SlideShare a Scribd company logo

Sarwono sutikno + yoko acc cybervulnerability risk and control for evolving threat

Download as PPTX, PDF
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F

Transforming Cybersecurity, Risk and Control for Evolving Threats • Analysing cybersecurity vulnerabilities, threats and risks and their associated risk based control categorisation • Integrating cybersecurity governance with overall Information Security Governance, Risk and Assurance in line with life cycle approach of preparing, investigating, response and transforming cybersecurity (PIRT) • Developing the cybersecurity paradigm by developing communication with the top management and all relevant stakeholders • Transforming cybersecurity using COBIT 5 and real case study demonstrations Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM Cybersecurity Nexus Liaison ISACA, Indonesia

Education
1 of 23
TRANSFORMINGCYBERSECURITY,RISKANDCONTROL FOREVOLVINGTHREATS Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM Cybersecurity Nexus Liaison ISACA, Indonesia Cyber Resilience in Financial Institutions Mitigating cybersecurity risks through an analytical, governance and algorithmic framework 9-11 Mar 2015 Hilton Singapore, Singapore
DEMOCASE BYYOKOACC YOKO@KAMINFO.ID
SCENARIO • Attacker: 131.107.1.101 • Victim 1: 131.107.1.200 • Victim 2: 172.101.101.3 • Victim 1: Weak Password • Victim 2: Jboss default Installation • Video Access: http://kaminfo.id/demo/1-weak-password.mp4 http://kaminfo.id/demo/2-Jboss.mp4 http://kaminfo.id/demo/3-sshkey.mp4
First Scenario: • Attacker do a dictionary attack to the 1st victim. The victim has a weak password quality problem. • Attacker take a look of victim’s data / information after take over the server. • Attacker get the web server information (which is Jboss). Second Scenario: • Attacker use the victim’s machine to exploit jboss’s server (since the Attacker doesn’t know the password) • Attacker gain the access and could take a look the content of the server. Third Scenario: • SSH-key Fourth Scenario: Anti virus AVG2014 bypass http://goo.gl/F70KIH SCENARIO
Q and A: • Q: How if the victim (on Linux Machine with root:toor) change their password? • A: MANAGINGACCESS
Q and A: • Q: How if the victim (on Linux Machine with root:toor) change their password? • A: The Attacker just need to: 1. Change .ssh’s target. 2. Generate authorize key on our machine and paste it into .ssh’s target. If we do this, every time we would like to connect into the target’s machine via ssh, we don’t need to input the password anymore even the target already changed their password. MANAGINGACCESS
Q: Do you have change your password? Q: Is it possible that the 2nd scenario happened in the Internet area (not internal?) Q: Do you ever see your authorized SSH keys on your server? TEASERQ&A
NETWORKISCOMPROMISED
APTLIFECYCLE
HOWFAST
TENASSESSEMENTSCENARIOS
THREAT
ADAPTIVEATTACKVECTOR Security Issue Security Solution Adaptive Attack Vector Single-factor authentication Multifactor authentication Break into token vendor Malware writer, masquerade Digital certificate Break into a credible vendor Antivirus approach - blacklisting whitelisting Break into application whitelisting vendor (Bit9)
RESPONSE
CYBERVULNERABILITIES,THREATANDRISK Vulnerability Threat Risk and Impact Spear phising Attacker may gain access through phish phish payload or combined social-technical technical follow-up Initial data loss or leakage leading to secondary secondary impact Water holing Attacker may gain control of websites and and subsequent control of visitor Initial behavior errors leading to secondary impact Wireless/Mobile APT Compromise wireless channel to enable enable control Partial or full control of wireless or mobile; direct/indirect impact on service and application Zero-day Use zero-day to circumvent defences Partial / full control of application and underlying underlying system Excessive priviledge Inside attack Full and (technically) legitimate control outsite outsite GRC, secondary impacts Home user APT Attack use home environment may less well well protected than organization environment Partial or full control of wireless or mobile; direct/indirect impact on service and application
CYBERVULNERABILITIESINCONTEXT Vulnerability Motive Opportunity Effort Spear phising Financial, espinage, data theft, prepratory to prepratory to main attack Email access to target Mediumtohigh, depending on on quality of phish Water holing Financial, espinage, data theft, prepratory to prepratory to main attack Email access to target, control of web sites High, depending on precision precision of targeting Wireless/Mobile APT Financial, espionage, extortion, theft of personally identifiable information Proximity to target Low to medium Zero-day Financial, operational, data theft, extortion, extortion, control of technical infrastructure Availability of suitable zero-day exploits, organized handling of exploit Medium to high Excessive priviledge Financial, personal, data theft, extortion, reputational Deficiencies in IDM, corruption Low to medium Home user APT Financial, espionage, extortion, theft of personally identifiable information Physical or logical access to access to target Low to high, depending on level of protection of target environment
PIRT
The CSX Liaison reports to the chapter president.
RISK-BASEDCATEGORIZATIONCONTROL
•Q&A •isaca.org/cyber •ISACA Cybersecurity Teaching Materials

Recommended

Cyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughCyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughSavvius, Inc
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test ProfessionalsTechWell
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security EvasionInvincea, Inc.
 
Tamper Resistant Application Fortifies your Defense Against Hacking
Tamper Resistant Application Fortifies your Defense Against HackingTamper Resistant Application Fortifies your Defense Against Hacking
Tamper Resistant Application Fortifies your Defense Against HackingFlexera
 
Security Basics
Security BasicsSecurity Basics
Security BasicsRishi Prasath
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 
OSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint SecurityOSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint SecurityIvanti
 
Mobile security
Mobile securityMobile security
Mobile securitypriyanka pandey
 

Recommended

Cyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughCyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughSavvius, Inc
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test ProfessionalsTechWell
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security EvasionInvincea, Inc.
 
Tamper Resistant Application Fortifies your Defense Against Hacking
Tamper Resistant Application Fortifies your Defense Against HackingTamper Resistant Application Fortifies your Defense Against Hacking
Tamper Resistant Application Fortifies your Defense Against HackingFlexera
 
Security Basics
Security BasicsSecurity Basics
Security BasicsRishi Prasath
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 
OSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint SecurityOSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint SecurityIvanti
 
Mobile security
Mobile securityMobile security
Mobile securitypriyanka pandey
 
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingSoftware Guru
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
SNIA2015 - Solo, Indonesia - Sarwono sutikno + yoko acc Cybersecurity Risk a...
SNIA2015 - Solo, Indonesia - Sarwono sutikno + yoko acc Cybersecurity Risk a...SNIA2015 - Solo, Indonesia - Sarwono sutikno + yoko acc Cybersecurity Risk a...
SNIA2015 - Solo, Indonesia - Sarwono sutikno + yoko acc Cybersecurity Risk a...Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeSplunk
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotShah Sheikh
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 
Introduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security EngineersIntroduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security EngineersOllie Whitehouse
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and TypesVikram Khanna
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamMohammed Adam
 
Steps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and ConsumersSteps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and ConsumersJuniper Networks
 
Ancaman & kelemahan server
Ancaman & kelemahan serverAncaman & kelemahan server
Ancaman & kelemahan serverDedi Dwianto
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?EC-Council
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?ONE BCG
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security RiskDedi Dwianto
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsSameer Thadani
 
Zlatibor asseco-fire eye
Zlatibor asseco-fire eyeZlatibor asseco-fire eye
Zlatibor asseco-fire eyeDejan Jeremic
 
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSREAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSForgeRock
 
Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Quick Heal Technologies Ltd.
 
Sarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecuritySarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecuritySarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 

More Related Content

What's hot

Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingSoftware Guru
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeSplunk
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotShah Sheikh
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 
Introduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security EngineersIntroduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security EngineersOllie Whitehouse
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and TypesVikram Khanna
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamMohammed Adam
 
Steps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and ConsumersSteps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and ConsumersJuniper Networks
 
Ancaman & kelemahan server
Ancaman & kelemahan serverAncaman & kelemahan server
Ancaman & kelemahan serverDedi Dwianto
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?EC-Council
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?ONE BCG
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security RiskDedi Dwianto
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsSameer Thadani
 
Zlatibor asseco-fire eye
Zlatibor asseco-fire eyeZlatibor asseco-fire eye
Zlatibor asseco-fire eyeDejan Jeremic
 
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSREAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSForgeRock
 

What's hot (20)

Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration TestingAsegurarme de la Seguridad?, Un Vistazo al Penetration Testing
Asegurarme de la Seguridad?, Un Vistazo al Penetration Testing
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted Attacks
 
SNIA2015 - Solo, Indonesia - Sarwono sutikno + yoko acc Cybersecurity Risk a...
SNIA2015 - Solo, Indonesia - Sarwono sutikno + yoko acc Cybersecurity Risk a...SNIA2015 - Solo, Indonesia - Sarwono sutikno + yoko acc Cybersecurity Risk a...
SNIA2015 - Solo, Indonesia - Sarwono sutikno + yoko acc Cybersecurity Risk a...
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEye
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent Threats
 
Introduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security EngineersIntroduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security Engineers
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and Types
 
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed AdamCareer Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed Adam
 
Steps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and ConsumersSteps For Protecting Your Mobile Life for Enterprises and Consumers
Steps For Protecting Your Mobile Life for Enterprises and Consumers
 
Ancaman & kelemahan server
Ancaman & kelemahan serverAncaman & kelemahan server
Ancaman & kelemahan server
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security Risk
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent Threats
 
Zlatibor asseco-fire eye
Zlatibor asseco-fire eyeZlatibor asseco-fire eye
Zlatibor asseco-fire eye
 
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPSREAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
REAL-TIME THREAT INTELLIGENCE FOR TRUSTED RELATIONSHIPS
 
Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action
 

Similar to Sarwono sutikno + yoko acc cybervulnerability risk and control for evolving threat

2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hackingCeh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hackingVi Tính Hoàng Nam
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of securitySejahtera Affif
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityZymbian
 
[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael FirstenbergTI Safe
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
Certes webinar securing the frictionless enterprise
Certes webinar securing the frictionless enterpriseCertes webinar securing the frictionless enterprise
Certes webinar securing the frictionless enterpriseJason Bloomberg
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 
Cyber Attack Methodologies
Cyber Attack MethodologiesCyber Attack Methodologies
Cyber Attack MethodologiesGeeks Anonymes
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesOscar Romano
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignRajat Jain
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
Cyber Crime and Security Ch 1 .ppt
Cyber Crime and Security Ch 1 .pptCyber Crime and Security Ch 1 .ppt
Cyber Crime and Security Ch 1 .pptwaleejhaider1
 
CEH Ver.7 and ECSA LPT
CEH Ver.7 and ECSA LPTCEH Ver.7 and ECSA LPT
CEH Ver.7 and ECSA LPTfiliani
 

Similar to Sarwono sutikno + yoko acc cybervulnerability risk and control for evolving threat (20)

Sarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecuritySarwono sutikno nisd2013 - transforming cybersecurity
Sarwono sutikno nisd2013 - transforming cybersecurity
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference
 
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hackingCeh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of security
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 security
 
[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg
 
APT & What we can do TODAY
APT & What we can do TODAYAPT & What we can do TODAY
APT & What we can do TODAY
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
Web application security measures
Web application security measuresWeb application security measures
Web application security measures
 
Certes webinar securing the frictionless enterprise
Certes webinar securing the frictionless enterpriseCertes webinar securing the frictionless enterprise
Certes webinar securing the frictionless enterprise
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
 
Cyber Attack Methodologies
Cyber Attack MethodologiesCyber Attack Methodologies
Cyber Attack Methodologies
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect Design
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
 
Cyber Crime and Security Ch 1 .ppt
Cyber Crime and Security Ch 1 .pptCyber Crime and Security Ch 1 .ppt
Cyber Crime and Security Ch 1 .ppt
 
CEH Ver.7 and ECSA LPT
CEH Ver.7 and ECSA LPTCEH Ver.7 and ECSA LPT
CEH Ver.7 and ECSA LPT
 

More from Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F

More from Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F (20)

TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdfKeamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
Keamanan Data Digital - SPI ITB - Rabu 3 Agustus 2022 -v2.pdf
 
Keamanan Informasi Metaverse - 18 Juni 2022.pdf
Keamanan Informasi Metaverse - 18 Juni 2022.pdfKeamanan Informasi Metaverse - 18 Juni 2022.pdf
Keamanan Informasi Metaverse - 18 Juni 2022.pdf
 
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
Webinar Sabtu 14 Mei 2022 - Digital Signature dan Keamanan Transaksi Keuangan...
 
SMKI vs SMAP vs SMM vs SMOP v06
SMKI vs SMAP vs SMM vs SMOP v06SMKI vs SMAP vs SMM vs SMOP v06
SMKI vs SMAP vs SMM vs SMOP v06
 
Tata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
Tata Kelola Informasi & Teknologi (I&T), dan Aset InformasiTata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
Tata Kelola Informasi & Teknologi (I&T), dan Aset Informasi
 
Silabus el5213 internal auditing (audit internal) v021
Silabus el5213 internal auditing (audit internal) v021Silabus el5213 internal auditing (audit internal) v021
Silabus el5213 internal auditing (audit internal) v021
 
Kuliah tamu itb 11 maret 2020
Kuliah tamu itb 11 maret 2020Kuliah tamu itb 11 maret 2020
Kuliah tamu itb 11 maret 2020
 
Keamanan Informasi - batasan
Keamanan Informasi - batasanKeamanan Informasi - batasan
Keamanan Informasi - batasan
 
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPK
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPKBuku gratifikasi dalam perspektif agama - Desember 2019 - KPK
Buku gratifikasi dalam perspektif agama - Desember 2019 - KPK
 
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
Rancang bangun portable hacking station menggunakan raspberry pi tesis-sath...
 
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019 Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
Sistem Tata Kelola Keamanan Informasi SPBE menggunakan COBIT 2019
 
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TIIIndeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
Indeks Presepsi Korupsi Indonesia 20 thn Reformasi - TII
 
Materi wisuda untag 7 sep2019 won
Materi wisuda untag 7 sep2019 wonMateri wisuda untag 7 sep2019 won
Materi wisuda untag 7 sep2019 won
 
Materi caleg road show bus nganjuk - mod won
Materi caleg road show bus nganjuk - mod wonMateri caleg road show bus nganjuk - mod won
Materi caleg road show bus nganjuk - mod won
 
Antikorupsi mahasiswa
Antikorupsi mahasiswaAntikorupsi mahasiswa
Antikorupsi mahasiswa
 
Islam, pendidikan karakter & antikorupsi mod won v02
Islam, pendidikan karakter & antikorupsi mod won v02Islam, pendidikan karakter & antikorupsi mod won v02
Islam, pendidikan karakter & antikorupsi mod won v02
 
SMKI vs SMAP vs SMM vs SML v04
SMKI vs SMAP vs SMM vs SML v04SMKI vs SMAP vs SMM vs SML v04
SMKI vs SMAP vs SMM vs SML v04
 
Perguruan tinggi dan pencegahan korupsi mod won
Perguruan tinggi dan pencegahan korupsi mod wonPerguruan tinggi dan pencegahan korupsi mod won
Perguruan tinggi dan pencegahan korupsi mod won
 
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
Majalah Integrito, KPK, edisi 1-tahun-2019 #Pemilihan Umum 2019
 

Recently uploaded

9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...anjaliyadav012327
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 

Recently uploaded (20)

9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 

Sarwono sutikno + yoko acc cybervulnerability risk and control for evolving threat

  • 1. TRANSFORMINGCYBERSECURITY,RISKANDCONTROL FOREVOLVINGTHREATS Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM Cybersecurity Nexus Liaison ISACA, Indonesia Cyber Resilience in Financial Institutions Mitigating cybersecurity risks through an analytical, governance and algorithmic framework 9-11 Mar 2015 Hilton Singapore, Singapore
  • 3. SCENARIO • Attacker: 131.107.1.101 • Victim 1: 131.107.1.200 • Victim 2: 172.101.101.3 • Victim 1: Weak Password • Victim 2: Jboss default Installation • Video Access: http://kaminfo.id/demo/1-weak-password.mp4 http://kaminfo.id/demo/2-Jboss.mp4 http://kaminfo.id/demo/3-sshkey.mp4
  • 4. First Scenario: • Attacker do a dictionary attack to the 1st victim. The victim has a weak password quality problem. • Attacker take a look of victim’s data / information after take over the server. • Attacker get the web server information (which is Jboss). Second Scenario: • Attacker use the victim’s machine to exploit jboss’s server (since the Attacker doesn’t know the password) • Attacker gain the access and could take a look the content of the server. Third Scenario: • SSH-key Fourth Scenario: Anti virus AVG2014 bypass http://goo.gl/F70KIH SCENARIO
  • 5. Q and A: • Q: How if the victim (on Linux Machine with root:toor) change their password? • A: MANAGINGACCESS
  • 6. Q and A: • Q: How if the victim (on Linux Machine with root:toor) change their password? • A: The Attacker just need to: 1. Change .ssh’s target. 2. Generate authorize key on our machine and paste it into .ssh’s target. If we do this, every time we would like to connect into the target’s machine via ssh, we don’t need to input the password anymore even the target already changed their password. MANAGINGACCESS
  • 7. Q: Do you have change your password? Q: Is it possible that the 2nd scenario happened in the Internet area (not internal?) Q: Do you ever see your authorized SSH keys on your server? TEASERQ&A
  • 13. ADAPTIVEATTACKVECTOR Security Issue Security Solution Adaptive Attack Vector Single-factor authentication Multifactor authentication Break into token vendor Malware writer, masquerade Digital certificate Break into a credible vendor Antivirus approach - blacklisting whitelisting Break into application whitelisting vendor (Bit9)
  • 15. CYBERVULNERABILITIES,THREATANDRISK Vulnerability Threat Risk and Impact Spear phising Attacker may gain access through phish phish payload or combined social-technical technical follow-up Initial data loss or leakage leading to secondary secondary impact Water holing Attacker may gain control of websites and and subsequent control of visitor Initial behavior errors leading to secondary impact Wireless/Mobile APT Compromise wireless channel to enable enable control Partial or full control of wireless or mobile; direct/indirect impact on service and application Zero-day Use zero-day to circumvent defences Partial / full control of application and underlying underlying system Excessive priviledge Inside attack Full and (technically) legitimate control outsite outsite GRC, secondary impacts Home user APT Attack use home environment may less well well protected than organization environment Partial or full control of wireless or mobile; direct/indirect impact on service and application
  • 16. CYBERVULNERABILITIESINCONTEXT Vulnerability Motive Opportunity Effort Spear phising Financial, espinage, data theft, prepratory to prepratory to main attack Email access to target Mediumtohigh, depending on on quality of phish Water holing Financial, espinage, data theft, prepratory to prepratory to main attack Email access to target, control of web sites High, depending on precision precision of targeting Wireless/Mobile APT Financial, espionage, extortion, theft of personally identifiable information Proximity to target Low to medium Zero-day Financial, operational, data theft, extortion, extortion, control of technical infrastructure Availability of suitable zero-day exploits, organized handling of exploit Medium to high Excessive priviledge Financial, personal, data theft, extortion, reputational Deficiencies in IDM, corruption Low to medium Home user APT Financial, espionage, extortion, theft of personally identifiable information Physical or logical access to access to target Low to high, depending on level of protection of target environment
  • 17. PIRT
  • 18.
  • 19.
  • 20. The CSX Liaison reports to the chapter president.
  • 22.