SlideShare a Scribd company logo

Focus on cyber threats in hacking cycle

David Sweigert
David Sweigert

The document summarizes several cyber attacks and security issues faced by South Korea between 2003-2014. It describes hacks against the Bangladesh central bank, South Korean companies like KHNP and cyber threats experienced more broadly by South Korea. The government has established a national cybersecurity system coordinated by the Presidential Office to counter continuous cyber attacks, and works to strengthen capacity through strategic plans, education and international cooperation.

Government & Nonprofit
1 of 25
Download to read offline
Security FIRST - International Cooperation in Cyber Security - School of Information Security, Korea University former Special Adviser to the President for National Security Lim, Jong In 2015.06.13. FIRST
/ 25 $81 million dollar deposit was stolen via a forged message instructing that some of the Bangladesh Central Bank’s deposit in the Federal Reserve Bank of New York should be transferred Recent Issues – SWIFT Hacking Bangladesh Cyber Theft  Feb. 2016. Hackers stole $81 million from the Bangladesh Central Bank’s official account at the Federal Reserve Bank of New York  New York Fed announced that the transfer of the money had been “fully authenticated” by SWIFT(international financial messaging system)  Bangladesh's central bank was vulnerable to hackers because it did not have a firewall and used second- hand, $10 switches for network computers connected to SWIFT Source : NYT, Reuter 2
/ 25 Continuous hacking attempts against SWIFT and assumed mastermind  According to the malicious code analysis by IssueMakersLab in Korea, the file deletion function codes of the following malicious codes are similar, making us assume that the attacks were launched by the same group: - February 2016 :Bangladesh Central Bank - December 2015 : Vietnam’s Commercial Bank - November 2014 : Sony Pictures - June 2013: Press in Korea  Since the analysis results of Symantec also show high similarity to the Sony Pictures malicious code, North Korea is assumed to be the mastermind There were SWIFT hacking attempts against 8 banks besides Bangladesh Central Bank. The incident is believed to be the work of North Korean hackers, judging from the similarity of the malicious code to that in the Sony Pictures hacking incident. 3 Recent Issues – SWIFT Hacking
/ 25 Korea is experiencing a social problem due to the spread of ransomware that exploits the vulnerability of major online community advertising banners Spread of ransomware targeting online communities in Korea  Distributing ransomware among major online communities in Korea - Crypt0L0cker randomware was distributed on Clien.net in April 2015 - UltraCrypter randomware was distributed on PPOMPPU.co.kr in June 2016  Both sites are representative online communities in Korea (ranked 12th and 13th in web traffic volume), and several hundred million worth of damages were reported  Both malicious codes require BitCoin deposit, and it is difficult to respond due to difficulty in tracing back  Since BitCoin deposit is not confirmed for UltraCrypter, recovery is expected to be impossible Recent Issues - Ransomware 4
/ 25 Korea is the third affected countries of the LOCKY ransomware Recent Issues - Ransomware 5 Source : FireEye
/ 25 Sony Pictures Entertainment was hacked before its release of ‘The Interview’, a movie that plans to assassinate North Korea’s leader Overview of the Sony Pictures Hacking • Sony Pictures Entertainment’s internal system was breached and some of its data was leaked in November, 2014. • Leaked data includes, among others: - personal information of employees - e-mails among employees - information on executive salaries - copies of unreleased Sony films • The hackers called themselves the "Guardians of Peace" and demanded the planned release of the film ‘The Interview’, a comedy on a plot to assassinate North Korean leader Kim Jong-un, be cancelled 6 Recent Issues – Sony Pictures
/ 25 The U.S. attributed the Sony Picture hack to North Korea, calling it ‘Cyber Vandalism,’ and took a series of actions in response U.S. Government’s Reaction • On December 19th, 2014, F.B.I. published an investigative report on the hack, in which it identified North Korea as the perpetrator • President Obama called the hack ‘Cyber Vandalism’ and claimed that the U.S. weighed proportionate response to the attack • North Korean websites were shut down, allegedly by cyber attacks orchestrated by the U.S. • President Obama sanctioned North Korea’s Directorate of Reconnaissance 7 Recent Issues – Sony Pictures
/ 25 Korea Hydro & Nuclear Power(KHNP) was threatened to be destroyed by a hacker who claimed to have hacked its control system KHNP Hacking Overview  In December 2014, a hacker who claimed to be against nuclear power development posted some of KHNP’s confidential data on his internet blog  The hacker claimed that he had breached into KHNP’s internal control system and threatened that he would destroy KHNP’s nuclear power plants unless it shut them down itself  Investigation by South Korean government and KHNP found no evidence of intrusion into KHNP’s control system. There has not been any cyber attack on the Nuclear Power plant thereafter Recent Issues – KHNP 8
/ 25 South Korean government’s investigation unit alleged North Korea of having perpetrated the hack with a Chinese IP address South Korean Government’s Reaction  On December 20th, 2014, a government team was assembled to probe into the hack  The team found that the hacker had accessed VPN in South Korea via proxy IP address in Shenyang, China. Having failed to hack KHNP directly, the hacker sent phishing emails to partners of KHNP and retired employees  On December 24th, 2014, the investigation team requested cooperation from the Chinese Police  On March 17th, 2015, the government team presented an interim probe result, which suggested that North Korea had orchestrated the hack Hacker in North Korea VPN in South Korea Access via Proxy IP Address in Sunyang, China Hacking Failed (Sent 6,000 Phishing Emails) Hacked partners of KHNP and retired employee’s of KHNP Used vulnerabilities of Hangul (Wordprocessor) 9 Recent Issues – KHNP
/ 25 Case of South Korea - Cyber Threats that S.Korea faces South Korea has had numerous cyber attacks since 2009, but failed to identify and prosecute suspects for any of the attacks Year Cyber attacks on S.Korea 2003  1.25 Internet Intrusion : Korea's major internet networks went down due to the Slammer Worm taking advantage of vulnerabilities of Microsoft's SQL servers 2009  7.7 DDoS Attack : Three DDoS attacks from July 7th to 10th paralyzed the major government sites including website of the Presidential Office 2010 2012  GPS Disturbance : From 2010 to 2012, GPS disturbance occurred annually, causing signal interference and damage to GPS receivers in private and military sectors, including those in Korea Telecom's base stations 2011  3.4 DDoS Attack : DDoS attacks on 40 local websites, including those of major portals, government offices, the Ministry of National Defense and financial institutions 2011  NH Bank's Cyber Terror : NH Bank's internal data and server system were damaged. Service access paralyzed entirely or partially 2013  3.20 Cyber Terror : Major local broadcasters' and six financial institutions' computer networks went down 2013  6.25 Cyber Terror : The Presidential Office website, major government websites, media and political parties’ websites were under cyber attacks 2014  Hacking on KHNP : KHNP's blueprints and operating methods for nuclear power stations were leaked on the internet ~ 10
/ 25 South Korea established a comprehensive national system to counter cyber threats, controlled and coordinated by the Presidential Office Case of South Korea – Countering Cyber Threats Presidential Office National Security Council National Cyber Defense Secretary to the President for National Cyber Security National Cyber Security Center Ministry of Defense Cyber Crime National Police Agency Cyber Security for Civil Sector Ministry of Science, ICT and Future Planning Privacy, Cyber Security For Public Sector Ministry of Gov Administration and Home Affairs Cyber Terror, CIP National Intelligent Service 11
/ 25 While receiving cyber attacks continuously, the Korean government is endeavoring to strengthen national cyber security continuously by setting up strategies and plans to respond to such cyber attacks • Recognized the necessity of responding to information security issues including personal information protection due to the Auction hacking incident in 2008 • Aimed to establish a social safety network by improving policies and building infrastructure by 2010 • It was recognized that a cyber attack can threaten national security due to the 7.7 DDoS attack in 2009 • Obtained good results, such as establishment of the cyber security government system and definition of roles and responsibilities by department • Recognized the necessity of an effective response method due to the 3.4 DDoS Incident and Nonghyup Computer Problems in 2011 • Obtained good results, such as awareness improvement, outsourcing company management, and implementation of the S/W security vulnerability diagnosis system • Recognized the necessity of integrating cyber capabilities distributed among government departments due to the 3.20 and 6.25 Cyber Terror • Established the organizational structure (the Blue House plays the role of control tower, and the National Intelligence Service supervises hands-on work) and prepared personnel fostering plans • Recognized the necessity of protecting cyberspace safely following the Korea Hydro & Nuclear Power hacking incident • Strengthened the cyber security control tower function of the National Security Office, newly established a dedicated pan-government cyber security organization Mid-term comprehensive information security plan (2008) Comprehensive measures against the national cyber crisis (2009) National cyber security master plan (2011) Comprehensive national cyber security measures (2013) National cyber security posture and capability strengthening plan (2015) Case of South Korea – Countering Cyber Threats 12
/ 25  High volume, high velocity, high variety information assets that require new forms of processing to make more meaningful information  Data Volume : 2.7 ZB (2012) → 7.9 ZB (2015)  Model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources  IaaS(Infra), PaaS(Platform), SaaS(Service)  Network of physical objects or "things" embedded in electronics, software, sensors and connectivity  26 billion devices on the IoT by 2020 (Gartner)  Wearable Devices, Smart Car, etc. ICT Development and Evolving Cyber Threats As ICT development begets new technologies such as IoT, Big Data, and Cloud Computing ICT Development Connection Personalized Data Digitalized Convergence IoT Cloud Computing Big Data 13
/ 25 ICT Development and Evolving Cyber Threats European Commission’s Next Generation Computing predicts that ICT will evolve to IoT Environment through Embedded system and CPS Vision : Internet of Things, Data & Services (e.g. Smart Cities) Cyber-Physical Systems (e.g. Intelligent Networked Road Junction) Network Embedded System (e.g. Autonomous Aviation) Embedded Systems (e.g. AirBag) Source : NGC Study, 2013, EUTEMA 14
/ 25 ICT Development and Evolving Cyber Threats In a hyperconnected society where various new ICT applications are adopted, threats to the new applications are anticipated Smart Home Appliance  ICT added home appliances for remote control and efficiency, and convenience  Hacked or Demonstrated Cases - Refrigerator hacked to send spam emails (2014) - Philips LED Lighting hacking demonstration (Dhanjani, 2013) - Web Camera Exposed (BBC, 2014) Smart Healthcare  Using body-measured information by using wearable devices and medical equipment  Hacked or Demonstrated Cases - Breakpoint Security Conference, Pacemaker Hacking Demonstration (2012) - BlackHat USA, Insulin Pump Hacking Demonstration (2013) Smart Car  IT component and services are integrated into automobiles for information gathering and remote control  Hacked or Demonstrated Cases - U.S. EmbeddedSecurityCenterDemonstration(2010) - Korea University Demonstration (2012) - BlackHat USA Demonstration (2014) Smart Energy  Increasing energy efficiency by managing information such as SmartGrid, Smart Buildings  Hacked or Demonstrated Cases - Puerto Rico SmartMeter Tempering (2009) - ‘Dragonfly’ Backdoors in U.S. and Europe Power Grid Control Systems (2014) Threats in a Hyperconnected Society 15
/ 25 Cyber Threat Trends Cyber threat is becoming more intentional, destructive, targeted, and external in origin Accidental Intentional Failure Attack Random Targeted Internal Origin External Origin Technical Human Source : Korea Internet & Security Agency 16
/ 25 Cyber-related threats are selected as a high-priority risk factor in the “Global Risks Report 2016” published by the World Economic Forum (World Risk) in Jan., 2016 Source : World Economic Forum Global Risk Report 2016 - About 750 experts in each area selected global risks that can affect the world economy based on likelihood and impact - Among the 29 global risks presented, technological threats include adverse consequences of technological advancement, breakdown of critical information infrastructure, cyber attacks, and data fraud and theft - As dependency on cyber increases, the likelihood and impact of risk related to cyber were rated significantly high; risk connectivity and mutual impact with other major threats were rated highly as well - The evaluation suggests that cyber attacks can affect the economy considerably, and that the financial industry is required to have the response capability and level matching the risk level Cyber Threat Trends 17
/ 25 International Cooperation International cooperation ha are being developed, yet the outcome of cooperation is insufficient to countering cyber threats  Cooperation between two States that have common interests e.g.) US – China Cyber Working Group Bilateral Cooperation  Cooperation among States in the region e.g.) ASEAN Regional Forum Regional Cooperation  Cooperation through International Organizations e.g.) UN GGE  Conventions, Treaties or Laws e.g.) Convention on Cybercrime International Cooperation  Cooperation in Military or National Defense Aspects e.g.) NATO Cooperative Cyber Defense Centre of Excellence EU Cyber Defence Policy Framework ANZUS Treaty applies to Cyber attacks China - Russia Non Aggression Pact for Cyberspace Military Aspect Cooperation 18
/ 25 International Cooperation Budapest Convention on Cybercrime came into force in 2001, which includes substantial/procedural articles of cybercrime regulation and international cooperation procedure < Status as of May, 2016 >< Major Implications> • The First legally-binding international instrument to comprehensively address the cybercrime issues • Scope of the Convention - Criminalising Conduct : Illegal Activities / Fraud / Interference / Child Pornography / etc. - Procedural tools : Preservation / Search and Seizure / Interception of Data - International Cooperation : Mutual Legal Assistance Treaties, Point of Contact 49 13 68 6 19
/ 25 International Cooperation Seoul Framework on ‘Seoul Conference on Cyberspace 2013’ , UN GGE Recommendations & Reports can be the base of international cooperation < Seoul Framework > < UN GGE Report A/70/174 > • Cyberspace - Economic Growth, Social and Cultural Benefits • International Security - Promote voluntary confidence-building and transparency measures • Cybercrime - Law enforcement cooperation in the investigation and prosecution of international cases • Capacity Building - Enhance efforts to close the digital divide • Responsible behaviour of States - Voluntary, non-binding norms of responsible State behaviour • Confidence-building measures - Adopt existing Guidelines for CBM • ICT Security Capacity-Building - International community to work together for assistance • International Law applies to Cyberspace - The adherence by States to international law is an essential framework 20
/ 25 Capacity Building Effort to build capacity to defend one’s own cyberspace Governance, Role & Responsibility  Setting a national cyber security governance framework  Identify the role and jurisdiction of each agency within the cyber security governance structure Research & Development  Acquisition of various cyber security technologies - Digital forensic and cyber investigation tools - Cyber genome or cyber map - Count cyber threat technologies Education  Cultivating and securing cyber security experts is key to promoting national cyber security - Cyber education for teens - Cyber security department in university - Training course for employees Cooperation  State-level cooperation - Inter-agency cooperation - Public-private partnership  International-level cooperation - International organizations, Conventions or cooperation between States Cyber Security Capacity Building 21
/ 25 Conclusion To deter the rapid growth of cyber threats, it is important for each State to build its own capacities and yet cooperate internationally Each State’s Effort to Deter Cyber Threats Evolving Cyber Threats Increasing Dependence on ICT · Cyber threats are getting more sophisticated and targeted · Cyber threats are one of the most serious threats that most States face · New technologies such as IoT, Big Data and Cloud computing are being used · States’ increasing dependence on ICT International Cooperation Capacity Building 22
/ 2523 FIRST is a multi-stakeholder network participated in by more than 350 CERT teams in 75 countries, and it can play a key role in global cyber security cooperation. Conclusion - Possibility of FIRST
/ 25 The achievement and role of FIRST in cyber security and the developmental direction as a major subject of global cyber security need to be sought Counter- Threat Cooperation Information Sharing Capacity Building Private Public Partnership Security FIRST Cooperation in responding to cyber threats Information sharing such as infringement status and exemplary cases related to cyber infringement and threat Infringement/Threat information sharing Laying the basis for the private/public cooperation system as a cooperation organization of the multi-stakeholder CERT Basis of private/public cooperation system Strengthening the overall cyber security level by training and providing technical support to the less capable CERTs Support capacity building Possibility of joint response based on voluntary cooperation, if cyber threats occur Conclusion - Possibility of FIRST 24
Thank you jilim@korea.ac.kr

Recommended

How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
IJCSIS Research Publications
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismAbhay Vijay
 
Cyber crime
Cyber crimeCyber crime
Cyber crime24sneha
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime Investigation
Harshita Ved
 
Countering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from ChinaCountering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from China
Murray Security Services
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0
Murray Security Services
 
Mis chapter 9
Mis chapter 9Mis chapter 9
Mis chapter 9
Filmon Habtemichael Tesfai
 
Final Copy Cyber Crime Research Essay
Final Copy Cyber Crime Research EssayFinal Copy Cyber Crime Research Essay
Final Copy Cyber Crime Research EssayCallum Craigie
 

Recommended

How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
IJCSIS Research Publications
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismAbhay Vijay
 
Cyber crime
Cyber crimeCyber crime
Cyber crime24sneha
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime Investigation
Harshita Ved
 
Countering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from ChinaCountering the Cyber Espionage Threat from China
Countering the Cyber Espionage Threat from China
Murray Security Services
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0
Murray Security Services
 
Mis chapter 9
Mis chapter 9Mis chapter 9
Mis chapter 9
Filmon Habtemichael Tesfai
 
Final Copy Cyber Crime Research Essay
Final Copy Cyber Crime Research EssayFinal Copy Cyber Crime Research Essay
Final Copy Cyber Crime Research EssayCallum Craigie
 
ppt on child pornography and cyber crime
ppt on child pornography and cyber crimeppt on child pornography and cyber crime
ppt on child pornography and cyber crime
008_Anuj
 
Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02
Shumail Tariq
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
David Sweigert
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
Accenture
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
Gohar Sokhakyan
 
SEO2India - Cyber crime
SEO2India - Cyber crimeSEO2India - Cyber crime
SEO2India - Cyber crime
SEO2India - Devang Barot - SEO2India
 
Cybercrimes (Against Children)
Cybercrimes (Against Children)Cybercrimes (Against Children)
Cybercrimes (Against Children)
Can R. PAHALI
 
Cyber crime against children
Cyber crime against childrenCyber crime against children
Cyber crime against children
Anchalanshri Dixit
 
Protecting children in cyberspace
Protecting children in cyberspace Protecting children in cyberspace
Protecting children in cyberspace
Karnika Seth
 
Traditional Problems Associated with Computer Crime
Traditional Problems Associated with Computer CrimeTraditional Problems Associated with Computer Crime
Traditional Problems Associated with Computer Crime
Dhrumil Panchal
 
Learn More About Cyber Crime Investigation
Learn More About Cyber Crime Investigation Learn More About Cyber Crime Investigation
Learn More About Cyber Crime Investigation Skills Academy
 
Hacking
Hacking Hacking
Hacking
thajmohammed
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1
100688767-barrett
 
Evil Geniuses: How organized cybercriminals could take over the world
Evil Geniuses: How organized cybercriminals could take over the worldEvil Geniuses: How organized cybercriminals could take over the world
Evil Geniuses: How organized cybercriminals could take over the world
Hillary L
 
Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015
Hovhannes Aghajanyan
 
Attacks Types
Attacks TypesAttacks Types
Attacks Types
RajuPrasad33
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraud
FCA - Future Chartered Accountants
 
Cyber Crime and Security
Cyber Crime and Security Cyber Crime and Security
Cyber Crime and Security
Sanguine_Eva
 
cybercrime landscape for moldova
cybercrime landscape for moldovacybercrime landscape for moldova
cybercrime landscape for moldova
moldovaictsummit2016
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examiner
Neeraj Aarora
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
Ramiro Cid
 
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never SleepCybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
IBM Security
 

More Related Content

What's hot

ppt on child pornography and cyber crime
ppt on child pornography and cyber crimeppt on child pornography and cyber crime
ppt on child pornography and cyber crime
008_Anuj
 
Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02
Shumail Tariq
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
David Sweigert
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
Accenture
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
Gohar Sokhakyan
 
SEO2India - Cyber crime
SEO2India - Cyber crimeSEO2India - Cyber crime
SEO2India - Cyber crime
SEO2India - Devang Barot - SEO2India
 
Cybercrimes (Against Children)
Cybercrimes (Against Children)Cybercrimes (Against Children)
Cybercrimes (Against Children)
Can R. PAHALI
 
Cyber crime against children
Cyber crime against childrenCyber crime against children
Cyber crime against children
Anchalanshri Dixit
 
Protecting children in cyberspace
Protecting children in cyberspace Protecting children in cyberspace
Protecting children in cyberspace
Karnika Seth
 
Traditional Problems Associated with Computer Crime
Traditional Problems Associated with Computer CrimeTraditional Problems Associated with Computer Crime
Traditional Problems Associated with Computer Crime
Dhrumil Panchal
 
Learn More About Cyber Crime Investigation
Learn More About Cyber Crime Investigation Learn More About Cyber Crime Investigation
Learn More About Cyber Crime Investigation Skills Academy
 
Hacking
Hacking Hacking
Hacking
thajmohammed
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1
100688767-barrett
 
Evil Geniuses: How organized cybercriminals could take over the world
Evil Geniuses: How organized cybercriminals could take over the worldEvil Geniuses: How organized cybercriminals could take over the world
Evil Geniuses: How organized cybercriminals could take over the world
Hillary L
 
Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015
Hovhannes Aghajanyan
 
Attacks Types
Attacks TypesAttacks Types
Attacks Types
RajuPrasad33
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraud
FCA - Future Chartered Accountants
 
Cyber Crime and Security
Cyber Crime and Security Cyber Crime and Security
Cyber Crime and Security
Sanguine_Eva
 
cybercrime landscape for moldova
cybercrime landscape for moldovacybercrime landscape for moldova
cybercrime landscape for moldova
moldovaictsummit2016
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examiner
Neeraj Aarora
 

What's hot (20)

ppt on child pornography and cyber crime
ppt on child pornography and cyber crimeppt on child pornography and cyber crime
ppt on child pornography and cyber crime
 
Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02
 
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
Worldwide Cyber Threats report to House Permanent Select Committee on Intelli...
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
 
SEO2India - Cyber crime
SEO2India - Cyber crimeSEO2India - Cyber crime
SEO2India - Cyber crime
 
Cybercrimes (Against Children)
Cybercrimes (Against Children)Cybercrimes (Against Children)
Cybercrimes (Against Children)
 
Cyber crime against children
Cyber crime against childrenCyber crime against children
Cyber crime against children
 
Protecting children in cyberspace
Protecting children in cyberspace Protecting children in cyberspace
Protecting children in cyberspace
 
Traditional Problems Associated with Computer Crime
Traditional Problems Associated with Computer CrimeTraditional Problems Associated with Computer Crime
Traditional Problems Associated with Computer Crime
 
Learn More About Cyber Crime Investigation
Learn More About Cyber Crime Investigation Learn More About Cyber Crime Investigation
Learn More About Cyber Crime Investigation
 
Hacking
Hacking Hacking
Hacking
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1
 
Evil Geniuses: How organized cybercriminals could take over the world
Evil Geniuses: How organized cybercriminals could take over the worldEvil Geniuses: How organized cybercriminals could take over the world
Evil Geniuses: How organized cybercriminals could take over the world
 
Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015
 
Attacks Types
Attacks TypesAttacks Types
Attacks Types
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraud
 
Cyber Crime and Security
Cyber Crime and Security Cyber Crime and Security
Cyber Crime and Security
 
cybercrime landscape for moldova
cybercrime landscape for moldovacybercrime landscape for moldova
cybercrime landscape for moldova
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examiner
 

Viewers also liked

The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
Ramiro Cid
 
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never SleepCybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
IBM Security
 
Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...
IBM Sverige
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
Maurice Dawson
 
Ericsson ConsumerLab: Wearable technology and the internet of things
Ericsson ConsumerLab: Wearable technology and the internet of thingsEricsson ConsumerLab: Wearable technology and the internet of things
Ericsson ConsumerLab: Wearable technology and the internet of things
Ericsson
 
Flashpoint hacking forisis_april2016
Flashpoint hacking forisis_april2016Flashpoint hacking forisis_april2016
Flashpoint hacking forisis_april2016
Andrey Apuhtin
 
7 Pillars of Growth Hacking - Chris Out from RockBoost
7 Pillars of Growth Hacking - Chris Out from RockBoost7 Pillars of Growth Hacking - Chris Out from RockBoost
7 Pillars of Growth Hacking - Chris Out from RockBoost
Chris Out
 
Hacker House August Proposal
Hacker House August ProposalHacker House August Proposal
Hacker House August Proposal
Innotech Network™
 
Cyber Security in Manufacturing
Cyber Security in ManufacturingCyber Security in Manufacturing
Cyber Security in Manufacturing
CentraComm
 
CyberSecurity Medical Devices
CyberSecurity Medical DevicesCyberSecurity Medical Devices
CyberSecurity Medical Devices
Suresh Mandava
 
The Foundations of Social Media Risk Management
The Foundations of Social Media Risk ManagementThe Foundations of Social Media Risk Management
The Foundations of Social Media Risk Management
3Sixty Insights
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
Sophos Benelux
 
CNIT 128 Ch 1: The mobile risk ecosystem
CNIT 128 Ch 1: The mobile risk ecosystemCNIT 128 Ch 1: The mobile risk ecosystem
CNIT 128 Ch 1: The mobile risk ecosystem
Sam Bowne
 
Wearing safe: Physical and informational security in the age of the wearable ...
Wearing safe: Physical and informational security in the age of the wearable ...Wearing safe: Physical and informational security in the age of the wearable ...
Wearing safe: Physical and informational security in the age of the wearable ...
Simon Fraser University
 
OPSEC for hackers
OPSEC for hackersOPSEC for hackers
OPSEC for hackers
grugq
 
Over-the-air (OTA) updates and the Connected car
Over-the-air (OTA) updates and the Connected carOver-the-air (OTA) updates and the Connected car
Over-the-air (OTA) updates and the Connected car
Pratik Desai, PhD
 
Security Challenges in Emerging Technologies
Security Challenges in Emerging TechnologiesSecurity Challenges in Emerging Technologies
Security Challenges in Emerging Technologies
Praveen Vackayil
 
CNIT 128 Ch 2: Hacking the cellular network
CNIT 128 Ch 2: Hacking the cellular networkCNIT 128 Ch 2: Hacking the cellular network
CNIT 128 Ch 2: Hacking the cellular network
Sam Bowne
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Rajan Chhangani
 

Viewers also liked (20)

The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
 
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never SleepCybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
 
Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...Current Threat Landscape, Global Trends and Best Practices within Financial F...
Current Threat Landscape, Global Trends and Best Practices within Financial F...
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
 
Ericsson ConsumerLab: Wearable technology and the internet of things
Ericsson ConsumerLab: Wearable technology and the internet of thingsEricsson ConsumerLab: Wearable technology and the internet of things
Ericsson ConsumerLab: Wearable technology and the internet of things
 
Flashpoint hacking forisis_april2016
Flashpoint hacking forisis_april2016Flashpoint hacking forisis_april2016
Flashpoint hacking forisis_april2016
 
7 Pillars of Growth Hacking - Chris Out from RockBoost
7 Pillars of Growth Hacking - Chris Out from RockBoost7 Pillars of Growth Hacking - Chris Out from RockBoost
7 Pillars of Growth Hacking - Chris Out from RockBoost
 
Hacker House August Proposal
Hacker House August ProposalHacker House August Proposal
Hacker House August Proposal
 
rpt-world-eco-forum Final
rpt-world-eco-forum Finalrpt-world-eco-forum Final
rpt-world-eco-forum Final
 
Cyber Security in Manufacturing
Cyber Security in ManufacturingCyber Security in Manufacturing
Cyber Security in Manufacturing
 
CyberSecurity Medical Devices
CyberSecurity Medical DevicesCyberSecurity Medical Devices
CyberSecurity Medical Devices
 
The Foundations of Social Media Risk Management
The Foundations of Social Media Risk ManagementThe Foundations of Social Media Risk Management
The Foundations of Social Media Risk Management
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
 
CNIT 128 Ch 1: The mobile risk ecosystem
CNIT 128 Ch 1: The mobile risk ecosystemCNIT 128 Ch 1: The mobile risk ecosystem
CNIT 128 Ch 1: The mobile risk ecosystem
 
Wearing safe: Physical and informational security in the age of the wearable ...
Wearing safe: Physical and informational security in the age of the wearable ...Wearing safe: Physical and informational security in the age of the wearable ...
Wearing safe: Physical and informational security in the age of the wearable ...
 
OPSEC for hackers
OPSEC for hackersOPSEC for hackers
OPSEC for hackers
 
Over-the-air (OTA) updates and the Connected car
Over-the-air (OTA) updates and the Connected carOver-the-air (OTA) updates and the Connected car
Over-the-air (OTA) updates and the Connected car
 
Security Challenges in Emerging Technologies
Security Challenges in Emerging TechnologiesSecurity Challenges in Emerging Technologies
Security Challenges in Emerging Technologies
 
CNIT 128 Ch 2: Hacking the cellular network
CNIT 128 Ch 2: Hacking the cellular networkCNIT 128 Ch 2: Hacking the cellular network
CNIT 128 Ch 2: Hacking the cellular network
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 

Similar to Focus on cyber threats in hacking cycle

Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Dulanja Liyanage
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Alisha Deboer
 
Perform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdfPerform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdf
fasttrackcomputersol
 
Lazarus talk tlp white
Lazarus talk tlp whiteLazarus talk tlp white
Lazarus talk tlp white
Christopher Doman
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
Spire Research and Consulting
 
Security News Byes- Nov
Security News Byes- NovSecurity News Byes- Nov
Security News Byes- Nov
prashsiv
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on Sony
Nick Bilogorskiy
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
Ian-Edward Stafrace
 
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
CloudCamp Chicago
 
Cyber Wars.pptx
Cyber Wars.pptxCyber Wars.pptx
Cyber Wars.pptx
ArjunKumar684595
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber security
IT Governance Ltd
 
Business under cyberassault
Business under cyberassaultBusiness under cyberassault
Business under cyberassault
Mohammad Husain
 
https://uii.io/Oneconflict
https://uii.io/Oneconflicthttps://uii.io/Oneconflict
https://uii.io/Oneconflict
Lucas395677
 
CSCSS Case Study - Peoples Republic of China- Anatomy of a Breach
CSCSS Case Study - Peoples Republic of China- Anatomy of a BreachCSCSS Case Study - Peoples Republic of China- Anatomy of a Breach
CSCSS Case Study - Peoples Republic of China- Anatomy of a Breach
Centre for Strategic Cyberspace + Security Science
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
IT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckIT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide Deck
Don Gulling
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
Kaukau9
 
War between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceWar between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber space
uisgslide
 
Chinese Cyber attack on mumbai power plant
Chinese Cyber attack on mumbai power plantChinese Cyber attack on mumbai power plant
Chinese Cyber attack on mumbai power plant
RohanMistry15
 
Cybercrime trends in last five years
Cybercrime trends in last five yearsCybercrime trends in last five years
Cybercrime trends in last five years
SABBY GILL
 

Similar to Focus on cyber threats in hacking cycle (20)

Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
 
Perform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdfPerform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdf
 
Lazarus talk tlp white
Lazarus talk tlp whiteLazarus talk tlp white
Lazarus talk tlp white
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
 
Security News Byes- Nov
Security News Byes- NovSecurity News Byes- Nov
Security News Byes- Nov
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on Sony
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
 
Cyber Wars.pptx
Cyber Wars.pptxCyber Wars.pptx
Cyber Wars.pptx
 
Using international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber securityUsing international standards to improve Asia-Pacific cyber security
Using international standards to improve Asia-Pacific cyber security
 
Business under cyberassault
Business under cyberassaultBusiness under cyberassault
Business under cyberassault
 
https://uii.io/Oneconflict
https://uii.io/Oneconflicthttps://uii.io/Oneconflict
https://uii.io/Oneconflict
 
CSCSS Case Study - Peoples Republic of China- Anatomy of a Breach
CSCSS Case Study - Peoples Republic of China- Anatomy of a BreachCSCSS Case Study - Peoples Republic of China- Anatomy of a Breach
CSCSS Case Study - Peoples Republic of China- Anatomy of a Breach
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
IT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckIT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide Deck
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
 
War between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber spaceWar between Russia and Ukraine in cyber space
War between Russia and Ukraine in cyber space
 
Chinese Cyber attack on mumbai power plant
Chinese Cyber attack on mumbai power plantChinese Cyber attack on mumbai power plant
Chinese Cyber attack on mumbai power plant
 
Cybercrime trends in last five years
Cybercrime trends in last five yearsCybercrime trends in last five years
Cybercrime trends in last five years
 

More from David Sweigert

The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
David Sweigert
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting
David Sweigert
 
Sample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisSample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark Analysis
David Sweigert
 
National Cyber Security Awareness Month poster
National Cyber Security Awareness Month posterNational Cyber Security Awareness Month poster
National Cyber Security Awareness Month poster
David Sweigert
 
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
David Sweigert
 
National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017
David Sweigert
 
California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9
David Sweigert
 
Congressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber SecurityCongressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber Security
David Sweigert
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
David Sweigert
 
Application of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking ThreatsApplication of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking Threats
David Sweigert
 
Canada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector ChartCanada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector Chart
David Sweigert
 
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
David Sweigert
 
Cyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentCyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public Comment
David Sweigert
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
David Sweigert
 
National Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFTNational Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFT
David Sweigert
 
National Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public FeedbackNational Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public Feedback
David Sweigert
 
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERTNursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
David Sweigert
 
National Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd editionNational Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd edition
David Sweigert
 
Healthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness PlanHealthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness Plan
David Sweigert
 
Cyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHSCyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHS
David Sweigert
 

More from David Sweigert (20)

The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
The hacking methods of the Singularity Event doomsday cult (TYLER A.I.)
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting
 
Sample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisSample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark Analysis
 
National Cyber Security Awareness Month poster
National Cyber Security Awareness Month posterNational Cyber Security Awareness Month poster
National Cyber Security Awareness Month poster
 
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner Department of Defense standard 8570 - CompTia Advanced Security Practitioner
Department of Defense standard 8570 - CompTia Advanced Security Practitioner
 
National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017National Cyber Security Awareness Month - October 2017
National Cyber Security Awareness Month - October 2017
 
California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9California Attorney General Notification Penal Code 646.9
California Attorney General Notification Penal Code 646.9
 
Congressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber SecurityCongressional support of Ethical Hacking and Cyber Security
Congressional support of Ethical Hacking and Cyber Security
 
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
EXAM NOTES for DOD Standard 8570 CompTia Advanced Security Practitioner (CASP)
 
Application of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking ThreatsApplication of Racketeering Law to Suppress CrowdStalking Threats
Application of Racketeering Law to Suppress CrowdStalking Threats
 
Canada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector ChartCanada Communications Security Establishment - Threat Vector Chart
Canada Communications Security Establishment - Threat Vector Chart
 
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
Port of Charleston evacuation case study: The cognitive threat of conspiracy ...
 
Cyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentCyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public Comment
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
 
National Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFTNational Incident Management System (NIMS) NQS DRAFT
National Incident Management System (NIMS) NQS DRAFT
 
National Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public FeedbackNational Incident Management System - NQS Public Feedback
National Incident Management System - NQS Public Feedback
 
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERTNursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
Nursing meets Hacking -- Medical Computer Emergency Response Teams -- MedCERT
 
National Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd editionNational Preparedness Goals 2015 2nd edition
National Preparedness Goals 2015 2nd edition
 
Healthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness PlanHealthcare Sector-wide Disaster Prepardness Plan
Healthcare Sector-wide Disaster Prepardness Plan
 
Cyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHSCyber Risk Assessment for the Emergency Services Sector - DHS
Cyber Risk Assessment for the Emergency Services Sector - DHS
 

Recently uploaded

一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
一比一原版(WSU毕业证)西悉尼大学毕业证成绩单一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
evkovas
 
Uniform Guidance 3.0 - The New 2 CFR 200
Uniform Guidance 3.0 - The New 2 CFR 200Uniform Guidance 3.0 - The New 2 CFR 200
Uniform Guidance 3.0 - The New 2 CFR 200
GrantManagementInsti
 
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
ehbuaw
 
PPT Item # 8 - Tuxedo Columbine 3way Stop
PPT Item # 8 - Tuxedo Columbine 3way StopPPT Item # 8 - Tuxedo Columbine 3way Stop
PPT Item # 8 - Tuxedo Columbine 3way Stop
ahcitycouncil
 
NHAI_Under_Implementation_01-05-2024.pdf
NHAI_Under_Implementation_01-05-2024.pdfNHAI_Under_Implementation_01-05-2024.pdf
NHAI_Under_Implementation_01-05-2024.pdf
AjayVejendla3
 
What is the point of small housing associations.pptx
What is the point of small housing associations.pptxWhat is the point of small housing associations.pptx
What is the point of small housing associations.pptx
Paul Smith
 
PPT Item # 5 - 5330 Broadway ARB Case # 930F
PPT Item # 5 - 5330 Broadway ARB Case # 930FPPT Item # 5 - 5330 Broadway ARB Case # 930F
PPT Item # 5 - 5330 Broadway ARB Case # 930F
ahcitycouncil
 
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
ukyewh
 
PACT launching workshop presentation-Final.pdf
PACT launching workshop presentation-Final.pdfPACT launching workshop presentation-Final.pdf
PACT launching workshop presentation-Final.pdf
Mohammed325561
 
PD-1602-as-amended-by-RA-9287-Anti-Illegal-Gambling-Law.pptx
PD-1602-as-amended-by-RA-9287-Anti-Illegal-Gambling-Law.pptxPD-1602-as-amended-by-RA-9287-Anti-Illegal-Gambling-Law.pptx
PD-1602-as-amended-by-RA-9287-Anti-Illegal-Gambling-Law.pptx
RIDPRO11
 
ZGB - The Role of Generative AI in Government transformation.pdf
ZGB - The Role of Generative AI in Government transformation.pdfZGB - The Role of Generative AI in Government transformation.pdf
ZGB - The Role of Generative AI in Government transformation.pdf
Saeed Al Dhaheri
 
Russian anarchist and anti-war movement in the third year of full-scale war
Russian anarchist and anti-war movement in the third year of full-scale warRussian anarchist and anti-war movement in the third year of full-scale war
Russian anarchist and anti-war movement in the third year of full-scale war
Antti Rautiainen
 
Many ways to support street children.pptx
Many ways to support street children.pptxMany ways to support street children.pptx
Many ways to support street children.pptx
SERUDS INDIA
 
一比一原版(UOW毕业证)伍伦贡大学毕业证成绩单
一比一原版(UOW毕业证)伍伦贡大学毕业证成绩单一比一原版(UOW毕业证)伍伦贡大学毕业证成绩单
一比一原版(UOW毕业证)伍伦贡大学毕业证成绩单
ehbuaw
 
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
850fcj96
 
Opinions on EVs: Metro Atlanta Speaks 2023
Opinions on EVs: Metro Atlanta Speaks 2023Opinions on EVs: Metro Atlanta Speaks 2023
Opinions on EVs: Metro Atlanta Speaks 2023
ARCResearch
 
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
ehbuaw
 
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptxMHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
ILC- UK
 
2024: The FAR - Federal Acquisition Regulations, Part 36
2024: The FAR - Federal Acquisition Regulations, Part 362024: The FAR - Federal Acquisition Regulations, Part 36
2024: The FAR - Federal Acquisition Regulations, Part 36
JSchaus & Associates
 
2024: The FAR - Federal Acquisition Regulations, Part 37
2024: The FAR - Federal Acquisition Regulations, Part 372024: The FAR - Federal Acquisition Regulations, Part 37
2024: The FAR - Federal Acquisition Regulations, Part 37
JSchaus & Associates
 

Recently uploaded (20)

一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
一比一原版(WSU毕业证)西悉尼大学毕业证成绩单一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
一比一原版(WSU毕业证)西悉尼大学毕业证成绩单
 
Uniform Guidance 3.0 - The New 2 CFR 200
Uniform Guidance 3.0 - The New 2 CFR 200Uniform Guidance 3.0 - The New 2 CFR 200
Uniform Guidance 3.0 - The New 2 CFR 200
 
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
一比一原版(UQ毕业证)昆士兰大学毕业证成绩单
 
PPT Item # 8 - Tuxedo Columbine 3way Stop
PPT Item # 8 - Tuxedo Columbine 3way StopPPT Item # 8 - Tuxedo Columbine 3way Stop
PPT Item # 8 - Tuxedo Columbine 3way Stop
 
NHAI_Under_Implementation_01-05-2024.pdf
NHAI_Under_Implementation_01-05-2024.pdfNHAI_Under_Implementation_01-05-2024.pdf
NHAI_Under_Implementation_01-05-2024.pdf
 
What is the point of small housing associations.pptx
What is the point of small housing associations.pptxWhat is the point of small housing associations.pptx
What is the point of small housing associations.pptx
 
PPT Item # 5 - 5330 Broadway ARB Case # 930F
PPT Item # 5 - 5330 Broadway ARB Case # 930FPPT Item # 5 - 5330 Broadway ARB Case # 930F
PPT Item # 5 - 5330 Broadway ARB Case # 930F
 
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
一比一原版(QUT毕业证)昆士兰科技大学毕业证成绩单
 
PACT launching workshop presentation-Final.pdf
PACT launching workshop presentation-Final.pdfPACT launching workshop presentation-Final.pdf
PACT launching workshop presentation-Final.pdf
 
PD-1602-as-amended-by-RA-9287-Anti-Illegal-Gambling-Law.pptx
PD-1602-as-amended-by-RA-9287-Anti-Illegal-Gambling-Law.pptxPD-1602-as-amended-by-RA-9287-Anti-Illegal-Gambling-Law.pptx
PD-1602-as-amended-by-RA-9287-Anti-Illegal-Gambling-Law.pptx
 
ZGB - The Role of Generative AI in Government transformation.pdf
ZGB - The Role of Generative AI in Government transformation.pdfZGB - The Role of Generative AI in Government transformation.pdf
ZGB - The Role of Generative AI in Government transformation.pdf
 
Russian anarchist and anti-war movement in the third year of full-scale war
Russian anarchist and anti-war movement in the third year of full-scale warRussian anarchist and anti-war movement in the third year of full-scale war
Russian anarchist and anti-war movement in the third year of full-scale war
 
Many ways to support street children.pptx
Many ways to support street children.pptxMany ways to support street children.pptx
Many ways to support street children.pptx
 
一比一原版(UOW毕业证)伍伦贡大学毕业证成绩单
一比一原版(UOW毕业证)伍伦贡大学毕业证成绩单一比一原版(UOW毕业证)伍伦贡大学毕业证成绩单
一比一原版(UOW毕业证)伍伦贡大学毕业证成绩单
 
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
如何办理(uoit毕业证书)加拿大安大略理工大学毕业证文凭证书录取通知原版一模一样
 
Opinions on EVs: Metro Atlanta Speaks 2023
Opinions on EVs: Metro Atlanta Speaks 2023Opinions on EVs: Metro Atlanta Speaks 2023
Opinions on EVs: Metro Atlanta Speaks 2023
 
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
一比一原版(Adelaide毕业证)阿德莱德大学毕业证成绩单
 
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptxMHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
MHM Roundtable Slide Deck WHA Side-event May 28 2024.pptx
 
2024: The FAR - Federal Acquisition Regulations, Part 36
2024: The FAR - Federal Acquisition Regulations, Part 362024: The FAR - Federal Acquisition Regulations, Part 36
2024: The FAR - Federal Acquisition Regulations, Part 36
 
2024: The FAR - Federal Acquisition Regulations, Part 37
2024: The FAR - Federal Acquisition Regulations, Part 372024: The FAR - Federal Acquisition Regulations, Part 37
2024: The FAR - Federal Acquisition Regulations, Part 37
 

Focus on cyber threats in hacking cycle

  • 1. Security FIRST - International Cooperation in Cyber Security - School of Information Security, Korea University former Special Adviser to the President for National Security Lim, Jong In 2015.06.13. FIRST
  • 2. / 25 $81 million dollar deposit was stolen via a forged message instructing that some of the Bangladesh Central Bank’s deposit in the Federal Reserve Bank of New York should be transferred Recent Issues – SWIFT Hacking Bangladesh Cyber Theft  Feb. 2016. Hackers stole $81 million from the Bangladesh Central Bank’s official account at the Federal Reserve Bank of New York  New York Fed announced that the transfer of the money had been “fully authenticated” by SWIFT(international financial messaging system)  Bangladesh's central bank was vulnerable to hackers because it did not have a firewall and used second- hand, $10 switches for network computers connected to SWIFT Source : NYT, Reuter 2
  • 3. / 25 Continuous hacking attempts against SWIFT and assumed mastermind  According to the malicious code analysis by IssueMakersLab in Korea, the file deletion function codes of the following malicious codes are similar, making us assume that the attacks were launched by the same group: - February 2016 :Bangladesh Central Bank - December 2015 : Vietnam’s Commercial Bank - November 2014 : Sony Pictures - June 2013: Press in Korea  Since the analysis results of Symantec also show high similarity to the Sony Pictures malicious code, North Korea is assumed to be the mastermind There were SWIFT hacking attempts against 8 banks besides Bangladesh Central Bank. The incident is believed to be the work of North Korean hackers, judging from the similarity of the malicious code to that in the Sony Pictures hacking incident. 3 Recent Issues – SWIFT Hacking
  • 4. / 25 Korea is experiencing a social problem due to the spread of ransomware that exploits the vulnerability of major online community advertising banners Spread of ransomware targeting online communities in Korea  Distributing ransomware among major online communities in Korea - Crypt0L0cker randomware was distributed on Clien.net in April 2015 - UltraCrypter randomware was distributed on PPOMPPU.co.kr in June 2016  Both sites are representative online communities in Korea (ranked 12th and 13th in web traffic volume), and several hundred million worth of damages were reported  Both malicious codes require BitCoin deposit, and it is difficult to respond due to difficulty in tracing back  Since BitCoin deposit is not confirmed for UltraCrypter, recovery is expected to be impossible Recent Issues - Ransomware 4
  • 5. / 25 Korea is the third affected countries of the LOCKY ransomware Recent Issues - Ransomware 5 Source : FireEye
  • 6. / 25 Sony Pictures Entertainment was hacked before its release of ‘The Interview’, a movie that plans to assassinate North Korea’s leader Overview of the Sony Pictures Hacking • Sony Pictures Entertainment’s internal system was breached and some of its data was leaked in November, 2014. • Leaked data includes, among others: - personal information of employees - e-mails among employees - information on executive salaries - copies of unreleased Sony films • The hackers called themselves the "Guardians of Peace" and demanded the planned release of the film ‘The Interview’, a comedy on a plot to assassinate North Korean leader Kim Jong-un, be cancelled 6 Recent Issues – Sony Pictures
  • 7. / 25 The U.S. attributed the Sony Picture hack to North Korea, calling it ‘Cyber Vandalism,’ and took a series of actions in response U.S. Government’s Reaction • On December 19th, 2014, F.B.I. published an investigative report on the hack, in which it identified North Korea as the perpetrator • President Obama called the hack ‘Cyber Vandalism’ and claimed that the U.S. weighed proportionate response to the attack • North Korean websites were shut down, allegedly by cyber attacks orchestrated by the U.S. • President Obama sanctioned North Korea’s Directorate of Reconnaissance 7 Recent Issues – Sony Pictures
  • 8. / 25 Korea Hydro & Nuclear Power(KHNP) was threatened to be destroyed by a hacker who claimed to have hacked its control system KHNP Hacking Overview  In December 2014, a hacker who claimed to be against nuclear power development posted some of KHNP’s confidential data on his internet blog  The hacker claimed that he had breached into KHNP’s internal control system and threatened that he would destroy KHNP’s nuclear power plants unless it shut them down itself  Investigation by South Korean government and KHNP found no evidence of intrusion into KHNP’s control system. There has not been any cyber attack on the Nuclear Power plant thereafter Recent Issues – KHNP 8
  • 9. / 25 South Korean government’s investigation unit alleged North Korea of having perpetrated the hack with a Chinese IP address South Korean Government’s Reaction  On December 20th, 2014, a government team was assembled to probe into the hack  The team found that the hacker had accessed VPN in South Korea via proxy IP address in Shenyang, China. Having failed to hack KHNP directly, the hacker sent phishing emails to partners of KHNP and retired employees  On December 24th, 2014, the investigation team requested cooperation from the Chinese Police  On March 17th, 2015, the government team presented an interim probe result, which suggested that North Korea had orchestrated the hack Hacker in North Korea VPN in South Korea Access via Proxy IP Address in Sunyang, China Hacking Failed (Sent 6,000 Phishing Emails) Hacked partners of KHNP and retired employee’s of KHNP Used vulnerabilities of Hangul (Wordprocessor) 9 Recent Issues – KHNP
  • 10. / 25 Case of South Korea - Cyber Threats that S.Korea faces South Korea has had numerous cyber attacks since 2009, but failed to identify and prosecute suspects for any of the attacks Year Cyber attacks on S.Korea 2003  1.25 Internet Intrusion : Korea's major internet networks went down due to the Slammer Worm taking advantage of vulnerabilities of Microsoft's SQL servers 2009  7.7 DDoS Attack : Three DDoS attacks from July 7th to 10th paralyzed the major government sites including website of the Presidential Office 2010 2012  GPS Disturbance : From 2010 to 2012, GPS disturbance occurred annually, causing signal interference and damage to GPS receivers in private and military sectors, including those in Korea Telecom's base stations 2011  3.4 DDoS Attack : DDoS attacks on 40 local websites, including those of major portals, government offices, the Ministry of National Defense and financial institutions 2011  NH Bank's Cyber Terror : NH Bank's internal data and server system were damaged. Service access paralyzed entirely or partially 2013  3.20 Cyber Terror : Major local broadcasters' and six financial institutions' computer networks went down 2013  6.25 Cyber Terror : The Presidential Office website, major government websites, media and political parties’ websites were under cyber attacks 2014  Hacking on KHNP : KHNP's blueprints and operating methods for nuclear power stations were leaked on the internet ~ 10
  • 11. / 25 South Korea established a comprehensive national system to counter cyber threats, controlled and coordinated by the Presidential Office Case of South Korea – Countering Cyber Threats Presidential Office National Security Council National Cyber Defense Secretary to the President for National Cyber Security National Cyber Security Center Ministry of Defense Cyber Crime National Police Agency Cyber Security for Civil Sector Ministry of Science, ICT and Future Planning Privacy, Cyber Security For Public Sector Ministry of Gov Administration and Home Affairs Cyber Terror, CIP National Intelligent Service 11
  • 12. / 25 While receiving cyber attacks continuously, the Korean government is endeavoring to strengthen national cyber security continuously by setting up strategies and plans to respond to such cyber attacks • Recognized the necessity of responding to information security issues including personal information protection due to the Auction hacking incident in 2008 • Aimed to establish a social safety network by improving policies and building infrastructure by 2010 • It was recognized that a cyber attack can threaten national security due to the 7.7 DDoS attack in 2009 • Obtained good results, such as establishment of the cyber security government system and definition of roles and responsibilities by department • Recognized the necessity of an effective response method due to the 3.4 DDoS Incident and Nonghyup Computer Problems in 2011 • Obtained good results, such as awareness improvement, outsourcing company management, and implementation of the S/W security vulnerability diagnosis system • Recognized the necessity of integrating cyber capabilities distributed among government departments due to the 3.20 and 6.25 Cyber Terror • Established the organizational structure (the Blue House plays the role of control tower, and the National Intelligence Service supervises hands-on work) and prepared personnel fostering plans • Recognized the necessity of protecting cyberspace safely following the Korea Hydro & Nuclear Power hacking incident • Strengthened the cyber security control tower function of the National Security Office, newly established a dedicated pan-government cyber security organization Mid-term comprehensive information security plan (2008) Comprehensive measures against the national cyber crisis (2009) National cyber security master plan (2011) Comprehensive national cyber security measures (2013) National cyber security posture and capability strengthening plan (2015) Case of South Korea – Countering Cyber Threats 12
  • 13. / 25  High volume, high velocity, high variety information assets that require new forms of processing to make more meaningful information  Data Volume : 2.7 ZB (2012) → 7.9 ZB (2015)  Model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources  IaaS(Infra), PaaS(Platform), SaaS(Service)  Network of physical objects or "things" embedded in electronics, software, sensors and connectivity  26 billion devices on the IoT by 2020 (Gartner)  Wearable Devices, Smart Car, etc. ICT Development and Evolving Cyber Threats As ICT development begets new technologies such as IoT, Big Data, and Cloud Computing ICT Development Connection Personalized Data Digitalized Convergence IoT Cloud Computing Big Data 13
  • 14. / 25 ICT Development and Evolving Cyber Threats European Commission’s Next Generation Computing predicts that ICT will evolve to IoT Environment through Embedded system and CPS Vision : Internet of Things, Data & Services (e.g. Smart Cities) Cyber-Physical Systems (e.g. Intelligent Networked Road Junction) Network Embedded System (e.g. Autonomous Aviation) Embedded Systems (e.g. AirBag) Source : NGC Study, 2013, EUTEMA 14
  • 15. / 25 ICT Development and Evolving Cyber Threats In a hyperconnected society where various new ICT applications are adopted, threats to the new applications are anticipated Smart Home Appliance  ICT added home appliances for remote control and efficiency, and convenience  Hacked or Demonstrated Cases - Refrigerator hacked to send spam emails (2014) - Philips LED Lighting hacking demonstration (Dhanjani, 2013) - Web Camera Exposed (BBC, 2014) Smart Healthcare  Using body-measured information by using wearable devices and medical equipment  Hacked or Demonstrated Cases - Breakpoint Security Conference, Pacemaker Hacking Demonstration (2012) - BlackHat USA, Insulin Pump Hacking Demonstration (2013) Smart Car  IT component and services are integrated into automobiles for information gathering and remote control  Hacked or Demonstrated Cases - U.S. EmbeddedSecurityCenterDemonstration(2010) - Korea University Demonstration (2012) - BlackHat USA Demonstration (2014) Smart Energy  Increasing energy efficiency by managing information such as SmartGrid, Smart Buildings  Hacked or Demonstrated Cases - Puerto Rico SmartMeter Tempering (2009) - ‘Dragonfly’ Backdoors in U.S. and Europe Power Grid Control Systems (2014) Threats in a Hyperconnected Society 15
  • 16. / 25 Cyber Threat Trends Cyber threat is becoming more intentional, destructive, targeted, and external in origin Accidental Intentional Failure Attack Random Targeted Internal Origin External Origin Technical Human Source : Korea Internet & Security Agency 16
  • 17. / 25 Cyber-related threats are selected as a high-priority risk factor in the “Global Risks Report 2016” published by the World Economic Forum (World Risk) in Jan., 2016 Source : World Economic Forum Global Risk Report 2016 - About 750 experts in each area selected global risks that can affect the world economy based on likelihood and impact - Among the 29 global risks presented, technological threats include adverse consequences of technological advancement, breakdown of critical information infrastructure, cyber attacks, and data fraud and theft - As dependency on cyber increases, the likelihood and impact of risk related to cyber were rated significantly high; risk connectivity and mutual impact with other major threats were rated highly as well - The evaluation suggests that cyber attacks can affect the economy considerably, and that the financial industry is required to have the response capability and level matching the risk level Cyber Threat Trends 17
  • 18. / 25 International Cooperation International cooperation ha are being developed, yet the outcome of cooperation is insufficient to countering cyber threats  Cooperation between two States that have common interests e.g.) US – China Cyber Working Group Bilateral Cooperation  Cooperation among States in the region e.g.) ASEAN Regional Forum Regional Cooperation  Cooperation through International Organizations e.g.) UN GGE  Conventions, Treaties or Laws e.g.) Convention on Cybercrime International Cooperation  Cooperation in Military or National Defense Aspects e.g.) NATO Cooperative Cyber Defense Centre of Excellence EU Cyber Defence Policy Framework ANZUS Treaty applies to Cyber attacks China - Russia Non Aggression Pact for Cyberspace Military Aspect Cooperation 18
  • 19. / 25 International Cooperation Budapest Convention on Cybercrime came into force in 2001, which includes substantial/procedural articles of cybercrime regulation and international cooperation procedure < Status as of May, 2016 >< Major Implications> • The First legally-binding international instrument to comprehensively address the cybercrime issues • Scope of the Convention - Criminalising Conduct : Illegal Activities / Fraud / Interference / Child Pornography / etc. - Procedural tools : Preservation / Search and Seizure / Interception of Data - International Cooperation : Mutual Legal Assistance Treaties, Point of Contact 49 13 68 6 19
  • 20. / 25 International Cooperation Seoul Framework on ‘Seoul Conference on Cyberspace 2013’ , UN GGE Recommendations & Reports can be the base of international cooperation < Seoul Framework > < UN GGE Report A/70/174 > • Cyberspace - Economic Growth, Social and Cultural Benefits • International Security - Promote voluntary confidence-building and transparency measures • Cybercrime - Law enforcement cooperation in the investigation and prosecution of international cases • Capacity Building - Enhance efforts to close the digital divide • Responsible behaviour of States - Voluntary, non-binding norms of responsible State behaviour • Confidence-building measures - Adopt existing Guidelines for CBM • ICT Security Capacity-Building - International community to work together for assistance • International Law applies to Cyberspace - The adherence by States to international law is an essential framework 20
  • 21. / 25 Capacity Building Effort to build capacity to defend one’s own cyberspace Governance, Role & Responsibility  Setting a national cyber security governance framework  Identify the role and jurisdiction of each agency within the cyber security governance structure Research & Development  Acquisition of various cyber security technologies - Digital forensic and cyber investigation tools - Cyber genome or cyber map - Count cyber threat technologies Education  Cultivating and securing cyber security experts is key to promoting national cyber security - Cyber education for teens - Cyber security department in university - Training course for employees Cooperation  State-level cooperation - Inter-agency cooperation - Public-private partnership  International-level cooperation - International organizations, Conventions or cooperation between States Cyber Security Capacity Building 21
  • 22. / 25 Conclusion To deter the rapid growth of cyber threats, it is important for each State to build its own capacities and yet cooperate internationally Each State’s Effort to Deter Cyber Threats Evolving Cyber Threats Increasing Dependence on ICT · Cyber threats are getting more sophisticated and targeted · Cyber threats are one of the most serious threats that most States face · New technologies such as IoT, Big Data and Cloud computing are being used · States’ increasing dependence on ICT International Cooperation Capacity Building 22
  • 23. / 2523 FIRST is a multi-stakeholder network participated in by more than 350 CERT teams in 75 countries, and it can play a key role in global cyber security cooperation. Conclusion - Possibility of FIRST
  • 24. / 25 The achievement and role of FIRST in cyber security and the developmental direction as a major subject of global cyber security need to be sought Counter- Threat Cooperation Information Sharing Capacity Building Private Public Partnership Security FIRST Cooperation in responding to cyber threats Information sharing such as infringement status and exemplary cases related to cyber infringement and threat Infringement/Threat information sharing Laying the basis for the private/public cooperation system as a cooperation organization of the multi-stakeholder CERT Basis of private/public cooperation system Strengthening the overall cyber security level by training and providing technical support to the less capable CERTs Support capacity building Possibility of joint response based on voluntary cooperation, if cyber threats occur Conclusion - Possibility of FIRST 24