Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Securing Your Digital Assets Against Hijacking, Phishing, and DDoS Attacks

566 views

Published on

We know you put your company’s cyber security first—and so do we. That’s why in the changing digital landscape with consistent threats from cyber attacks, we want you to be prepared.
In this complimentary webinar in cooperation with our partner, Verisign®, CSC® will present the latest trends in cyber attacks and how you can stay one step ahead.

Whether you’re involved in the day-to-day of IT operations, or an executive trying to safeguard your company’s data and reputation, you should join CSC expert Mark Flegg and Verisign’s Rohit Kinra for a timely discussion on:

Current threat trends
Different attack vectors (portal versus infrastructure)
Portal protection and what to look for—including two-factor authentication, CSC MultiLock, and anti-phishing
DNS—build or buy?—including discussion on the cost of each, and DNS slaving as an option

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Securing Your Digital Assets Against Hijacking, Phishing, and DDoS Attacks

  1. 1. Securing your digital assets against hijacking, phishing, and DDoS attacks Mark Flegg, Product Director, Domains and Security, CSC Rohit Kinra, Director of Product Technology, Verisign Inc. March 15, 2017
  2. 2. What’s in a Digital Brand? 2 Digital Assets DNSMobile apps Social media handles Digital certificates Email Domain names
  3. 3. Digital Brand – Cyber Threats Digital Assets Cyber Criminals Hacktivists DDoS attacks Malware Phishing SQL injection Social hijacking Domain hijacking
  4. 4. Motivations Behind Attacks 76.5% 17.6% 5.9% Cyber crime Hacktivism Cyber espionage Proprietary and Confidential 4 DDoS ATTACKS Cyber Criminals “Hacktivists” MALWARE & RANSOMWARE PHISHING SQL INJECTION SOCIAL HIJACKING DOMAIN HIJACKING
  5. 5. Digital Brand – Cyber Threats Digital Assets Cyber Criminals Hacktivists DDoS attacks Malware Phishing SQL injection Social hijacking Domain hijacking
  6. 6. Proprietary and Confidential 6 Potential Threats: • Domain Hijacking o DNS Hijacking  Domain Shadowing Domains Securing Access to Your Digital Assets WWW.
  7. 7. Domain and DNS Hijacking Proprietary and Confidential 7
  8. 8. Proprietary and Confidential 8 October 2016
  9. 9. Threat: Domain Shadowing Proprietary and Confidential 9
  10. 10. Proprietary and Confidential 10 Potential Threats: • Poor Management o Malware  Espionage SSL Certificates Securing Access to Your Digital Assets
  11. 11. Proprietary and Confidential 11 SSL Risks: Expired Certificates
  12. 12. Proprietary and Confidential 12 SSL Risks: Expired Certificates
  13. 13. Proprietary and Confidential 13 Expired Certificates Examples
  14. 14. Proprietary and Confidential 14 “The average Global 5,000 company spends about $15 million to recover from the loss of business due to a certificate outage—and faces another $25 million in potential compliance impact.” Expired Certificates: Impact
  15. 15. Proprietary and Confidential 15 Social Media Handles Potential Threats: • Social Hijacking Securing Access to Your Digital Assets
  16. 16. Proprietary and Confidential 16 Examples: Social Media Hacking and Hijacking
  17. 17. Proprietary and Confidential 17 Digital Asset Management: • Corporate registrar • Consolidate all digital assets Secure Portal Access: • IP validation • Two-factor authentication Securing Access to Your Digital Assets
  18. 18. Proprietary and Confidential 18 Secure User Management: • Core account • Access rights • Requestor/approver • Federated identity Security Conscious Culture: • Customer Service Request Validation Training • Phishing Awareness Training Securing Access to Your Digital Assets
  19. 19. Proprietary and Confidential 19 CSC’s MultiLock: • Registrar lock • Registry lock Securing Access to Your Digital Assets
  20. 20. Application Downtime Affects…. Online Revenue Reputation and Brand Service and Information Delivery Productivity and Communications Supply Chain
  21. 21. More to Protect By 2017, 80% of workload will be in cloud data centers* Source: Cisco Global Cloud Index 2014-2019*, http://bit.ly/1rcw6VD
  22. 22. Increased Attack Surfaces 82% of enterprises have a multi- cloud strategy* Source: Rightscale 2015 State of Cloud Survey*, http://bit.ly/2c8xdFN
  23. 23. How Easy is it to “DDoS” Someone? The increasing availability of DDoS-for-hire service Some can be hired for less than $5 US an hour* DDoS-for-hire capabilities have advanced in both success and popularity http://www.informationsecuritybuzz.com/articles/ddos-hire-interfering-business-5/, Retrieved Aug. 25, 2016
  24. 24. Bad Guys Likely Have More Bandwidth Than You! Sources: http://thehackernews.com/2016/09/ddos-attack-iot.html http://www.eweek.com/security/weak-device-security-turns-iot-into-powerful-weapon-in-ddos-attacks.html
  25. 25. DDoS Attacks Are On The Rise Source: Verisign Customer Mitigation Data Q4 2016 DDoS attacks are more widespread across various industries
  26. 26. Source: Verisign Customer Mitigation Data Q4 2016 52% of DDoS attacks peaked over 5 GB or more
  27. 27. DDoS Attackers Are Using Multiple Methods Source: Verisign Customer Mitigation Data Q4 2016 65% of DDoS attacks use 3 OR MORE attack methods
  28. 28. Why Protect DNS DNS is a mission-critical component of the Internet Ensure users can reach you during an attack Block threats upstream
  29. 29. Build or Buy?
  30. 30. Secondary DNS Slaving Slave (CSC NS)Master (Customer NS) Phase Customer edits zone file via own UI NOTIFY Request received Publish Zone Info on Primary NS & send NOTIFY command to secondary NS Request zone data from Primary NS PRIMARY NS Zone data received Publish zone data on Secondary DNS
  31. 31. Key Recommendations Proprietary and Confidential 31 • Consolidate Digital Asset Providers • Secure Portal Access with 2FA & IP validation • Secure User Management rights • Specifically for domains utilise MultiLock • Chose the best DNS infrastructure (outsource or secondary) • Adopt DNSSEC • DDoS mitigation is essential • Chose a provider with a Security- conscious Culture • Create a Security-conscious Culture internally
  32. 32. Questions?
  33. 33. Contact Us Mark Flegg CSC Rohit Kinra Verisign Product Director, Domains & Security PH. 1 800-927-9801 x 65647 mark.flegg@cscglobal.com www.cscdigitalbrand.services Director of Product Technology PH. +1 703-948-4048 rkinra@verisign.com www.verisign.com

×