Cyber terrorists are sophisticated, organized and disruptive to your business. How prepared are you? Explore the landscape of malicious actors most likely to strike your business and what you can do about it.
Two large corporations have been crippled by recent information security breaches. It may not be hard to quantify the losses in terms of lost revenue and profits but what will be hard to quantify are the losses to reputation. Cited as two of the most damaging cyber-attacks on corporate America, this presentation looks at what went wrong and what could have been done to prevent these situations.
The Best Online Security Service for
CIM – Central Management
Log Monitoring
Intrusion Detection Systems
Firewall Monitoring System
Host based IDSs
Vulnerability Scanning
Evidence Retention
CIM Intelligence
A must to see for all,......!!!
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
QQ, a Chinese chat service with hundreds of millions of active monthly users, contains numerous groups discussing hacking and fraud tools and techniques. These groups use a unique language to discuss illicit activities, including a mix of Chinese and English characters, emoticons and memes. Assessing data from hundreds of such groups, this case study aims to discuss insights about the tools and techniques being shared. An examination of file names, the content of some files, and the nature of discussions around sharing of the files sheds light on discussions around illicit online activity, identifying rules of engagement and cultural norms for this unique and relatively closed community of online actors.
Despite its widespread usage within China and its exposure to China's well-documented surveillance apparatus, QQ is still rife with discussions themed around illicit hacking behavior as QQ group members share a large number of fraud tools and techniques. This may suggest some degree of permissiveness or "turning a blind eye" on the part of Chinese authorities—who undoubtedly have an aperture into these group’s chat histories. At the same time, creative jargon and subtle communication about fraud schemes likely makes detection challenging as hacking services, malicious file sharing, and cybercrime remain rampant.
If last year’s presentation on the SANS 20 felt like more of a rant than a practical application of elite IT knowledge, Ian Trump’s technical track presentation is going to unleash GFI MAX as a security dashboard like nothing you have seen.
The Octopi team has leveraged network scanning and event log checks, and Ian takes the GFI MAX dashboard to a whole new level. MSP’s can take his code and research and immediately apply it to their practices to secure their customers from cyber threats. Dehydrated from the summer information security conferences, Ian will give you the threat intel you need to be on the lookout for in the months ahead.
Besides all the GFI MAX goodness, being part of a live demo to find APT, and seeing Ian link Human Rights, Market Research, Ice, Law, Iggy Azalea, War Ferrets, Christian Studies, Event Auditing, Security Tools, Taylor Swift and How we can all fix the cyber problem into one epic presentation – well, you don’t want to miss this.
The good, the bad and the ugly of the target data breachUlf Mattsson
The landscape of threats to sensitive data is rapidly changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to react properly to the shifts around them. What's needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
This webinar will cover:
Data security today, the landscape, etc.
Discuss a few recent studies and changing threat landscape
The Target breach and other recent breaches
The effects of new technologies on breaches
Shifting from reactive to proactive thinking
Preparing for future attacks with new techniques
Time is now changing faster, it was started with Green Revolution, White Revolution and now it’s time for Data Revolutions. It means Cyber War; in today’s world AI is replacing human beings. A research says that more than 80% work is depending upon AI. Due to this cyber crimes and threats are also increased.
Two large corporations have been crippled by recent information security breaches. It may not be hard to quantify the losses in terms of lost revenue and profits but what will be hard to quantify are the losses to reputation. Cited as two of the most damaging cyber-attacks on corporate America, this presentation looks at what went wrong and what could have been done to prevent these situations.
The Best Online Security Service for
CIM – Central Management
Log Monitoring
Intrusion Detection Systems
Firewall Monitoring System
Host based IDSs
Vulnerability Scanning
Evidence Retention
CIM Intelligence
A must to see for all,......!!!
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
QQ, a Chinese chat service with hundreds of millions of active monthly users, contains numerous groups discussing hacking and fraud tools and techniques. These groups use a unique language to discuss illicit activities, including a mix of Chinese and English characters, emoticons and memes. Assessing data from hundreds of such groups, this case study aims to discuss insights about the tools and techniques being shared. An examination of file names, the content of some files, and the nature of discussions around sharing of the files sheds light on discussions around illicit online activity, identifying rules of engagement and cultural norms for this unique and relatively closed community of online actors.
Despite its widespread usage within China and its exposure to China's well-documented surveillance apparatus, QQ is still rife with discussions themed around illicit hacking behavior as QQ group members share a large number of fraud tools and techniques. This may suggest some degree of permissiveness or "turning a blind eye" on the part of Chinese authorities—who undoubtedly have an aperture into these group’s chat histories. At the same time, creative jargon and subtle communication about fraud schemes likely makes detection challenging as hacking services, malicious file sharing, and cybercrime remain rampant.
If last year’s presentation on the SANS 20 felt like more of a rant than a practical application of elite IT knowledge, Ian Trump’s technical track presentation is going to unleash GFI MAX as a security dashboard like nothing you have seen.
The Octopi team has leveraged network scanning and event log checks, and Ian takes the GFI MAX dashboard to a whole new level. MSP’s can take his code and research and immediately apply it to their practices to secure their customers from cyber threats. Dehydrated from the summer information security conferences, Ian will give you the threat intel you need to be on the lookout for in the months ahead.
Besides all the GFI MAX goodness, being part of a live demo to find APT, and seeing Ian link Human Rights, Market Research, Ice, Law, Iggy Azalea, War Ferrets, Christian Studies, Event Auditing, Security Tools, Taylor Swift and How we can all fix the cyber problem into one epic presentation – well, you don’t want to miss this.
The good, the bad and the ugly of the target data breachUlf Mattsson
The landscape of threats to sensitive data is rapidly changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to react properly to the shifts around them. What's needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
This webinar will cover:
Data security today, the landscape, etc.
Discuss a few recent studies and changing threat landscape
The Target breach and other recent breaches
The effects of new technologies on breaches
Shifting from reactive to proactive thinking
Preparing for future attacks with new techniques
Time is now changing faster, it was started with Green Revolution, White Revolution and now it’s time for Data Revolutions. It means Cyber War; in today’s world AI is replacing human beings. A research says that more than 80% work is depending upon AI. Due to this cyber crimes and threats are also increased.
Verizon 2014 data breach investigation report and the target breachUlf Mattsson
The landscape of threats to sensitive data is changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to adapt to the shifts around them.
What’s needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
In this webinar, Protegrity CTO and data security thought leader Ulf Mattsson integrates new information from the Verizon 2014 Data Breach Investigation Report (DBIR) into his analysis on what is driving data breaches today, and how we can prevent them in the future.
KEY TOPICS INCLUDE:
• The changing threat landscape
• The effects of new technologies on breaches
• Analysis of recent breaches, including Target
• Compliance vs. security
• The importance of shifting from reactive to proactive thinking
• Preparing for future attacks with new technology & techniques
Data is big, data is valuable and data is trouble. In 2014, the Breach Level Index recorded that over one billion records had been breached, an increase of 78% over 2013. And 2015 is seeing similar levels – the first 2 quarters of the year each seeing a loss of almost 340 million records.
By United Security Providers
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftIntellias
While retailers keep opening new stores, hackers continue mastering their skills.
What cybersecurity challenges should the retail industry expect in 2020? It is time to reveal trends and prepare to fight upcoming attacks.
Learn the details: https://www.intellias.com/retail-security-challenges-in-2020-in-depth-security-coverage-to-prevent-retail-theft/
Cyber crime encompasses any criminal act dealing with computers and networks (called hacking). Additionally, cyber crime also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet. #wiki
Digital Shadows protects organizations from digital risks across the widest range of data sources within the open, deep, and dark web.
Learn more at https://resources.digitalshadows.com/
Security weekly september 28 october 4, 2021 Roen Branham
Watch the full episode on Youtube: https://youtu.be/Tl3pVMaCN60
Security weekly september 28 october 4, 2021
We review the Cyber Security news events that happened from September 28 - October 4, 2021.
How to ensure SOX, HIPAA, & GDPR Compliance in Dev and TestRed Gate Software
Delivering fresh, database copies to dev and test while complying with regulations such as SOX, HIPAA, and GDPR is challenging.
Many approaches are inefficient, taking hours, sometimes days, involving multiple backup and restore tasks, and designing data sets that are compliant and won’t expose customer data in the event of a breach. They don’t scale, and rarely meet the needs of DevOps teams working in ever faster cycles.
Chris Unwin, Data Privacy and Protection Specialist at Redgate shows you how to spin up fresh database copies for dev and test in seconds, with whatever level of protection you need – masked data, unmasked data, or synthetic data sets. Including:
- Designing masking models up front so dev and test databases are born compliant
- Creating full copies of databases in seconds that take up only 50 - 60 MB of disk space
- Automating database provisioning as part of Compliant Database DevOps
- Establishing a simple, repeatable, transparent, and auditable process
You also learn about customers who’ve revolutionized database development with SQL Provision. Like, KEPRO, a US health provider, who switched to SQL Provision to comply with HIPAA and is now saving 20 hours a week on database admin.
An APM webinar sponsored by the APM Midlands Branch on 15 March 2022.
Speaker: Fábio Morais
An overview of the people behind major cybercriminal activities, the dark web and how much your data is worth; and finally what basic measures project managers should be putting in place to reduce the cyber-risk profile of their projects.
In today’s data-driven world, data breaches can impact on projects that affect hundreds of millions or even billions of people at a time. Digital transformation has increased the supply of data moving, and data breaches have scaled up with it as attackers exploit the data-dependencies of daily life.
With recent attacks threatening to de-rail high profile projects, it’s vital that the risks are identified and actions implemented, not only to protect project data, but to protect project managers and stakeholders.
Most cybercrime is an attack on information about individuals, corporations, or governments and events can occur in jurisdictions separated by vast distances. The Internet offers criminals multiple hiding places in the real world as well as in the network itself, posing severe problems for law enforcement, since international cooperation is usually required to investigate and attempt to trace down cybercriminals.
But who are these individuals and where exactly does cybercrime take place? What, as project professionals, can we do to protect ourselves?
We look to answer these questions by lifting the veil of hacking and the Dark Web.
https://youtu.be/TDXPetxXDMA
https://www.apm.org.uk/news/cyber-security-for-project-managers-lifting-the-veil-of-hacking-webinar/
Verizon 2014 data breach investigation report and the target breachUlf Mattsson
The landscape of threats to sensitive data is changing. New technologies bring with them new vulnerabilities, and organizations like Target are failing to adapt to the shifts around them.
What’s needed is an approach equal to the persistent, advanced attacks companies face every day. The sooner we start adopting the same proactive thinking hackers are using to get at our data, the better we will be able to protect it.
In this webinar, Protegrity CTO and data security thought leader Ulf Mattsson integrates new information from the Verizon 2014 Data Breach Investigation Report (DBIR) into his analysis on what is driving data breaches today, and how we can prevent them in the future.
KEY TOPICS INCLUDE:
• The changing threat landscape
• The effects of new technologies on breaches
• Analysis of recent breaches, including Target
• Compliance vs. security
• The importance of shifting from reactive to proactive thinking
• Preparing for future attacks with new technology & techniques
Data is big, data is valuable and data is trouble. In 2014, the Breach Level Index recorded that over one billion records had been breached, an increase of 78% over 2013. And 2015 is seeing similar levels – the first 2 quarters of the year each seeing a loss of almost 340 million records.
By United Security Providers
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftIntellias
While retailers keep opening new stores, hackers continue mastering their skills.
What cybersecurity challenges should the retail industry expect in 2020? It is time to reveal trends and prepare to fight upcoming attacks.
Learn the details: https://www.intellias.com/retail-security-challenges-in-2020-in-depth-security-coverage-to-prevent-retail-theft/
Cyber crime encompasses any criminal act dealing with computers and networks (called hacking). Additionally, cyber crime also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet. #wiki
Digital Shadows protects organizations from digital risks across the widest range of data sources within the open, deep, and dark web.
Learn more at https://resources.digitalshadows.com/
Security weekly september 28 october 4, 2021 Roen Branham
Watch the full episode on Youtube: https://youtu.be/Tl3pVMaCN60
Security weekly september 28 october 4, 2021
We review the Cyber Security news events that happened from September 28 - October 4, 2021.
How to ensure SOX, HIPAA, & GDPR Compliance in Dev and TestRed Gate Software
Delivering fresh, database copies to dev and test while complying with regulations such as SOX, HIPAA, and GDPR is challenging.
Many approaches are inefficient, taking hours, sometimes days, involving multiple backup and restore tasks, and designing data sets that are compliant and won’t expose customer data in the event of a breach. They don’t scale, and rarely meet the needs of DevOps teams working in ever faster cycles.
Chris Unwin, Data Privacy and Protection Specialist at Redgate shows you how to spin up fresh database copies for dev and test in seconds, with whatever level of protection you need – masked data, unmasked data, or synthetic data sets. Including:
- Designing masking models up front so dev and test databases are born compliant
- Creating full copies of databases in seconds that take up only 50 - 60 MB of disk space
- Automating database provisioning as part of Compliant Database DevOps
- Establishing a simple, repeatable, transparent, and auditable process
You also learn about customers who’ve revolutionized database development with SQL Provision. Like, KEPRO, a US health provider, who switched to SQL Provision to comply with HIPAA and is now saving 20 hours a week on database admin.
An APM webinar sponsored by the APM Midlands Branch on 15 March 2022.
Speaker: Fábio Morais
An overview of the people behind major cybercriminal activities, the dark web and how much your data is worth; and finally what basic measures project managers should be putting in place to reduce the cyber-risk profile of their projects.
In today’s data-driven world, data breaches can impact on projects that affect hundreds of millions or even billions of people at a time. Digital transformation has increased the supply of data moving, and data breaches have scaled up with it as attackers exploit the data-dependencies of daily life.
With recent attacks threatening to de-rail high profile projects, it’s vital that the risks are identified and actions implemented, not only to protect project data, but to protect project managers and stakeholders.
Most cybercrime is an attack on information about individuals, corporations, or governments and events can occur in jurisdictions separated by vast distances. The Internet offers criminals multiple hiding places in the real world as well as in the network itself, posing severe problems for law enforcement, since international cooperation is usually required to investigate and attempt to trace down cybercriminals.
But who are these individuals and where exactly does cybercrime take place? What, as project professionals, can we do to protect ourselves?
We look to answer these questions by lifting the veil of hacking and the Dark Web.
https://youtu.be/TDXPetxXDMA
https://www.apm.org.uk/news/cyber-security-for-project-managers-lifting-the-veil-of-hacking-webinar/
Perform a search on the Web for articles and stories about social en.pdffasttrackcomputersol
Perform a search on the Web for articles and stories about social engineering attacks or reverse
social engineering attacks. Find an attack that was successful and describe how it could have
been prevented.
Solution
Answer:
As per Computer Weekly, social engineering attacks were the most well-known hacking strategy
utilized as a part of 2015. What\'s more, there\'s no indication of it backing off; in 2016 60
percent of undertakings were casualties of a social engineering attack or something to that affect.
Furthermore, as per EMC, phishing attacks—the least demanding and most normal sort of social
engineering attacks—brought about almost $6 billion in misfortunes in 2013 alone, spread out
finished around 450,000 separate bargains.
Some hurt more regrettable than others, however all brought about a sufficiently genuine shake
up for security directors to recalibrate their regard for the vector, investigate their conventions,
and make teaching staff a best need.
Here\'s our pick for five of the greatest social engineering attacks ever.
5. 2011 RSA SecurID Phishing Attack
Security firms ought to be the most secure targets with regards to a data framework attack, yet
they are likewise delicious focuses on that draw more than what\'s coming to them of endeavors.
In 2011, one of these attacks bit encryption mammoth RSA and prevailing with regards to mesh
hackers profitable data about the organization\'s SecurID two-factor validation coxcombs.
In spite of the fact that RSA at first denied that the data could enable hackers to trade off
anybody utilizing SecurID, protection temporary worker Lockheed Martin soon recognized
hackers endeavoring to rupture their system utilizing stolen SecurID information. RSA retreated
rapidly and consented to supplant a large portion of the disseminated security tokens.
This inconvenience came down to four workers at RSA parent organization EMC. Attackers sent
them email with a satirize deliver implying to be at a vocation enrollment site, with an Excel
connection titled 2011 Recruitment Plan. It wasn\'t clear why the representatives would think
about a spreadsheet from an outsider site, however they opened it—and a zero-day Flash
adventure covered in the spreadsheet introduced indirect access to their work machines that soon
exposed the keys to the kingdom.
4. 2015 Ubiquiti Networks Scam
Not all hackers are searching for touchy data; here and there they simply need chilly, hard
money.
In 2015, Ubiquiti, a particular producer of wifi hardware and software situated in San Jose,
discovered this out the most difficult way possible when their fund division was focused in an
extortion conspire rotating around worker pantomime.
The organization never uncovered precisely how the attack was organized, yet said that the
bookkeeping office got email indicating to be from the organization\'s Hong Kong auxiliary.
Regularly, such emails contain guidelines with respect to changes in installment account points
of interest or new selle.
Presentation by Luc de Graeve at the Gordon institute of business science in 2001.
This presentation is about security in e-commerce and is aimed at making people aware of what hackers do, how they do it and the financial implications of their actions. The presentation begins with a few examples of defaced websites and ends with a discussion on risk and assessment.
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
Slides from the 2014 GRC Conference Presented by:
Jeff Spivey, CRISC, CPP
Vice President of Strategy, RiskIQ, Inc.
President, Security Risk Management, Inc
Adair Barton, CPA, CISA
Vice President of Internal Audit
Dycom Industries, Inc.
and
David A. Less, CISA, CISM
CIO & SVP
Sunteck, Inc.
By David F. Larcker, Peter C. Reiss, and Brian Tayan
Stanford Closer Look Series, November 16, 2017
The board of directors is expected to ensure that management has identified and developed processes to mitigate risks facing the organization, including risks arising from data theft and the loss of information. Unfortunately, recent experience suggests that companies are not doing a sufficient job of securing this data. In this Closer Look, we examine they types of cyberattacks that occur and how companies respond to them.
We ask:
• What steps can the board take to prevent, monitor, and mitigate data theft?
• What data, metrics, and information should board members review to satisfy themselves that management has taken proper steps to minimize cyber risks?
• What qualifications should a board member have in order to constructively contribute to boardroom discussions on cybersecurity?
• How difficult is it to find board candidates with these skills?
Think differently about security. Perimeter defenses are failing to protect customers. Hackers are getting smarter, more persistent and better organized. So must you.
Presented at the 29th Annual FMA Conference
Topics:
> Raise awareness of the emerging trends in cybersecurity, such as the threats and the potential cost that a breach could have on your organization
> Establish an understanding of what your organization and board can do to reduce the likelihood and impact of a breach
> Identify key characteristics and aspects within an incident/breach response plan and how this plan will reduce the impact of the unfortunate event
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
ER(Entity Relationship) Diagram for online shopping - TAEHimani415946
https://bit.ly/3KACoyV
The ER diagram for the project is the foundation for the building of the database of the project. The properties, datatypes, and attributes are defined by the ER diagram.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
2. Security Concerns: What Keeps You Up at Night?
IDC Worldwide Big Data & Analytics Report for 2015
Am I meeting the
latest regulatory
requirements?
Will I pass the audit?
Do I need cyber
insurance?
What sort of policy?
What’s the cost?
Am I personally
liable should
something happen
to the company?
Is my brand
at risk?
2
Am I going
to get
breached?
3. 783 US. data breaches tracked in 2014, with a 261% increase in size over 2013!
70 M credit cards
compromised due
to vendor leak
56 M credit cards
leaked after security
turnover & software
issues.
Digital business
assets exploited,
damaging the brand,
and taking down
parts of the network
for months.
$200 Million+
$200 Million
$15 Million+
2014: The Year of the Data Breach
3
4. Five Primary Sources of Threats: Inside and Outside The Network
Employees
Malicious or not,
represent up to 40%
of data breaches
INSIDER THREATS
Where is the danger?
Top threats in 2014:
1. Malicious Code
2. Web-based attacks
3. Web application attacks
4. Botnets
5. DDos
6. Spam
7. Phishing
8. Exploit Kits
9. Data Breaches
10.Physical damage /
threat / loss
11. Insider threats
12. Information Leakage
13. Identity Theft / Fraud
14. Cyber espionage
15. Ransomare
Protesters with
an Axe to Grind
Promote political
ends by targeting
specific companies
HACKTIVISTS
Zealots with
Strong Views
Seek revenge,
damage, change
TERRORISTS
Well Funded
Criminals
Seek companies with
customers and
money to lose
CYBER CRIMINALS
Government
Funded
Espionage
Target governments
and private industry to
further political change
STATE SPONSORED
4
5. How the Underground Economy Works
Source: Michael Yip, The University of Southhampton, Oct 2012
ATTACK SERVICES
Zero-day
exploit finders
Malware
authors
Botnet
herders
Spammers Phishers
Intruders &
Crackers
Rogue
web admins
Rogue Hosting
Spoof website
designers
Bank data
stealers
Plastic vendors
& encoders
Cashiers Scammers
Identity theft
& fraud
Carders
DELIVERY
BLENDED
SERVICES
FINANCIAL CRIME/
INDENTITY THEFT
Game login/
Envelope
stealers
Virtual asset
traders
Blackmailers Gangs/Mafia
TRADITIONAL ORGANISED
CRIMINAL GROUPS
VIRTUAL ASSETS
TRADING
Virtual currency
sellers
Mules/Drops
Exchangers
MONEY LAUNDERING
Security Service
providers
Needed by all parties
Flow of demand
Potential influence
6. Attack Example: State-Sponsored Espionage
Send
Spearphishing
Email
May 2013
Gain Access to
network, steals
token data
Using stolen RSA
token data and
credentials, logs into
Lockheed’s VPN.
Attack detected
only after an
attempt to
steal data.
March 2012
Victims
Aerospace and defense organizations,
computer hardware and software, legal,
energy/gas, finance, telecommunications,
mainly in the US
Stolen
Intellectual property: technology blueprints
proprietary manufacturing processes, test
results, business plans, pricing documents,
partnership agreements, and executive email
address /contact lists.
The Chinese People’s Liberation Army (PLA) accessed hundreds of
terabytes of data from over 141 organizations from 2006 – 2011
Impact
Wanted by the FBI
6
7. Attack Example: Cyber-Criminals
“The biggest hack in U.S. retail history”
• $148M hard costs in 6 months
• Loss consumer confidence
• CEO/top execs forced to resign
• 90 lawsuits in 90 days
• USG investigations
• Total costs could reach billions
• 40 million Target customer credit card information
• 70 million customer personal information
Target’s Point of Sale (POS) systems were
infected with a “RAM scraping” attack.
Unencrypted credit card data was collected as it
passed through the infected machine’s memory
before being transferred to Target’s payment
processing provider. Target’s intrusion detection
and anti-virus systems alerted on the malware
but it was not acted upon.
September 2013
Rinat Shabayev
develops
BlackPOS
malware and
sells it online.
November 2013
In 2 days, Malware
had reached most
Target POS devices,
and intruders were
collecting live credit
card transactions.
Phishing email sent
to Target’s payment
processing
contractor Fazio
Mechanical.
Hackers steal
credentials and gain
remote access to
Target’s billing
system.
Stolen data is
FTP’d to external
servers and
appears for sale in
online black
markets.
Hackers move
laterally inside
Target’s network to
access POS
Systems and install
BlackPOS malware.
December 2013
Impact
7
8. 8
• Spearphishing attack
• Similar malware, attack infrastructure, and tactics
previously used by North Korea.
• Stole large amounts of sensitive corporate and
personal data.
• Released destructive malware that deleted data and
rendered thousands of Sony computers inoperable.
• Released Sony’s sensitive data to the public.
• Sensitive data made public
including emails, scripts, salaries,
and 47,000 employee records.
• Corporate data deleted
• Thousands of employee computers
unusable
• Damage to company image with
public, employees and industry
talent.
• Financial cost of both remediating
the attack & limiting movie’s
release.Likely to prevent the release of Sony‘s movie, “The
Interview,” depicting a fictional plot to assassinate North
Korea’s leader.
What?
8
Attack Example: Terrorists
Why?
Impact
9. Attack Example: Hacktivists
9
Offshoot of Anonymous LulzSec & Sony Pictures
May - June 2011
UAT Students “Join”
LulzSec
Hack Sony Pictures
website, access
account info
Post stolen data
on Pastebin
Goal: To “have fun,” embarrass website
owners, ridicule security measures
Victim: Sony Pictures, protesting their action
against a hacker for “jailbreaking” PS3
Impact: 37,000 comprehensive customer
contact records including passwords
stolen
Cody Kretsinger, 23
(AKA “Recursion”)
Raynoldo Rivera, 18
(AKA “Neuron”)
10. April 2012
Downloads first
classified
documents as
Dell contractor in
Hawaii
Edward Snowden - “Whistleblower”
American cybersecurity expert, former CIA system admin and counter intelligence trainer at
Defense Intelligence Agency (DIA). Leaked millions of classified documents to journalists.
Charged with: violating the Espionage Act, theft of government property, unauthorized
communication of national defense information, and willful communication of classified
intelligence. Fled to Russia in 2013 where he remains today.
Dec-Jan 2013
Flies to Hong
Kong, reveals
numerous NSA
docs to
Greenwald &
Poitras
Snowden connects
with reporter/
filmmaker Glenn
Greenwald
New job gives
him greater access
to classified docs.
Download 1.7 M
files using spider
program
First article
published,
Snowden
goes public.
Leaks 1st
intelligence
reports, takes
leave of absence
after 4 weeks on
the job.
Attack Example: Insider Threats
March 2013 April 2013 May 2013 June 2013
10
11. Collaborating
On NIST
Cyber Security
Framework
CenturyLink
CEO on
committee
Active
contributor/
participant
Who We Work With: CenturyLink Works with Many Government and Private Entities for National
Security and Customer Protection
Permanent
seat on
NCCIC floor
Member of
Cyber Unified
Coordination
Group
DEFENSE HOMELAND SECURITY JUSTICE
FCC
WHITE HOUSE, STATE, COMMERCE,
AND STATE GOVERNMENTS PRIVATE SECTOR
Network Service Provider
(NSP) Security (NSP-SEC)
Network Information
Sharing Exchange (NSIE)
Defense Industrial Base
Information Sharing Exchange
(DSIE)
OPS-Trust
24/7
presence
within
DHS
CSRIC
Working
Groups
DIB Cyber
Security /
Information
Assurance
Botnet
Takedowns
APT Mitigations
Global Infrastructure
Alliance for Internet
Safety
11
12. 12
INTEGRATING DATA FOR HOLISTIC THREAT PICTURE
1 Confidential
Enterprise Managed Security Portfolio
CENTURYLINK
DATACENTER
MANAGED
HOSTING
ENVIRONMENT
Branch
Office
CUSTOMER
PREMISES
Headquarters
Fully Managed Defense-In-Depth Security
Security
Services
CenturyLink SOC
Comprehensive set of security products and services at the customer premise, in the network and at the
data center managed through the Security Operations Centers
24/7 Monitoring , Management and Incident Response
Security Services Web Portal
IAAS CLOUD COMPUTING CONTROLS
• Robust reporting and self management
portal
• Monitored and managed, with configuration
support
•Security functionality provided from the
network
NETWORK-BASED
SERVICES
Corporate Firewall
Internet
Corporate Network