Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
SAFELY ENABLING BUSINESS www.securelink.net
2 0 . 0 0 0 a t t a c k s b y p a s s i n g o u r d e f e n s e s
a n d w h y ...
SAFELY ENABLING BUSINESS www.securelink.net
THIS STORY IS BASED ON TRUE DATA
• 24 years in tech / software & security
• 70...
SAFELY ENABLING BUSINESS www.securelink.net32019-05-19
Once upon a time….
SAFELY ENABLING BUSINESS www.securelink.net42019-05-19
2006 - 2010
2013
2017
2019
SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
A LOOK AT OUR NUMBERS
5
• Signal to incident process
• Layered detec...
SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
• Cybercriminals & spies using same
methods: social engineering
• Au...
Safely Enabling Business www.securelink.de19/05/2019
BIGGER IS MORE SECURE
7
ATTACK FACTOR
per 100/employees
9.1 1.5 1.3
SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
• Ransomware is hard work
• Cryptojacking super easy
• Cryptojacking...
SAFELY ENABLING BUSINESS www.securelink.net9
SAFELY ENABLING BUSINESS www.securelink.net
OPPORTUNITY
FOR
VETERAN
CRIMINALS
2019-05-1910
Quietly enter network
• Look fo...
SAFELY ENABLING BUSINESS www.securelink.net
THE POWER
OF BIG
NUMBERS
11
BIG DATA
RETAIL FRAUD
CREDIT CARD THEFT
RANSOMWARE...
SAFELY ENABLING BUSINESS www.securelink.net
THE
CRIMINAL’S
PERSPECTIVE
12
SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
GEOPOLITICS
THE AGE OF CYBER WARFARE
13
Showing
destruction
Filling
...
SAFELY ENABLING BUSINESS www.securelink.net2019-05-1914
TOTAL SYSTEM FAILURE
SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
We still
encounter
“Wannacry”
Sometimes for
understandable
reasons
W...
SAFELY ENABLING BUSINESS www.securelink.net2019-05-19
• FORCED HUMAN ERROR – Social engineering
• CONFIGURATION ERROR – We...
SAFELY ENABLING BUSINESS www.securelink.net2019-05-19
• OF COURSE
SECURE
CODING
MATTERS!
• But we can’t
reverse time:
IF S...
Safely Enabling Business www.securelink.de
ANNUAL SECURITY REPORT
https://lp.securelink.net/asr
19/05/201918
SAFELY ENABLI...
Upcoming SlideShare
Loading in …5
×

Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019

78 views

Published on

Eward Driehuis, SecureLink's research chief, will guide you through the bumpy ride we call the cyber threat landscape. As the industry has over a decade of experience of dealing with increasingly sophisticated attacks, you might be surprised to hear more attacks slip through the cracks than ever. From analyzing 20.000 of them in 2018, backed by a quarter of a million security events and over ten trillion data points, Eward will outline why this happens, how attacks are changing, and why it doesn't matter how neatly or securely you code.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019

  1. 1. SAFELY ENABLING BUSINESS www.securelink.net 2 0 . 0 0 0 a t t a c k s b y p a s s i n g o u r d e f e n s e s a n d w h y s e c u r e c o d i n g i s n ’ t t h e a n s w e r E w a r d D r i e h u i s • @ e 3 h u i s • w w w . s e c u r e l i n k . n e t
  2. 2. SAFELY ENABLING BUSINESS www.securelink.net THIS STORY IS BASED ON TRUE DATA • 24 years in tech / software & security • 700+ SecureLinkers • 2100 customers in 2018 • 5 Cyber Defense Centers • Over 10 trillion signals 2019-05-192 RESEARCH
  3. 3. SAFELY ENABLING BUSINESS www.securelink.net32019-05-19 Once upon a time….
  4. 4. SAFELY ENABLING BUSINESS www.securelink.net42019-05-19 2006 - 2010 2013 2017 2019
  5. 5. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 A LOOK AT OUR NUMBERS 5 • Signal to incident process • Layered detection: malware wins • Many “strange events”
  6. 6. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 • Cybercriminals & spies using same methods: social engineering • Automated scanning: software & versions, password stuffing LET’S TALK INITIAL ATTACK VECTORS 6
  7. 7. Safely Enabling Business www.securelink.de19/05/2019 BIGGER IS MORE SECURE 7 ATTACK FACTOR per 100/employees 9.1 1.5 1.3
  8. 8. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 • Ransomware is hard work • Cryptojacking super easy • Cryptojacking surpassed ransomware • … For a while. It’s not as big as some say it is. THE YEAR CRYPTOJACKING TOOK OVER? 8 jan feb mrt apr mei jun jul aug sep okt nov dec CryptoJacking Ransomware
  9. 9. SAFELY ENABLING BUSINESS www.securelink.net9
  10. 10. SAFELY ENABLING BUSINESS www.securelink.net OPPORTUNITY FOR VETERAN CRIMINALS 2019-05-1910 Quietly enter network • Look for value • Steal or extort value Plan B • Destroy online back-ups • Ransom network • Extort enterprise ransom
  11. 11. SAFELY ENABLING BUSINESS www.securelink.net THE POWER OF BIG NUMBERS 11 BIG DATA RETAIL FRAUD CREDIT CARD THEFT RANSOMWARE & MINING BESPOKE ATTACKS RANSOM / EXTORTION ESPIONAGE
  12. 12. SAFELY ENABLING BUSINESS www.securelink.net THE CRIMINAL’S PERSPECTIVE 12
  13. 13. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 GEOPOLITICS THE AGE OF CYBER WARFARE 13 Showing destruction Filling budget gaps Gentleman spies
  14. 14. SAFELY ENABLING BUSINESS www.securelink.net2019-05-1914 TOTAL SYSTEM FAILURE
  15. 15. SAFELY ENABLING BUSINESS www.securelink.net19/05/2019 We still encounter “Wannacry” Sometimes for understandable reasons WE NEED TO EVOLVE, BUT… WE DON’T. Depressing CSIRT tales Single factor + cloud = guaranteed pwnage 15
  16. 16. SAFELY ENABLING BUSINESS www.securelink.net2019-05-19 • FORCED HUMAN ERROR – Social engineering • CONFIGURATION ERROR – Website / CMS hacking • BUDGET ERROR – Diginotar • 3RD PARTY ERROR – Supply chain attacks • ARCHITECTURAL ERROR – Wannacry • BUG REASONS WE GET PWNED 16
  17. 17. SAFELY ENABLING BUSINESS www.securelink.net2019-05-19 • OF COURSE SECURE CODING MATTERS! • But we can’t reverse time: IF SECURE CODING ISN’T THE ANSWER… WHAT IS? • Learn & do better • APPSEC is going to be the #1 concern in the future • In the mean time, plugging holes • The system is weak & full of errors • Most attacks are “system” attacks (people, process, tech) 17
  18. 18. Safely Enabling Business www.securelink.de ANNUAL SECURITY REPORT https://lp.securelink.net/asr 19/05/201918 SAFELY ENABLING BUSINESS

×