John Hinchcliffe, one of the talented cybersecurity experts at PwC in Scotland, recently spoke at an ISACA event, talking about the current security risk landscape, highlighting some of the forgotten security risks, and challenging attendees to think about the true value of their data.
2. Cyber security context
Digital Revolution
Growing Cyber Risk
More Regulation
Cloud “IoTs” Big DataSocial Media
Evolving
Threats
More
Connections
Talent
Shortage
Arms
Race
3. Cyber security context
Increasing balance between internal and external challenges, threats and demands
Security Operations
(inc. Intel Fusion)
Legacy
Technology
Flat Global
Networks
Crown Jewels
Discovery
Operating Model
(Structure & Efficiency)
Global Regulatory
Landscape
Evolution of
Threats
Digital
Innovation
Impact of Data
Breaches
Complex Value Chains
(More Interconnections)
Internal and
external
stakeholder
challenges are
relentless,
pushing more
demands on
investment and
resources
4. Threat actor motivation
Threats are rapidly increasing and evolving
Employee falls victim to a phishing
attack compromising ~ 80,270 patient
records (December 2016)
££££££££££Mitigation Cost:
Threatactorsophistication
Accidental
Malware
non-targeted
Cyber
Terrorist
Organised
Cyber
Criminal
State -
Sponsored
Attacks
Competitor
Disgruntled
ex-Employee
3rd Party
Provider
Hacker
Hobbyist
Hacktivist
Insider
110 million credit card
details stolen
(November 2013)
Nation States Cyber Regimes
(e.g. Equation Group)
DDoS attack on price sensitive
information feeds
(August 2011)
Lulzsec & Anonymous
targeted hacktivists
(2012-2013)
Malware wipes 10,000 desktop hard
drives (August 2012)
£2.3m FSA fine for
data loss (August
2010)
Edward Snowden
discloses NSA and
GCHQ spying
programmes (June
2013)
Employee copies 35,000
client details to personal
computer
(August 2012)
$101m stolen through
fraudulent payment
instructions sent via SWIFT
(February 2016)
Bangladesh
Central Bank
Widespread DDoS attack on
upstream DNS provider
(October 2016)
20m credit card stolen
by employee (January
2014)
Disgruntled
Customer
DDoS attack on competitor
payments system
(July 2010)
Malware found on payment
processing servers at ~1,200
on-site restaurants and bars,
stealing cardholder names and
card information
(August – December 2016)
500m account details stolen from
company database
(September 2016)
Scammed into wiring +
$100m to scammer's bank
accounts deceptively posing
as Asian-based manufacturer
(2013 – 2015)
5. The trend in financial fraud perpetrated by cyber criminals
Cyber criminals are leveraging their more sophisticated knowledge of financial markets to seek greater rewards
Banks’ Finance
Systems
Retail Online
Banking Customer
Banks’ Funds
Transfer Systems
Commercial Online
Banking Customers
Changing Targets
18 months ago3 years ago5 + years ago Today Next?
Exchanges or
Clearing Houses
$$$$$
$$$$
$$$
$$
$
Carbanak ATM Malware
Dridex Banking Malware
SWIFT Alliance Access Interface Manipulation of order books and/or
create market imbalances by
interrupting data feeds?
Next?
Exposure
AttackComplexity
Size represents total breach exposure
ValueChain
Odinaff Trojan Malware