Об угрозах информационной безопасности, актуальных для разработчика СЗИSelectedPresentations
Качалин Алексей Игоревич, эксперт МОО «АЗИ»
IV Форум АЗИ
«Актуальные вопросы информационной безопасности России»
г. Москва, Конгресс-Центр МТУСИ, 14 апреля 2015 года
This document provides an overview of cyberespionage and international cyber operations as weapons. It defines key terms, gives a brief history of cyberespionage dating back to the 1980s, describes the anatomy of a typical cyberespionage attack, discusses implications for nation-state policy, and outlines what individuals should do to protect themselves. The presenter is Mark Russinovich, author of Zero Day and Trojan Horse, speaking at an intermediate-level conference session.
This document summarizes the plateau effect through 7 elements: 1) immunity to interventions over time, 2) greed leading to local optima, 3) bad timing of interventions, 4) flow issues in automated systems, 5) distorted data obscuring real risks, 6) distraction reducing performance, and 7) failing slowly over many small incremental changes. The document provides examples and studies to illustrate each element and argues that understanding the plateau effect is important to causing meaningful long-term change.
This document discusses the challenges facing the IT security industry in an era of increasing cyberwarfare and sophisticated cyberattacks. It outlines the major sources of attacks, including criminals, hacktivists, and government agencies. It also describes the motivations behind attacks, such as financial gain or political sabotage. Additionally, it examines some of the key attributes of cyberweapons like attribution difficulty and the ease of developing attacks. The document analyzes high-profile past attacks and the anatomy of how such targeted strikes are carried out. It also discusses approaches for protecting against sophisticated targeted attacks through technologies, policies, and international cooperation. Finally, it notes how the threats and attackers have evolved over time, posing new challenges for the IT security industry.
Stuart McClure, CEO of Cylance Inc., gave a presentation on securing embedded systems and devices. He began by noting the vast number of embedded systems worldwide that were designed without security. He then demonstrated live hacks against a Samsung smart TV, a Tridium building management system, and an electronic lockbox. To conclude, he discussed countermeasures organizations can implement to prevent attacks on embedded systems, such as disabling unnecessary ports, patching vulnerabilities, restricting physical and remote access, and using firewalls, IDS systems and encryption.
This document contains information about an experimental session. The session ID is EXP-W23 and it has been classified for general interest. No other details are provided about the topics, participants, or objectives of the experimental session.
The document discusses several emerging cyber threats including the increasing militarization of cyber space by governments, the rise of offensive forensics techniques and purposeful misattribution of attacks, and computer attacks that can result in kinetic impacts in the real world by targeting industrial control and critical infrastructure systems. It also describes the CyberCity project, which is a miniature simulated city that security experts can use to visualize how cyber attacks can achieve kinetic effects. The document uses a case study to illustrate how an actual power grid attack may have progressed by exploiting vulnerabilities across different systems and networks.
This document summarizes a presentation on adapting security strategies as control is lost over IT systems. It discusses how virtualization, cloud computing, and increased mobility have reduced administrative control. It defines the "Control Quotient" as optimizing security controls within one's sphere of control. Examples show how control has shifted between users, customers and providers in cloud models. The presentation argues that security must focus on controls that can still be influenced rather than what is lost.
Об угрозах информационной безопасности, актуальных для разработчика СЗИSelectedPresentations
Качалин Алексей Игоревич, эксперт МОО «АЗИ»
IV Форум АЗИ
«Актуальные вопросы информационной безопасности России»
г. Москва, Конгресс-Центр МТУСИ, 14 апреля 2015 года
This document provides an overview of cyberespionage and international cyber operations as weapons. It defines key terms, gives a brief history of cyberespionage dating back to the 1980s, describes the anatomy of a typical cyberespionage attack, discusses implications for nation-state policy, and outlines what individuals should do to protect themselves. The presenter is Mark Russinovich, author of Zero Day and Trojan Horse, speaking at an intermediate-level conference session.
This document summarizes the plateau effect through 7 elements: 1) immunity to interventions over time, 2) greed leading to local optima, 3) bad timing of interventions, 4) flow issues in automated systems, 5) distorted data obscuring real risks, 6) distraction reducing performance, and 7) failing slowly over many small incremental changes. The document provides examples and studies to illustrate each element and argues that understanding the plateau effect is important to causing meaningful long-term change.
This document discusses the challenges facing the IT security industry in an era of increasing cyberwarfare and sophisticated cyberattacks. It outlines the major sources of attacks, including criminals, hacktivists, and government agencies. It also describes the motivations behind attacks, such as financial gain or political sabotage. Additionally, it examines some of the key attributes of cyberweapons like attribution difficulty and the ease of developing attacks. The document analyzes high-profile past attacks and the anatomy of how such targeted strikes are carried out. It also discusses approaches for protecting against sophisticated targeted attacks through technologies, policies, and international cooperation. Finally, it notes how the threats and attackers have evolved over time, posing new challenges for the IT security industry.
Stuart McClure, CEO of Cylance Inc., gave a presentation on securing embedded systems and devices. He began by noting the vast number of embedded systems worldwide that were designed without security. He then demonstrated live hacks against a Samsung smart TV, a Tridium building management system, and an electronic lockbox. To conclude, he discussed countermeasures organizations can implement to prevent attacks on embedded systems, such as disabling unnecessary ports, patching vulnerabilities, restricting physical and remote access, and using firewalls, IDS systems and encryption.
This document contains information about an experimental session. The session ID is EXP-W23 and it has been classified for general interest. No other details are provided about the topics, participants, or objectives of the experimental session.
The document discusses several emerging cyber threats including the increasing militarization of cyber space by governments, the rise of offensive forensics techniques and purposeful misattribution of attacks, and computer attacks that can result in kinetic impacts in the real world by targeting industrial control and critical infrastructure systems. It also describes the CyberCity project, which is a miniature simulated city that security experts can use to visualize how cyber attacks can achieve kinetic effects. The document uses a case study to illustrate how an actual power grid attack may have progressed by exploiting vulnerabilities across different systems and networks.
This document summarizes a presentation on adapting security strategies as control is lost over IT systems. It discusses how virtualization, cloud computing, and increased mobility have reduced administrative control. It defines the "Control Quotient" as optimizing security controls within one's sphere of control. Examples show how control has shifted between users, customers and providers in cloud models. The presentation argues that security must focus on controls that can still be influenced rather than what is lost.