Industrial Espionage. Fabio Ghioni - Esperto in Tecnologie non convenzionali e del rischio, e in strategia per la difesa nel Cyber Warfare Profiling. Fabio Ghioni, editorialista, Fabio Ghioni saggista, Fabio Ghioni conferenziere, Fabio Ghioni consulente strategico, Fabio Ghioni top manager, è riconosciuto come uno dei maggiori esperti mondiali di sicurezza.
By Roberto Preatoni Fabio Ghioni Corp Vs CorpFabio Ghioni
Roberto Preatoni & Fabio Ghioni - Corp-vs-Corp. Fabio Ghioni - Esperto in Tecnologie non convenzionali e del rischio, e in strategia
per la difesa nel Cyber Warfare Profiling. Fabio Ghioni, editorialista, Fabio Ghioni saggista, Fabio Ghioni conferenziere, Fabio Ghioni consulente strategico, Fabio Ghioni top manager, è riconosciuto come uno dei maggiori esperti mondiali di sicurezza.
IT Security and Wire Fraud Awareness Slide DeckDon Gulling
A presentation on IT security, wire fraud and trends in information technology. The information is focused on making the audience aware of the new threats, how to protect against them, and what measures you can take to keep your critical information secure.
The views / opinions / assumptions expressed in this presentation/resource is for educational & research purposes only. Do not attempt to violate the law with anything contained here. Neither the author of this material, nor anyone else affiliated in any way, is liable for your actions.
The purpose of this presentation is to share what is happening in cyber and what is possible...
Models of Escalation and De-escalation in Cyber ConflictZsolt Nemeth
The cyber insecurity conundrum cuts across all things digital or networked. How can we prioritize defensive efforts across such a vast domain? This talk will describe a framework for engineering systems and policymaking based on the work factors for cyber attack and defense. After developing the work factor concept, it will be illustrated in several examples
By Roberto Preatoni Fabio Ghioni Corp Vs CorpFabio Ghioni
Roberto Preatoni & Fabio Ghioni - Corp-vs-Corp. Fabio Ghioni - Esperto in Tecnologie non convenzionali e del rischio, e in strategia
per la difesa nel Cyber Warfare Profiling. Fabio Ghioni, editorialista, Fabio Ghioni saggista, Fabio Ghioni conferenziere, Fabio Ghioni consulente strategico, Fabio Ghioni top manager, è riconosciuto come uno dei maggiori esperti mondiali di sicurezza.
IT Security and Wire Fraud Awareness Slide DeckDon Gulling
A presentation on IT security, wire fraud and trends in information technology. The information is focused on making the audience aware of the new threats, how to protect against them, and what measures you can take to keep your critical information secure.
The views / opinions / assumptions expressed in this presentation/resource is for educational & research purposes only. Do not attempt to violate the law with anything contained here. Neither the author of this material, nor anyone else affiliated in any way, is liable for your actions.
The purpose of this presentation is to share what is happening in cyber and what is possible...
Models of Escalation and De-escalation in Cyber ConflictZsolt Nemeth
The cyber insecurity conundrum cuts across all things digital or networked. How can we prioritize defensive efforts across such a vast domain? This talk will describe a framework for engineering systems and policymaking based on the work factors for cyber attack and defense. After developing the work factor concept, it will be illustrated in several examples
Dr. Murray presented current issues with IoT technologies at the Information Systems Security Association (ISSA). The ISSA Colorado Springs Chapter - Cyber Focus Day on Wednesday, March 25, 2015 at the University of Colorado Colorado Springs (UCCS). The theme for CFD 2015 was “Cybercrime”.
This talk focuses on how AI can be leveraged to solve some of the subproblems in cybersecurity. The talk will start with a discussion on why there is a surge in data breaches, and cybersecurity attacks? Then I will discuss some of the use cases, data pipeline, and architectural details of AI solutions for the cybersecurity. Here is a detailed plan for the talk:
(1) The current state of Information security and tools (5 mins).
(2) A brief history and current status of using AI for the InfoSec (5 mins).
Currently, security data science tools primarily process raw data from multiple data sources such as network flows, authentication logs, firewall logs, endpoints, and detect anomalous events. These tools generate a large number of false positives, and they need to be further investigated by security analysts. Specifically, I will address the following questions:
- What is the foundation of current security data science tools?
- What are the pros and cons of existing tools?
(3) AI use cases, data pipeline, architecture, and data experiments (15 mins): Following questions will be addressed:
- What are the different use cases that can be enabled by AI?
- How would it transform the incident response?
What's a typical data pipeline and architecture of cybersecurity AI solution?
Demo 1: PowerShell Obfuscation Detection using Deep Learning Neural Networks
Demo 2: Malicious URL Detection using Recurrent Neural Networks
(4) Challenges and limitations of using AI alone for cybersecurity (5 mins)
- AI generates too many false positives
- Enterprises can investigate only 2-5% of alerts due to the limited number of security analysts
Need for an automated response, not just detection
(5) Our approach: fuse deception with AI (10 mins):
A key objective of the deception is to deceive the inside-network attacks and threats to detect, engage, trap, and remediate them. Deception provides high fidelity alerts, and AI delivers an ability to construct context about the alert. By fusing deception and data science, security analysts can do proactive defense. We shall demonstrate our approach with specific case studies:
- Demo 3- Detecting and Inferring threats in a high interaction decoy using AI engine
(6) Q&A (5 mins)
Incident handling of intrusions related to cyber espionage operations is a complex and challenging task. As a national CERT with a unique national early warning detection system, NSM NorCERT has detected and responded to incidents that vary from traditional incident response and abuse handling to counter-intelligence operations. Based on some real-world examples, this talk will be about incident handling of cyber espionage intrusions. What are the most common pitfalls and how can companies be better prepared?
The events of Sept. 11 2001 proved that terror attacks on nonmilitary targets could be crippling to our national infrastructure.
A week after the first anniversary of the day that changed everything, the White House released a 60-page draft plan called the National Strategy to Secure Cyberspace, which also points out that US businesses--and individuals--are potential targets for cyber-terrorism.
The experts say we can't rule anything out, but are advising us to be realistic.
If you know the enemy and know yourself, you need not fear the result of a hundred battles- Sun Tzu
Sharing some pointers wrt some trends and tactics in the cyber domain and threat intel.
Thanks to CRCIDF team.
Palestra do evento "Cybersecurity: a nova era em resposta a incidentes e auditoria de dados"
Sam Maccherola - VP and General Manager Public Sector Guidance Software Inc.
Brasília, 04 de agosto de 2010
Social Engineering as the Art of "Human OS" hacking
Main points of the presentation (1) Overall introduction on social engineering (2) Case studies (3) Defending against Social Engineering.
for: http://armsec.org/
An introductory session about Social Engineering presented at ICT Nuggets Forum - Khartoum, organized by Duko team. We talked about what is social engineering? terms related to it? and how attacks can bee carried. We also told a lot of stories about successful social engineering attacks and how much damage they did. Finally we talked about how to protect yourself and your company social engineering attacks.
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
Are Cybersecurity threats increasing? Learn about protecting your business with a security program and understanding ransomware threats. Join us as Google's Biodun Awojobi and Wade Walters join us to discuss "Security Programs and Ransomware in the Cloud." We expect to have additional Cybersecurity events in future to cover security posture, Zero Trust, Google's Cybersecurity products & more!
#cybersecurity #ransomware #google #gdg #gdgcloudsouthlake
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfMahdi_Fahmideh
Digital Forensics for Artificial
Intelligence (AI ) Systems:
AI systems make decisions impacting our daily life Their actions might cause accidents, harm or, more generally, violate
regulations either intentionally or not and consequently might be considered suspects for various events. In this lecture we explore how digital forensics can be performed for AI based systems.
Dr. Murray presented current issues with IoT technologies at the Information Systems Security Association (ISSA). The ISSA Colorado Springs Chapter - Cyber Focus Day on Wednesday, March 25, 2015 at the University of Colorado Colorado Springs (UCCS). The theme for CFD 2015 was “Cybercrime”.
This talk focuses on how AI can be leveraged to solve some of the subproblems in cybersecurity. The talk will start with a discussion on why there is a surge in data breaches, and cybersecurity attacks? Then I will discuss some of the use cases, data pipeline, and architectural details of AI solutions for the cybersecurity. Here is a detailed plan for the talk:
(1) The current state of Information security and tools (5 mins).
(2) A brief history and current status of using AI for the InfoSec (5 mins).
Currently, security data science tools primarily process raw data from multiple data sources such as network flows, authentication logs, firewall logs, endpoints, and detect anomalous events. These tools generate a large number of false positives, and they need to be further investigated by security analysts. Specifically, I will address the following questions:
- What is the foundation of current security data science tools?
- What are the pros and cons of existing tools?
(3) AI use cases, data pipeline, architecture, and data experiments (15 mins): Following questions will be addressed:
- What are the different use cases that can be enabled by AI?
- How would it transform the incident response?
What's a typical data pipeline and architecture of cybersecurity AI solution?
Demo 1: PowerShell Obfuscation Detection using Deep Learning Neural Networks
Demo 2: Malicious URL Detection using Recurrent Neural Networks
(4) Challenges and limitations of using AI alone for cybersecurity (5 mins)
- AI generates too many false positives
- Enterprises can investigate only 2-5% of alerts due to the limited number of security analysts
Need for an automated response, not just detection
(5) Our approach: fuse deception with AI (10 mins):
A key objective of the deception is to deceive the inside-network attacks and threats to detect, engage, trap, and remediate them. Deception provides high fidelity alerts, and AI delivers an ability to construct context about the alert. By fusing deception and data science, security analysts can do proactive defense. We shall demonstrate our approach with specific case studies:
- Demo 3- Detecting and Inferring threats in a high interaction decoy using AI engine
(6) Q&A (5 mins)
Incident handling of intrusions related to cyber espionage operations is a complex and challenging task. As a national CERT with a unique national early warning detection system, NSM NorCERT has detected and responded to incidents that vary from traditional incident response and abuse handling to counter-intelligence operations. Based on some real-world examples, this talk will be about incident handling of cyber espionage intrusions. What are the most common pitfalls and how can companies be better prepared?
The events of Sept. 11 2001 proved that terror attacks on nonmilitary targets could be crippling to our national infrastructure.
A week after the first anniversary of the day that changed everything, the White House released a 60-page draft plan called the National Strategy to Secure Cyberspace, which also points out that US businesses--and individuals--are potential targets for cyber-terrorism.
The experts say we can't rule anything out, but are advising us to be realistic.
If you know the enemy and know yourself, you need not fear the result of a hundred battles- Sun Tzu
Sharing some pointers wrt some trends and tactics in the cyber domain and threat intel.
Thanks to CRCIDF team.
Palestra do evento "Cybersecurity: a nova era em resposta a incidentes e auditoria de dados"
Sam Maccherola - VP and General Manager Public Sector Guidance Software Inc.
Brasília, 04 de agosto de 2010
Social Engineering as the Art of "Human OS" hacking
Main points of the presentation (1) Overall introduction on social engineering (2) Case studies (3) Defending against Social Engineering.
for: http://armsec.org/
An introductory session about Social Engineering presented at ICT Nuggets Forum - Khartoum, organized by Duko team. We talked about what is social engineering? terms related to it? and how attacks can bee carried. We also told a lot of stories about successful social engineering attacks and how much damage they did. Finally we talked about how to protect yourself and your company social engineering attacks.
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
Are Cybersecurity threats increasing? Learn about protecting your business with a security program and understanding ransomware threats. Join us as Google's Biodun Awojobi and Wade Walters join us to discuss "Security Programs and Ransomware in the Cloud." We expect to have additional Cybersecurity events in future to cover security posture, Zero Trust, Google's Cybersecurity products & more!
#cybersecurity #ransomware #google #gdg #gdgcloudsouthlake
Digital Forensics for Artificial Intelligence (AI ) Systems.pdfMahdi_Fahmideh
Digital Forensics for Artificial
Intelligence (AI ) Systems:
AI systems make decisions impacting our daily life Their actions might cause accidents, harm or, more generally, violate
regulations either intentionally or not and consequently might be considered suspects for various events. In this lecture we explore how digital forensics can be performed for AI based systems.
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
APNIC Senior Security Specialist Adli Wahid provides some useful findings of lessons learned from security incidents at the UMS Cybersecurity Awareness Seminar, held online on 25 October 2021.
Key takeaways:
What is Cyber Threat Intelligence?
Why should you care about it?
How would you collect it?
How would you generate it?
What would you do with it?
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
In this presentation from their joint webinar, security experts and trainers at CQURE, Greg Tworek and Mike Jankowski-Lorek, help you put on your hacker cap to better identify dangerous vulnerabilities, strengthen your systems, and STOP the data breaches that litter the news sites today. They will also demonstrate how to exploit systems and how (from the hacker perspective) this can be proactively mitigated.
Catch the full on-demand webinar here:
https://www.beyondtrust.com/resources/webinar/hackers-playbook-think-like-cybercriminal-reduce-risk/?access_code=de936e36f25bb91acaae7593959af3c1
Today’s cyber criminals are more sophisticated, more agile and more aggressive than traditional security measures can protect against. One simply needs to open a news source today to find a headline on a new breach - Office of Management Personal, Sony, Target are just a few examples of note. The increase in attacks and breaches can be attributed to a variety of factors, not the least of which include: a rise in asymmetric threats, commoditization of threats/attacks and incomplete security strategies. By incorporating cyber threat analysis in your security strategy, however, you can better counter and mitigate these threats.
Cyber Security.
Watch my videos on snack here: --> --> http://sck.io/x-B1f0Iy
@ Kindly Follow my Instagram Page to discuss about your mental health problems-
-----> https://instagram.com/mentality_streak?utm_medium=copy_link
@ Appreciate my work:
-----> behance.net/burhanahmed1
Thank-you !
Cyber Threat Intelligence is a process in which information from different sources is collected, then analyzed to identify and detect threats against any environment. The information collected could be evidence-based knowledge that could support the context, mechanism, indicators, or implications about an already existing threat against an environment, and/or the knowledge about an upcoming threat that could potentially affect the environment. Credit: Marlabs Inc
The possibilities provided by the internet in this day and times is almost limitless, fueled by
presence of global networks and larger operations being performed on a daily basis coupled with
people around the world who enjoy these benefits. However, the internet space is not used for
peaceful reasons as it should be assumed. The growing development in technologies and
substantive upgrade of programming systems has led to frequent cases of attacks by threat actors,
becoming a real problem for large companies.
Hence, therefore, one of the most famous cases in relation to hacking in the world was the
hacking of important information on the eBay database, an online shopping store. The case study
will focus on this attack.
3
Fabio Ghioni - Esperto in Tecnologie non convenzionali e del rischio, e in strategia
per la difesa nel Cyber Warfare Profiling. Fabio Ghioni, editorialista, Fabio Ghioni saggista, Fabio Ghioni conferenziere, Fabio Ghioni consulente strategico, Fabio Ghioni top manager, è riconosciuto come uno dei maggiori esperti mondiali di sicurezza.
Fabio Ghioni Hero Z Private InvestigationsFabio Ghioni
Fabio Ghioni - Esperto in Tecnologie non convenzionali e del rischio, e in strategia
per la difesa nel Cyber Warfare Profiling. Fabio Ghioni, editorialista, Fabio Ghioni saggista, Fabio Ghioni conferenziere, Fabio Ghioni consulente strategico, Fabio Ghioni top manager, è riconosciuto come uno dei maggiori esperti mondiali di sicurezza. Fabio Ghioni, recognized as one of the few world wide leading experts in the field of information security, competitive intelligence and intrusion management in an asymmetric environment, is dedicated to helping clients of all sizes, ranging from startups to global conglomerates, government, international institutions and not-for-profits. Fabio Ghioni has successfully delivered results across various product and service industries: leading international corporations involved in the military, telecommunications, banking or technology industries.
As consultant to several different Government institutions, Fabio Ghioni has been the key to the solution of several terrorism cases in the past. Fabio Ghioni’s key fields of research range from mobile and wireless competitive security to the classification of information and forensics technologies applied to identity management and ambient intelligence
Fabio Ghioni - La nona Emanazione - Una cospirazione globale terribilmente possibile, una storia originale che non ha nulla da invidiare alla trilogia degli “Illuminati” di Robert Anton Wilson, o al miglior Roger Zelazny. Fabio Ghioni - Esperto in Tecnologie non convenzionali e del rischio, e in strategia per la difesa nel Cyber Warfare Profiling. Fabio Ghioni, editorialista, Fabio Ghioni saggista, Fabio Ghioni conferenziere, Fabio Ghioni consulente strategico, Fabio Ghioni top manager, è riconosciuto come uno dei maggiori esperti mondiali di sicurezza.
Fabio Ghioni - Preatoni Ombre asimmetriche. La guerra cibernetica ei suoi pro...Fabio Ghioni
Chi inizia a leggere questo libro, capisce da subito che ci troviamo di fronte ad un lavoro serio e approfondito. I due autori Fabio Ghioni e Roberto Preatoni mettono a frutto la loro pluriennale esperienza nell’ambito della sicurezza, per spiegare a chi non è “del settore”, cosa s’intende oggi per guerra cibernetica, per attacco asimmetrico, chi è un hacker e così via. Fabio Ghioni - Esperto in Tecnologie non convenzionali e del rischio, e in strategia
per la difesa nel Cyber Warfare Profiling. Fabio Ghioni, editorialista, Fabio Ghioni saggista, Fabio Ghioni conferenziere, Fabio Ghioni consulente strategico, Fabio Ghioni top manager, è riconosciuto come uno dei maggiori esperti mondiali di sicurezza.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
5. INDEX
1)
Introduction: old and new threats after September 11th
2)
Industrial Espionage: state-sponsored espionage
3)
Cyber defense methodology: from digital identification of
attacker to counterattack strategy
4)
Cyber counterattacks: information leakage, Injected
Interception
6. In the aftermath of September 11th, security issues came into the
limelight… everybody focalized their attention on increasing anti-terrorist
measures and countering the increasing number of hacker attacks to
business and government networks…
7. … but hardly anyone has ever mentioned a more insidious and
widespread criminal activity: INDUSTRIAL ESPIONAGE
WHY ?
8. Companies are often reluctant to publicly admit that they have been
victims of industrial espionage for two main reasons:
•it implicitly means that THERE WAS SOME KIND OF VULNERABILITY to
be exploited
•it implies the unveiling of MORE CONFIDENTIAL lines of business
9. WHAT exactly is INDUSTRIAL ESPIONAGE?
The illegal acquisition of intellectual property and trade secrets, in other
words THEFT!
The techniques to steal information from outside a company range from the
traditional eavesdropping to social engineering tactics…
10. The FBI generally defines economic espionage as
“government-directed, sponsored, or coordinated
intelligence activity, which may or may not constitute
violations of law, conducted for the purpose of enhancing
that country’s or another country’s economic
competitiveness by the use of the information by foreign
government or by providing it to foreign private business
entity thereby giving that entity a competitive advantage in
the marketplace,...”
11. Since the 1990s Western Intelligence Agencies appear to have
focused most of their time and resources on industrial espionage
In most countries corporations rely on Government Agencies to carry
out investigations whose results can be used to boost the National
economy…
France, the United States and Israeli have often been accused to
spying on competitors’ industrial secrets through scanning systems
such as Echelon or the Helios 1A satellite up until the more recent
Carnivore software
12. Conversely, the INDUSTRIAL INTELLIGENCE process consists of
researching information on public source documents in order to
draw inferences about what competitors might be going to do and
provide the basis for possible counteraction
14. The classic Intelligence Cycle
Source: Law Enforcement Intelligence: A Guide for State, Local, and Tribal Law Enforcement Agencies
http://www.cops.usdoj.gov/mime/open.pdf?Item=1396
15. ". . . attaining one hundred victories in one hundred battles is not the pinnacle of
excellence.
Subjugating the enemy's army without fighting is the true pinnacle of
excellence."
Sun Tzu, The Art of War
"There are but two powers in the world, the sword and the mind. In the long run
the sword is always beaten by the mind."
Napoleon Bonaparte
16. Nevertheless, there is sometimes a fine line between the legitimate
tactics of competitive intelligence gathering and the illegitimate
practice of industrial espionage…
17. Information may be obtained through the use of unethical but legal
techniques, such as social engineering or the exploitation of
competitors’ errors or negligence (e.g. e-mail hijacking)
18. Today, indeed, companies can rely on cyber-based techniques and methodologies
to react to attacks coming from the real world…
The Internet and the Web have dramatically impacted the classic intelligence cycle
More information is migrating to the Web as companies use it to automate their
value chain and build tight linkages with their business parties
19. THE ATTACKS
Distributed Denial Of Service
•Set up of botnets or drones instructed to perform synchronized attacks
Information leakage and data manipulation
•Intranet access due to loose access policies
•Weak corporate applications
•Exploitation of insiders
20. CASE STUDIES 1/4
T-Mobile
• At the end of 2003 a hacker got access to the T-mobile users’ accounts and stole
private material from jet-set users as well as a C.I.A. document located on a T-
Mobile transit e-mail account belonging to a C.I.A. agent. The hacker exploited a
Bea Weblogic interface flaw.
21. CASE STUDIES 2/4
Skynet 1.0
• A new application of Artificial Intelligence
• Set up of intelligent networked agents
• Underground work is in progress
22. CASE STUDIES 3/4
Israel Trojan Horse
• In 2005 Israel was put in a difficult situation by an industrial espionage scandal
involving several corporation and dozens of people.
• Once again data were stolen using a trojan and social engineering.
• Trojan-based attacks are growing rapidly and are considered as among the most
important security risks for today’s corporations.
23. CASE STUDIES 4/4
Chinese Trojan Attacks
• Several American corporations got compromised in the last year by trojan attacks
perpetrated by chinese citizens, according to the attacks' logs.
• Myfip, the trojan used for most of the attacks appeared to be one of the most
sophisticated ever and one of its peculiarity was that it tried to steal also CAD/CAM files,
usually related to engineering design works.
• According to an IBM report, in the first half of 2005, 'customized‘ attacks against
governments, corporations and financial institutions jumped to 50 per cent.
24. THE DEFENSE METHODOLOGY 1/2
Digital Identification of the Attacker
•Understanding the originating path
•“Digital fingerprinting” and pre-analysis of the attack methodology
Passive Observation and Tracking
•Logging the identified activity
•Spotting the attacker
25. THE DEFENSE METHODOLOGY 2/2
Active Honeypots and Honeynets
Situational Awareness
•Case mapping
Definition of Counterattack Strategy
•Resource selection and allocation
•Definition of timing, effort and techniques
26. CYBER COUNTERATTACKS
An example…
Injected Interception
•allows to trace the IP address of a target and gain direct access to all data
contained on the computer no matter what is the means of data transport (i.e.
physical or digital)
27. The security management learning model
Technology Methods
Tools
Resources
Prevention/intelligence Incident Management Emergency/crisis management
Security processes
Policy and Tools Detection Handling Contrast Recovery
procedures
Risk analysis Assessment Planning Analysis Planning Analysis
collection and
Feed back Feed back
Feed-back
Learning
analysis
Common Knowledge Base
Security KPI
(Need to identify threshold values)
28. Questions? ¿Preguntas?
English Spanish
ﺃَﻳﱠﺔ ﻣَﻄَﺎﻟِﺐ Domande? вопросы? Russian
Italian
Arabic
Ερωτήσεις?
Greek
tupoQghachmey Klingon Japanese