SlideShare a Scribd company logo

Cyber Crisis Management.pdf

Priyanka Aash
Priyanka Aash

Ransomware demand, customer enquiring about data leak

Technology
1 of 14
Download to read offline
Classification: Confidential Contains PII: No Cyber Crisis Management Game Play
Classification: Confidential Contains PII: No 5th June Invoice Portal Outage 09 00 Enquiring Mail 5th June 09 45 Update from XYZ's IT operation team XYZ Invoice Portal has been down for 1 hour and is not accessible to employees. IT operations report that the support systems seem to be overloaded, but they are investigating. Dear Sir, I am unable to access the invoice portal. We need to raise an invoice urgently for a customer. Please look into the matter. Regards, XYZ employee3 To: Finance Manager, XYZs Ltd. XYZemployee3@XYZ.co.in Private and Confidential – For your urgent attention A finance employee starts enquiring about XYS’s invoice portal and they are not able to send the invoices.
Classification: Confidential Contains PII: No 13 00 5th June Ransom demand 22 00 Anonymous You Have Been Hacked! You don’t know us but we most certainly know you and I trust now we have your attention. We have access into your system and data. While you were distracted by the DDoS, we have got hold of the Sensitive data from databases. We demand payment of $500,000 to be paid in bitcoins within 48 hours else we will expose XYZ’s Project XYZ data. If you refuse to meet our condition, we will show no mercy. THE CLOCK IS TICKING !!!!!!!!!! WE ARE ANONYMOUS, WE DO NOT FORGET, WE DO NOT FORGIVE WE OWN YOU To: CEO, XYZ Ltd. 5th June Invoice Portal outage update DDoS attack XYZ Office Invoice Portal outage update: A new worm is released. When the worm infects a host, it installs a Distributed Denial of Services (DDoS) agent, leading to a DDoS attack.. XYZ has already incurred widespread infections before antivirus signatures could become available A threatening email is received by the CEO from Anonymous sender with the subject “ You Have Been Hacked”
Classification: Confidential Contains PII: No 6th June Forensic Anonymous You Have Been Hacked! You don’t know us but we most certainly know you and I trust now we have your attention. We have access into your system and data. While you were distracted by the DDoS, we have got hold of the Sensitive data from databases. We demand payment of $500,000 to be paid in bitcoins within 36 hours else we will expose XYZ’s Project XYZ data. If you refuse to meet our condition, we will show no mercy. THE CLOCK IS TICKING !!!!!!!!!! WE ARE ANONYMOUS, WE DO NOT FORGET, WE DO NOT FORGIVE WE OWN YOU To: CFO, XYZ Ltd. 10 00 Unavailability of service 6th June 12 00 Hello, Apologies, but I have to use my Gmail as none of us in Finance team can access our computer this morning. See the attached picture of the screen we are getting when we are trying to login. I am not sure if this is a joke. I have contacted Helpdesk anyway. If there is anything we need to know, please let us know. Regards, XYZemployee2 To: IT Infra Head, XYZ Ltd. XYZemployee2@XYZ.co.in Private and Confidential – For your urgent attention The CFO receives the same e-mail from the Anonymous source The deadline to respond passes A locked screen appears on 15 of the Finance teams workstations One of the users has taken a screen shot and sent it to the IT head
Classification: Confidential Contains PII: No 7th June Customer enquiring about data leak 22 30 Abhishek Pandey Enquiry about data leak Hi, We’re coming across various tweets by Anonymous claiming that they’re in possession of highly confidential data. Could you confirm if this is true? If yes, is our content leaked as well, and to what extent? Can you tell us to what extent the breach has happened and what measures are you taking to limit and take down leaked content? Regards, Abhishek To: Customer.Care@XYZ.co.in AB 7th June Ransom Demand 22 05 Hackers release video on several social media platforms Customer reach out to enquire about the hack, and to check if their data is also impacted
Classification: Confidential Contains PII: No 7th June Media Coverage Trust conf and rebuilding Infra 22 45 The news is picked up by many online forums and is going viral. < < XYZ . HACKED !!! < <
Classification: Confidential Contains PII: No Cyber War Game Exercise – Reconnect & Ask?
Classification: Confidential Contains PII: No Team A: Showing realty, internal problem , Blame Game , Short falls, Legal issues Team B: Execute & come out of crisis , Bringing Back BAU
Classification: Confidential Contains PII: No Team-A – What went wrong points 1. No focus to bring the business back to normal 2. No ownership 3. Approval was delayed 3. Ransom to paid – No Business ethics 4. Communication was delayed
Classification: Confidential Contains PII: No Team-B – What went right 1. Top Management was supportive 2. Approval was provided 3. Root cause understood and corrective action taken 4. Provided the confidence and communicated
Classification: Confidential Contains PII: No Cyber Crisis War Game Exercise Key Takeaways And Roadmap 1. High Pressure on CISO from all directions. 2. CISO requires to take rest 3. Everyone needs focus only on Recovery and business normalcy. 4. CISO should not be disturbed by critics. 5. Be brutally honest and communicate it to everyone. 6. Focus on compliance and regulations. 7. Support the Auditors/partners/vendors and forensics 8. Proactive IRR
Classification: Confidential Contains PII: No Key Takeaways You will never have enough time! Even top executives with years of experience in managing crisis aren't always prepared to handle cyber incidents. Not an IT Issue Only Cyber security is a business issue affecting the survival and reputation of the company Don’t forget your employees While everyone is firefighting with external agencies, organizations often forget to communicate about the cyber-attack situation to their own employees. Mock Drill - Not just one time activity People come and go, strategies change, but in the end practice makes perfect.
Classification: Confidential Contains PII: No The more we sweat in peace, the less we bleed in [cyber] war Any Questions?
Classification: Confidential Contains PII: No

Recommended

London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018
Kevin Duffey
 
2016 legal seminar for credit professionals
2016 legal seminar for credit professionals2016 legal seminar for credit professionals
2016 legal seminar for credit professionals
Kegler Brown Hill + Ritter
 
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
Logikcull.com
 
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Kevin Duffey
 
Letter anonymous-II
Letter anonymous-IILetter anonymous-II
Letter anonymous-II
Paul Dutot IEng MIET MBCS CITP OSCP CSTM
 
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Steve Poole
 
Preventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachPreventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel Approach
Laurent Pacalin
 
nerfslides.pptx
nerfslides.pptxnerfslides.pptx
nerfslides.pptx
ssusera5ade5
 

Recommended

London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018London First - cyber attack simulation - 22nd May 2018
London First - cyber attack simulation - 22nd May 2018
Kevin Duffey
 
2016 legal seminar for credit professionals
2016 legal seminar for credit professionals2016 legal seminar for credit professionals
2016 legal seminar for credit professionals
Kegler Brown Hill + Ritter
 
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
Protecting Against Petya: Ransomware and the Future of Law Firm Cybersecurity
Logikcull.com
 
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Cyber attack response from the CEO perspective - Tallinn Estonia - Short Simu...
Kevin Duffey
 
Letter anonymous-II
Letter anonymous-IILetter anonymous-II
Letter anonymous-II
Paul Dutot IEng MIET MBCS CITP OSCP CSTM
 
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Steve Poole
 
Preventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachPreventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel Approach
Laurent Pacalin
 
nerfslides.pptx
nerfslides.pptxnerfslides.pptx
nerfslides.pptx
ssusera5ade5
 
example
exampleexample
example
William348658
 
Preventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachPreventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel Approach
Guardian Analytics
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 Sofia
Steve Poole
 
QA Fest 2015. Per Thorsheim. Lessons learned: When the worlds largest dating ...
QA Fest 2015. Per Thorsheim. Lessons learned: When the worlds largest dating ...QA Fest 2015. Per Thorsheim. Lessons learned: When the worlds largest dating ...
QA Fest 2015. Per Thorsheim. Lessons learned: When the worlds largest dating ...
QAFest
 
Deep Impact: Explore the Wide- Reaching Impact of a Cyberattack
Deep Impact: Explore the Wide- Reaching Impact of a CyberattackDeep Impact: Explore the Wide- Reaching Impact of a Cyberattack
Deep Impact: Explore the Wide- Reaching Impact of a Cyberattack
Priyanka Aash
 
Jax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developerJax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developer
Steve Poole
 
What is Security, anyway? Software architecture for information security part...
What is Security, anyway? Software architecture for information security part...What is Security, anyway? Software architecture for information security part...
What is Security, anyway? Software architecture for information security part...
Chris F Carroll
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3
Meg Weber
 
O365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and PhishingO365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and Phishing
NCCOMMS
 
Chalkboard Writing Quotes. QuotesGram
Chalkboard Writing Quotes. QuotesGramChalkboard Writing Quotes. QuotesGram
Chalkboard Writing Quotes. QuotesGram
Erin Ross
 
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side... Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Steve Poole
 
Cybersecurity: How Safe Is Your Organization?
Cybersecurity: How Safe Is Your Organization?Cybersecurity: How Safe Is Your Organization?
Cybersecurity: How Safe Is Your Organization?
CBIZ, Inc.
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference
Rea & Associates
 
Insider threat
Insider threatInsider threat
Insider threat
ARCON TECHSOLUTIONS
 
How to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsHow to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scams
Gabor Szathmari
 
2017 Legal Seminar for Credit Professionals - Columbus
2017 Legal Seminar for Credit Professionals - Columbus2017 Legal Seminar for Credit Professionals - Columbus
2017 Legal Seminar for Credit Professionals - Columbus
Kegler Brown Hill + Ritter
 
Data breach
Data breachData breach
Data breach
Burhan Ahmed
 
Verizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breachVerizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breach
Ulf Mattsson
 
2017 Legal Seminar for Credit Professionals - Cleveland
2017 Legal Seminar for Credit Professionals - Cleveland2017 Legal Seminar for Credit Professionals - Cleveland
2017 Legal Seminar for Credit Professionals - Cleveland
Kegler Brown Hill + Ritter
 
Iapp cipmExact IAPP CIPM Questions And Answers
Iapp cipmExact IAPP CIPM Questions And AnswersIapp cipmExact IAPP CIPM Questions And Answers
Iapp cipmExact IAPP CIPM Questions And Answers
Armstrongsmith
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
Priyanka Aash
 

More Related Content

Similar to Cyber Crisis Management.pdf

Jax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developerJax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developer
Steve Poole
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3
Meg Weber
 
O365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and PhishingO365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and Phishing
NCCOMMS
 
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side... Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Steve Poole
 
Data breach
Data breachData breach
Data breach
Burhan Ahmed
 
Verizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breachVerizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breach
Ulf Mattsson
 

Similar to Cyber Crisis Management.pdf (20)

example
exampleexample
example
 
Preventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel ApproachPreventing Fraud with a Multi-Channel Approach
Preventing Fraud with a Multi-Channel Approach
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 Sofia
 
QA Fest 2015. Per Thorsheim. Lessons learned: When the worlds largest dating ...
QA Fest 2015. Per Thorsheim. Lessons learned: When the worlds largest dating ...QA Fest 2015. Per Thorsheim. Lessons learned: When the worlds largest dating ...
QA Fest 2015. Per Thorsheim. Lessons learned: When the worlds largest dating ...
 
Deep Impact: Explore the Wide- Reaching Impact of a Cyberattack
Deep Impact: Explore the Wide- Reaching Impact of a CyberattackDeep Impact: Explore the Wide- Reaching Impact of a Cyberattack
Deep Impact: Explore the Wide- Reaching Impact of a Cyberattack
 
Jax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developerJax london2016 cybercrime-and-the-developer
Jax london2016 cybercrime-and-the-developer
 
What is Security, anyway? Software architecture for information security part...
What is Security, anyway? Software architecture for information security part...What is Security, anyway? Software architecture for information security part...
What is Security, anyway? Software architecture for information security part...
 
2014 ota databreach3
2014 ota databreach32014 ota databreach3
2014 ota databreach3
 
O365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and PhishingO365Engage17 - Protecting your Users Against Email Spoofing and Phishing
O365Engage17 - Protecting your Users Against Email Spoofing and Phishing
 
Chalkboard Writing Quotes. QuotesGram
Chalkboard Writing Quotes. QuotesGramChalkboard Writing Quotes. QuotesGram
Chalkboard Writing Quotes. QuotesGram
 
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side... Cybercrime and the Developer: How to Start Defending Against the Darker Side...
Cybercrime and the Developer: How to Start Defending Against the Darker Side...
 
Cybersecurity: How Safe Is Your Organization?
Cybersecurity: How Safe Is Your Organization?Cybersecurity: How Safe Is Your Organization?
Cybersecurity: How Safe Is Your Organization?
 
2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference 2022 Rea & Associates' Cybersecurity Conference
2022 Rea & Associates' Cybersecurity Conference
 
Insider threat
Insider threatInsider threat
Insider threat
 
How to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsHow to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scams
 
2017 Legal Seminar for Credit Professionals - Columbus
2017 Legal Seminar for Credit Professionals - Columbus2017 Legal Seminar for Credit Professionals - Columbus
2017 Legal Seminar for Credit Professionals - Columbus
 
Data breach
Data breachData breach
Data breach
 
Verizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breachVerizon 2014 data breach investigation report and the target breach
Verizon 2014 data breach investigation report and the target breach
 
2017 Legal Seminar for Credit Professionals - Cleveland
2017 Legal Seminar for Credit Professionals - Cleveland2017 Legal Seminar for Credit Professionals - Cleveland
2017 Legal Seminar for Credit Professionals - Cleveland
 
Iapp cipmExact IAPP CIPM Questions And Answers
Iapp cipmExact IAPP CIPM Questions And AnswersIapp cipmExact IAPP CIPM Questions And Answers
Iapp cipmExact IAPP CIPM Questions And Answers
 

More from Priyanka Aash

Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Priyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
 

Recently uploaded

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Recently uploaded (20)

WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 

Cyber Crisis Management.pdf

  • 1. Classification: Confidential Contains PII: No Cyber Crisis Management Game Play
  • 2. Classification: Confidential Contains PII: No 5th June Invoice Portal Outage 09 00 Enquiring Mail 5th June 09 45 Update from XYZ's IT operation team XYZ Invoice Portal has been down for 1 hour and is not accessible to employees. IT operations report that the support systems seem to be overloaded, but they are investigating. Dear Sir, I am unable to access the invoice portal. We need to raise an invoice urgently for a customer. Please look into the matter. Regards, XYZ employee3 To: Finance Manager, XYZs Ltd. XYZemployee3@XYZ.co.in Private and Confidential – For your urgent attention A finance employee starts enquiring about XYS’s invoice portal and they are not able to send the invoices.
  • 3. Classification: Confidential Contains PII: No 13 00 5th June Ransom demand 22 00 Anonymous You Have Been Hacked! You don’t know us but we most certainly know you and I trust now we have your attention. We have access into your system and data. While you were distracted by the DDoS, we have got hold of the Sensitive data from databases. We demand payment of $500,000 to be paid in bitcoins within 48 hours else we will expose XYZ’s Project XYZ data. If you refuse to meet our condition, we will show no mercy. THE CLOCK IS TICKING !!!!!!!!!! WE ARE ANONYMOUS, WE DO NOT FORGET, WE DO NOT FORGIVE WE OWN YOU To: CEO, XYZ Ltd. 5th June Invoice Portal outage update DDoS attack XYZ Office Invoice Portal outage update: A new worm is released. When the worm infects a host, it installs a Distributed Denial of Services (DDoS) agent, leading to a DDoS attack.. XYZ has already incurred widespread infections before antivirus signatures could become available A threatening email is received by the CEO from Anonymous sender with the subject “ You Have Been Hacked”
  • 4. Classification: Confidential Contains PII: No 6th June Forensic Anonymous You Have Been Hacked! You don’t know us but we most certainly know you and I trust now we have your attention. We have access into your system and data. While you were distracted by the DDoS, we have got hold of the Sensitive data from databases. We demand payment of $500,000 to be paid in bitcoins within 36 hours else we will expose XYZ’s Project XYZ data. If you refuse to meet our condition, we will show no mercy. THE CLOCK IS TICKING !!!!!!!!!! WE ARE ANONYMOUS, WE DO NOT FORGET, WE DO NOT FORGIVE WE OWN YOU To: CFO, XYZ Ltd. 10 00 Unavailability of service 6th June 12 00 Hello, Apologies, but I have to use my Gmail as none of us in Finance team can access our computer this morning. See the attached picture of the screen we are getting when we are trying to login. I am not sure if this is a joke. I have contacted Helpdesk anyway. If there is anything we need to know, please let us know. Regards, XYZemployee2 To: IT Infra Head, XYZ Ltd. XYZemployee2@XYZ.co.in Private and Confidential – For your urgent attention The CFO receives the same e-mail from the Anonymous source The deadline to respond passes A locked screen appears on 15 of the Finance teams workstations One of the users has taken a screen shot and sent it to the IT head
  • 5. Classification: Confidential Contains PII: No 7th June Customer enquiring about data leak 22 30 Abhishek Pandey Enquiry about data leak Hi, We’re coming across various tweets by Anonymous claiming that they’re in possession of highly confidential data. Could you confirm if this is true? If yes, is our content leaked as well, and to what extent? Can you tell us to what extent the breach has happened and what measures are you taking to limit and take down leaked content? Regards, Abhishek To: Customer.Care@XYZ.co.in AB 7th June Ransom Demand 22 05 Hackers release video on several social media platforms Customer reach out to enquire about the hack, and to check if their data is also impacted
  • 6. Classification: Confidential Contains PII: No 7th June Media Coverage Trust conf and rebuilding Infra 22 45 The news is picked up by many online forums and is going viral. < < XYZ . HACKED !!! < <
  • 7. Classification: Confidential Contains PII: No Cyber War Game Exercise – Reconnect & Ask?
  • 8. Classification: Confidential Contains PII: No Team A: Showing realty, internal problem , Blame Game , Short falls, Legal issues Team B: Execute & come out of crisis , Bringing Back BAU
  • 9. Classification: Confidential Contains PII: No Team-A – What went wrong points 1. No focus to bring the business back to normal 2. No ownership 3. Approval was delayed 3. Ransom to paid – No Business ethics 4. Communication was delayed
  • 10. Classification: Confidential Contains PII: No Team-B – What went right 1. Top Management was supportive 2. Approval was provided 3. Root cause understood and corrective action taken 4. Provided the confidence and communicated
  • 11. Classification: Confidential Contains PII: No Cyber Crisis War Game Exercise Key Takeaways And Roadmap 1. High Pressure on CISO from all directions. 2. CISO requires to take rest 3. Everyone needs focus only on Recovery and business normalcy. 4. CISO should not be disturbed by critics. 5. Be brutally honest and communicate it to everyone. 6. Focus on compliance and regulations. 7. Support the Auditors/partners/vendors and forensics 8. Proactive IRR
  • 12. Classification: Confidential Contains PII: No Key Takeaways You will never have enough time! Even top executives with years of experience in managing crisis aren't always prepared to handle cyber incidents. Not an IT Issue Only Cyber security is a business issue affecting the survival and reputation of the company Don’t forget your employees While everyone is firefighting with external agencies, organizations often forget to communicate about the cyber-attack situation to their own employees. Mock Drill - Not just one time activity People come and go, strategies change, but in the end practice makes perfect.
  • 13. Classification: Confidential Contains PII: No The more we sweat in peace, the less we bleed in [cyber] war Any Questions?