Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019

•Download as PPTX, PDF•

1 like•698 views

Eward Driehuis, SecureLink's research chief, will guide you through the bumpy ride we call the cyber threat landscape. As the industry has over a decade of experience of dealing with increasingly sophisticated attacks, you might be surprised to hear more attacks slip through the cracks than ever. From analyzing 20.000 of them in 2018, backed by a quarter of a million security events and over ten trillion data points, Eward will outline why this happens, how attacks are changing, and why it doesn't matter how neatly or securely you code.

Technology

SAFELY ENABLING BUSINESS www.securelink.net
2 0 . 0 0 0 a t t a c k s b y p a s s i n g o u r d e f e n s e s
a n d w h y s e c u r e c o d i n g i s n ’ t t h e a n s w e r
E w a r d D r i e h u i s • @ e 3 h u i s • w w w . s e c u r e l i n k . n e t

SAFELY ENABLING BUSINESS www.securelink.net
THIS STORY IS BASED ON TRUE DATA
• 24 years in tech / software & security
• 700+ SecureLinkers
• 2100 customers in 2018
• 5 Cyber Defense Centers
• Over 10 trillion signals
2019-05-192
RESEARCH

SAFELY ENABLING BUSINESS www.securelink.net32019-05-19
Once upon a time….

SAFELY ENABLING BUSINESS www.securelink.net42019-05-19
2006 - 2010
2013
2017
2019

SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
A LOOK AT OUR NUMBERS
5
• Signal to incident process
• Layered detection: malware wins
• Many “strange events”

SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
• Cybercriminals & spies using same
methods: social engineering
• Automated scanning: software &
versions, password stuffing
LET’S TALK INITIAL ATTACK VECTORS
6

Safely Enabling Business www.securelink.de19/05/2019
BIGGER IS MORE SECURE
7
ATTACK FACTOR
per 100/employees
9.1 1.5 1.3

SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
• Ransomware is hard work
• Cryptojacking super easy
• Cryptojacking surpassed
ransomware
• … For a while. It’s not as big as
some say it is.
THE YEAR CRYPTOJACKING TOOK OVER?
8
jan feb mrt apr mei jun jul aug sep okt nov dec
CryptoJacking Ransomware

SAFELY ENABLING BUSINESS www.securelink.net9

SAFELY ENABLING BUSINESS www.securelink.net
OPPORTUNITY
FOR
VETERAN
CRIMINALS
2019-05-1910
Quietly enter network
• Look for value
• Steal or extort value
Plan B
• Destroy online back-ups
• Ransom network
• Extort enterprise ransom

SAFELY ENABLING BUSINESS www.securelink.net
THE POWER
OF BIG
NUMBERS
11
BIG DATA
RETAIL FRAUD
CREDIT CARD THEFT
RANSOMWARE
&
MINING
BESPOKE
ATTACKS
RANSOM /
EXTORTION
ESPIONAGE

SAFELY ENABLING BUSINESS www.securelink.net
THE
CRIMINAL’S
PERSPECTIVE
12

SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
GEOPOLITICS
THE AGE OF CYBER WARFARE
13
Showing
destruction
Filling
budget gaps
Gentleman
spies

SAFELY ENABLING BUSINESS www.securelink.net2019-05-1914
TOTAL SYSTEM FAILURE

SAFELY ENABLING BUSINESS www.securelink.net19/05/2019
We still
encounter
“Wannacry”
Sometimes for
understandable
reasons
WE NEED TO EVOLVE, BUT… WE DON’T.
Depressing
CSIRT
tales
Single factor
+ cloud
=
guaranteed
pwnage
15

SAFELY ENABLING BUSINESS www.securelink.net2019-05-19
• FORCED HUMAN ERROR – Social engineering
• CONFIGURATION ERROR – Website / CMS hacking
• BUDGET ERROR – Diginotar
• 3RD PARTY ERROR – Supply chain attacks
• ARCHITECTURAL ERROR – Wannacry
• BUG
REASONS WE GET PWNED
16

SAFELY ENABLING BUSINESS www.securelink.net2019-05-19
• OF COURSE
SECURE
CODING
MATTERS!
• But we can’t
reverse time:
IF SECURE CODING ISN’T THE ANSWER…
WHAT IS?
• Learn & do better
• APPSEC is going
to be the #1
concern in the
future
• In the mean time,
plugging holes
• The system is
weak & full of
errors
• Most attacks are
“system” attacks
(people, process,
tech)
17

Safely Enabling Business www.securelink.de
ANNUAL SECURITY REPORT
https://lp.securelink.net/asr
19/05/201918
SAFELY ENABLING
BUSINESS

Similar to Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019

With cyber scams costing UK businesses an estimated £4.14bn* in lost data, reputational damage and online theft every year, Cyber Security is rapidly climbing the priority list of directors across the UK. This presentation will help you to: - spot the most common cyber attacks, defend your business and protect your critical data if the worst does happen; - understand the impact of GDPR on your business and how to protect yourself against expensive data losses.

Cyber Security and the Impact on your Business

Lucy Denver

Find IT & Marketing’s Common Ground: Make Your Site Faster

Ghostery, Inc.

IoT And Inevitable Decentralization of The Internet

Paul Brody

Nvis pitch deck version 4 - 2021 dec

PhilSmith151163

Cyber - it's all now a matter of time!

Gloucestershire Professionals

Ransomware, trojans, and keyloggers are increasingly targeting SMBs—and traditional, reactive security solutions are not cutting it. Malware not only puts your customers at risk but also hurts your bottom line through hours wasted cleaning up infected machines. But how do you protect customers that may not understand the risks or the value of layered security? The answer lies in leveraging increased visibility and value reporting to improve your bottom line and become your customer's virtual CIO and CISO. Join OpenDNS Sr. Product Manager Dima Kumets and guest speaker Jim Lancaster of MSPmentor 100 company Sagiss to learn about: -Combining protection and containment to lower costs -Improving renewal rates through value reporting -Leveraging OpenDNS's new integration with ConnectWise to be the Virtual CIO -Monitoring real-time network activity as a sellable service

MSP Webcast - Leveraging Cloud Security to Become a Virtual CIO

OpenDNS

Many people believe that there are only two types of companies: those that have been breached, and those that will be. Regardless of your viewpoint, no matter how many new, shiny information security appliances are purchased, data breaches continue to happen at alarming rates. It doesn’t matter what industry or the size of an organization, as no company seemed to be immune. If you knew your house was going to burn down or your car was going to be stolen, you would be certain to have insurance right? Do you have cyber liability insurance for your most important assets in place? his session will provide information on the current data breach landscape and then a behind the scenes look into cyber liability from a former insurance professional with no sales spin. The talk will discuss how the coverage works and what types of breaches can be covered. Further, the session then will discuss how Cyber Insurance is being integrated into a risk management plan. Information Security professionals and incident responders are in many cases unaware of how the cyber insurance process works when there is a data breach and do not understand the requirements that can affect the incident response process.

[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...

CODE BLUE

Updated Cyber Security and Fraud Prevention Tools Tactics

Ben Graybar

Sign up for our weekly TRU Snacks webinars here: https://www.citrincooperman.com/infocus/tru-snacks-webinar-series Our TRU Snacks webinar series provides the middle market with brief, strategic, and tactical business improvement information from Citrin Cooperman’s Transition Response Unit (TRU) live every Thursday at noon. In this TRU Snacks Webinar session, Technology, Risk Advisory, and Cybersecurity (TRAC) Partner Michael Camacho reviewed strategies to help combat the relentless attempts by hackers to infiltrate your business during these uncertain times.

TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19

Citrin Cooperman

Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...

Citrin Cooperman

The presentation provides the following: - Symantec Corporate Overview - Threat Landscape based on Symantec ISTR - Threat Landscape of Middle East based on news/blogs - Solution Portfolio with Sales Play - Competitive Vendors and Analyst Relations - Behind The Scenes of Symantec - Roadmap and Area of Focus technologies This has been made for those who would like to understand the Symantec portfolio. Please note all the information is based prior to January 2017 and the full integration of Blue Coat Systems's set of solutions.

Symantec Portfolio - Sales Play

Iftikhar Ali Iqbal

2015 KSU So You Want To Be in Cyber Security

Phil Agcaoili

Understanding the importance of marketing and IT alignment is one thing, but setting a plan for execution is a difficult challenge for any enterprise to undertake. This process involves disrupting well-established processes and embracing new, often radical, ideas around how separate teams can work together to deliver web experiences that match the sky-high expectations of the modern Internet user. These slides explore: Prescriptive advice to balance engagement & performance Identification of problematic vendor technologies before they wreak havoc on your site Proper strategy development to apply personalization based on user context How IT and Marketers must work together to achieve faster and more profitable websites

2016: The Year to Align Marketing & IT Departments

Yottaa

Protecting Your IP: Data Security for Software Technology

Shawn Tuma

Dominique Singer will be hosted AppGate's RVP of Sales, Ken Harris, and National Channel Director, Tamara Prazak, where they discussed how there’s never been greater demand from your clients to secure work from home and remote access. Don’t miss this window of opportunity to help your clients replace their outdated VPNs with Software-Defined Perimeter (SDP) from the industry leading solution- AppGate SDP. Get more client meetings by using this as a wedge.

TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?

SaraPia5

No matter what your current level of cybersecurity knowledge is, these slides created by EMA Research and A10 Networks will provide valuable insights into the latest trends and empower you with the best practices in cloud and web application security. Download to learn more about: - The top threats that pose a risk to your organization and how to mitigate them - The difference between buzz and hype in today’s security approaches, and how this can be used to help your organization - A discussion of Zero Trust, web application security, DDoS protection, encryption, and more for the hybrid cloud world

Navigating Today’s Threat Landscape: Discussing Hype vs. Reality

Enterprise Management Associates

The only way to survive is to automate your SOC

Roberto Sponchioni

sc_can0315_28373

Katherine Thompson

Cybersecurity During the COVID Era

Citrin Cooperman

Moving Sucks. Making Secure Cloud Migration Painless

JoAnna Cheshire

Similar to Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019 (20)

Cyber Security and the Impact on your Business

Find IT & Marketing’s Common Ground: Make Your Site Faster

IoT And Inevitable Decentralization of The Internet

Nvis pitch deck version 4 - 2021 dec

Cyber - it's all now a matter of time!

MSP Webcast - Leveraging Cloud Security to Become a Virtual CIO

[CB19] Integration of Cyber Insurance Into A Risk Management Program by Jake ...

Updated Cyber Security and Fraud Prevention Tools Tactics

TRU Snacks Webinar Series - Navigating Cybersecurity Risk in the Age of COVID-19

Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...

Symantec Portfolio - Sales Play

2015 KSU So You Want To Be in Cyber Security

2016: The Year to Align Marketing & IT Departments

Protecting Your IP: Data Security for Software Technology

TIC-TOC: VPN Is Dead; Are you Monetizing Its Replacement?

Navigating Today’s Threat Landscape: Discussing Hype vs. Reality

The only way to survive is to automate your SOC

sc_can0315_28373

Cybersecurity During the COVID Era

Moving Sucks. Making Secure Cloud Migration Painless

More from Codemotion

Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...

Codemotion

Pompili - From hero to_zero: The FatalNoise neverending story

Codemotion

Pastore - Commodore 65 - La storia

Codemotion

Rivivere l'ebbrezza di progettare un vecchio computer o una consolle da bar è oggi possibile sfruttando le FPGA, ovvero logiche programmabili che consentono a chiunque di progettare il proprio hardware o di ricrearne uno del passato. In questa sessione si racconta come dal reverse engineering dell'hardware di vecchie glorie come il Commodore 64 e lo ZX Spectrum sia stato possibile farle rivivere attraverso tecnologie oggi alla portata di tutti.

Pennisi - Essere Richard Altwasser

Codemotion

There's a lot of talk about blockchain, but how does the technology behind it actually work? For developers, getting some hands-on experience is the fastest way to get familiair with new technologies. So let's build a blockchain, then! In this session, we're going to build one in plain old Java, and have it working in 40 minutes. We'll cover key concepts of a blockchain: transactions, blocks, mining, proof-of-work, and reaching consensus in the blockchain network. After this session, you'll have a better understanding of core aspects of blockchain technology.

Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...

Codemotion

When was the last time you were truly lost? Thanks to the maps and location technology in our phones, a whole generation has now grown up in a world where getting lost is truly a thing of the past. Location technology goes far beyond maps in the palm of our hand, however. In this talk, we will explore how a ridesharing app works. How do we discover our destination?How do we find the closest driver? How do we display this information on a map? How do we find the best route?To answer these questions,we will be learning about a variety of location APIs, including Maps, Positioning, Geocoding etc.

Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019

Codemotion

IoT revolution is ended. Thanks to hardware improvement, building an intelligent ecosystem is easier than never before for both startups and large-scale enterprises. The real challenge is now to connect, process, store and analyze data: in the cloud, but also, at the edge. We’ll give a quick look on frameworks that aggregate dispersed devices data into a single global optimized system allowing to improve operational efficiency, to predict maintenance, to track asset in real-time, to secure cloud-connected devices and much more.

Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -

Codemotion

What if Virtual Reality glasses could transform your environment into a three-dimensional work of art in realtime in the style of a painting from Van Gogh? One of the many interesting developments in the field of Deep Learning is the so called "Style Transfer". It describes a possibility to create a patchwork (or pastiche) from two images. While one of these images defines the the artistic style of the result picture, the other one is used for extracting the image content. A team from TNG Technology Consulting managed to build an AI showcase using OpenCV and Tensorflow to realize such goggles.

Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...

Codemotion

Blockchain (and Cryptocurrency) is an evolution of 20-year old research from scientists like Chaum, Lamport, and Castro & Liskov. Due to the current hype, it's hard to distinguish beneficial aspects of the technology from a desire for a "silver bullet" for device security, verifiable logistics, or "saving democracy". The problem: blockchain introduces new security challenges - and blind adoption without understanding reduces overall security. In this talk, Melanie Rieback and Klaus Kursawe explain the pitfalls and limits of blockchain, so you can avoid making your applications LESS secure.

Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...

Codemotion

Networking is a core part of computing in the digital world we inhabit. But, how well do you know how it works? Do you understand all the moving parts of the OSI stack inside your computer, and how the network is actually put together? How can this ever work? This guided safari of layers, standards, protocols, and happenstance will bring us close to the copper wire, and up through the layers of CDMA/CD, ARP, routing and HTTP. We will make a few excursions through patchworks that still work forty years later, and cleverly designed mechanisms that show that simplicity is the only way to last.

Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...

Codemotion

Performance tests are not only an important instrument for understanding a system and its runtime environment. It is also essential in order to check stability and scalability – non-functional requirements that might be decisive for success. But won't my cloud hosting service scale for me as long as I can afford it? Yes, but… It only operates and scales resources. It won't automatically make your system fast, stable and scalable. This talk shows how such and comparable questions can be clarified with performance tests and how DevOps teams benefit from regular test practise.

Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...

Codemotion

Sascha will demonstrate the opportunities and challenges of Conversational AI learned from the practice. Both Technology and User Experience will be covered introducing a process finding micro-moments, writing happy paths, gathering intents, designing the conversational flow, and finally publishing on almost all channels including Voice Services and Chatbots. Valuable for enterprises, developers, and designers. All live on stage in just minutes and with almost no code.

Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019

Codemotion

A key challenge we face at Pacmed is quickly calibrating and deploying our tools for clinical decision support in different hospitals, where data formats may vary greatly. Using Intensive Care Units as a case study, I’ll delve into our scalable Python pipeline, which leverages Pandas’ split-apply-combine approach to perform complex feature engineering and automatic quality checks on large time-varying data, e.g. vital signs. I’ll show how we use the resulting flexible and interpretable dataframes to quickly (re)train our models to predict mortality, discharge, and medical complications.

Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019

Codemotion

Coolblue is a proud Dutch company, with a large internal development department; one that truly takes CI/CD to heart. Empowerment through automation is at the heart of these development teams, and with more than 1000 deployments a day, we think it's working out quite well. In this session, Pat Hermens (a Development Managers) will step you through what enables us to move so quickly, which tools we use, and most importantly, the mindset that is required to enable development teams to deliver at such a rapid pace.

Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019

Codemotion

Quantum computers can use all of the possible pathways generated by quantum decisions to solve problems that will forever remain intractable to classical compute power. As the mega players vie for quantum supremacy and Rigetti announces its $1M "quantum advantage" prize, we live in exciting times. IBM-Q and Microsoft Q# are two ways you can learn to program quantum computers so that you're ready when the quantum revolution comes. I'll demonstrate some quantum solutions to problems that will forever be out of reach of classical, including organic chemistry and large number factorisation.

James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...

Codemotion

Chinese food exploded across America in the early 20th century, rapidly adapting to local tastes while also spreading like wildfire. How was it able to spread so fast? The GY6 is a family of scooter engines that has achieved near total ubiquity in Europe. It is reliable and cheap to manufacture, and it's made in factories across China. How are these factories able to remain afloat? Chinese-American food and the GY6 are both riveting studies in product-market fit, and both are the product of a distributed open source-like development model. What lessons can we learn for open source software?

Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...

Codemotion

Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019

Codemotion

Would you fly in a plane designed by a craftsman or would you prefer your aircraft to be designed by engineers? We are learning that science and empiricism works in software development, maybe now is the time to redefine what “Software Engineering” really means. Software isn't bridge-building, it is not car or aircraft development either, but then neither is Chemical Engineering. Engineering is different in different disciplines. Maybe it is time for us to begin thinking about retrieving the term "Software Engineering" maybe it is time to define what our "Engineering" discipline should be.

Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019

Codemotion

What is the job of a CTO and how does it change as a startup grows in size and scale? As a CTO, where should you spend your focus? As an engineer aspiring to be a CTO, what skills should you pursue? In this inspiring and personal talk, I describe my journey from early Red Hat engineer to CTO at Bloomon. I will share my view on what it means to be a CTO, and ultimately answer the question: Should the CTO be coding?

Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019

Codemotion

If Socrates met Linus Torvalds, what would they talk about? How much math should be bundled into a good programming language? Can compiler resolve an argument and prove, that someone is right? Trough semantics of code, that we write every day, when looking carefully, one can see foundations of logic and science, that has been build more than 2000 years ago. Why does it matter, and how can we leverage this enormous power to make our code safe and sound in languages with advanced type systems, like Typescript and Scala.

Mike Kotsur - What can philosophy teach us about programming - Codemotion Ams...

Codemotion

More from Codemotion (20)