SlideShare a Scribd company logo

Guillaume Lovet. Kibernetinių nusikaltimų daugėja: grėsmių įmonėms analizė

Download as PPT, PDF
TEO LT, AB
TEO LT, AB

Kokį pavojų kibernetiniai nusikaltimai kelia verslui? Kaip užkirsti jiems kelią? Pranešimo autorius – Guillaume Lovet, įmonės „Fortinet“ grėsmių tyrimų centro vadovas, garsus kibernetinių nusikaltimų ekspertas ir tyrėjas (Prancūzija) Pranešimas skaitytas konferencijoje – INFORMACINIŲ SISTEMŲ SAUGUMAS, vykusioje 2013 m. balandžio 11d., skirtoje valstybės institucijų ir valstybinės reikšmės organizacijoms.

TechnologyNews & Politics
1 of 29
Cyber Threats Targetting Enterprises & Organizations Guillaume Lovet 3 Times BlackHat Speaker Pwnie Award Nominee M.S. Georgia Tech Sr. Manager FortiGuard Fortinet Confidential
Agenda Attack consequences Attack consequences for the enterprise for the enterprise Forms of attacks Forms of attacks Defense Defense
Agenda Attack consequences Attack consequences for the enterprise for the enterprise Forms of attacks Forms of attacks Defense Defense
Risks: What you don't want to happen •Denial of Service (DoS) attack •Data Theft •Destruction •Loss of Reputation CONFIDENTIAL
Risks: What you don't want to happen • Denial of Service (DoS) attack From outside, by a Botnet / Zombie network (Example?) From inside, on purpose or not (eg: Conficker Worm) • Data Theft • Destruction • Loss of Reputation CONFIDENTIAL
Risks: What you don't want to happen • Denial of Service (DoS) attack • Data Theft Customer data (Example?) Intellectual Property Corporate Info (incl. banking credentials) • Destruction • Loss of Reputation CONFIDENTIAL
Risks: What you don't want to happen • Denial of Service (DoS) attack • Data Theft • Destruction Data Computer systems Physical/Industrial systems (Example?) • Loss of Reputation CONFIDENTIAL
Risks: What you don't want to happen • Denial of Service (DoS) attack • Data Theft • Destruction • Loss of Reputation Often a consequence of the above Top risk identified by UK companies (Aon Ltd, 2005) Adds up to the rest. Example: $318/rec in 2010 (Ponemon) CONFIDENTIAL
Loss of Reputation: Heartland Breach CONFIDENTIAL
The other side of the Mirror: Attackers’ Motivation •Financial Pay or I DdoS you! (eBay, Amazon...) Selling stolen data (Heartland, Sony PSN?) •Competitive Industrial Spying (“Israeli Trojan”) •Political / Hacktivism Espionnage (Ghostnet, Quai D'Orsay, Operation Aurora) Retaliation (Paypal, Master Card, Visa, Sony PSN?) •Military DDoS (Russia / Georgia) Seek & Destroy Worm (Stuxnet) CONFIDENTIAL
Agenda Attack consequences Attack consequences for the enterprise for the enterprise Forms of attacks Forms of attacks Defense Defense
Information System Penetration • Via stolen credentials (Phishing / Social Engineering / Insider) • Via Exploitation of flaws • Via Infection: Trojan Horses / Bots / Worms CONFIDENTIAL
Multiple Infection Vectors •E-Mail & IM •Web Sites •Social Networks •Physical Infection Vectors CONFIDENTIAL
Multiple Infection Vectors • E-Mail & IM Attachments: executable, archives AND documents Links • Web Sites • Social Networks • Physical Infection Vectors CONFIDENTIAL
Targeted attacks against Tibetan communities: Email infection
Multiple Infection Vectors • E-Mail & IM • Web Sites  60% of bot infections: “Drive-By Install” (Enisa) “Packs” available for purchase on the underground market • Social Networks • Physical Infection Vectors CONFIDENTIAL
CONFIDENTIAL
Multiple Infection Vectors • E-Mail & IM • Web Sites • Social Networks Intelligence source for targeted attacks Worms (eg: Koobface) • Physical Infection Vectors CONFIDENTIAL
CONFIDENTIAL
CONFIDENTIAL
CONFIDENTIAL
Multiple Infection Vectors • E-Mail & IM • Web Sites • Social Networks • Physical Infection Vectors Laptops USB Keys CDs CONFIDENTIAL
Agenda Attack consequences Attack consequences for the enterprise for the enterprise Forms of attacks Forms of attacks Defense Defense
Key Elements to Modern Defense You need AV, IPS, AS, WCF Above all, you need them altogether And most importantly, you need them working altogether Goal: when facing a threat, be able to tackle it from different angles => Intelligent Redundancy CONFIDENTIAL
Two Examples of Enhanced Security by Intelligent Redundancy Phishing • Phish Letter blocked by AS • If not, blocked by AV • If not, Phish Site blocked by WCF Backdoor / Bot • Binary blocked by AV • If not, access to C & C blocked by IPS • If not, by WCF => The bot cannot “phone home” CONFIDENTIAL
Guillaume Lovet. Kibernetinių nusikaltimų daugėja: grėsmių įmonėms analizė

Recommended

Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksMichael Davis
 
Trends in Web Attacks
Trends in Web AttacksTrends in Web Attacks
Trends in Web AttacksIWMW
 
The Nasty of Computers
The Nasty of ComputersThe Nasty of Computers
The Nasty of ComputersGronHatchat
 
The Computer Virus-Interactive
The Computer Virus-InteractiveThe Computer Virus-Interactive
The Computer Virus-InteractiveGronHatchat
 
Border crossing mobile social media life-saving security tips
Border crossing mobile social media life-saving security tipsBorder crossing mobile social media life-saving security tips
Border crossing mobile social media life-saving security tipsErnest Staats
 
Finish Your Year Strong
Finish Your Year StrongFinish Your Year Strong
Finish Your Year StrongDebra Trappen
 
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011Ben Woelk, CISSP, CPTC
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamMohammed Adam
 

Recommended

Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksMichael Davis
 
Trends in Web Attacks
Trends in Web AttacksTrends in Web Attacks
Trends in Web AttacksIWMW
 
The Nasty of Computers
The Nasty of ComputersThe Nasty of Computers
The Nasty of ComputersGronHatchat
 
The Computer Virus-Interactive
The Computer Virus-InteractiveThe Computer Virus-Interactive
The Computer Virus-InteractiveGronHatchat
 
Border crossing mobile social media life-saving security tips
Border crossing mobile social media life-saving security tipsBorder crossing mobile social media life-saving security tips
Border crossing mobile social media life-saving security tipsErnest Staats
 
Finish Your Year Strong
Finish Your Year StrongFinish Your Year Strong
Finish Your Year StrongDebra Trappen
 
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011Ben Woelk, CISSP, CPTC
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamMohammed Adam
 
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011Ben Woelk, CISSP, CPTC
 
Appsec2013 presentation
Appsec2013 presentationAppsec2013 presentation
Appsec2013 presentationdrewz lin
 
Mobile phone Data Hacking
Mobile phone Data HackingMobile phone Data Hacking
Mobile phone Data HackingMd Abu Syeem Dipu
 
Resist Doxing & Take Back Your Online Privacy
Resist Doxing & Take Back Your Online PrivacyResist Doxing & Take Back Your Online Privacy
Resist Doxing & Take Back Your Online PrivacyKit O'Connell
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteAngelito Quiambao
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media SecurityDel Belcher
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Mohammed Adam
 
Take Back Your Online Privacy: Simple Computer Security
Take Back Your Online Privacy: Simple Computer SecurityTake Back Your Online Privacy: Simple Computer Security
Take Back Your Online Privacy: Simple Computer SecurityKit O'Connell
 
John locke-word camp-sacramento-2015
John locke-word camp-sacramento-2015John locke-word camp-sacramento-2015
John locke-word camp-sacramento-2015John Locke
 
Keep your Kids Safe Online
Keep your Kids Safe OnlineKeep your Kids Safe Online
Keep your Kids Safe Online_chimes_
 
Module 2 threats-b
Module 2 threats-bModule 2 threats-b
Module 2 threats-bBbAOC
 
Computer Security and Ethics
Computer Security and EthicsComputer Security and Ethics
Computer Security and EthicsMohsin Riaz
 
Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicTjylen Veselyj
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1Abdelfatah hegazy
 
Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02
Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02
Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02Mark Evertz
 
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...Egyptian Engineers Association
 
Crontab Cyber Security session 4
Crontab Cyber Security session 4Crontab Cyber Security session 4
Crontab Cyber Security session 4gpioa
 
Cyber security ppt final
Cyber security ppt finalCyber security ppt final
Cyber security ppt finalSanishShrestha2
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of nortonwacko07
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of nortonspkiely
 
Cyber security
Cyber securityCyber security
Cyber securitySabir Raja
 
Invited Talk - Cyber Security and Open Source
Invited Talk - Cyber Security and Open SourceInvited Talk - Cyber Security and Open Source
Invited Talk - Cyber Security and Open Sourcehack33
 

More Related Content

What's hot

Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011Ben Woelk, CISSP, CPTC
 
Appsec2013 presentation
Appsec2013 presentationAppsec2013 presentation
Appsec2013 presentationdrewz lin
 
Resist Doxing & Take Back Your Online Privacy
Resist Doxing & Take Back Your Online PrivacyResist Doxing & Take Back Your Online Privacy
Resist Doxing & Take Back Your Online PrivacyKit O'Connell
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteAngelito Quiambao
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media SecurityDel Belcher
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Mohammed Adam
 
Take Back Your Online Privacy: Simple Computer Security
Take Back Your Online Privacy: Simple Computer SecurityTake Back Your Online Privacy: Simple Computer Security
Take Back Your Online Privacy: Simple Computer SecurityKit O'Connell
 
John locke-word camp-sacramento-2015
John locke-word camp-sacramento-2015John locke-word camp-sacramento-2015
John locke-word camp-sacramento-2015John Locke
 
Keep your Kids Safe Online
Keep your Kids Safe OnlineKeep your Kids Safe Online
Keep your Kids Safe Online_chimes_
 

What's hot (10)

Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
 
Appsec2013 presentation
Appsec2013 presentationAppsec2013 presentation
Appsec2013 presentation
 
Mobile phone Data Hacking
Mobile phone Data HackingMobile phone Data Hacking
Mobile phone Data Hacking
 
Resist Doxing & Take Back Your Online Privacy
Resist Doxing & Take Back Your Online PrivacyResist Doxing & Take Back Your Online Privacy
Resist Doxing & Take Back Your Online Privacy
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquette
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media Security
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2
 
Take Back Your Online Privacy: Simple Computer Security
Take Back Your Online Privacy: Simple Computer SecurityTake Back Your Online Privacy: Simple Computer Security
Take Back Your Online Privacy: Simple Computer Security
 
John locke-word camp-sacramento-2015
John locke-word camp-sacramento-2015John locke-word camp-sacramento-2015
John locke-word camp-sacramento-2015
 
Keep your Kids Safe Online
Keep your Kids Safe OnlineKeep your Kids Safe Online
Keep your Kids Safe Online
 

Similar to Guillaume Lovet. Kibernetinių nusikaltimų daugėja: grėsmių įmonėms analizė

Module 2 threats-b
Module 2 threats-bModule 2 threats-b
Module 2 threats-bBbAOC
 
Computer Security and Ethics
Computer Security and EthicsComputer Security and Ethics
Computer Security and EthicsMohsin Riaz
 
Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicTjylen Veselyj
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1Abdelfatah hegazy
 
Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02
Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02
Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02Mark Evertz
 
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...Egyptian Engineers Association
 
Crontab Cyber Security session 4
Crontab Cyber Security session 4Crontab Cyber Security session 4
Crontab Cyber Security session 4gpioa
 
Cyber security ppt final
Cyber security ppt finalCyber security ppt final
Cyber security ppt finalSanishShrestha2
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of nortonwacko07
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of nortonspkiely
 
Cyber security
Cyber securityCyber security
Cyber securitySabir Raja
 
Invited Talk - Cyber Security and Open Source
Invited Talk - Cyber Security and Open SourceInvited Talk - Cyber Security and Open Source
Invited Talk - Cyber Security and Open Sourcehack33
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesMaxime ALAY-EDDINE
 
Cyber security
Cyber security Cyber security
Cyber security ZwebaButt
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An IntroductionJayaseelan Vejayon
 
Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365AntonioMaio2
 

Similar to Guillaume Lovet. Kibernetinių nusikaltimų daugėja: grėsmių įmonėms analizė (20)

Module 2 threats-b
Module 2 threats-bModule 2 threats-b
Module 2 threats-b
 
Computer Security and Ethics
Computer Security and EthicsComputer Security and Ethics
Computer Security and Ethics
 
Mobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final PublicMobilination Ntymoshyk Personal Mobile Security Final Public
Mobilination Ntymoshyk Personal Mobile Security Final Public
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
 
Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02
Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02
Cyberjutitsu101coleevertzfinal 1296250763392-phpapp02
 
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
م.50-مبادرة#تواصل_تطوير-م.أشرف صلاح الدين إبراهيم-كيف تبقى آمناً وتحمى معلوما...
 
Crontab Cyber Security session 4
Crontab Cyber Security session 4Crontab Cyber Security session 4
Crontab Cyber Security session 4
 
Cyber security ppt final
Cyber security ppt finalCyber security ppt final
Cyber security ppt final
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of norton
 
Stop in the name of norton
Stop in the name of nortonStop in the name of norton
Stop in the name of norton
 
Cyber security
Cyber securityCyber security
Cyber security
 
Invited Talk - Cyber Security and Open Source
Invited Talk - Cyber Security and Open SourceInvited Talk - Cyber Security and Open Source
Invited Talk - Cyber Security and Open Source
 
pp.pptx
pp.pptxpp.pptx
pp.pptx
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best Practices
 
All about Hacking
All about HackingAll about Hacking
All about Hacking
 
Cyber security
Cyber security Cyber security
Cyber security
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An Introduction
 
Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365Learn how to protect against and recover from data breaches in Office 365
Learn how to protect against and recover from data breaches in Office 365
 
Network security
Network securityNetwork security
Network security
 

More from TEO LT, AB

K. Šliužas at "CEO meets investors" 2014
K. Šliužas at "CEO meets investors" 2014K. Šliužas at "CEO meets investors" 2014
K. Šliužas at "CEO meets investors" 2014TEO LT, AB
 
Kibernetinis saugumas: iššūkiai, atakų tipai bei telekomunikacijų operatoriau...
Kibernetinis saugumas: iššūkiai, atakų tipai bei telekomunikacijų operatoriau...Kibernetinis saugumas: iššūkiai, atakų tipai bei telekomunikacijų operatoriau...
Kibernetinis saugumas: iššūkiai, atakų tipai bei telekomunikacijų operatoriau...TEO LT, AB
 
TEO atsinaujina: Televizijos GALA ir interneto ZEBRA paslaugos bus teikiamos ...
TEO atsinaujina: Televizijos GALA ir interneto ZEBRA paslaugos bus teikiamos ...TEO atsinaujina: Televizijos GALA ir interneto ZEBRA paslaugos bus teikiamos ...
TEO atsinaujina: Televizijos GALA ir interneto ZEBRA paslaugos bus teikiamos ...TEO LT, AB
 
TEO generalinis direktorius Kęstutis Šliužas apie naują TEO veiklos kryptį
TEO generalinis direktorius Kęstutis Šliužas apie naują TEO veiklos kryptįTEO generalinis direktorius Kęstutis Šliužas apie naują TEO veiklos kryptį
TEO generalinis direktorius Kęstutis Šliužas apie naują TEO veiklos kryptįTEO LT, AB
 
Televizijos ateitis. Šiandien
Televizijos ateitis. ŠiandienTelevizijos ateitis. Šiandien
Televizijos ateitis. ŠiandienTEO LT, AB
 
TEO Wi-Fi strategy including offering Wi-Fi for schools
TEO Wi-Fi strategy including offering Wi-Fi for schoolsTEO Wi-Fi strategy including offering Wi-Fi for schools
TEO Wi-Fi strategy including offering Wi-Fi for schoolsTEO LT, AB
 
Saugi ir išmani mokykla
Saugi ir išmani mokyklaSaugi ir išmani mokykla
Saugi ir išmani mokyklaTEO LT, AB
 
Wi-Fi Lietuvos mokyklose
Wi-Fi Lietuvos mokykloseWi-Fi Lietuvos mokyklose
Wi-Fi Lietuvos mokykloseTEO LT, AB
 
How telecommunications are changing the world and themselves
How telecommunications are changing the world and themselvesHow telecommunications are changing the world and themselves
How telecommunications are changing the world and themselvesTEO LT, AB
 
Kompiuterių istorija vaikams
Kompiuterių istorija vaikamsKompiuterių istorija vaikams
Kompiuterių istorija vaikamsTEO LT, AB
 
Provisioning business services on IMS
Provisioning business services on IMSProvisioning business services on IMS
Provisioning business services on IMSTEO LT, AB
 
Nerijus Ivanauskas. Ką ir kaip žiūrėsime rytoj?
Nerijus Ivanauskas. Ką ir kaip žiūrėsime rytoj?Nerijus Ivanauskas. Ką ir kaip žiūrėsime rytoj?
Nerijus Ivanauskas. Ką ir kaip žiūrėsime rytoj?TEO LT, AB
 
Lietuvos įmonių IT saugumo tyrimas. 2013 04 11
Lietuvos įmonių IT saugumo tyrimas. 2013 04 11Lietuvos įmonių IT saugumo tyrimas. 2013 04 11
Lietuvos įmonių IT saugumo tyrimas. 2013 04 11TEO LT, AB
 
Vytautas Bučinskas. Šalies kibernetinis saugumas – didžiausio Lietuvos teleko...
Vytautas Bučinskas. Šalies kibernetinis saugumas – didžiausio Lietuvos teleko...Vytautas Bučinskas. Šalies kibernetinis saugumas – didžiausio Lietuvos teleko...
Vytautas Bučinskas. Šalies kibernetinis saugumas – didžiausio Lietuvos teleko...TEO LT, AB
 
Mehis Hakkaja. Kaip gali būti įsilaužta į Jūsų kompiuterį?
Mehis Hakkaja. Kaip gali būti įsilaužta į Jūsų kompiuterį?Mehis Hakkaja. Kaip gali būti įsilaužta į Jūsų kompiuterį?
Mehis Hakkaja. Kaip gali būti įsilaužta į Jūsų kompiuterį?TEO LT, AB
 
Aleksandras Samuchovas. Praktiniai veiklos tęstinumo valdymo aspektai
Aleksandras Samuchovas. Praktiniai veiklos tęstinumo valdymo aspektaiAleksandras Samuchovas. Praktiniai veiklos tęstinumo valdymo aspektai
Aleksandras Samuchovas. Praktiniai veiklos tęstinumo valdymo aspektaiTEO LT, AB
 
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsRainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsTEO LT, AB
 
Dr. Rytis Rainys. Interneto saugumo valdymas Lietuvoje tinklų infrastruktūros...
Dr. Rytis Rainys. Interneto saugumo valdymas Lietuvoje tinklų infrastruktūros...Dr. Rytis Rainys. Interneto saugumo valdymas Lietuvoje tinklų infrastruktūros...
Dr. Rytis Rainys. Interneto saugumo valdymas Lietuvoje tinklų infrastruktūros...TEO LT, AB
 
Gintaras Čiurlionis. Kibernetinės erdvės iššūkiai Lietuvoje – teisiniai, inst...
Gintaras Čiurlionis. Kibernetinės erdvės iššūkiai Lietuvoje – teisiniai, inst...Gintaras Čiurlionis. Kibernetinės erdvės iššūkiai Lietuvoje – teisiniai, inst...
Gintaras Čiurlionis. Kibernetinės erdvės iššūkiai Lietuvoje – teisiniai, inst...TEO LT, AB
 
Dr. Uwe Jendricke. Kibernetinis saugumas Vokietijos Federacinėje Respublikoje...
Dr. Uwe Jendricke. Kibernetinis saugumas Vokietijos Federacinėje Respublikoje...Dr. Uwe Jendricke. Kibernetinis saugumas Vokietijos Federacinėje Respublikoje...
Dr. Uwe Jendricke. Kibernetinis saugumas Vokietijos Federacinėje Respublikoje...TEO LT, AB
 

More from TEO LT, AB (20)

K. Šliužas at "CEO meets investors" 2014
K. Šliužas at "CEO meets investors" 2014K. Šliužas at "CEO meets investors" 2014
K. Šliužas at "CEO meets investors" 2014
 
Kibernetinis saugumas: iššūkiai, atakų tipai bei telekomunikacijų operatoriau...
Kibernetinis saugumas: iššūkiai, atakų tipai bei telekomunikacijų operatoriau...Kibernetinis saugumas: iššūkiai, atakų tipai bei telekomunikacijų operatoriau...
Kibernetinis saugumas: iššūkiai, atakų tipai bei telekomunikacijų operatoriau...
 
TEO atsinaujina: Televizijos GALA ir interneto ZEBRA paslaugos bus teikiamos ...
TEO atsinaujina: Televizijos GALA ir interneto ZEBRA paslaugos bus teikiamos ...TEO atsinaujina: Televizijos GALA ir interneto ZEBRA paslaugos bus teikiamos ...
TEO atsinaujina: Televizijos GALA ir interneto ZEBRA paslaugos bus teikiamos ...
 
TEO generalinis direktorius Kęstutis Šliužas apie naują TEO veiklos kryptį
TEO generalinis direktorius Kęstutis Šliužas apie naują TEO veiklos kryptįTEO generalinis direktorius Kęstutis Šliužas apie naują TEO veiklos kryptį
TEO generalinis direktorius Kęstutis Šliužas apie naują TEO veiklos kryptį
 
Televizijos ateitis. Šiandien
Televizijos ateitis. ŠiandienTelevizijos ateitis. Šiandien
Televizijos ateitis. Šiandien
 
TEO Wi-Fi strategy including offering Wi-Fi for schools
TEO Wi-Fi strategy including offering Wi-Fi for schoolsTEO Wi-Fi strategy including offering Wi-Fi for schools
TEO Wi-Fi strategy including offering Wi-Fi for schools
 
Saugi ir išmani mokykla
Saugi ir išmani mokyklaSaugi ir išmani mokykla
Saugi ir išmani mokykla
 
Wi-Fi Lietuvos mokyklose
Wi-Fi Lietuvos mokykloseWi-Fi Lietuvos mokyklose
Wi-Fi Lietuvos mokyklose
 
How telecommunications are changing the world and themselves
How telecommunications are changing the world and themselvesHow telecommunications are changing the world and themselves
How telecommunications are changing the world and themselves
 
Kompiuterių istorija vaikams
Kompiuterių istorija vaikamsKompiuterių istorija vaikams
Kompiuterių istorija vaikams
 
Provisioning business services on IMS
Provisioning business services on IMSProvisioning business services on IMS
Provisioning business services on IMS
 
Nerijus Ivanauskas. Ką ir kaip žiūrėsime rytoj?
Nerijus Ivanauskas. Ką ir kaip žiūrėsime rytoj?Nerijus Ivanauskas. Ką ir kaip žiūrėsime rytoj?
Nerijus Ivanauskas. Ką ir kaip žiūrėsime rytoj?
 
Lietuvos įmonių IT saugumo tyrimas. 2013 04 11
Lietuvos įmonių IT saugumo tyrimas. 2013 04 11Lietuvos įmonių IT saugumo tyrimas. 2013 04 11
Lietuvos įmonių IT saugumo tyrimas. 2013 04 11
 
Vytautas Bučinskas. Šalies kibernetinis saugumas – didžiausio Lietuvos teleko...
Vytautas Bučinskas. Šalies kibernetinis saugumas – didžiausio Lietuvos teleko...Vytautas Bučinskas. Šalies kibernetinis saugumas – didžiausio Lietuvos teleko...
Vytautas Bučinskas. Šalies kibernetinis saugumas – didžiausio Lietuvos teleko...
 
Mehis Hakkaja. Kaip gali būti įsilaužta į Jūsų kompiuterį?
Mehis Hakkaja. Kaip gali būti įsilaužta į Jūsų kompiuterį?Mehis Hakkaja. Kaip gali būti įsilaužta į Jūsų kompiuterį?
Mehis Hakkaja. Kaip gali būti įsilaužta į Jūsų kompiuterį?
 
Aleksandras Samuchovas. Praktiniai veiklos tęstinumo valdymo aspektai
Aleksandras Samuchovas. Praktiniai veiklos tęstinumo valdymo aspektaiAleksandras Samuchovas. Praktiniai veiklos tęstinumo valdymo aspektai
Aleksandras Samuchovas. Praktiniai veiklos tęstinumo valdymo aspektai
 
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsRainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
 
Dr. Rytis Rainys. Interneto saugumo valdymas Lietuvoje tinklų infrastruktūros...
Dr. Rytis Rainys. Interneto saugumo valdymas Lietuvoje tinklų infrastruktūros...Dr. Rytis Rainys. Interneto saugumo valdymas Lietuvoje tinklų infrastruktūros...
Dr. Rytis Rainys. Interneto saugumo valdymas Lietuvoje tinklų infrastruktūros...
 
Gintaras Čiurlionis. Kibernetinės erdvės iššūkiai Lietuvoje – teisiniai, inst...
Gintaras Čiurlionis. Kibernetinės erdvės iššūkiai Lietuvoje – teisiniai, inst...Gintaras Čiurlionis. Kibernetinės erdvės iššūkiai Lietuvoje – teisiniai, inst...
Gintaras Čiurlionis. Kibernetinės erdvės iššūkiai Lietuvoje – teisiniai, inst...
 
Dr. Uwe Jendricke. Kibernetinis saugumas Vokietijos Federacinėje Respublikoje...
Dr. Uwe Jendricke. Kibernetinis saugumas Vokietijos Federacinėje Respublikoje...Dr. Uwe Jendricke. Kibernetinis saugumas Vokietijos Federacinėje Respublikoje...
Dr. Uwe Jendricke. Kibernetinis saugumas Vokietijos Federacinėje Respublikoje...
 

Recently uploaded

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Recently uploaded (20)

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Guillaume Lovet. Kibernetinių nusikaltimų daugėja: grėsmių įmonėms analizė

  • 1. Cyber Threats Targetting Enterprises & Organizations Guillaume Lovet 3 Times BlackHat Speaker Pwnie Award Nominee M.S. Georgia Tech Sr. Manager FortiGuard Fortinet Confidential
  • 2. Agenda Attack consequences Attack consequences for the enterprise for the enterprise Forms of attacks Forms of attacks Defense Defense
  • 3. Agenda Attack consequences Attack consequences for the enterprise for the enterprise Forms of attacks Forms of attacks Defense Defense
  • 4. Risks: What you don't want to happen •Denial of Service (DoS) attack •Data Theft •Destruction •Loss of Reputation CONFIDENTIAL
  • 5. Risks: What you don't want to happen • Denial of Service (DoS) attack From outside, by a Botnet / Zombie network (Example?) From inside, on purpose or not (eg: Conficker Worm) • Data Theft • Destruction • Loss of Reputation CONFIDENTIAL
  • 6. Risks: What you don't want to happen • Denial of Service (DoS) attack • Data Theft Customer data (Example?) Intellectual Property Corporate Info (incl. banking credentials) • Destruction • Loss of Reputation CONFIDENTIAL
  • 7. Risks: What you don't want to happen • Denial of Service (DoS) attack • Data Theft • Destruction Data Computer systems Physical/Industrial systems (Example?) • Loss of Reputation CONFIDENTIAL
  • 8. Risks: What you don't want to happen • Denial of Service (DoS) attack • Data Theft • Destruction • Loss of Reputation Often a consequence of the above Top risk identified by UK companies (Aon Ltd, 2005) Adds up to the rest. Example: $318/rec in 2010 (Ponemon) CONFIDENTIAL
  • 9. Loss of Reputation: Heartland Breach CONFIDENTIAL
  • 10. The other side of the Mirror: Attackers’ Motivation •Financial Pay or I DdoS you! (eBay, Amazon...) Selling stolen data (Heartland, Sony PSN?) •Competitive Industrial Spying (“Israeli Trojan”) •Political / Hacktivism Espionnage (Ghostnet, Quai D'Orsay, Operation Aurora) Retaliation (Paypal, Master Card, Visa, Sony PSN?) •Military DDoS (Russia / Georgia) Seek & Destroy Worm (Stuxnet) CONFIDENTIAL
  • 11. Agenda Attack consequences Attack consequences for the enterprise for the enterprise Forms of attacks Forms of attacks Defense Defense
  • 12. Information System Penetration • Via stolen credentials (Phishing / Social Engineering / Insider) • Via Exploitation of flaws • Via Infection: Trojan Horses / Bots / Worms CONFIDENTIAL
  • 13. Multiple Infection Vectors •E-Mail & IM •Web Sites •Social Networks •Physical Infection Vectors CONFIDENTIAL
  • 14. Multiple Infection Vectors • E-Mail & IM Attachments: executable, archives AND documents Links • Web Sites • Social Networks • Physical Infection Vectors CONFIDENTIAL
  • 15.
  • 16. Targeted attacks against Tibetan communities: Email infection
  • 17. Multiple Infection Vectors • E-Mail & IM • Web Sites  60% of bot infections: “Drive-By Install” (Enisa) “Packs” available for purchase on the underground market • Social Networks • Physical Infection Vectors CONFIDENTIAL
  • 19.
  • 20.
  • 21. Multiple Infection Vectors • E-Mail & IM • Web Sites • Social Networks Intelligence source for targeted attacks Worms (eg: Koobface) • Physical Infection Vectors CONFIDENTIAL
  • 25. Multiple Infection Vectors • E-Mail & IM • Web Sites • Social Networks • Physical Infection Vectors Laptops USB Keys CDs CONFIDENTIAL
  • 26. Agenda Attack consequences Attack consequences for the enterprise for the enterprise Forms of attacks Forms of attacks Defense Defense
  • 27. Key Elements to Modern Defense You need AV, IPS, AS, WCF Above all, you need them altogether And most importantly, you need them working altogether Goal: when facing a threat, be able to tackle it from different angles => Intelligent Redundancy CONFIDENTIAL
  • 28. Two Examples of Enhanced Security by Intelligent Redundancy Phishing • Phish Letter blocked by AS • If not, blocked by AV • If not, Phish Site blocked by WCF Backdoor / Bot • Binary blocked by AV • If not, access to C & C blocked by IPS • If not, by WCF => The bot cannot “phone home” CONFIDENTIAL