What is CyberSecurity? Who are the threats? Why is cyber attack happening? How bad is it? How do attackers do it? What can we learn from Star Wars?
This presentations Cyber Attacks, State of CyberSecurity, some guidance for the students interested in getting into the field, and some great resources.
2. KLC Consulting 2
Career Highlights
CISSP, CISA, CSSLP, CIPP/US/G
20 years in IT, 15 year specializing in security
CISO, DISA Operations Manager for Security Portal
ISO 27001/2, Regulatory Compliance, Third-Party Risk,
Penetration/Vulnerability Tester, IT Auditor, Network Admin,
Developer, DBA, Sys Admin
Consultant for
Boeing | HP | PWC | DoD | Fidelity | ExxonMobil
Fannie Mae | RBS | Federal Gov’t | Akamai | Brandeis Univ
Author of
SMAC MAC Address Changer (SMAC) tool
WebDAV Scanner tool
Administer Linkedin Groups
CyberSecurity Community
Cloud Computing Security Community
Third Party Security Risk Management
Married, 2 kids, 1 teenage dog!
Graduated from UCONN with BS in Electrical Engineering
4. KLC Consulting 4
Recent huge cyber attacks:
(1/2015) Primera Blue Cross : 11 million customer records in May 2014, went
undiscovered until 1/29/2015
(2/2015) Anthem (including Blue Cross Blue Shield members) : 80 million
insured’s health records stolen
(11/2014) SONY Picture : 11/2014
(10/2014) Staples : 1.16 million customer credit cards
(9/2014) Home Depot : 56 million customer credit cards
(8/2014) JPMorgan Chase : 83 million household and business accounts
(6/2014) Community Health Systems : 4.5 million patient records
(4/2014) Michaels Stores: 3 million customer payment cards
(12/2013) Target : 40 million customer credit and debit cards. CEO was fired!
6. KLC Consulting 6
CyberSecurity Definition:
The activity or process, ability or capability, or state whereby information and
communications systems and the information contained therein are protected
from and/or defended against damage, unauthorized use or modification, or
exploitation. (http://niccs.us-cert.gov/glossary)
In Straight Talk:
Your Capability and Readiness for attacks against your technology / system /
applications:
Prevention / protection / monitoring / detection
React / respond / attack* / counter attack* / handle breach notifications
*Authorization required
8. KLC Consulting 8
* “Scope of Supplier Expansion
and Foreign Involvement” graphic
in DACS
www.softwaretechnews.com
Cloud /
Outsource
9. KLC Consulting 9
92% OF THE INCIDENTS WE’VE SEEN OVER THE LAST 10 YEARS — AND 94% OF THE BREACHES IN 2013 —
CAN BE DESCRIBED WITH JUST NINE PATTERNS.
Source: VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT
10. KLC Consulting 10
Advanced Persistent Threat (APT)
Distributed Denial of Service (DDoS)
Cross-Platform Malware
Metamorphic and Polymorphic Malware
Phishing
Source: Recorded Future - Cyber Threat Landscape: Basic Overview and Attack Methods
11. KLC Consulting 11
A1: Injection
A2: Broken Authentication and Session Management
A3: Cross-Site Scripting (XSS)
A4: Insecure Direct Object References
A5: Security Misconfiguration
A6: Sensitive Data Exposure
A7: Missing Function Level Access Control
A8: Cross-Site Request Forgery (CSRF)
A9: Using Known Vulnerable Components
A10: Unvalidated Redirects and Forwards
13. KLC Consulting 13
Critical Infrastructure
Power grid / Oil pipelines
Financial Services
Banking / Wall Street
Government Services
Fire / Police / Water / Traffic Light
Several nations are capable of launching large-scale attacks against the
USA
14. KLC Consulting 14
Live Attacks - http://map.ipviking.com (no sensors in China so cannot see attacks made
upon China)
15. KLC Consulting 15
Source: http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
• Cyber Weapon – Stuxnet attacked
Iranian nuclear centrifuge in 2010
• It is claimed to be the first effective
cyber weapon
• Infect the environment by USB
• Attack industrial programmable
logic controllers (PLCs)
• Only target Siemens system
running on Windows
• Reportedly compromised Iranian
PLCs
• Collects information about
industrial systems
• Causes the high speed centrifuges
to tear themselves apart
• Who made Stuxnet??? No one
claimed the responsibility…
16. KLC Consulting 16
Denial Of Service
AMIDALA : We must continue to rely on negotiation.
BIBBLE : Negotiation? We've lost all communications!
(Also used in Russia-Georgia war)
Compromise Integrity, Escalation of Privilege...
OBI-WAN: This is where it ought to be... but it isn’t. Gravity is pulling
all the stars in this area inward to this spot. There should be a star
here... but there isn’t.
JEDI CHILD: Because someone erased it from the archive memory.
OBI-WAN: But Master Yoda who could have erased information
from the archives? That’s impossible, isn’t it?
YODA: (frowning) Much harder to answer, that question is.
17. KLC Consulting 17
You Possess Fundamental Skills for CyberSecurity
Strong PROBLEM SOLVING SKILLS
Programming Skills
Advanced Computer skills
Understand a mix of technologies
Acquire new skills
Think outside the box when it comes to creative problem solving
Learn penetration testing skills
Think like a BAD hacker, and see how you can protect your employer
Learn Risk Assessment.
Identify vulnerabilities, potential areas of exposure, estimate cost of damage should
attack come via this vulnerability, estimate cost to fix, the cost to not fix, the cost of
carrying business insurance to cover the risk, is the risk acceptable?
18. KLC Consulting 18
Learn the basics (network, database, application, web)
Learn programming languages (Python – most useful)
Be passionate! You will learn more if you have the interest
Try out all the hacking practice sites. Lots of free training. Youtube. Google -
research!!!
Follow websites, tweets, security news
Follow the new security threats, vulnerabilities
Learn the hacking tools, stay current with existing and newest Jedi tricks
Pay attention to the trend...
Setup a lab and try out Jedi tricks at home!
A few computers
A few Virtual Machines