarmed federal regulators that they have issued a nationwide warning.  The federal Office of Pipeline Safety issued the warning... The advisory details a series of computer failures on June 10 around the time Olympic's 16-inch line leaked up to 277,000 gallons of gasoline into Bellingham creeks. Gasoline vapor later exploded in flames, and two 10-year-old boys and a teenager were killed.  After the accident, Olympic acknowledged that its computer system crashed on the afternoon of the accident. The computer problems may have kept Olympic personnel from reacting quickly to the leak, regulators said. ”
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Oil and Gas SCADA/DCS Case: Davis-Besse  “ The Slammer worm penetrated a private computer network at Ohio's Davis-Besse nuclear power plant in January and disabled a safety monitoring system for nearly five hours...  The Slammer worm entered the Davis-Besse plant through a circuitous route. It began by penetrating the unsecured network of an unnamed Davis-Besse contractor, then squirmed through a private connection bridging that network and Davis-Besse's corporate network.  One of multiple connections into Davis-Besse's business network completely bypassed the plant's firewall, which was programmed to block the port Slammer used to spread.  Some people in Corporate's Network Services department were not aware of the connection.
    • R U Sure U R Secure? XecureIT ©PTIMANTeknologiInformasi Cyberwar Case: 3 Kiloton Explosion, June 1982
    • R U Sure U R Secure? XecureIT ©PTIMANTeknologiInformasi Cyberwar Case: DNS Service Provider
    • R U Sure U R Secure? XecureIT ©PTIMANTeknologiInformasi Cyberwar Case: People Powered
    • R U Sure U R Secure? XecureIT ©PTIMANTeknologiInformasi Espionage Case: Government Involvement
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Espionage Case: Coca-Cola and Pepsi  An executive administrative assistant at Coke in Atlanta offering samples of a new product to Pepsi for $1.5 million.  He sent the initial letter to Pepsi using an official Coca-Cola envelope on May 19, 2006.  He gave 14 pages of Coca-Cola documents marked "Classified -- Confidential" and "Classified -- Highly Restricted".  "I can even provide actual products and packaging of certain products, that no eye has seen, outside of maybe five top execs," the letter states.  Coca-Cola CEO thanked Pepsi officials for alerting their competitor "to this attack." Source: CNN
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Espionage Case: McLaren vs Ferrari, July 2007  Ferrari engineer passes two computer discs to Mike Coughlan, chief designer of McLaren.  Contain 780 pages of Ferrari technical information.  Mr Coughlan's wife was copying the dossier in a photocopying shop.  A staff member from the shop tipped off Ferrari after realizing that the documents were confidential.  "We would not have found out about it were it not from a tip-off by the photocopying agency," said Ferrari Source: New Zealand Herald, July 2007
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Malicious Employee Case: Societe Generale  Jerome Kerviel is a trader  He subverted Societe Generale's systemwide safeguards and security controls.  Led to $7.2 billion in losses for one of France's largest banks.
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Malicious Contractor Case: Fannie Mae  Unix engineer and IT contractor Rajendrasinh Makwana installed a "server bomb" on Fannie Mae's (the mortgage giant) servers.  He was embedding a malicious script in fall 2008.  The script was to go off on Jan. 31, 2009 and "would have disabled monitoring alerts and all log-ins, deleted the root passwords to the approximately 4,000 Fannie Mae servers, then erased all data and backup data on those servers by overwriting with zeros.  By chance, a Fannie Mae employee discovered the malicious script before it went off.
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Malicious Auditor Case: KPMG  In the spring of 2005, Guy Enright, an accountant at KPMG Financial Advisory Services Ltd. in Bermuda, got a call from a man identifying himself in a crisp British accent as Nick Hamilton.  Enright believed Hamilton was a British intelligence officer  Hamilton wanted information about a KPMG project that had national security implications for Britain.  Soon, Enright, who was born in Britain, was depositing confidential audit documents in plastic containers at drop-off points designated by Hamilton.
    • R U Sure U R Secure? XecureIT ©PTIMANTeknologiInformasi Case: Verisign
    • R U Sure U R Secure? XecureIT ©PTIMANTeknologiInformasi Case: Heartland
    • R U Sure U R Secure? XecureIT ©PTIMANTeknologiInformasi Case: UK Royal Navy Laptop
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Case: Microsoft Web Site
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Case: Citibank
    • R U Sure U R Secure? XecureIT ©PTIMANTeknologiInformasi Cases: e-Banking
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? Case: Victim of Stolen ID
    • XecureIT ©PTIMANTeknologiInformasi R U Sure U R Secure? More Cases... @XECUREIT