Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Evolving it security Threats and Solutions

965 views

Published on

IT security wars show now sign of slowing down, or in any way, becoming less intense, quite the reverse. Rogue States, Criminal Gangs and Hackers are now trading information and sharing skills and developments on an industrial scale. Vast sums of money are being stolen and extorted by these groups, and their investment in software tools and malware is significant. As a growing cooperative they rival some of our big institutions and agencies in their abilities and knowledge, and in general completely outgun the SME sector. In their latest manifestation they hunt in packs, with individuals and individual groups assigned tasks according to their particular specialisms and skills. Insourcing, outsourcing, mobile and flexible working is the norm along with networked computing, clouds and dark nets.

In contrast the forces of good tend to more conservative and operate in isolation, evolve at a slower rate, and present a relatively static attack surface. In aggregate however, they possess the people and skills necessary to dominate the IT security spectrum, but only if they share what they know along with what they are experiencing, manpower and the key software tools and skills they have developed.

The extent to which the Good could outgun the Bad is estimated to be >> 3:1 and most likely beyond 30 >> 1, provided the Good share and begin to think and act differently. But as we edge toward the IoT (internet of Things and CoT (Clouds of Things) the Good look ever more exposed by old thinking and a less than pro-active mindset focused on remedial rather than anticipative action. Here we identify some of the key risks (present and future) and postulate workable solutions that could be engineered today including auto-immunity spanning every chip, card, shelf, rack, floor, building and all devices.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Evolving it security Threats and Solutions

  1. 1. S e c u r i t y E v o l v i n g I T S e c u r i t y   T h r e a t s & S o l u t i o n s Peter Cochrane www.cochrane.org.uk
  2. 2. t h e   d a r k   s i d e   I s n o t g o i n g a w a y a n y t i m e s o o n ! • Their numbers and strengths are growing • They always seem to be on the front foot • They always seem to be ahead of the game • They appear to be getting more adaptable • They appear to be getting more agile • Threats are growing • Attacks are continuous • The types are more varied • Damage costs are accelerating
  3. 3. h o w   c o m e   ? • They are driven by the economics of criminal success • They are not managed by a board or committee • They are not bound by ethics, laws and rules • They enjoy the advantage of surprise • Attacking is more fun than defending • They are distributed, highly flexible and adaptable • The threat and penalties of failure are extremely low • Adopting and trying new technologies on the fly is their norm
  4. 4. a n d   m o r e   !   B e yo n d t e c h n o l o g y a n d s k i l l • They adopted open and sharing everything first • They adopted mobility and mobile working first • They started using clouds and dark nets first • They employed distributed computing first • They adopted and developed apps first • They adopted Be My Own Boss first • T h ey a d o p t e d BYO B f i r s t • The are now federating resources and trading skills • They are now employing outsourcing and insourcing • Individuals and indiviual teams are selling specific skill sets
  5. 5. C o r r u p t i o n   !   Human rel ationshi p s o p e n d o o r s • In need of love • In need of care • In need of money • Prone to bribery • Needy of support • In debt • +++ Targeted individuals and organisations easy to influence and infiltrate with no easy detection or defence +++
  6. 6. i n f i l t r at i o n   !   Te c h n o l o g y i s n o t t h e o n l y w a y i n • External services people • Visiting trades and repair crews • Unauthorised info focussed visits • Hardware/software plants in equipment • Memory sticks in rest rooms • +++ Open Screens Open Access Paper Notes Open Desks Telephone Numbers Namers Contacts Data Devices urls
  7. 7. • Carless and loud discussions • Open screens readily visible • Poor security of devices • Shoulder surfing o p p o r t u n i s t i c   !   P e o p l e a n d t e c h n o l o g y a v a i l a b i l i t y • Careless PIN and PassWord use • Devices left unguarded • Open phone and SMS • Paper notes
  8. 8. H u n t i n g   I N   pa c k s     Far more powerful and effective than individuals • Team work is the new mode • Rapid sharing is the key advantage • Skill sharing and real time learning • High speed adaptability a prime ability • Results based reward system a key driver
  9. 9. • Team work is the new mode • Rapid sharing is the key advantage • Skill sharing and real time learning • High speed adaptability a prime ability • Results based reward system a key driver H a c k e r   N e t s   Dynamic aggregation of global assets Sharing Trumps Need to Know
  10. 10. M u t e d   g o o d   Almost zero sharing of anything ! Need to Know Culture Disabling • Commercial confidence/secrets • Government protecting national good • Solutions sold and traded not shared • Companies limping along in ignorance • Specialist companies protecting markets • Individuals unknowingly exposed to risks • Exact damage caused is often undisclosed
  11. 11. e c o n o m i c s   o f   s h a r i n g   When the cost gets too great organisation have to share • Hakers have upper hand • Retrospective solutions only • Software requires regular updates • Machines need regular security scans • Most people are unaware and exposed • Infections spread rapidly and go undetected • File sharing apps are popular but very risky • All machines come out of their box on day one infected • We can broadly assume that there are no clean devices • It is all a ticking time bomb !
  12. 12. Good Bad >> 3:1 Sufficient for good to prevail over bad ! But ‘bad’ shares resources and knowledge Whilst ‘good’ operates by ‘need to know’ Sharing knowledge and resources is vital to assure success ! Best estimate assuming equally good people and technical resources on both side of the line: resourceS   Ratio of aggregated good to bad
  13. 13. sharing  at  every  level   An essential element necessary to secure a safe future The future really is in our hands - we actually hold all the ace cards
  14. 14. Identity  theft     I t i s s o v e r y v e r y e a s y ! Lax security protocols and procedures Spoof bank calls and paperwork Big Data,Meta Data analysis Bogus call centres/services Spoof eMails,TXT, IMs Government records Institutional records Face to face surveys Social networking Company pages On-line surveys Home pages Data mining Broader Protection N e c e s s a r y
  15. 15. Lax security protocols and procedures Old technologies mixed with the new Crack one item gives access to all ? Crack one item to acces the network Change/control all ownerships Use ownership as collateral Ownership affords validity Viral step and repeat Creates new crimes Things as hostages eBlackmail +++ Broader Protection N e c e s s a r y ownership  theft     IoT rolled out at speed makes it even easier !
  16. 16. F I R E   WAL L S   Old thinking and insufficient • Easy to end run • Easy to penetrate • Difficult to maintain • Easy to circumnavigate • Demand high level expertise • Only provide limited protection • An impediment to sharing apps • Inflexible for modern working • Counter cultural to BYOD • Slow to change/update
  17. 17. m a l wa r e   p r o t e c t i o n   No satisfactory solutions available to date • Hackers have upper hand • Retrospective solutions only • Software requires regular updates • Machines need regular security scans • Most people are unaware • Infections spread rapidly • File sharing apps is risky • All machines come infected • There are no clean devices • It is all a ticking time bomb
  18. 18. P E O P L E   p r o t e c t i o n   Unintended and Intended people based exposure • Laxity • Mistakes • Gullibility • Coercion • Conspiracy • Criminal acts • Opportunistic acts People are habitual and conform to patterns of regular behaviour
  19. 19. behaviou ral  An alysis   Continuous monitoring of activities to detect anomalies • Uploads and Downloads • EMail attachment types • Web Site addresses • Networks accessed • eMail addresses • Device owneship • Device type • Home time • Desk time • Road time +++ Activities, Connections, Quantities, Timings
  20. 20. Axio matic  !     T h e r e a r e n o s i l v e r b u l l e t s If we do nothing new things will get worse Non stop learning & adaptation required Acting in isolation guarantees failure Continual monitoring necessary Machines action trumps humans Networking and sharing are key Early detection and action vital Integrated security is a must Localised quarantene vital Every level to be protected Every device proactive All networks proactive A New Era For Security Nosingularsolutionsonlyamultiplicity oftechniquestobeappliedinunison
  21. 21. Ax iom atic     T i m e t o t h i n k a g a i n ! Scenarios for the age of everything on line Mobile and Social Everything Smart to Smart Everything The Internet of Things Clouds of Things IntelligentThings Repurposing Recycling Reuse Apps on line WiFi domination Distributed storage Clouds of things The internet of things More on-line than off New working practices More mobile than fixed More connectivity modes Thousands of Cloud Species Far Greater Variability
  22. 22. a u t o   I m m u n e   s y s t e m s     C a p a b l e o f d e t e c t i n g a n d i s o l a t i n g m a l w a r e Hardware malware traps on every chip and card And on every device, card, shelf, suit, floor, network Also on all network elements & components Soft malware traps in all code everywhere Automatic experience/solution sharing Fully automated response/reporting Resource sharing and adaptation Many variants & contributions Evolution dominates design Industry wide adoption Full integration Behaviour Emmeregent & Unpredictable
  23. 23. USING  a  multiplicity  of  channels   Attack exposure and offset through access diversity BlueTooth Short Range Device to Device Device to Cloud WiFi/WiMax Medium Range WLAN/Cloud 3, 4, 5, 6 G Long Range Device to Net Device to Cloud Integrated and intelligent security apps embedded into product/components Attacks almost never occur on more than one channel at a time Intercepting parsed information transmitted over many channels and modes extremely secure Using more one device also adds security options
  24. 24. Automation/AI  essential   D e m a n d s a r e w a y b e y o n d h u m a n s ! Continuous monitoring is a necessity Getting it all right on the night is impossible Rapid evolution & response are a required Frustrating the enemy all the time Integration of all available resources Gathering all available intelligence Analysing every aspect from both sides Rapid response and repair an essential Punitive responses and attacks an option? War gaming the next moves to be built in Open learning and solution dissemination Human intervention should be the exception
  25. 25. Automation  and  AI  is  essential   T h e d e m a n d s a r e w a y b e y o n d h u m a n a b i l i t i e s ! Thank Y o u cochrane.org.uk

×