SlideShare a Scribd company logo

TMT industry Threat Landscape

L
Loucif Kharouni

The technology media and telecommunications (TMT) industry is a highly visible industry vertical where remaining competitive and building a recognizable brand typically requires a significant digital footprint. Exposure to the masses through websites, social media, and advertising to drive sales takes precedence as businesses attempt to grow customers and revenue. However, this often comes with increased risk posed by vulnerabilities, misconfigurations, and externally facing infrastructure that remains overlooked and under-prioritized. The dynamic and fast-moving market in which TMT companies must innovate and adapt within often leaves security as an after-thought.

Technology
1 of 8
Technology, media, and telecommunications industry threat landscape Recent observations trends &Global Threat Assessment by Deloitte Global Cyber Threat Intelligence. Issue date: February 26th 2019 | TLP: WHITE | Industry: LSHC | Region: all | Serial: A- TR-EN-01-8886
Threat Landscape | Technology, Media, and Telecommunications Industry The Technology, Media, and Telecommunications (TMT) Industry is threatened by a variety of actors. Deloitte has observed three primary motives behind threat actor targeting and will explore five core industry threat events targeting the TMT Industry. Threat Actors Motives Core Threats Advanced Persistent Threats (APT) Cyber Criminals Hacktivists Financial Gain: TMT customer data, accounts, and software are lucrative assets that are bought, sold, and traded on underground markets. Intellectual Property (IP): Nation-states and competitors seeking to gain competitive advantages by stealing intellectual property. Geopolitical Agendas: State and non-state actors target news outlets and social media to spread misinformation and propaganda IP Theft Fraud & Account Compromise Technology Supply Chain Misinformation & Propaganda Black Market for Cracked Software 2 Execut i ve summary
Threat Landscape | Technology, Media, and Telecommunications Industry Observat i on 1 | I nt el l ect ual property t hef t Threat Actor Threat Motivator Lessons Learned Sensitive business processes, customer data, and IP that drive TMT revenue streams are valuable to cyber criminals, competitors, and nation states. The monetary value placed on this IP puts clients at high risk and potentially be crippling should IP were to be stolen or leaked. Nation states, cyber criminals, and competitors: TMT IP can be used to further a nation state or competitor’s economic agenda or sold for profit on criminal markets and forums. Financial and Economic Advantage: National states and competitors typically target TMT IP to support their own economic and technological advances. Cyber criminals often steal TMT IP in attempt to monetize stolen data on criminal markets and forums. Malware tools used by cyber criminals and nation states, such as Remote Access Trojans (RATs) and various other forms of information-stealing malware, pose a significant threat to TMT’s intellectual property and sensitive commercialized information. 3
Threat Landscape | Technology, Media, and Telecommunications Industry Threat Actor Threat Motivator Lessons Learned Threat actors commonly target TMT websites with digital skimming tools used to steal customer data as it is entered into forms. Account checkers are also commonly used to analyze stolen credentials for email providers, video streaming services, social networks, mobile, and telecommunications providers, and retailers. Cyber Criminals: The sale of account credentials and personally identifiable information (PII) is a lucrative business with hundreds of listings across criminal markets and forums. Financial Gain: Account checking and digital skimming tools enable threat actors to scale operations and continuously restock their inventory. As online shopping and TMT services become more popular the criminal community will almost certainly continue to seek opportunities to make profits by selling stolen account credentials and PII. 4 Observat i on 2 | Dat a t hef t & account compromi se
Threat Landscape | Technology, Media, and Telecommunications Industry Threat Actor Threat Motivator Lessons Learned Both firmware supply chain and software supply chain attacks have been used as infection vectors to launch large-scale attacks on the TMT industry in 2017 and 2018. Nation States and Cyber Criminals: The use of supply chain attacks as an entry vector is not limited to a specific threat actor type. However, in recent years, these types of attacks have been largely attributed to both nation states and cyber criminals. Widespread or Targeted Infection: Supply chain attacks allow the attackers to target a large number of downstream users and organizations with a single attack. Organizations should manage supply chain risk at each phase of an acquisitions lifecycle: initiation, development, configuration/deployment, operations/maintenance, and disposal. It is critical to develop strategy and policies to enforce the continuous patching and configuration audits to confirm that each information system is compliant with the organization's security baseline and standards. 5 Observat i on 3 | Suppl y chai n at t acks
Threat Landscape | Technology, Media, and Telecommunications Industry Threat Actor Threat Motivator Lessons Learned Media outlets are increasingly popular targets for threat actor groups that are operating with the goal of achieving a defined political agenda. Nation States and Hacktivists: Both have been known to target media organizations and journalists. Geopolitical Agenda: The targeting of media organizations can be used to spread propaganda and misinformation. The strategic objective is typically to manipulate public option or instill distrust in the opposition’s governing body. Attacks that pose a threat to the integrity of media outlet reporting can be a harbinger for substantial reputational harm. 6 Observat i on 4 | Mi si nf ormat i on & propaganda
Threat Landscape | Technology, Media, and Telecommunications Industry Threat Actor Threat Motivator Lessons Learned As software prices increase, so too does the black-market economy for cracked software. The market for cracked software extends across nearly all TMT verticals. Cyber Criminals: There has been flourishing marketplace for cracked software run by cyber criminals. Financial Gain: License keys required to unlock software products are cracked and sold on underground markets for profit. Threat actors commonly sell cracked computer games, office productivity software, graphic design software, various financial applications, and a multitude of other common home and business applications. On the more extreme end of this spectrum, numerous actors have distributed specialized industrial software including engineering and architectural design tools. 7 Observat i on 5 | Bl ack market f or cracked sof t ware
This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation. As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of our legal structure. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2019 Deloitte Development LLC. All rights reserved.

Recommended

Deception Technology Market – Overview of advancements in innovation 2025
Deception Technology Market – Overview of advancements in innovation 2025Deception Technology Market – Overview of advancements in innovation 2025
Deception Technology Market – Overview of advancements in innovation 2025Arushi00
 
Dealing Data Leaks: Creating Your Data Breach Response Plan
Dealing Data Leaks: Creating Your Data Breach Response PlanDealing Data Leaks: Creating Your Data Breach Response Plan
Dealing Data Leaks: Creating Your Data Breach Response Planbenefitexpress
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security ServicesRainer Mueller
 
IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016thinkASG
 
The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017Insights success media and technology pvt ltd
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexAndreanne Clarke
 
The digital economy and cybersecurity
The digital economy and cybersecurityThe digital economy and cybersecurity
The digital economy and cybersecurityMark Albala
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 

Recommended

Deception Technology Market – Overview of advancements in innovation 2025
Deception Technology Market – Overview of advancements in innovation 2025Deception Technology Market – Overview of advancements in innovation 2025
Deception Technology Market – Overview of advancements in innovation 2025Arushi00
 
Dealing Data Leaks: Creating Your Data Breach Response Plan
Dealing Data Leaks: Creating Your Data Breach Response PlanDealing Data Leaks: Creating Your Data Breach Response Plan
Dealing Data Leaks: Creating Your Data Breach Response Planbenefitexpress
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security ServicesRainer Mueller
 
IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016thinkASG
 
The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017Insights success media and technology pvt ltd
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexAndreanne Clarke
 
The digital economy and cybersecurity
The digital economy and cybersecurityThe digital economy and cybersecurity
The digital economy and cybersecurityMark Albala
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sDr Lendy Spires
 
The Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence ReportThe Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence ReportSimona Franciosi
 
Data Security Trends - Q4 2018 M&A Report
Data Security Trends - Q4 2018 M&A ReportData Security Trends - Q4 2018 M&A Report
Data Security Trends - Q4 2018 M&A ReportEvelyn Yannan Chen
 
Cybersecurity A Community Approach - 20151109
Cybersecurity A Community Approach - 20151109Cybersecurity A Community Approach - 20151109
Cybersecurity A Community Approach - 20151109Frank Backes
 
Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Mehrdad Jingoism
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcMert Akın
 
Importance of IP to U.S. Jobs and Economy
Importance of IP to U.S. Jobs and EconomyImportance of IP to U.S. Jobs and Economy
Importance of IP to U.S. Jobs and EconomyNationalAllianceForJobsAndInnovation
 
Gebm os presentation final
Gebm os presentation finalGebm os presentation final
Gebm os presentation finalsunnyjoshi88
 
Accenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threatsAccenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threatsLapman Lee ✔
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin OCTF Industry Engagement
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015ADISPO Asociación de directores de seguridad
 
Latin america cyber security market,symantec market share internet security,m...
Latin america cyber security market,symantec market share internet security,m...Latin america cyber security market,symantec market share internet security,m...
Latin america cyber security market,symantec market share internet security,m...Ashish Chauhan
 
wp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industrywp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industryNumaan Huq
 
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry Cyber Risk for Construction Industry
Cyber Risk for Construction Industry BrianHuntMSFCPACRISC
 
Cyber Crime is Wreaking Havoc
Cyber Crime is Wreaking HavocCyber Crime is Wreaking Havoc
Cyber Crime is Wreaking HavocHewlett Packard Enterprise Business Value Exchange
 
The challenges of Retail Security
The challenges of Retail SecurityThe challenges of Retail Security
The challenges of Retail SecurityIBM Software India
 
Open Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated CompaniesOpen Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated Companiesiasaglobal
 
Frauds in telecom sector
Frauds in telecom sectorFrauds in telecom sector
Frauds in telecom sectorsksahu099
 
Understanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in AsiaUnderstanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in AsiaTeam Finland Future Watch
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 

More Related Content

What's hot

WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sDr Lendy Spires
 
The Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence ReportThe Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence ReportSimona Franciosi
 
Data Security Trends - Q4 2018 M&A Report
Data Security Trends - Q4 2018 M&A ReportData Security Trends - Q4 2018 M&A Report
Data Security Trends - Q4 2018 M&A ReportEvelyn Yannan Chen
 
Cybersecurity A Community Approach - 20151109
Cybersecurity A Community Approach - 20151109Cybersecurity A Community Approach - 20151109
Cybersecurity A Community Approach - 20151109Frank Backes
 
Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Mehrdad Jingoism
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcMert Akın
 
Gebm os presentation final
Gebm os presentation finalGebm os presentation final
Gebm os presentation finalsunnyjoshi88
 
Accenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threatsAccenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threatsLapman Lee ✔
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin OCTF Industry Engagement
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
Latin america cyber security market,symantec market share internet security,m...
Latin america cyber security market,symantec market share internet security,m...Latin america cyber security market,symantec market share internet security,m...
Latin america cyber security market,symantec market share internet security,m...Ashish Chauhan
 
wp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industrywp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industryNumaan Huq
 
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry Cyber Risk for Construction Industry
Cyber Risk for Construction Industry BrianHuntMSFCPACRISC
 
The challenges of Retail Security
The challenges of Retail SecurityThe challenges of Retail Security
The challenges of Retail SecurityIBM Software India
 
Open Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated CompaniesOpen Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated Companiesiasaglobal
 
Frauds in telecom sector
Frauds in telecom sectorFrauds in telecom sector
Frauds in telecom sectorsksahu099
 

What's hot (20)

WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
 
The Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence ReportThe Executive's Guide to the 2016 Global Threat Intelligence Report
The Executive's Guide to the 2016 Global Threat Intelligence Report
 
Data Security Trends - Q4 2018 M&A Report
Data Security Trends - Q4 2018 M&A ReportData Security Trends - Q4 2018 M&A Report
Data Security Trends - Q4 2018 M&A Report
 
Cybersecurity A Community Approach - 20151109
Cybersecurity A Community Approach - 20151109Cybersecurity A Community Approach - 20151109
Cybersecurity A Community Approach - 20151109
 
Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications Ce hv8 module 13 hacking web applications
Ce hv8 module 13 hacking web applications
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwc
 
Importance of IP to U.S. Jobs and Economy
Importance of IP to U.S. Jobs and EconomyImportance of IP to U.S. Jobs and Economy
Importance of IP to U.S. Jobs and Economy
 
Gebm os presentation final
Gebm os presentation finalGebm os presentation final
Gebm os presentation final
 
Accenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threatsAccenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threats
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
 
Latin america cyber security market,symantec market share internet security,m...
Latin america cyber security market,symantec market share internet security,m...Latin america cyber security market,symantec market share internet security,m...
Latin america cyber security market,symantec market share internet security,m...
 
wp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industrywp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industry
 
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry Cyber Risk for Construction Industry
Cyber Risk for Construction Industry
 
Cyber Crime is Wreaking Havoc
Cyber Crime is Wreaking HavocCyber Crime is Wreaking Havoc
Cyber Crime is Wreaking Havoc
 
The challenges of Retail Security
The challenges of Retail SecurityThe challenges of Retail Security
The challenges of Retail Security
 
Open Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated CompaniesOpen Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated Companies
 
Frauds in telecom sector
Frauds in telecom sectorFrauds in telecom sector
Frauds in telecom sector
 

Similar to TMT industry Threat Landscape

Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
Satori Whitepaper: Threat Intelligence - a path to taming digital threats
Satori Whitepaper: Threat Intelligence - a path to taming digital threatsSatori Whitepaper: Threat Intelligence - a path to taming digital threats
Satori Whitepaper: Threat Intelligence - a path to taming digital threatsDean Evans
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enBankir_Ru
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligenceseadeloitte
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Forrester-Wave-Digital_Risk_Monitoring-Q3-2016
Forrester-Wave-Digital_Risk_Monitoring-Q3-2016Forrester-Wave-Digital_Risk_Monitoring-Q3-2016
Forrester-Wave-Digital_Risk_Monitoring-Q3-2016rsouthal2003
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 
Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Renub Research
 
Infosecurity magazine webinar v2
Infosecurity magazine webinar v2Infosecurity magazine webinar v2
Infosecurity magazine webinar v2Mark Skilton
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cyber Security Planning 101
Cyber Security Planning 101Cyber Security Planning 101
Cyber Security Planning 101Welch LLP
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 febmharbpavia
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselCasey Ellis
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counselbugcrowd
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...Casey Ellis
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurityMatthew Rosenquist
 
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketEMC
 
Combating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCombating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCognizant
 

Similar to TMT industry Threat Landscape (20)

Understanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in AsiaUnderstanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in Asia
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
 
Get Prepared
Get PreparedGet Prepared
Get Prepared
 
Satori Whitepaper: Threat Intelligence - a path to taming digital threats
Satori Whitepaper: Threat Intelligence - a path to taming digital threatsSatori Whitepaper: Threat Intelligence - a path to taming digital threats
Satori Whitepaper: Threat Intelligence - a path to taming digital threats
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_en
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012
 
Forrester-Wave-Digital_Risk_Monitoring-Q3-2016
Forrester-Wave-Digital_Risk_Monitoring-Q3-2016Forrester-Wave-Digital_Risk_Monitoring-Q3-2016
Forrester-Wave-Digital_Risk_Monitoring-Q3-2016
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028
 
Infosecurity magazine webinar v2
Infosecurity magazine webinar v2Infosecurity magazine webinar v2
Infosecurity magazine webinar v2
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Cyber Security Planning 101
Cyber Security Planning 101Cyber Security Planning 101
Cyber Security Planning 101
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 feb
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
 
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
 
Combating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCombating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced Analytics
 

Recently uploaded

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Recently uploaded (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

TMT industry Threat Landscape

  • 1. Technology, media, and telecommunications industry threat landscape Recent observations trends &Global Threat Assessment by Deloitte Global Cyber Threat Intelligence. Issue date: February 26th 2019 | TLP: WHITE | Industry: LSHC | Region: all | Serial: A- TR-EN-01-8886
  • 2. Threat Landscape | Technology, Media, and Telecommunications Industry The Technology, Media, and Telecommunications (TMT) Industry is threatened by a variety of actors. Deloitte has observed three primary motives behind threat actor targeting and will explore five core industry threat events targeting the TMT Industry. Threat Actors Motives Core Threats Advanced Persistent Threats (APT) Cyber Criminals Hacktivists Financial Gain: TMT customer data, accounts, and software are lucrative assets that are bought, sold, and traded on underground markets. Intellectual Property (IP): Nation-states and competitors seeking to gain competitive advantages by stealing intellectual property. Geopolitical Agendas: State and non-state actors target news outlets and social media to spread misinformation and propaganda IP Theft Fraud & Account Compromise Technology Supply Chain Misinformation & Propaganda Black Market for Cracked Software 2 Execut i ve summary
  • 3. Threat Landscape | Technology, Media, and Telecommunications Industry Observat i on 1 | I nt el l ect ual property t hef t Threat Actor Threat Motivator Lessons Learned Sensitive business processes, customer data, and IP that drive TMT revenue streams are valuable to cyber criminals, competitors, and nation states. The monetary value placed on this IP puts clients at high risk and potentially be crippling should IP were to be stolen or leaked. Nation states, cyber criminals, and competitors: TMT IP can be used to further a nation state or competitor’s economic agenda or sold for profit on criminal markets and forums. Financial and Economic Advantage: National states and competitors typically target TMT IP to support their own economic and technological advances. Cyber criminals often steal TMT IP in attempt to monetize stolen data on criminal markets and forums. Malware tools used by cyber criminals and nation states, such as Remote Access Trojans (RATs) and various other forms of information-stealing malware, pose a significant threat to TMT’s intellectual property and sensitive commercialized information. 3
  • 4. Threat Landscape | Technology, Media, and Telecommunications Industry Threat Actor Threat Motivator Lessons Learned Threat actors commonly target TMT websites with digital skimming tools used to steal customer data as it is entered into forms. Account checkers are also commonly used to analyze stolen credentials for email providers, video streaming services, social networks, mobile, and telecommunications providers, and retailers. Cyber Criminals: The sale of account credentials and personally identifiable information (PII) is a lucrative business with hundreds of listings across criminal markets and forums. Financial Gain: Account checking and digital skimming tools enable threat actors to scale operations and continuously restock their inventory. As online shopping and TMT services become more popular the criminal community will almost certainly continue to seek opportunities to make profits by selling stolen account credentials and PII. 4 Observat i on 2 | Dat a t hef t & account compromi se
  • 5. Threat Landscape | Technology, Media, and Telecommunications Industry Threat Actor Threat Motivator Lessons Learned Both firmware supply chain and software supply chain attacks have been used as infection vectors to launch large-scale attacks on the TMT industry in 2017 and 2018. Nation States and Cyber Criminals: The use of supply chain attacks as an entry vector is not limited to a specific threat actor type. However, in recent years, these types of attacks have been largely attributed to both nation states and cyber criminals. Widespread or Targeted Infection: Supply chain attacks allow the attackers to target a large number of downstream users and organizations with a single attack. Organizations should manage supply chain risk at each phase of an acquisitions lifecycle: initiation, development, configuration/deployment, operations/maintenance, and disposal. It is critical to develop strategy and policies to enforce the continuous patching and configuration audits to confirm that each information system is compliant with the organization's security baseline and standards. 5 Observat i on 3 | Suppl y chai n at t acks
  • 6. Threat Landscape | Technology, Media, and Telecommunications Industry Threat Actor Threat Motivator Lessons Learned Media outlets are increasingly popular targets for threat actor groups that are operating with the goal of achieving a defined political agenda. Nation States and Hacktivists: Both have been known to target media organizations and journalists. Geopolitical Agenda: The targeting of media organizations can be used to spread propaganda and misinformation. The strategic objective is typically to manipulate public option or instill distrust in the opposition’s governing body. Attacks that pose a threat to the integrity of media outlet reporting can be a harbinger for substantial reputational harm. 6 Observat i on 4 | Mi si nf ormat i on & propaganda
  • 7. Threat Landscape | Technology, Media, and Telecommunications Industry Threat Actor Threat Motivator Lessons Learned As software prices increase, so too does the black-market economy for cracked software. The market for cracked software extends across nearly all TMT verticals. Cyber Criminals: There has been flourishing marketplace for cracked software run by cyber criminals. Financial Gain: License keys required to unlock software products are cracked and sold on underground markets for profit. Threat actors commonly sell cracked computer games, office productivity software, graphic design software, various financial applications, and a multitude of other common home and business applications. On the more extreme end of this spectrum, numerous actors have distributed specialized industrial software including engineering and architectural design tools. 7 Observat i on 5 | Bl ack market f or cracked sof t ware
  • 8. This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation. As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of our legal structure. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2019 Deloitte Development LLC. All rights reserved.