The document discusses cybersecurity threats and how quantum technologies may help address them. It summarizes that while bad cyber actors have not yet won, they are ahead of the curve. Encryption protects against most threats, and quantum cryptography can protect against threats from quantum computers by providing future-proof security. For a truly secure future, standards, best practices, and ongoing technology development are needed to transition from currently unsafe cryptography to quantum-safe and quantum-based solutions.
A look at the methodology and techniques or hackers, cyber criminals and state sponsored attackers. Explores the kill chain, Geo political instability and the dark web.
The June 2016 revelations of the DNC breach by two Russia-based advanced persistent threat groups was only the beginning of a series of strategic leaks and conflicting attribution claims. In a series of “1-2 punches”, we saw attacks designed to breach the target and exfiltrate data reinforced by a campaign to leak information using mouthpieces posing as hacktivists. In this presentation we'll demonstrate techniques used to identify additional malicious infrastructure, evaluate the validity of “faketivists” like the Guccifer 2.0 persona, strengths and gaps in the attribution analysis, and how the adversary might adjust their tactics going forward.
Cyberwar, cyberwarfare are on everyone's lips but mean nothing as they are least understood and still need to be defined! Yet we have everyone who means something - standing on the rooftops and rattling their swords. The question is = is India ready - this is explored in the presentation. Indian institutions, cyber practices and the way ahead.
MIRAI: What is It, How Does it Work and Why Should I Care?Memoori
Cyber Security in 2017! What can Smart Buildings expect?.
These are the slides from a conversation with Billy Rios, Founder of WhiteScope LLC. We take a deep dive into the Mirai DDoS Attacks from last year and try to understand what lessons can be learnt going forward.
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
An overview of the legal, privacy, and security issues surrounding modern cloud services and cryptography
Created as an alumnus talk for the Computer & Network Support Technology Fairfield Career Center senior class of 2016.
A look at the methodology and techniques or hackers, cyber criminals and state sponsored attackers. Explores the kill chain, Geo political instability and the dark web.
The June 2016 revelations of the DNC breach by two Russia-based advanced persistent threat groups was only the beginning of a series of strategic leaks and conflicting attribution claims. In a series of “1-2 punches”, we saw attacks designed to breach the target and exfiltrate data reinforced by a campaign to leak information using mouthpieces posing as hacktivists. In this presentation we'll demonstrate techniques used to identify additional malicious infrastructure, evaluate the validity of “faketivists” like the Guccifer 2.0 persona, strengths and gaps in the attribution analysis, and how the adversary might adjust their tactics going forward.
Cyberwar, cyberwarfare are on everyone's lips but mean nothing as they are least understood and still need to be defined! Yet we have everyone who means something - standing on the rooftops and rattling their swords. The question is = is India ready - this is explored in the presentation. Indian institutions, cyber practices and the way ahead.
MIRAI: What is It, How Does it Work and Why Should I Care?Memoori
Cyber Security in 2017! What can Smart Buildings expect?.
These are the slides from a conversation with Billy Rios, Founder of WhiteScope LLC. We take a deep dive into the Mirai DDoS Attacks from last year and try to understand what lessons can be learnt going forward.
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
An overview of the legal, privacy, and security issues surrounding modern cloud services and cryptography
Created as an alumnus talk for the Computer & Network Support Technology Fairfield Career Center senior class of 2016.
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Sean Whalen
Respond proactively to threats like a defense contractor. It’s more realistic than you might think!
A practical guide of how to build intelligence-driven cyber defenses using open source software, based on real implementations of best practices, adapted from the Lockheed Martin Cyber Kill Chain model.
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Andrew Morris
It’s not just you. The frequency of severe vulnerabilities in internet-facing enterprise software being massively exploited at scale has increased drastically. The amount of time between disclosure and exploitation of these vulnerabilities has been reduced to near-zero, leaving defenders with less time to react and respond. While combating internet-wide opportunistic exploitation is a sprawling and complex problem, there is both an art and a science to staying ahead of large exploitation events such as Log4J.
In this talk we will share insights and challenges from operating a huge, shifting, adaptive, distributed sensor network listening to internet background noise and opportunistic exploitation traffic over the past four years. We will give a blunt state of the universe on mass exploitation. We will share patterns and unexplainable phenomena we’ve experienced across billions of internet scans. And we will make recommendations to defenders for preparing for the next time the cyber hits the fan.
This talk summarizes the state of IoT security, specifically as it relates to Industrial Control and Energy. When hearing the buzz-word “Internet of Things,” we typically think of the consumer world: smart toasters and connected fridges. However, there is a staggering number of networked embedded devices that perform life- and mission-critical tasks that our daily lives depend on. Industrial Control Systems (ICS) are not unique snowflakes anymore but use the same ubiquitous technology as found in consumer IoT Devices. This presentation summarizes our experiences at Senrio exploiting embedded system and discusses the reasons why these insecure design patterns exist; including business drivers and technology factors. We will share stories and anecdotes based on 10 years of research, training and consulting (including real vulnerabilities and how they work).
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!ThreatConnect
On June 15, 2016, Crowdstrike, published a blog article detailing the breach of the Democratic National Committee (DNC) by two Russia-based threat groups. ThreatConnect, using the Crowdstrike blog article as a basis, conducted further research into the DNC breach and discovered additional findings and also challenged Guccifer 2.0’s claimed attribution for the DNC breach.
See how the ThreatConnect research team was able to build off the work of others to add its own observations gleaned from analyzing the metadata on Guccifer 2.0’s released files and other discoveries.
HACKING DIVERSITY
We talk a lot about why diversity is important and we are all familiar with the woeful inclusion stats. In this talk we will discuss why diversity is important from both the perspective of an organization’s bottom line and the individual contributor.
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...Black Duck by Synopsys
This week’s Open Source Insight features a powerful visualization tool displaying the world’s biggest data breaches at name brands such as Ebay, Equifax, Anthem, and Target. The White House and British Foreign Office have condemned a cyber-attack launched by the Russian military on Ukraine and hint at reprisals. Black Duck brings open source vulnerability detection to Kubernetes, and Synopsys will host Elevate, an evening thought leadership event at Embedded World 2018 featuring an elite group of international cyber security experts leading a discussion about IoT and embedded systems security threats and solutions.
Read on for all the open source security and cybersecurity news you need to know this week.
Exploring DDoS Attacks: Impact to Community Financial InstitutionsJay McLaughlin
DDoS attacks have catapulted to the forefront of banking security news after the industry experienced a series of multi-phased attacks beginning back in September of 2012. Hackers launch DDoS attacks prompted by one of two common motives. Protest attacks, like OpUSA, target large, high-profile banks and are often launched for social or political purposes. Attacks on community banks are usually used to as a distraction in conjunction with account takeover attacks. This event is designed to strengthen the awareness and defenses of participants. Jay McLaughlin, this session's presenter, fights cybercrime aimed at financial institutions on a daily basis as Q2ebanking's Chief Security Officer. Jay will break down conceptual and technical aspects of DDoS attack types, clarify the differing attacker motives, and discuss how community banks can build a layered security model to prevent DDoS attacks.
Brief delivered by TNWAC President Patrick Ryan at a Great Decisions session organized by the Vanderbilt Osher Lifelong Learning Institute on April 9, 2019.
Corporate Espionage without the Hassle of Committing FeloniesJohn Bambenek
Thotcon Presentation by John Bambenek on how some security solutions are leaking sensitive data to the internet making it easy to spy on individuals and companies without breaking any laws.
This is a proof-of-concept about creating a creditable, publicly-available, freely-available, and openly-available ICS and SCADA event and incident database.
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)BeyondTrust
The Federal computing space has been relatively unscathed by ransomware attacks such as Petya, WannaCry, and others—but are Federal systems really that much better than their commercial counterparts?
In this presentation from his webinar, cybersecurity expert and SANS Institute Instructor G. Mark Hardy, explores the myth of invulnerability and why Federal systems have appeared to dodge the ransomware bullet — so far. Although best practices go a long way, aging technology, legacy systems, and sheer size make the case for additional protection.
This presentation (and the webinar), also cover
• Why a Cybersecurity Sprint can’t win a marathon
• How ransomware is evolving faster than we can defend
• Ways to identify potential vulnerabilities before they are exploited
• Seven tips for reducing the Federal attack surface
Catch the full, on-demand webinar here: https://www.beyondtrust.com/resources/webinar/federal-systems-immune-ransomware-grim-fairy-tales/
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallAlienVault
If you made it through 2014 without suffering a significant breach, you can consider yourself fortunate. After a year filled with new exploits & high profile breaches, it's time to look back at what we learned and look ahead to the trends that will surely have an impact in 2015. Join Mike Rothman, President of Security Analyst firm Securosis, and Patrick Bedwell, VP of Product Marketing for AlienVault, for an entertaining overview of key trends you should consider as you plan for 2015.
In this session, Mike and Patrick will cover:
Trends in the threat landscape that will bring new infosec challenges
How those challenges will affect your network security strategy
A 2015 "shopping list" of core technologies you should consider to secure your environment in 2015
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Sean Whalen
Respond proactively to threats like a defense contractor. It’s more realistic than you might think!
A practical guide of how to build intelligence-driven cyber defenses using open source software, based on real implementations of best practices, adapted from the Lockheed Martin Cyber Kill Chain model.
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Andrew Morris
It’s not just you. The frequency of severe vulnerabilities in internet-facing enterprise software being massively exploited at scale has increased drastically. The amount of time between disclosure and exploitation of these vulnerabilities has been reduced to near-zero, leaving defenders with less time to react and respond. While combating internet-wide opportunistic exploitation is a sprawling and complex problem, there is both an art and a science to staying ahead of large exploitation events such as Log4J.
In this talk we will share insights and challenges from operating a huge, shifting, adaptive, distributed sensor network listening to internet background noise and opportunistic exploitation traffic over the past four years. We will give a blunt state of the universe on mass exploitation. We will share patterns and unexplainable phenomena we’ve experienced across billions of internet scans. And we will make recommendations to defenders for preparing for the next time the cyber hits the fan.
This talk summarizes the state of IoT security, specifically as it relates to Industrial Control and Energy. When hearing the buzz-word “Internet of Things,” we typically think of the consumer world: smart toasters and connected fridges. However, there is a staggering number of networked embedded devices that perform life- and mission-critical tasks that our daily lives depend on. Industrial Control Systems (ICS) are not unique snowflakes anymore but use the same ubiquitous technology as found in consumer IoT Devices. This presentation summarizes our experiences at Senrio exploiting embedded system and discusses the reasons why these insecure design patterns exist; including business drivers and technology factors. We will share stories and anecdotes based on 10 years of research, training and consulting (including real vulnerabilities and how they work).
Guccifer 2.0 the DNC Hack, and Fancy Bears, Oh My!ThreatConnect
On June 15, 2016, Crowdstrike, published a blog article detailing the breach of the Democratic National Committee (DNC) by two Russia-based threat groups. ThreatConnect, using the Crowdstrike blog article as a basis, conducted further research into the DNC breach and discovered additional findings and also challenged Guccifer 2.0’s claimed attribution for the DNC breach.
See how the ThreatConnect research team was able to build off the work of others to add its own observations gleaned from analyzing the metadata on Guccifer 2.0’s released files and other discoveries.
HACKING DIVERSITY
We talk a lot about why diversity is important and we are all familiar with the woeful inclusion stats. In this talk we will discuss why diversity is important from both the perspective of an organization’s bottom line and the individual contributor.
Open Source Insight: Big Data Breaches, Costly Cyberattacks, Vuln Detection f...Black Duck by Synopsys
This week’s Open Source Insight features a powerful visualization tool displaying the world’s biggest data breaches at name brands such as Ebay, Equifax, Anthem, and Target. The White House and British Foreign Office have condemned a cyber-attack launched by the Russian military on Ukraine and hint at reprisals. Black Duck brings open source vulnerability detection to Kubernetes, and Synopsys will host Elevate, an evening thought leadership event at Embedded World 2018 featuring an elite group of international cyber security experts leading a discussion about IoT and embedded systems security threats and solutions.
Read on for all the open source security and cybersecurity news you need to know this week.
Exploring DDoS Attacks: Impact to Community Financial InstitutionsJay McLaughlin
DDoS attacks have catapulted to the forefront of banking security news after the industry experienced a series of multi-phased attacks beginning back in September of 2012. Hackers launch DDoS attacks prompted by one of two common motives. Protest attacks, like OpUSA, target large, high-profile banks and are often launched for social or political purposes. Attacks on community banks are usually used to as a distraction in conjunction with account takeover attacks. This event is designed to strengthen the awareness and defenses of participants. Jay McLaughlin, this session's presenter, fights cybercrime aimed at financial institutions on a daily basis as Q2ebanking's Chief Security Officer. Jay will break down conceptual and technical aspects of DDoS attack types, clarify the differing attacker motives, and discuss how community banks can build a layered security model to prevent DDoS attacks.
Brief delivered by TNWAC President Patrick Ryan at a Great Decisions session organized by the Vanderbilt Osher Lifelong Learning Institute on April 9, 2019.
Corporate Espionage without the Hassle of Committing FeloniesJohn Bambenek
Thotcon Presentation by John Bambenek on how some security solutions are leaking sensitive data to the internet making it easy to spy on individuals and companies without breaking any laws.
This is a proof-of-concept about creating a creditable, publicly-available, freely-available, and openly-available ICS and SCADA event and incident database.
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)BeyondTrust
The Federal computing space has been relatively unscathed by ransomware attacks such as Petya, WannaCry, and others—but are Federal systems really that much better than their commercial counterparts?
In this presentation from his webinar, cybersecurity expert and SANS Institute Instructor G. Mark Hardy, explores the myth of invulnerability and why Federal systems have appeared to dodge the ransomware bullet — so far. Although best practices go a long way, aging technology, legacy systems, and sheer size make the case for additional protection.
This presentation (and the webinar), also cover
• Why a Cybersecurity Sprint can’t win a marathon
• How ransomware is evolving faster than we can defend
• Ways to identify potential vulnerabilities before they are exploited
• Seven tips for reducing the Federal attack surface
Catch the full, on-demand webinar here: https://www.beyondtrust.com/resources/webinar/federal-systems-immune-ransomware-grim-fairy-tales/
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallAlienVault
If you made it through 2014 without suffering a significant breach, you can consider yourself fortunate. After a year filled with new exploits & high profile breaches, it's time to look back at what we learned and look ahead to the trends that will surely have an impact in 2015. Join Mike Rothman, President of Security Analyst firm Securosis, and Patrick Bedwell, VP of Product Marketing for AlienVault, for an entertaining overview of key trends you should consider as you plan for 2015.
In this session, Mike and Patrick will cover:
Trends in the threat landscape that will bring new infosec challenges
How those challenges will affect your network security strategy
A 2015 "shopping list" of core technologies you should consider to secure your environment in 2015
The latest massive IoT DDoS attack from the Mirai botnet that took major websites like Twitter and Reddit offline for hours – has already gained notoriety as one of the worst DDoS strikes in history.
In this webinar Manish Rai & Ty Powers of Great Bay Software will help you understand exactly how the enterprise IoT landscape is changing, and what it means for the assumptions organizations have been making in regards to safeguarding against IoT cyberattacks. You will:
Gain insights into how the recent IoT-based DDoS attacks were launched
How similar attacks could be launched inside enterprise networks
How to safeguard against IoT device compromises
How to reduce your risk, whose job is it anyway?
Learn about what your peers are doing for IoT device security, relevant findings from the 2016 Great Bay Software IoT Security Survey
Watch this ondemand webinar with this link: https://go.greatbaysoftware.com/owb-safeguarding-against-iot-ddos-attacks
A Comedy of Errors in Web Application SecurityRob Dudley
Covering a wide selection of security best practice, from OWASP through NIST each point is explored, explained and demonstrated by exploring a classic failure in the wide world of Web Dev.
With more SQL Injections than SQL flu season, Lax Permissions on a global scale, buffer overflows, stack overflows and actual overflows, this talk is for anyone who wants to learn more about securing their applications … but doesn’t want to be lulled to sleep as a result.
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?360mnbsu
The Internet of Things (IoT) has the potential to drive new innovation in products, services, and improve "how things are done" in manufacturing. However IoT also brings-to-light safety and security issues when purpose-built computing and network devices are exposed to the internet. This session will review case studies of IoT enabled exploits, explore some of the underlying cause of the vulnerabilities, and briefly review of steps vendors and end-users are taking to mitigate the risk.
From the 2014 Taking Shape Summit: The Internet of Things & the Future of Manufacturing.
Here you learn about the Cyber Security - Terminologies and its basics and cbyer security threats as well. Slides covering digital knowledge of internet.After going through the slides you will become aware of cyber security basics.
Cybersecurity: Do Your Have a Plan to Address Threats and Prevent Liability?Codero
Codero is an Infrastructure-as-a-Service provider that offers dedicated, cloud, managed and hybrid hosting services to over 3,400 domestic and international customers from three data center locations. We are at an interesting vantage point where we see all sorts of interesting things – this presentation will focus as a ‘report from the field’ related to cybersecurity from our position.
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
APNIC Senior Security Specialist Adli Wahid provides some useful findings of lessons learned from security incidents at the UMS Cybersecurity Awareness Seminar, held online on 25 October 2021.
V Międzynarodowa Konferencja Naukowa Nauka o informacji (informacja naukowa) w okresie zmian Innowacyjne usługi informacyjne. Wydział Dziennikarstwa, Informacji i Bibliologii Katedra Informatologii, Uniwersytet Warszawski, Warszawa, 15 – 16 maja 2017
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
#2 Tech Talk on Security @ Refugees on Rails Berlin (Tue 8 Dec 2015)
A Cyber Security walk-through focused on current threats, trends and few predictions for 2016.
How'd we do in 2013 from a data breach perspective? As we close out the year, are the cupboards / budgets bare and will it be a lean holiday season? Or should we be budgeting a holiday celebration with all of the trappings and a sumptuous New Year?
Borrowing themes from the Charles Dickens holiday classic, this webinar will review industry statistics and other indicators to evaluate how we did in 2013 from a privacy breach and security incident response perspective. Will our mythical CSO and CPO get the Scrooge-like CFO to approve their budget increases? And what will 2014 hold from a security, privacy, and regulatory perspective? Register below to find out.
Our featured speakers for this Dickensian webinar will be:
- Ebenezer Scrooge, Chief Financial Officer, Acme Inc. played by Ted Julian, Chief Marketing Officer, Co3 Systems
- Bob Cratchit, Chief Privacy Officer, Acme Inc. played by Gant Redmon, General Counsel, Co3 Systems
- Tiny Tim, Chief Security Officer, Acme Inc. played by "Tiny" Tim Armstrong, Incident Response Specialist, Co3 Systems
Practical White Hat Hacker Training - Introduction to Cyber SecurityPRISMA CSI
This presentation part of Prisma CSI's Practical White Hat Hacker Training v1
PRISMA CSI • Cyber Security and Intelligence www.prismacsi.com
This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.
Better to Ask Permission? Best Practices for Privacy and SecurityEric Kavanagh
Hot Technologies with The Bloor Group and IDERA
If security was once a nice-to-have, those days have long gone. Between data breaches and privacy regulations, organizations today face immense pressure to protect their systems and their sensitive data. When giants like Yahoo! and Target can get hacked, so can any other company. What can you do about it? How can you protect your company and clients?
Register for this episode of Hot Technologies to hear Analysts Eric Kavanagh and Dr. Robin Bloor provide insights about the many ways that companies can buttress their defenses and stay ahead of the bad guys. They'll be briefed by Vicky Harp of IDERA who will demonstrate how to identify vulnerabilities, track sensitive data, successfully pass audits, and protect your SQL Server databases.
Practical risk management for the multi cloudUlf Mattsson
This session will take a practical approach to IT risk management and discuss multi cloud, Verizon Data Breach Investigations Report (DBIR) and how Enterprises are losing ground in the fight against persistent cyber-attacks. We simply cannot catch the bad guys until it is too late. This picture is not improving. Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools.
We will review the JP Morgan Chase data breach were hackers were in the bank’s network for months undetected. Network configuration errors are inevitable, even at the largest banks as Capital One that recently had a data breach where a hacker gained access to 100 million credit card applications and accounts.
Viewers will also learn about:
- Macro trends in Cloud security and Micro trends in Cloud security
- Risks from Quantum Computing and when we should move to alternate forms of encryption
- Review “Kill Chains” from Lockhead Martin in relation to APT and DDoS Attacks
- Risk Management methods from ISACA and other organizations
Speaker: Ulf Mattsson, Head of Innovation, TokenEx
The day when 3rd party security providers disappear into cloud bright talk se...Ulf Mattsson
How should we prepare for this new brave world where many 3rd party security providers disappeared into cloud providers? This will greatly impact many 3rd party security vendors, organizations and investors.
Cloud transformations are accelerating. By 2020, cloud will increase by 157% and on-premises ’traditional’ IT infrastructure will decrease by 54%, according to 452 Research, 2018.
We will cover how many security solutions will change, including:
- WAF – Web Application Firewalls
- SIEM
- Firewalls
- Encryption
- Tokenization
- Key Management
- AV – Anti Virus
- Network
- And more...
The day when 3rd party security providers disappear into cloud bright talk se...
Quant & Crypto Gold
1. Have the Bad Guys Won the Cybersecurity War…
and Does Quantum Help or Hurt…
Andrew Hammond
MagiQ Technologies, Inc.
andrew.hammond@magiqtech.com10/09/15 1
2. MagiQ Technologies Company History
• Founded in July 1999 to commercialize quantum information technologies
• Headquartered in Somerville, MA
• Always looking for new hires
• Awards
• Scientific American “Business Leader” in computing - Scientific American 50
• IEEE Spectrum’s “Top Ten Companies to Watch for Next 10 Years”
• World Economic Forum (Davos) Technology Pioneer
• Business Strategy
• MagiQ is leveraging research funding to develop portfolio of commercial products
• MagiQ is building a broad portfolio of intellectual property: 50 patents pending/issued
• Quantum Product Line
• Q-Box for test beds
• QPN – Quantum Private Network
• Focus was on developing patents portfolio for the long term
• MagiQ launched first commercial quantum device in 2003 – shipping QPN 8505 today
• Funded by DARPA and IARPA to develop Quantum Computer Toolbox
• Important customers:
10/09/15 2
3. Cyber and Cryptography
• Cyber technologies are omnipresent
• Cyber threats are growing more numerous and more
sophisticated
• Cybersecurity is a growing and fundamental part of safety
and security of individuals, organizations, and society
• Cryptography is a foundational pillar of cybersecurity
• Cryptography allow us to trust untrusted communication
systems
• Encrypting data greatly reduces risk of cyber threats
• Sony
• Office of Management and Budget
• Most cryptographic algorithms are based on a computational
assumption
Quantum Threat and Defense
• Quantum computer threatens those computational assumptions
• Quantum computer is much more probable in the short to mid term
because of advances in science and engineering
• Quantum cryptography protects from that threat
• Quantum safe cryptography and quantum cryptography together
provides future proof security
• Quantum cryptography will eventually provide quantum Internet
• Satellites in LEO can distribute keys anywhere
• Ground based repeaters
• How do we evolve from unsafe crypto to safe and secure?
• Standards
• Best practices
• Ongoing technology development and adoption
• Quantum requires us to reinvent our cryptographic infrastructure
• Quantum safe is necessary to be cyber safe
Abstract
10/09/15 3
4. Agenda
• Cyber Crime Threat Profile
• Case Study: CozyDuke
• Persistence of threat
• Exfiltration
• Breaches by
• Organization
• Size
• Source
• Type
• Time
• Cost
• Large Organizations do not encrypt
• Quantum Cryptography and Computing
• History of Crypto
• Black Swan
• Quantum Crypto
• Post Quantum Crypto
• NSA’s Plans
• Summary
10/09/15 4
8. • 2013 discovered by Kapersky and F-Secure…Miniduke was switched to
CosmicDuke
• Russian based
• Funded for long term …history of five years
• Probably works for or is approved by Russian government
• Targets enemies of Russia
• government
• diplomatic
• energy
• telecom operators
• military, including military contractors
• individuals involved in the traffic and selling of drugs
• hit the White House and State Dept
• Sophisticated and ongoing
Case Study of Hacking Group:
CozyDuke (aka CozyBear, CozyCar, or
OfficeMonkeys)
9. CosmicDuke 2014/2015 Advanced Persistent
Threats and Advanced Evasion Techniques
• Persistence
• Backdoor capable of stealing various types of
information
• Spoofs popular applications and designed to run in
the background
• Starts via Windows Task Scheduler, via a
customized service binary that spawns a new
process set in the special registry key, or is
launched when the user is away and the
screensaver is activated.
• Reconnaissance
• Files based on extensions or file name keywords
• Keylogger
• Skype password stealer
• General network information harvester
• Screen grabber (grabs images every 5 minutes)
• Clipboard grabber (grabs clipboard contents every
30 seconds)
• Microsoft Outlook, Windows Address Book stealer
• Google Chrome password stealer
• Google Talk password stealer
• Opera password stealer
• TheBat! password stealer
• Reconnaissance (cont’d)
• Firefox, Thunderbird password stealer
• Drives/location/locale/installed software harvester
• WiFi network/adapter information harvester
• LSA secrets harvester
• Protected Storage secrets harvester
• Certificate/private keys exporter
• URL History harvester
• InteliForms secrets harvester
• IE Autocomplete, Outlook Express secrets
harvester
• Exfiltrate
• data via FTP
• Direct TCP connection and HTTP session via
Winsock library
• HTTP session via Urlmon.dll
• HTTP session via invisible instance of Internet
Explorer as OLE object
10/09/15 9
10. Top Breaches 2015 by Organization
• High number of
discrete records
impacting many
individuals
• Files if encrypted
would not be useful to
hackers
• Across private and
public sectors
Source: http://www.breachlevelindex.m/pdf/Breach-Level-Index-Report-H12015.pdf
10/09/15 10
11. Biggest Data Breaches
Source: DataBreaches.net, IdTheftCentre, press reports Research: Miriam Quick, Ella Hollowood, Christian Miles, Dan Hampson
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks
• Data breaches by size:
• Ongoing threat
• Large impacts
• Economic
• Home Depot
• Privacy
• Ashley Madison
• National Security
• US Office of Personnel
Management
12. Breaches by Source and Type
Source: Breach Level Index, http://breachlevelindex.com/pdf/Breach-Level-Index-Report-H12015.pdf
• Type of Breach Incidents
• Identity theft (information that can be used to masquerade as someone)
• Financial access (bank account credentials, credit card data)
• Existential data (information of national security value or threatens business
survival)
• Account access(username/passwords to social media, websites, etc.)
• Nuisance (email addresses, affiliation, ect.)
• Identity theft the largest problem by size
• Existential data the biggest impact
• Number of Breach Incidents
• Malicious outsider
• Accidental loss
• Malicious insider
• Hacktivist
• State sponsored
• Malicious outsider largest problem by size
• Malicious insider might have biggest impact because of greater access
13. Breaches Over Time
•Malicious outsider breaches on the rise
•Other breach types pretty constant
• Accidental loss
• Malicious insider
• Hacktivist
• State sponsored
Source: Breach Level Index, http://breachlevelindex.com/pdf/Breach-Level-Index-Report-H12015.pdf
10/09/15 13
14. Breaches by Industry
Source: Breach Level Index, http://breachlevelindex.com/pdf/Breach-Level-Index-Report-H12015.pdf
• Breaches by industry
• Healthcare and Government lead number of records breached
• Note Technology industry’s large number of records breached
vs. size of industry
• Breaches over time
• Breaches in Financial Services and Government are growing
faster than other categories
15. Types of Attacks
Source: DSCI-Data Security Confidence Index http://www2.safenet-inc.com/dsci/DSCI-Report-EN.pdf
• Attacks have become sophisticated
• Attackers have become professional organizations who gain expertise and
resources overtime
• Black market for attack software is highly organized and even convenient
• Types of attacks are varied, mutating, and evolving
• Definitions are based on what respondents perceive
• Analysis on respondents’ organizations’ most recent perimeter security breach,
asked to respondents whose organization experienced a breach (499 respondents).
16. Cost of Cybercrime and as a Percentage of
GDP
Source: McAfee and Net Losses: Estimating the Global Cost of Cybercrime
Economic impact of cybercrime II
Center for Strategic and International Studies
June 2014
• Estimated cost of cybercrime is $445 billion per year to the worldwide economy
• US government estimated cost at $1 trillion-probably to high
• Cybercrime about the same cost as worldwide narcotics and car crashes
• Transnational crime and pilferage are larger problems
• Theory is problem needs to rise to 2% of GDP for society to take proactive action
17. Large Organizations do not Encrypt
• 86% of respondents said less than 10% of data was
encrypted during last breach
• 1,000 security and IT executives in the U.S., UK, Europe,
Middle East and Asia-Pacific.
• Industries
• financial
• services
• Healthcare
• Manufacturing
• public sector
• telecommunications
• Utilities
• Retail
• Construction
• Insurance
• legal
• “Thinking about your organization’s most recent breach,
what percentage of the breached data was protected by
encryption?”, asked to respondents whose organization
experienced a breach (499 respondents)
Source: DSCI-Data Security Confidence Index http://www2.safenet-inc.com/dsci/DSCI-Report-EN.pdf10/09/15 17
19. Unanticipated Advances in
Cryptography
In history, every advance in code-making has been defeated by advances
in code-breaking with disastrous consequences to users.
German Enigma Machine
10 million billion possible
combinations:
Looked unbreakable
Allied code-breaking
machine “bombe”:
Enigma broken
10/09/15 19
20. • Event
• You wake up tomorrow morning and _____has a fully functional quantum
computer
• You thought Snowden was bad
• Fact
• Quantum computing can efficiently break:
• RSA
• Discrete logarithm problem: Diffie-Hellman key exchange
• Elliptic-curve cryptographic systems
• “If a quantum computer is ever built, much of conventional cryptography will fall
apart!” (Brassard)
• Impact
• All national security cryptographic infrastructure is compromised
• No secrets from our adversaries
• Destabilizing between nation-states
• All trust zones that allow for commerce are disrupted
• Massive fraud
• Denial of service attack to the economy
• Economic transactions would grind to a halt
Thought Exercise
21. • The term "cryptopocalypse" was probably first coined at the Black
Hat USA information security convention in 2013.
• A talk presented by four security and technology experts at the show
explored cryptographic weaknesses and attempted to answer the
hypothetical question: "What happens the day after RSA is broken?"
• RSA is a widely used public-key cryptosystem used in digital
signatures.
• The answer, they determined then, was: "almost total failure of trust
in the Internet," for one thing. The reason? Almost everything we do
on the Internet is in some way protected by cryptography.
• The speakers urged a move to stronger systems to thwart attacks
against this backend security that we use for emails, banking, and a
lot of other things.
Cryptopocalypse or Black Swan
Source: Patrick Nelson, Network World, Aug 21, 2015
22. Weaknesses in Existing Cryptography
• Security based on mathematical difficulty to break
• Intruder is not detectable, leaves no fingerprints
• Vulnerable to improvements in algorithms and hardware, including but not limited to a quantum computer
• Solving of mathematical algorithms
• New Cryptanalysis attacks
• Increases in computational power
• Hardware improvements
• Encrypted data captured today may be readable in future
• Networks are easily tapped
• Data is readily stored in large volumes for big data applications and in the cloud
• Many organizations need to secure data communicated today for the long term
• Cryptographic keys are changed infrequently making brute force attacks easier
• Unauthorized access to network and cryptographic parameters and equipment
• Hackers
• Key couriers
• Maintenance personnel
• Social engineering
• Disgruntled employee
• Contractor
• US businesses lose over $500B/year in sales because of economic espionage (US Government)
10/09/15 22
23. Why Quantum Cryptography
• Key distribution with “perfect security”
• Invented > 20 years ago
• Components are now available
• Feasible with today’s level of technology
• Based on quantum physics of single photon
• not mathematical assumptions
• Future-proof technology
• Immune to increase of computing power or algorithms
• No need for upgrades with QKD
• Symmetric Key Encryption
• Provide real-time intrusion detection, identifying the exact location of eavesdropping
devices
• One Time Pad Encryption with Quantum Key Distribution provides provably unbreakable
security
Eve
QKD
Alice - Intrusion alert!
QKD
Bob - Intrusion alert!
10/09/15 23
24. Quantum Key Distribution
• Properties of photons change if they are observed
• QKD systems detect intruders using polarized state of photons that travel through optical lines
• By analyzing the error rate, MagiQ’s QKD hardware can absolutely detect if the key has been viewed by
an Eve intercepting the optical signal
• Node-pairs can reach a distance of over 100km, which in conjunction with cascading, will enable
deployment over a long-distance optical network
25. • There are current limitations in Quantum Crypto deployments
• Distance is limited to 100km
• Can daisy chain trusted nodes
• Standards
• FIPs is the most important in the US
• Some industry work ongoing
• Positives
• Key rates have gotten faster
• Detectors have gotten more sensitive
• Line card form factor
• Possible optical chip design
• Low Orbit Satellite
• Unlimited distance
• Europe and China are putting up satellites
• Quantum Repeater
• Some years away
• China leading the charge
• Beijing to Shanghai network
• Satellite going up
• US is probably behind
Quantum Cryptography State of the Art
26. General Characteristics of Fiber-Based
Commercial QKD Systems
• Telecom fiber for quantum channel
• Photon phase encoding
• Pulse repetition rate ~ 1 MHz
• Distance ~ 100 km
• Integrated Ethernet encryption/VPN Subsystem
• Typical Architecture
QKD
VPN
Key Mgmt
Sys
Mgmt
10/09/15 26
27. • Development of Quantum Computer resistant crypto
• Lattice-based public-key cryptography-short or close vectors in lattices.
• Multivariate public-key cryptography-nonlinear multivariate equations over finite fields.
• Code-based public-key cryptography-decoding linear codes, for example, Goppa-codes.
• Hash-based signatures-finding collisions of cryptographic hash functions.
• Quantum Cryptography
• Random Number Generation
• Quantum Key Distribution
• Possibly Hybrid Approach of QKD and Post-Q Algorithm
Post Quantum Cryptography
28. NSA Plans for Post Quantum Cryptography
• Snowden discloses NSA working on a quantum computer…”Penetrating Hard Targets” project
• “a cryptologically useful quantum computer”
• “Owning the Net,” is using quantum research to support the creation of quantum-based attacks on
encryptions like RSA
https://www.washingtonpost.com/apps/g/page/world/a-description-of-the-penetrating-hard-targets-project/691/
“It is important to note that we aren't asking vendors to stop implementing the Suite B algorithms and we
aren't asking our national security customers to stop using these algorithms. Rather, we want to give
more flexibility to vendors and our customers in the present as we prepare for a quantum safe future.”
https://www.nsa.gov/ia/programs/suiteb_cryptography/
10/09/15 28
29. • The bad guys have not won…but they are ahead of the curve
• Encryption protects against most threats
• Quantum Crypto can assist as a part of a layered approach to defense
• Quantum Crypto can protect against Quantum Computing
• Cyber technologies are omnipresent
• Cyber threats are growing more numerous and more
sophisticated
• Cybersecurity is a growing and fundamental part of safety
and security of individuals, organizations, and society
• Cryptography is a foundational pillar of cybersecurity
• Cryptography allow us to trust untrusted communication
systems
• Encrypting data greatly reduces risk of cyber threats
• Sony
• Office of Management and Budget
• Most cryptographic algorithms are based on a computational
assumption
Quantum Threat and Defense
• Quantum computer threatens those computational assumptions
• Quantum computer is much more probable in the short to mid term
because of advances in science and engineering
• Quantum cryptography protects from that threat
• Quantum safe cryptography and quantum cryptography together
provides future proof security
• Quantum cryptography will eventually provide quantum Internet
• Satellites in LEO can distribute keys anywhere
• Ground based repeaters
• How do we evolve from unsafe crypto to safe and secure?
• Standards
• Best practices
• Ongoing technology development and adoption
• Quantum requires us to reinvent our cryptographic infrastructure
• Quantum safe is necessary to be cyber safe
Conclusion: Have the Bad Guys Won the Cybersecurity War…
and Does Quantum Help or Hurt…
Cyber and Cryptography
10/09/15 29
31. Tools for Security Breach
• Optical Taps
• May be easily created using common maintenance equipment that can
be purchased legally and cheaply worldwide
• Allow unfettered access to all voice and data communications
transiting an optical fiber
• Are not detectable in today’s optical networks
• Packet-Sniffers filter out specific packets based on header and
store and analyze the data
32. Opportunities for Security Breach
• Carrier Equipment Locations
• Central Office
• Co-located leased space
• Carrier Hotels (“60 Hudson Street”)
• Commercial Office Buildings
• Office Building Wiring Closets
• Outside Plant Equipment Huts
• Personnel access
• Network Access Concerns
• Undetectable Fiber Taps
• Fiber Cross Connects Patch Panel
• Network Probes
• Out of Band Management
Network
• Monitoring Access Ports
• Local DTE Access Ports
PPoorrtt AA PPoorrtt BB AAnnaallyyzzeerr
OOuutt IInn OOuutt In Out A Out B
35. • "Encryption and anonymity, separately or together, create a zone of privacy to
protect opinion and belief"
• The tools to bestow such protection are essential, it says, given the "unprecedented
capacity" governments, companies, thieves and pranksters now have to interfere
with people's ability to express themselves.
• Lacking such tools, it adds, many people will be unable to fully explore "basic aspects
of their identity" such as their gender, religion, ethnicity, origins or sexuality.
• The software acts as a "shield" for opinions against external scrutiny - a fact that is
"particularly important in hostile political, social, religious and legal environments",
says the report.
• "States should not restrict encryption and anonymity, which facilitate and often
enable the rights to freedom of opinion and expression.“
BBC News/May 2015 http://www.bbc.com/news/technology-32916002
Report of the Special Rapp, Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, David Kaye May 22, 2015
http://www.ohchr.org/EN/HRBodies/HRC/RegularSessions/Session29/Documents/A.HRC.29.32_AEV.doc
Encryption Important to Free Speech Says UN
Report