• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Like this presentation? Why not share!

Threats from Economical Improvement: Why the Economy in Emerging Countries Can Pose as a Threat to Cyber Security

on

  • 913 views

Baseline projections envisage the BRICs overtaking the U.S. economy by 2018. As a result, a new mid-class is emerging within the population and the access to computers and e-commerce are advancing in ...

Baseline projections envisage the BRICs overtaking the U.S. economy by 2018. As a result, a new mid-class is emerging within the population and the access to computers and e-commerce are advancing in the same wave, generating threats based on a large base for new cyber criminals and also new victims with little or no knowledge of computer security. This presentation will show how this scenario is being studied and the next steps for developing a more comprehensive analysis of the root causes and proposed actions to change the increase of cyber crime from these sources.

Eduardo Vianna de Camargo Neves

Eduardo has been an Information Security professional and enthusiast since 1997. His work experience includes extensive knowledge in meeting compliance requirements in large scale regulated organizations, business continuity planning and disaster recovery, risk assessment and management, team management, and security awareness for different audiences in the consumer goods market. After eight years in the corporate environment, Eduardo realized an old dream and founded his own consulting company. As an entrepreneur, he is working to deliver first class services in IT Security with specialized products and services for network and application security.

Statistics

Views

Total Views
913
Views on SlideShare
913
Embed Views
0

Actions

Likes
0
Downloads
9
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Threats from Economical Improvement: Why the Economy in Emerging Countries Can Pose as a Threat to Cyber Security Threats from Economical Improvement: Why the Economy in Emerging Countries Can Pose as a Threat to Cyber Security Presentation Transcript

    • Threats from the Economical Improvement Why the economy on emerging countries can pose as a threat to cyber security and how to improve the protection through continuous education Eduardo Vianna de Camargo Neves Conviso IT Security, Operations Manager OWASP Global Education Committee Member 1 Monday, September 20, 2010
    • Overview The increase of global economy and their reflections on BRIC countries, are changing how these societies make business and interact with the rest of the world Companies from Brazil, India, Russia and China are not working only on their own markets anymore A new mid-class with access to credit lines and technology is impulsing commerce on new markets and becoming one economic power Cyber crime is raising in the same proportion, following the money and profiling new opportunities with a lower risk Conviso IT Security | Threats from the Economical Improvement 2 Monday, September 20, 2010
    • Overview This presentation will focus on Brazil and a proposal to contribute on cyber crime prevention and reduction through education on computer security for the society This is an on-going project which are being improved and will be presented with new data at OWASP AppSec DC, on November 2010 A white paper is being produced with collaboration from other companies and independent researchers to improve content and allow new deliveries An OWASP Project will be launched on 2011 to support this initiative as part of Global Education Committee efforts on Latin America, supporters and contributors are welcome Conviso IT Security | Threats from the Economical Improvement 3 Monday, September 20, 2010
    • Changes on economy and society Conviso IT Security | Threats from the Economical Improvement 4 Monday, September 20, 2010
    • Welcome to a Brave New World Brazil, Russian Federation, India and China had made impressive changes on their economies and transform how their society are dealing with it Brazil is a world-leader on agribusiness and lead specific high-tech sectors such as airplane production and oil exploration Russia is the world's second largest oil exporter and largest gas exporter and the economy is growing since 2001 India is one of the fastest growing telecom markets in the world and maintains a unemployment rate of 10.7% on 2009 China contributed 1/3 of global economic growth in 2004 and accounted for half of global growth in metals demand Source: The World Factbook by CIA Conviso IT Security | Threats from the Economical Improvement 5 Monday, September 20, 2010
    • The Role of a New Society According to the World Bank, developing countries' share in world trade rose from 16% in 1990 to 30% in 2006, led by China and with Brazil and India not far behind The urban Chinese middle class will spend close to $2.3 trillion a year by 2025, while India's one should grow from 5 percent today to over 40 percent of the nation over the next 20 years In Brazil, 10 million people gained Internet between 2005 and 2007, making a total with access to nearly 40 million, or 29% of the population Companies, Governments and the society in all those countries are becoming stronger and using technology to support their grow Source: The World Bank Conviso IT Security | Threats from the Economical Improvement 6 Monday, September 20, 2010
    • Reflections on cyber-crime The ties between economics and information security was discussed by Ross Anderson and other authors. The improvement of BRIC countries’ economies brings new topics Governments are not ready to deal with a change on the society which is creating millions of new users of Internet based services Companies are dealing with new threats using old technologies, the Market for Lemons is here People are buying computers and smart phones to be on line but they really don’t understand the risks and impacts of a connected world Conviso IT Security | Threats from the Economical Improvement 7 Monday, September 20, 2010
    • The results are on our sight Cyber crime is increasing world-wide and besides the fact that numbers are very complicated, there are some questions which can lead a discussion on causes and solutions Governments are not ready to deal with a change on the society which is creating millions of new users of Internet based services Companies are dealing with new threats using old technologies, the Market for Lemons is here People are buying computers and smart phones to be on line but they really don’t understand the risks and impacts of a connected world Conviso IT Security | Threats from the Economical Improvement 8 Monday, September 20, 2010
    • The Brazilian Scenario Conviso IT Security | Threats from the Economical Improvement 9 Monday, September 20, 2010
    • The Economic Redemption As a result of deep changes started on 1994 and maintained by all Governments, Brazil is now watching a new and continuous social improvement Almost 52% of the population are in Mid-Class, comparing to a rate of 32% on 1992 10 million people gained Internet between 2005 and 2007, making a total with access to nearly 40 million, or 29% of the population The number of credit cards rose from 27 million on 2006 to 150 million in 2009 Source: BBC and Reuters Conviso IT Security | Threats from the Economical Improvement 10 Monday, September 20, 2010
    • Timeline Cyber crime are being conducted in Brazil since 2001. Attacks are increasing, being more sophisticated and trending to client-side approaches and target hosts in other countries Incidents on Year Attack Trend Fraud % CERT.BR 2001 • Initial deployment of rudimentary keyloggers 5,997 0% • Brute force attacks on bank sites 2004 • Increase in sophisticated phishing 75,722 5% • DNS compromises widely used (“pharming”) 2007 • Trojans delivered via drive-by downloads 160,080 28% • Malware modifying client’s hosts file 2009 • Usage of XSS and CSRF 358,343 69% • Identity Theft Source: CERT.BR Conviso IT Security | Threats from the Economical Improvement 11 Monday, September 20, 2010
    • Cyber Crime Evolution Fraud, are still the major issues, however a new trend is being observed on the last three years Social networks are being used to share criminal information, from child pornography to kidnapping. The damage is affecting local and international companies as co-responsible Attacks are moving from trojans to exploration of common flaws on web sites such as XSS and CSRF to support fraud and identity theft Brazil’s electrical grid was supposed targeted by crackers, however data leakage on Government web sites and systems are becoming a routine Source: Safernet.org.br, Symantec and Conviso Security Labs Conviso IT Security | Threats from the Economical Improvement 12 Monday, September 20, 2010
    • Why you should care about USA is accounted for 19% of Internet based attacks but the BRIC countries also compose a large slice of this problem 8% USA 21% 4% 3% 60% Brazil Russia India 6% China World 19% And there are a lot of space to grow Source: Internet Security Threat report, by Symantec Conviso IT Security | Threats from the Economical Improvement 13 Monday, September 20, 2010
    • The Call for Education Conviso IT Security | Threats from the Economical Improvement 14 Monday, September 20, 2010
    • Education is the Key We do not believe that education only for the community is enough to transform this scenario. A more comprehensive approach must be delivered for three major areas. The Government must understand how fragile web security can be and prepare their own strategies do deal with Companies must understand how to buy, develop and maintain secure applications for their customers The academia must change their directions. Security is not optional and all programers and managers must understand that as part of their competencies Conviso IT Security | Threats from the Economical Improvement 15 Monday, September 20, 2010
    • The OWASP Role There are several OWASP Projects ready to be used by anyone which needs to make more secure software, so a “packing strategy” is required to make them more palatable for different audiences Governments must understand why application security matters and must be a strategy for the country and an obligation to their citizens Companies must promote security in all business areas and relate this achievement on the executive agenda The Academia must include computer security on several areas as a common discipline like statistics and math. Specialization is great, but do not achieve the responsible parties Conviso IT Security | Threats from the Economical Improvement 16 Monday, September 20, 2010
    • Conclusions Conviso IT Security | Threats from the Economical Improvement 17 Monday, September 20, 2010
    • Next Steps This is a simple but ambitious project which we believe will change how people understand application security on the BRIC countries and several complementary steps are required Specific competencies to support delivery process Effort allocation to adapt current content to the reality in each country Leaders to support the overall development and achieve other countries with similar situation than Brazil Conviso IT Security | Threats from the Economical Improvement 18 Monday, September 20, 2010
    • Acknowledgements The following companies, organizations and individuals supported this research and sponsored this presentation: Conviso IT Security: Sponsored my travel and is supporting this research (Disclaimer: I am one of the parters) OWASP Connections Committee: Partially sponsored my expenses, thank you very much Dinis! Anchises Moraes Guimaraes De Paula: IT Security researcher working with me on this development. You can tweet him at @anchisesbr All images used in this presentation are licensed on Creative Commons and the original sources can be reached clicking on them Conviso IT Security | Threats from the Economical Improvement 19 Monday, September 20, 2010
    • Threats from the Economical Improvement Why the economy on emerging countries can pose as a threat to cyber security and how to improve the protection through continuous education Eduardo Vianna de Camargo Neves Conviso IT Security, Operations Manager OWASP Global Education Committee Member 20 Monday, September 20, 2010