SlideShare a Scribd company logo

180814 cloudsec2018 charles mok1

Charles Mok
Charles Mok

Understanding and Tackling Emerging Cyber Threats Aug 14 2018 Trend Micro's CLOUDSEC 2018 "Freedom to Connect"

Technology
1 of 20
Download to read offline
www.cloudsec.com | #cloudsec Understanding and Tackling Emerging Cyber Threats Charles Mok | Legislative Councillor (IT) @charlesmok
#cloudsec Under Armour: one of the biggest hacks in history  Number Of Records Exposed: 150 Million  in March data from some 150 million MyFitnessPal diet and fitness app accounts had been compromised.  Hacked: account user names, email addresses and scrambled passwords
#cloudsec Singapore health database targeted by criminals
#cloudsec
#cloudsec
#cloudsec Known threats, new variations Smaller cloud operators becoming more attractive targets with massive data, higher vulnerability  DDoS attacks  Phishing attacks  Malware  Ransomware How to protect corporate and customer information from data thieves?
#cloudsec Online service provider hacked with far-reaching impact
#cloudsec Is 2FA secure enough?
#cloudsec With the consequences & implications of cyber attacks getting bigger, how confident are you in your cybersecurity strategy?
#cloudsec New technologies are escalating the rapidly changing arms race between attackers and defenders. What do emerging threats look like?
Weaponization of AI and machine learning means faster attacks • Vulnerability discovery using AI tools • Exploitation: quickly generate exploit variants • Post-exploitation (discovery and exploitation of other vulnerabilities inside) • Data theft: AI-powered data search and classification
Cyberattacks powered by AI makes prevention more difficult - AI can create more convincing phishing email customised to human - AI-powered malware design - study patterns of user behavior within a network - automated bot attacks
From stealing data to stealing computer processing power
Cyber-physical attacks: The Internet of Things risk Wide open for hackers: unsecured older devices that may never be updated - connected video cameras - home appliances - smartwatches - other IoT devices Are the large volume of data encrypted? Are the firmware updated? Are the devices compromised to become part of botnet?
The Booming Cybercrime Economy study finds cybercriminal revenues hit US$1.5T annually US$860 billion – Illicit/illegal online markets US$500 billion – Theft of trade secrets/IP US$160 billion – Data trading US$1.6 billion – Crimeware-as-a-Service US$1 billion – Ransomware Source: Study by researcher Dr. Michael McGuire for Bromium (Apr 2018)
Cybercrime-as-a-Service Hackers for hire (In USD) Zero-day Adobe exploits, up to $30,000 Zero-day iOS exploit, $250,000 Malware exploit kit, $200-$600 per exploit Blackhole exploit kit, $700/month or $1,500/year Custom spyware, $200 SMS spoofing service, $20 per month Hacker for hire, around $200 for a “small” hack Source: Study by researcher Dr. Michael McGuire for Bromium (Apr 2018)
Cybercrime-as-a-Service Hackers for hire (In USD) Zero-day Adobe exploits, up to $30,000 Zero-day iOS exploit, $250,000 Malware exploit kit, $200-$600 per exploit Blackhole exploit kit, $700/month or $1,500/year Custom spyware, $200 SMS spoofing service, $20 per month Hacker for hire, around $200 for a “small” hack Source: Study by researcher Dr. Michael McGuire for Bromium (Apr 2018)
#cloudsec Keep up with the attackers: investment & execution  Invest in innovative technologies to supplement human- centric activities  Assessing evolving risks and detect threats via big data analytics  Closing the cybersecurity skills gap by training
180814 cloudsec2018 charles mok1

Recommended

Cyber attacks in 2021
Cyber attacks in 2021Cyber attacks in 2021
Cyber attacks in 2021redteamacademypromo
 
Why Threat Intelligence Is a Must for Every Organization?
Why Threat Intelligence Is a Must for Every Organization?Why Threat Intelligence Is a Must for Every Organization?
Why Threat Intelligence Is a Must for Every Organization?EC-Council
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity PredictionsPaloAltoNetworks
 
Your Data Is Under Siege: Fortify Your Endpoints
Your Data Is Under Siege: Fortify Your EndpointsYour Data Is Under Siege: Fortify Your Endpoints
Your Data Is Under Siege: Fortify Your EndpointsInsight
 
Four Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationFour Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationAboutSSL
 
Home cyber security
Home cyber securityHome cyber security
Home cyber securityMichael File
 
CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270Dario
 
The Top Three 2021 Cyber Threats
The Top Three 2021 Cyber ThreatsThe Top Three 2021 Cyber Threats
The Top Three 2021 Cyber ThreatsSai Huda
 

Recommended

Cyber attacks in 2021
Cyber attacks in 2021Cyber attacks in 2021
Cyber attacks in 2021redteamacademypromo
 
Why Threat Intelligence Is a Must for Every Organization?
Why Threat Intelligence Is a Must for Every Organization?Why Threat Intelligence Is a Must for Every Organization?
Why Threat Intelligence Is a Must for Every Organization?EC-Council
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity PredictionsPaloAltoNetworks
 
Your Data Is Under Siege: Fortify Your Endpoints
Your Data Is Under Siege: Fortify Your EndpointsYour Data Is Under Siege: Fortify Your Endpoints
Your Data Is Under Siege: Fortify Your EndpointsInsight
 
Four Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationFour Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationAboutSSL
 
Home cyber security
Home cyber securityHome cyber security
Home cyber securityMichael File
 
CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270Dario
 
The Top Three 2021 Cyber Threats
The Top Three 2021 Cyber ThreatsThe Top Three 2021 Cyber Threats
The Top Three 2021 Cyber ThreatsSai Huda
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNeha Gupta
 
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017SurfWatch Labs
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecuritydivyanshigarg4
 
What is CryptoLocker and How Can I Protect My Business From It?
What is CryptoLocker and How Can I Protect My Business From It?What is CryptoLocker and How Can I Protect My Business From It?
What is CryptoLocker and How Can I Protect My Business From It?SwiftTech Solutions, Inc.
 
Data Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteData Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteHPCC Systems
 
NTXISSACSC3 - Sharing is Real! by Christy Coffey
NTXISSACSC3 - Sharing is Real! by Christy CoffeyNTXISSACSC3 - Sharing is Real! by Christy Coffey
NTXISSACSC3 - Sharing is Real! by Christy CoffeyNorth Texas Chapter of the ISSA
 
Internet Threats
Internet ThreatsInternet Threats
Internet ThreatsDominikaJoanna
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016ColloqueRISQ
 
Cyber security snowe vazeer
Cyber security snowe vazeerCyber security snowe vazeer
Cyber security snowe vazeersnowe123
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of InactivityCisco Security
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityTushar Nikam
 
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk AdvisoryHow COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk AdvisoryCR Group
 
cyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World Sessioncyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World SessionYasserElsnbary
 
Cyber security
Cyber securityCyber security
Cyber securityShivaani srinivas iyer
 
Steven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer cloudingSteven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer clouding'Self-Employed'
 
Hacker Tricks: How You Can Protect Yourself
Hacker Tricks: How You Can Protect YourselfHacker Tricks: How You Can Protect Yourself
Hacker Tricks: How You Can Protect YourselfSwiftTech Solutions, Inc.
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityZain Abid
 
Your data is showing
Your data is showingYour data is showing
Your data is showingMadison Kerndt
 
Online safety
Online safety Online safety
Online safety MARCPELAYO1
 
When governance lacks compliance
When governance lacks complianceWhen governance lacks compliance
When governance lacks complianceRandy Williams
 
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxRunning head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxhealdkathaleen
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 

More Related Content

What's hot

Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNeha Gupta
 
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017SurfWatch Labs
 
What is CryptoLocker and How Can I Protect My Business From It?
What is CryptoLocker and How Can I Protect My Business From It?What is CryptoLocker and How Can I Protect My Business From It?
What is CryptoLocker and How Can I Protect My Business From It?SwiftTech Solutions, Inc.
 
Data Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteData Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteHPCC Systems
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016ColloqueRISQ
 
Cyber security snowe vazeer
Cyber security snowe vazeerCyber security snowe vazeer
Cyber security snowe vazeersnowe123
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of InactivityCisco Security
 
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk AdvisoryHow COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk AdvisoryCR Group
 
cyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World Sessioncyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World SessionYasserElsnbary
 
Steven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer cloudingSteven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer clouding'Self-Employed'
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityZain Abid
 
When governance lacks compliance
When governance lacks complianceWhen governance lacks compliance
When governance lacks complianceRandy Williams
 

What's hot (20)

Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
 
What is CryptoLocker and How Can I Protect My Business From It?
What is CryptoLocker and How Can I Protect My Business From It?What is CryptoLocker and How Can I Protect My Business From It?
What is CryptoLocker and How Can I Protect My Business From It?
 
Data Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 KeynoteData Analytics in Cyber Security - Intellisys 2015 Keynote
Data Analytics in Cyber Security - Intellisys 2015 Keynote
 
NTXISSACSC3 - Sharing is Real! by Christy Coffey
NTXISSACSC3 - Sharing is Real! by Christy CoffeyNTXISSACSC3 - Sharing is Real! by Christy Coffey
NTXISSACSC3 - Sharing is Real! by Christy Coffey
 
Internet Threats
Internet ThreatsInternet Threats
Internet Threats
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016
 
Cyber security snowe vazeer
Cyber security snowe vazeerCyber security snowe vazeer
Cyber security snowe vazeer
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of Inactivity
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk AdvisoryHow COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
How COVID-19 Changed The Cyber Security Worldwide? — Cyberroot Risk Advisory
 
cyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World Sessioncyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World Session
 
Cyber security
Cyber securityCyber security
Cyber security
 
Steven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer cloudingSteven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer clouding
 
Hacker Tricks: How You Can Protect Yourself
Hacker Tricks: How You Can Protect YourselfHacker Tricks: How You Can Protect Yourself
Hacker Tricks: How You Can Protect Yourself
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Your data is showing
Your data is showingYour data is showing
Your data is showing
 
Online safety
Online safety Online safety
Online safety
 
When governance lacks compliance
When governance lacks complianceWhen governance lacks compliance
When governance lacks compliance
 

Similar to 180814 cloudsec2018 charles mok1

Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxRunning head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxhealdkathaleen
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityBryCunal
 
Cyber security and threats
Cyber security and threatsCyber security and threats
Cyber security and threatsHarsh Kumar
 
McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013- Mark - Fullbright
 
Global Technologies and Risks Trends
Global Technologies and Risks TrendsGlobal Technologies and Risks Trends
Global Technologies and Risks TrendsCharles Mok
 
Module0&1 intro-foundations-b
Module0&1 intro-foundations-bModule0&1 intro-foundations-b
Module0&1 intro-foundations-bBbAOC
 
Why do women love chasing down bad guys?
Why do women love chasing down bad guys? Why do women love chasing down bad guys?
Why do women love chasing down bad guys? SITA
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Centrify rethink security brochure
Centrify rethink security brochureCentrify rethink security brochure
Centrify rethink security brochureMark Gibson
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1Abdelfatah hegazy
 
The Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxThe Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxhelen23456789
 
Sophos security-threat-report-2014-na
Sophos security-threat-report-2014-naSophos security-threat-report-2014-na
Sophos security-threat-report-2014-naAndreas Hiller
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessFibonalabs
 
Top 5 Famous Cyberattacks Of The World | SOCVault
Top 5 Famous Cyberattacks Of The World | SOCVaultTop 5 Famous Cyberattacks Of The World | SOCVault
Top 5 Famous Cyberattacks Of The World | SOCVaultSOCVault
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityMichele Thomas
 
Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Chema Alonso
 

Similar to 180814 cloudsec2018 charles mok1 (20)

Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docxRunning head CYBERSECURITY IN FINANCIAL DOMAIN .docx
Running head CYBERSECURITY IN FINANCIAL DOMAIN .docx
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber security and threats
Cyber security and threatsCyber security and threats
Cyber security and threats
 
McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013
 
Global Technologies and Risks Trends
Global Technologies and Risks TrendsGlobal Technologies and Risks Trends
Global Technologies and Risks Trends
 
Module0&1 intro-foundations-b
Module0&1 intro-foundations-bModule0&1 intro-foundations-b
Module0&1 intro-foundations-b
 
Why do women love chasing down bad guys?
Why do women love chasing down bad guys? Why do women love chasing down bad guys?
Why do women love chasing down bad guys?
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Centrify rethink security brochure
Centrify rethink security brochureCentrify rethink security brochure
Centrify rethink security brochure
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
 
The Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxThe Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docx
 
Sophos security-threat-report-2014-na
Sophos security-threat-report-2014-naSophos security-threat-report-2014-na
Sophos security-threat-report-2014-na
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful Business
 
Top 5 Famous Cyberattacks Of The World | SOCVault
Top 5 Famous Cyberattacks Of The World | SOCVaultTop 5 Famous Cyberattacks Of The World | SOCVault
Top 5 Famous Cyberattacks Of The World | SOCVault
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information Security
 
Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 

More from Charles Mok

Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismCharles Mok
 
Threats to the Internet
Threats to the Internet Threats to the Internet
Threats to the Internet Charles Mok
 
Cyber Risks in Hong Kong
Cyber Risks in Hong KongCyber Risks in Hong Kong
Cyber Risks in Hong KongCharles Mok
 
ICANN TWNIC TWIGF 2023: Compliance through Compulsion
ICANN TWNIC TWIGF 2023: Compliance through CompulsionICANN TWNIC TWIGF 2023: Compliance through Compulsion
ICANN TWNIC TWIGF 2023: Compliance through CompulsionCharles Mok
 
全球數位威權趨勢及對台灣的挑戰和機遇
全球數位威權趨勢及對台灣的挑戰和機遇全球數位威權趨勢及對台灣的挑戰和機遇
全球數位威權趨勢及對台灣的挑戰和機遇Charles Mok
 
Digital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology FragmentationDigital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology FragmentationCharles Mok
 
HKU Tech for Good year2.pdf
HKU Tech for Good year2.pdfHKU Tech for Good year2.pdf
HKU Tech for Good year2.pdfCharles Mok
 
Technology4democracy: The Potential of Web3 and Blockchain for Democracy
Technology4democracy: The Potential of Web3 and Blockchain for DemocracyTechnology4democracy: The Potential of Web3 and Blockchain for Democracy
Technology4democracy: The Potential of Web3 and Blockchain for DemocracyCharles Mok
 
APAC Data Center Infrastructure Observations
APAC Data Center Infrastructure ObservationsAPAC Data Center Infrastructure Observations
APAC Data Center Infrastructure ObservationsCharles Mok
 
Chinese Digital Repression
Chinese Digital RepressionChinese Digital Repression
Chinese Digital RepressionCharles Mok
 
Technology, Data and Ethics
Technology, Data and EthicsTechnology, Data and Ethics
Technology, Data and EthicsCharles Mok
 
全球數位威權趨勢對台灣的挑戰和機遇
全球數位威權趨勢對台灣的挑戰和機遇全球數位威權趨勢對台灣的挑戰和機遇
全球數位威權趨勢對台灣的挑戰和機遇Charles Mok
 
台灣數位經濟及區塊鏈的機遇與挑戰.pdf
台灣數位經濟及區塊鏈的機遇與挑戰.pdf台灣數位經濟及區塊鏈的機遇與挑戰.pdf
台灣數位經濟及區塊鏈的機遇與挑戰.pdfCharles Mok
 
Censorship, Surveillance and Cyber Threats in Hong Kong.pdf
Censorship, Surveillance and Cyber Threats in Hong Kong.pdfCensorship, Surveillance and Cyber Threats in Hong Kong.pdf
Censorship, Surveillance and Cyber Threats in Hong Kong.pdfCharles Mok
 
HKU Tech for Good.pdf
HKU Tech for Good.pdfHKU Tech for Good.pdf
HKU Tech for Good.pdfCharles Mok
 
Why open and interoperable Internet infrastructure is key to the Internet's c...
Why open and interoperable Internet infrastructure is key to the Internet's c...Why open and interoperable Internet infrastructure is key to the Internet's c...
Why open and interoperable Internet infrastructure is key to the Internet's c...Charles Mok
 
Misinformation, Fake News and Harmful Content Laws in the World
Misinformation, Fake News and Harmful Content Laws in the WorldMisinformation, Fake News and Harmful Content Laws in the World
Misinformation, Fake News and Harmful Content Laws in the WorldCharles Mok
 
From Re-Opening to Recovery: Post-COVID Security and Privacy Issues and Trends
From Re-Opening to Recovery: Post-COVID Security and Privacy Issues and TrendsFrom Re-Opening to Recovery: Post-COVID Security and Privacy Issues and Trends
From Re-Opening to Recovery: Post-COVID Security and Privacy Issues and TrendsCharles Mok
 
From Crypto to Trust and Identity
From Crypto to Trust and IdentityFrom Crypto to Trust and Identity
From Crypto to Trust and IdentityCharles Mok
 
Have you AI'ed today? A Reality Check
Have you AI'ed today? A Reality CheckHave you AI'ed today? A Reality Check
Have you AI'ed today? A Reality CheckCharles Mok
 

More from Charles Mok (20)

Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-Authoritarianism
 
Threats to the Internet
Threats to the Internet Threats to the Internet
Threats to the Internet
 
Cyber Risks in Hong Kong
Cyber Risks in Hong KongCyber Risks in Hong Kong
Cyber Risks in Hong Kong
 
ICANN TWNIC TWIGF 2023: Compliance through Compulsion
ICANN TWNIC TWIGF 2023: Compliance through CompulsionICANN TWNIC TWIGF 2023: Compliance through Compulsion
ICANN TWNIC TWIGF 2023: Compliance through Compulsion
 
全球數位威權趨勢及對台灣的挑戰和機遇
全球數位威權趨勢及對台灣的挑戰和機遇全球數位威權趨勢及對台灣的挑戰和機遇
全球數位威權趨勢及對台灣的挑戰和機遇
 
Digital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology FragmentationDigital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
Digital Authoritarianism, Asian Techno-Geopolitics and Technology Fragmentation
 
HKU Tech for Good year2.pdf
HKU Tech for Good year2.pdfHKU Tech for Good year2.pdf
HKU Tech for Good year2.pdf
 
Technology4democracy: The Potential of Web3 and Blockchain for Democracy
Technology4democracy: The Potential of Web3 and Blockchain for DemocracyTechnology4democracy: The Potential of Web3 and Blockchain for Democracy
Technology4democracy: The Potential of Web3 and Blockchain for Democracy
 
APAC Data Center Infrastructure Observations
APAC Data Center Infrastructure ObservationsAPAC Data Center Infrastructure Observations
APAC Data Center Infrastructure Observations
 
Chinese Digital Repression
Chinese Digital RepressionChinese Digital Repression
Chinese Digital Repression
 
Technology, Data and Ethics
Technology, Data and EthicsTechnology, Data and Ethics
Technology, Data and Ethics
 
全球數位威權趨勢對台灣的挑戰和機遇
全球數位威權趨勢對台灣的挑戰和機遇全球數位威權趨勢對台灣的挑戰和機遇
全球數位威權趨勢對台灣的挑戰和機遇
 
台灣數位經濟及區塊鏈的機遇與挑戰.pdf
台灣數位經濟及區塊鏈的機遇與挑戰.pdf台灣數位經濟及區塊鏈的機遇與挑戰.pdf
台灣數位經濟及區塊鏈的機遇與挑戰.pdf
 
Censorship, Surveillance and Cyber Threats in Hong Kong.pdf
Censorship, Surveillance and Cyber Threats in Hong Kong.pdfCensorship, Surveillance and Cyber Threats in Hong Kong.pdf
Censorship, Surveillance and Cyber Threats in Hong Kong.pdf
 
HKU Tech for Good.pdf
HKU Tech for Good.pdfHKU Tech for Good.pdf
HKU Tech for Good.pdf
 
Why open and interoperable Internet infrastructure is key to the Internet's c...
Why open and interoperable Internet infrastructure is key to the Internet's c...Why open and interoperable Internet infrastructure is key to the Internet's c...
Why open and interoperable Internet infrastructure is key to the Internet's c...
 
Misinformation, Fake News and Harmful Content Laws in the World
Misinformation, Fake News and Harmful Content Laws in the WorldMisinformation, Fake News and Harmful Content Laws in the World
Misinformation, Fake News and Harmful Content Laws in the World
 
From Re-Opening to Recovery: Post-COVID Security and Privacy Issues and Trends
From Re-Opening to Recovery: Post-COVID Security and Privacy Issues and TrendsFrom Re-Opening to Recovery: Post-COVID Security and Privacy Issues and Trends
From Re-Opening to Recovery: Post-COVID Security and Privacy Issues and Trends
 
From Crypto to Trust and Identity
From Crypto to Trust and IdentityFrom Crypto to Trust and Identity
From Crypto to Trust and Identity
 
Have you AI'ed today? A Reality Check
Have you AI'ed today? A Reality CheckHave you AI'ed today? A Reality Check
Have you AI'ed today? A Reality Check
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 

180814 cloudsec2018 charles mok1

  • 1.
  • 2. www.cloudsec.com | #cloudsec Understanding and Tackling Emerging Cyber Threats Charles Mok | Legislative Councillor (IT) @charlesmok
  • 3. #cloudsec Under Armour: one of the biggest hacks in history  Number Of Records Exposed: 150 Million  in March data from some 150 million MyFitnessPal diet and fitness app accounts had been compromised.  Hacked: account user names, email addresses and scrambled passwords
  • 7. #cloudsec Known threats, new variations Smaller cloud operators becoming more attractive targets with massive data, higher vulnerability  DDoS attacks  Phishing attacks  Malware  Ransomware How to protect corporate and customer information from data thieves?
  • 8. #cloudsec Online service provider hacked with far-reaching impact
  • 10. #cloudsec With the consequences & implications of cyber attacks getting bigger, how confident are you in your cybersecurity strategy?
  • 11. #cloudsec New technologies are escalating the rapidly changing arms race between attackers and defenders. What do emerging threats look like?
  • 12. Weaponization of AI and machine learning means faster attacks • Vulnerability discovery using AI tools • Exploitation: quickly generate exploit variants • Post-exploitation (discovery and exploitation of other vulnerabilities inside) • Data theft: AI-powered data search and classification
  • 13. Cyberattacks powered by AI makes prevention more difficult - AI can create more convincing phishing email customised to human - AI-powered malware design - study patterns of user behavior within a network - automated bot attacks
  • 14. From stealing data to stealing computer processing power
  • 15. Cyber-physical attacks: The Internet of Things risk Wide open for hackers: unsecured older devices that may never be updated - connected video cameras - home appliances - smartwatches - other IoT devices Are the large volume of data encrypted? Are the firmware updated? Are the devices compromised to become part of botnet?
  • 16. The Booming Cybercrime Economy study finds cybercriminal revenues hit US$1.5T annually US$860 billion – Illicit/illegal online markets US$500 billion – Theft of trade secrets/IP US$160 billion – Data trading US$1.6 billion – Crimeware-as-a-Service US$1 billion – Ransomware Source: Study by researcher Dr. Michael McGuire for Bromium (Apr 2018)
  • 17. Cybercrime-as-a-Service Hackers for hire (In USD) Zero-day Adobe exploits, up to $30,000 Zero-day iOS exploit, $250,000 Malware exploit kit, $200-$600 per exploit Blackhole exploit kit, $700/month or $1,500/year Custom spyware, $200 SMS spoofing service, $20 per month Hacker for hire, around $200 for a “small” hack Source: Study by researcher Dr. Michael McGuire for Bromium (Apr 2018)
  • 18. Cybercrime-as-a-Service Hackers for hire (In USD) Zero-day Adobe exploits, up to $30,000 Zero-day iOS exploit, $250,000 Malware exploit kit, $200-$600 per exploit Blackhole exploit kit, $700/month or $1,500/year Custom spyware, $200 SMS spoofing service, $20 per month Hacker for hire, around $200 for a “small” hack Source: Study by researcher Dr. Michael McGuire for Bromium (Apr 2018)
  • 19. #cloudsec Keep up with the attackers: investment & execution  Invest in innovative technologies to supplement human- centric activities  Assessing evolving risks and detect threats via big data analytics  Closing the cybersecurity skills gap by training