This document discusses common myths in cybersecurity and how they can lead organizations to become complacent and take unnecessary risks. It notes that many attacks are not actually new or advanced, but rather reuse older techniques. The myths are sometimes propagated by companies or individuals to serve their own interests or justify existing approaches. The document urges readers to challenge conventional wisdom, verify claims independently, and question hype, as relying on myths can leave organizations vulnerable.
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Emperor's Myths Lead to Complacency
1. The Emperor’s Old Clothes
Industry Myths Lead to Complacency & Risk
Grant Moerschel & Andreas Xenos
Cylance Solutions Team
2. Many
years
ago
there
was
an
Emperor
so
exceedingly
fond
of
new
clothes
that
he
spent
all
his
money
on
being
well
dressed.
One
day
two
swindlers
came
who
convinced
the
Emperor
their
fine
cloth
had
a
wonderful
way
of
becoming
invisible
to
anyone
who
was
unfit
for
his
office,
or
who
was
unusually
stupid.
Ul@mately
the
Emperor
paraded
through
the
streets
nude
for
all
the
world
to
see.
The
Emperor
is
DELUSIONAL,
knows
it,
and
does
not
care.
3. How…
Did
this
happen?
• The
Emperor
believed
what
he
was
told
without
checking
the
facts.
• He
was
full
of
pride
• He
surrounded
himself
with
“yes”
men
• In
the
end…
He knew he had been cheated
However, his pride got in the way
Nothing had changed.
5. Myths • 60%
of
compromises
do
not
use
malware.
• Preven@on
is
dead,
it
is
now
about
the
mean@me
to
remediate.
• There
is
always
going
to
be
a
pa@ent
zero
• The
more
layers,
the
beOer
your
protec@on.
• AOribu@on
is
cri@cal
• The
aOacks
coming
out
today
are
more
advanced
and
sophis@cated.
Sound
familiar?
6. The Truth
…nothing
is
new
• Buffer
overflows
and
ROP
have
been
around
for
30
years+
• Heap
sprays
are
just
glorified
buffer
overflows.
• Using
normal
func@onality
in
a
malicious
manner
is
nothing
new.
• Creden@al
stealing
• Hijacking
• Web
aOacks
• Database
aOacks
7. Noise
Intelligence
APT
Na@on
State
Sponsored
Threat
Landscape
Revolu@onary
Evolving
China
Eastern
European
Russia
Hack@vism
Espionage
Advanced
Malware
Enhanced
Visibility
Red
Light
District
Diskless
AOacks
8. Why… • Some
companies
propagate
myths
to
serve
their
own
agenda.
• Individuals
use
myths
to
protect
reputa@on,
rela@onships,
self
preserva@on,
etc.
• It’s
easier
to
“keep
doing
it
the
way
we
have
always
done
it.”
9. Headlines… • “The
malware
was
undetectable
by
industry
standard
an@virus
so_ware.”
• “The
scope
of
this
aOack
differs
from
any
we
have
responded
to
in
the
past…”
• “The
boOom
line
is
that
this
was
an
unparalleled
and
well
planned
crime,
carried
out
by
an
organized
group,
for
which
neither
[we]
nor
other
companies
could
have
been
fully
prepared.”
10. Breaking
News….
"this
change
[reduc@on]
in
customer
buying
paOerns
is
at
least
par@cularly
due
in
changes
in
the
threat
landscape
in
the
wake
of
the
global
cyber
security
agreements
we've
seen
with
China
that
is
making
headlines
since
September,…"
Business
is
down
right
now
because
our
government
asked
the
adversary
to
play
nice.
11. Takeaways • Trust,
but
verify
• Challenge
the
old
• Overcome
human
nature,
we
are
lazy.
• Encourage
openness
• Ques@on
the
hype
• Rehash
of
the
old
is
not
new.