Credit card data theft is a common concern, but what about theft of your marketing data? This data is just as valuable to hackers and can be resold multiple times on the underground. Guard against potential security breaches by having a plan in place. Be prepared, not paranoid.
3. Malicious Actors
Rescator
Darklife.WS
Communication
Channels
Graberz.com
Lampeduza, LA
Odessa, Ukraine
Java Developer
Victims
Retail - Target
Retail – Home Depot
Retail – P.F. Changs
Retail – Sally Beauty
Harbour Freight
40Mil Debit & Credit Cards
Subtopic
53Mil Debit & Credit Cards
Subtopic
2008
One of Three Founders
Profile “Hel”
ICQ 643287365
ICQ 261333 - First Name: Alex | Last Name: Alex
HelKem_Skype
Motivations
Political
Attacked Russian site CIH.MS
during Ukrainian/Russian Conflict
Hacked CIH.MS
CIH.MS Returned Hack
& released Data
Profile, Pictures &
Communication
Channels
Online
Transactions
Kaddafi.HK
Octavian.SU
CPRO.SU
VOR.CC
Tupac.CC
Swipe.LU
Attack
Vectors
Original prior
to late 2013
SQL Injection
X-Site Script
Current Attack
Vectors
Subtopic
Sold 5.3Mil Credit Cards
151,720 Cards actually Sold
421,801 Expired before Sale
28% of the 151,720 Expired
while on Market for Sale
5. More and More
• Retail will continue to be a primary target
• E-Commerce POS exploits released
• The list 300 vulnerable medical devices will grow
• The first online paid contract murder to take place
• Healthcare and Retail to implement $$ into security programs
• Energy sector to continue to be under attack from state
sponsored and hacktivist groups
• Emergence of offense security teams
7. A Lot of Information in a Lot of Places
• Salesforce
• Google
• SurveyMonkey
• Customer databases
• Email
• POS software
• Servers
• Employee’s computers
8. Threats in the Cloud are Increasing
• Increase in attack frequency
• Traditional on-premises threats are moving
to the cloud
• Majority of cloud incidents were related to
web application attacks, brute force attacks,
and vulnerability scans
• Brute force attacks and vulnerability scans
are now occurring at near-equivalent rates in
both cloud and on-premises environments
• Malware/Botnet is increasing year over year
9. Challenges for Marketing Information
• Malicious employees
• Snooping, tweaking data for desired result, sabotage
• Non-malicious disasters or accidents
• Everything from a hurricane to a dead hard drive to a lost password
• Corporate espionage
• Costs industry 300 billion dollars annually
• Mimicking your company
• Phishing, hacktivists
• Stealing data to sell
• Credit card data, market profiles, customer information
11. Seven Best Practices of Cloud Security
1. Secure your data
2. Create access management policies
3. Adopt a patch management approach
4. Review logs regularly
5. Stay informed of the latest vulnerabilities that might affect you
6. Understand your cloud service providers security model
7. Understand the shared security responsibility
12. Organizations and Standards
• Protect Credit Card Data
• PCI DSS 3.0
• Protect Medical Data
• HiTECH, HIPAA
• Secure coding practices
• International groups working together
13. What Can You Do?
• Protect your data
• Work with reliable companies
• Create and protect backups
• Test recovery scenarios
• Run anti-malware
• Install patches
14. It Will Happen – Be Prepared!
• Create a response plan before you’re attacked
• Different approaches for different attacks
• Different levels of communication for different audiences
• What have you put in place?
Incident Occurrence refers to the percentage of customers experiencing a specific class of incident at least once during the study period, and provides a view of the probability of attack.
Incident Frequency refers to the average number of incidents of each type per impacted customer, providing an understanding of attacker persistence and tenacity.
Threat Diversity is the average number of unique incident types (of the six classes reviewed) encountered by impacted customers in each environment