Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Alexander Gostev. The Hunt for Red October.

804 views

Published on

Published in: Technology, Health & Medicine
  • Be the first to comment

  • Be the first to like this

Alexander Gostev. The Hunt for Red October.

  1. 1. Александр ГостевChief Security Expert, Global Research & Analysis Team
  2. 2. Nation states are driven by something else.Espionage. Sabotage. Cyberwar.Cybercriminals Money
  3. 3. 2009 – The Aurora OperationAttacked: Google, Adobe, Juniper, Yahoo,Morgan Stanley, Dow Chemical, etc…
  4. 4. 2010 – StuxnetFirst known Cyberweapon
  5. 5. 2011 – DuquSophisticated. Stealthy. Elusive.Nation state sponsored cyber-espionage.
  6. 6. 2012 – Flame
  7. 7. 2012 – GaussPurpose (payload): Unknown.
  8. 8. 2012 – miniFlame“Elvis” and his friends
  9. 9. 2013 – Red October
  10. 10. See: „Nassim Nicholas Taleb:The Black Swan‟The trend:number of „Black Swans‟ is growing
  11. 11. The 3 dangers of CyberwarIdeas and techniques fromcyberweapons can be re-purposed andcopied.Companies become collateral victimsin the cyberwar betweensuperpowers.Cybercriminals start usingweaponized exploits developed by orfor governments.
  12. 12. 2012 – ShamoonThe Cutting Sword of Justice
  13. 13. 30,000 machines wipedSaudi Aramco
  14. 14. Collateral Damage
  15. 15. Stuxnet incidents: 150k (KLstats)Primary Example
  16. 16. Our critical infrastructure is fragileCyberweapons are tamperedand used against innocent victims
  17. 17. What is CVE-2011-3402?Answer: the „Duqu‟ exploit13 Dec14 DecCommercialization of Exploits
  18. 18. They all have something in common:exploitsIT Staff: Biggest Nightmares
  19. 19. Against military grade weapons, youwant the best available defensetechnologies.Patch.Defense?Whitelist. DefaultDeny.Exploitprevention.0-daydefense.Realtimeprotection.Cloudprotection.Perimeter.Greenzone.Raise awareness.Accesscontrol.Education.
  20. 20. Thank You!

×