• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
How you will be hacked in 2 years by Marc Smeets KPMG
 

How you will be hacked in 2 years by Marc Smeets KPMG

on

  • 609 views

Presentatie at Circuit Zandvoort the Netherlands: how you will be hacked in 2 years.

Presentatie at Circuit Zandvoort the Netherlands: how you will be hacked in 2 years.

Statistics

Views

Total Views
609
Views on SlideShare
584
Embed Views
25

Actions

Likes
0
Downloads
0
Comments
0

2 Embeds 25

http://www.linkedin.com 16
https://www.linkedin.com 9

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    How you will be hacked in 2 years by Marc Smeets KPMG How you will be hacked in 2 years by Marc Smeets KPMG Presentation Transcript

    • How you will behacked in two years:cybercrime insightand mobile securitytrendsEasynet Thought Leadership Security sessionSeptember 27th 2012Circuit Park ZandvoortMarc Smeets
    • 1© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.
    • 2© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Who am IMarc Smeets:■ Loves fast cars and champagne (not together)■ Loves IT securityIT security advisor / ethical hacker @ KPMG IT Advisory■ Team of over 50 IT security advisors, 25 penetration testers■ Combining strong technical skills with IT auditing skills■ Hacking and testing mobile since 2009
    • Cybercrimeinsight
    • 4© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.CybercrimeWhat is cybercrime?Cybercrime concerns performing illegal activities towards an organization, using digitalmeans.The term cybercrime covers a proliferation of purposes and methods of attack. Fun Financial gain Activism Espionage Terrorism Digital warfare Breaking the chainPurpose of Attack Method of Attack Hacking Phishing Identity theft Denial of Service Advanced Persistent ThreatTraditional InfoSec Value of info to organization(confidentiality, integrity,availability) Focus on crown jewelsShifting viewpoint in InfoSecNew InfoSec Value of info to attacker Security awareness andunderstanding of risks is crucial Attackers understand the risksof technology, so should you.Think like a hacker!
    • 5© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Analysis of a cybercrime attackPenetratePenetrateEscalateExfiltrate123
    • 6© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Analysis of a cybercrime attackEscalatePenetrateEscalateExfiltrate123
    • 7© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Analysis of a cybercrime attackExfiltratePenetrateEscalateExfiltrate123
    • 8© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Analysis of a cybercrime attackIts easy to pick your targets
    • 9© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Analysis of a cybercrime attackTools are available
    • 10© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Examples of a cybercrime attackIn the news
    • 11© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Examples of a cybercrime attackNon default attacks
    • 12© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Easily detected?Developing threats landscapeTime to Attack vs Time to DiscoverSource: Verizon Data Breach Investigation report 2011
    • Mobile securitytrends"The Times (of the desktop) TheyAre a-Changin"
    • 14© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Mobile securityMobile platforms – where we are coming from
    • 15© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Mobile securityMobile platforms – where we are coming from
    • 16© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Mobile securityNew platforms and new termsBring Your Own DeviceSelect Your Own DeviceMobile Device ManagementApps & AppStoreCloud integration & online IDNew vendors on the market
    • Question:Are we more secure thanbefore?
    • 18© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Mobile SecurityAre we becoming more secure?Yes, new mobile platforms are more secure in several aspects■ Disk encryption built-in■ New core security features■ Tight down platforms with eco-systemNo, new platforms still fail at basic security■ Disk encryption may be easily circumvented■ Remote wipe ineffective– When to give up and call for remote wipe?■ Security update cycle■ Malware trends and jailbreaking■ Client-side software needed, or cloud backup?
    • 19© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Mobile SecurityMobile trendsChange in usage■ Email & Contacts  External Apps  Line-of-Business AppsThe main players■ Apple  Google  Microsoft Change in devices■ Phones  Pads  Desktops/Laptops  hybridsChange in attacks, but still on the weakest link!■ Online ID■ (Private) Cloud / App developer network■ Think of ‘everything can be hacked’  GSM & RFID
    • Cybercrime Defence• Short term• Long term
    • 21© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Cybercrime defenceWhat should you do on the short term?Short term action response Implement standby incidentresponse organisationShort term action detection Identify and monitor criticalassetsShort term action prevention Perform risk analysis fromperspective of attackerDetectRespondPrevent
    • 22© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.It is not about technology alonePeople + Process + Technology!Cybercrime defenceWhat should you do on the long term?CYBERCRIME DEFENSE FRAMEWORKPREVENT DETECT RESPONDPEOPLE /ORGANISATION Security awarenesstraining Appoint cybercrimedefence asresponsibility Security operationscentre 24/7 Crisis organisation CommunicationsPROCESSES  Compliance monitoring Vulnerability monitoring Security testing Patch management Incident preparednesstraining Procedures for follow-up on security events Cybercrime responseplan High-value assetisolation proceduresTECHNOLOGY  Segmentation Endpoint andperimeter protection Logging andalarming Incident dashboards Forensic analysis
    • 23© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Cybercrime defenceMain message■ The cybercrime threat is real andhere to stay.■ Take a look at your company froman attacker’s perspective.■ ‘Everything mobile’ changes yoursecurity posture.■ Prevention is insufficient.Invest in detection and response.■ 100% security is not possible.And undesirable!
    • 24© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.
    • © 2012 KPMG Advisory N.V., registered with the traderegister in the Netherlands under number 33263682,is a subsidiary of KPMG Europe LLP and a memberfirm of the KPMG network of independent memberfirms affiliated with KPMG International Cooperative(‘KPMG International’), a Swiss entity. All rightsreserved. Printed in the Netherlands.The KPMG name, logo and ‘cutting throughcomplexity’ are registered trademarks of KPMGInternational.Marc Smeetssmeets.marc@kpmg.nl+31 6 51 36 66 80
    • Extra slides- Mobile security- Cybercrime survey
    • 27© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.The mobile landscape – DevicesINTERNETCORPORATE EXCHANGE SERVICESDEVICESWIFI / UMTS / GPRSMobile Device Management
    • 28© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.The mobile landscape – Devices (cont.)INTERNETCORPORATE EXCHANGE SERVICESMobile Device ManagementINTERNETSERVICESDEVICESWIFI / UMTS / GPRSWIFI / USBUSBWEBCLOUDSERVICESBluetoothLOCALSERVICESCORPORATE / PRIVATENETWORKPERIPHERALSLegacy ActiveSync conn.
    • 29© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Facts & Figures on the 2012 KPMG Cybercrime Survey• Participation of 170 CIOs/CISOs working for organisations with presence in theNetherlands• Over 75% of the participating organisations have more than 1,000 employees29
    • 30© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Key finding 1: Cybercrime is here and here to stayFindings:• 80% agrees that Cybercrime is no hype and continues to be a highlychallenging topic• 49% experienced Cybercrime activity during the past 12 months• 90% respondents were attacked successfully up to 5 times last year• Only 50% of the respondents is able to detect attacks• Only 44% feels comfortable to be able to respond30
    • 31© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Key finding: Minor versus major leagueThe threat landscape is mutating………Vast amountof amateurindividualsCyberespionage –stealing thecrown jewelsHacktivism –hackinginspired byideologyOrganisedcrime – globaland difficult totrace andprosecute1 32 4Hacktivism –hackinginspired byideology231
    • 32© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Key finding: Thorough analysis of risks necessaryPurpose of the attack32
    • 33© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Key finding: Thorough analysis of risks necessaryDamageFindings:• 12% of respondents wereconfronted with over EUR1,500,000 attacks• 75% of over EUR 1,500,000attacks occur in financialservices33
    • 34© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Key finding: Thorough analysis of risks necessaryAvailable budgetsIf you think you are safe, try an incident!34
    • 35© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Key finding: Thorough analysis of risks necessary100% security is an illusion!Findings:• Only 50% of the respondents isable to detect attacks• Only 44% feels comfortable tobe able to respond to an attackBusiness and technology landscapehad evolved to chains, whereorganisations depend on eachothers’ security (stepping stone)35
    • 36© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Key finding: Short term measures, long term controlsFindings:• Over 75% believe Cybercrime should not focus only on technology• 90% believe that Cybercrime should be discussed at board level36Prevent Detect RespondGovernance andorganisationResponsibilities andAwareness24 / 7 standby crisisorganisationForensiccapabilitiesProcessSimulation / TestingPenetration testsProcedures forfollow-up onsecurity eventsCybercrimeresponse planTechnologyEnd-pointprotectionNetworksegmentationEvent loggingCentral securityincident monitoringCapability topromptly cut off
    • 37© 2012 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network ofindependent member firms affiliated with KPMG International Cooperative (‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and‘cutting through complexity’ are registered trademarks of KPMG International.Key finding: Tone at the top is vital!37Tone at the top is an effective driverto focus on cybercrime, according49%• Human factor is probably still one ofthe weakest linksFocus on effective use of securitymonitoringBe prepared, you will be hit• Effective cyber security strategy• Implement incident responseorganisation