SlideShare a Scribd company logo

Stolen identities

Download as PPTX, PDF
CyberX-Labs
CyberX-Labs

The Marketplace for stolen Personal Information

Technology
1 of 36
Presented by Ariel Saghiv
© 2018, Ariel Saghiv PRESS RELEASE $4,000,000,000 VALUATION LOSS
A NEW MINDSET FOR DATA SECURITY IS NEEDED IF ORGANIZATIONS ARE TO STAY AHEAD OF THE ATTACKERS
© 2018, Ariel Saghiv -750 BC
© 2018, Ariel Saghiv 2016
© 2018, Ariel Saghiv
Should WE be worried? You
© 2018, Ariel Saghiv Identity Theft The fraudulent acquisition and use of a person's private identifying information, usually for financial gain.  Virus  Worm  Malicious code  Social Engineering
© 2018, Ariel Saghiv
© 2018, Ariel Saghiv A Growing Trend  16.7 million people were affected with identity fraud in the USA alone  16.8 billion US$ were stolen! (Increase 12% from 2016)  Social security numbers are highly popular (exceeded credit card number theft) Javelin Strategy & Research (2017)
© 2018, Ariel Saghiv https://breachlevelindex.com (2018 H1)
© 2018, Ariel Saghiv https://breachlevelindex.com (2018 H1)
© 2018, Ariel Saghiv TYPE OF ID FRAUD THAT CAN IMPACT YOU AND NEEDS PROTECTION: 49% 16% 10% 6% 4% 3% Gov’t Documents & Benefit Information Credit Cards Phone & Utilities Bank Documents Loan Information Employee Related Information Other – 19% Personal documents pertaining to an individual’s assets or identity What is Being Stolen?
© 2018, Ariel Saghiv Opening new credit card or bank accounts in your name using your $$ Requesting Medical service in your name Forging your signature on blank checks Buying a car (home, etc.) by taking out a loan in your name Authorizing ATM transfers Giving your name to the police during an arrest… WHAT THIEVES ARE DOING WITH THIS INFORMATION
© 2018, Ariel Saghiv $1 Drivers license $20 $100-$400 $20-$200 $20 Social security number Diplomas Online payment services login info Loyalty accounts $1000 - $2000 $5-$110 $1 $1-$10 $1-$1000 Passports (US) General non- financial institution logins Subscription services Medical records Credit or debit card (credit cards are more popular) It Doesn’t Cost Much Either…
© 2018, Ariel Saghiv Online Payment Services Account Information Value depends on the balance of the account $400-$1000 Balance is worth $20-$50! $1000-$2500 Balance is worth $50-$120! 2500-$5000 Balance is worth $120-$200!
© 2014 TARYA– Proprietary & Confidential
© 2018, Ariel Saghiv Marketplace • 90% sold on the dark web • Tor (*.onion) web sites that have multiple identities • Identity of the seller and buyer is anonymous
© 2018, Ariel Saghiv
© 2014 TARYA– Proprietary & Confidential
© 2018, Ariel Saghiv Consumers’ Reaction to a Data Breach 48% 33% 19% MUST BE CONVINCED THE PROBLEM WAS FIXED (BEFORE RESUMING BUSINESS) WOULD CONTINUE TO DO BUSINESS WOULD NO LONGER CONDUCT BUSINESS KPMG, Consumer Loss Barometer 2016
© 2018, Ariel Saghiv Social Networks Online Services Honest Users Attackers REGULATION EDUCATION / TOOLS LAW ENFORCEMENT Asymmetry of an Online World
Case Study - Equifax Breach Breach = “Shaming”
© 2018, Ariel Saghiv 143 Million consumers private data records hacked! – Names – social security numbers – birth dates – home addresses – driver's license numbers – 209,000 consumers credit cards – Tax identification numbers
© 2014 TARYA– Proprietary & Confidential Equifax Breach
© 2018, Ariel Saghiv Equifax Breach • Equifax utilized Apache struts for an online dispute portal designed for customers to log issues with credit reports • The vulnerability exploited was CVE-2017-5638 - an arbitrary command execution vulnerability within Apache Struts.
© 2014 TARYA– Proprietary & Confidential
© 2014 TARYA– Proprietary & Confidential
© 2018, Ariel Saghiv Breach = “Shaming” ►Leadership ►Management Responsibility ►Transparency ►Organizational Ethics ►Commitment to the Customer
From Breach Prevention to Breach Acceptance
© 2018, Ariel Saghiv
© 2018, Ariel Saghiv THE FUTURE ►Early Warning on identity theft (What was stolen? What can be done?) ►Blocking Identity theft (as a service) ►Cleanup (after the breach has occurred) ►Trust - currency of the future The Future 3
© 2014 TARYA– Proprietary & Confidential
© 2018, Ariel Saghiv Identity Protection Products
© 2018, Ariel Saghiv
© 2018, Ariel Saghiv

Recommended

Blockchain & Illicit trade
Blockchain & Illicit tradeBlockchain & Illicit trade
Blockchain & Illicit tradeBARDEHLE PAGENBERG Partnerschaft mbB
 
INFOGRAPHIC - 6 Reasons Why Cyber Security is Top Priority in 2019 for INDIA
INFOGRAPHIC - 6 Reasons Why Cyber Security is Top Priority in 2019 for INDIAINFOGRAPHIC - 6 Reasons Why Cyber Security is Top Priority in 2019 for INDIA
INFOGRAPHIC - 6 Reasons Why Cyber Security is Top Priority in 2019 for INDIAHaltdos
 
Move it or lose it: Getting people to care about personal data
Move it or lose it: Getting people to care about personal dataMove it or lose it: Getting people to care about personal data
Move it or lose it: Getting people to care about personal dataNicholas Oliver
 
Stirista Overview
Stirista OverviewStirista Overview
Stirista Overviewstirista
 
Keynote: Unified decentralisation & the future of a consumer-led data economy
Keynote: Unified decentralisation & the future of a consumer-led data economyKeynote: Unified decentralisation & the future of a consumer-led data economy
Keynote: Unified decentralisation & the future of a consumer-led data economyNicholas Oliver
 
Robin8 ICO Deck
Robin8 ICO DeckRobin8 ICO Deck
Robin8 ICO DeckJah Ying Chung 鍾嘉穎
 
Tarya - Stolen identities
Tarya - Stolen identitiesTarya - Stolen identities
Tarya - Stolen identitiesCyberX-Labs
 
Navigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance GuidelinesNavigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance GuidelinesDATAVERSITY
 

Recommended

Blockchain & Illicit trade
Blockchain & Illicit tradeBlockchain & Illicit trade
Blockchain & Illicit tradeBARDEHLE PAGENBERG Partnerschaft mbB
 
INFOGRAPHIC - 6 Reasons Why Cyber Security is Top Priority in 2019 for INDIA
INFOGRAPHIC - 6 Reasons Why Cyber Security is Top Priority in 2019 for INDIAINFOGRAPHIC - 6 Reasons Why Cyber Security is Top Priority in 2019 for INDIA
INFOGRAPHIC - 6 Reasons Why Cyber Security is Top Priority in 2019 for INDIAHaltdos
 
Move it or lose it: Getting people to care about personal data
Move it or lose it: Getting people to care about personal dataMove it or lose it: Getting people to care about personal data
Move it or lose it: Getting people to care about personal dataNicholas Oliver
 
Stirista Overview
Stirista OverviewStirista Overview
Stirista Overviewstirista
 
Keynote: Unified decentralisation & the future of a consumer-led data economy
Keynote: Unified decentralisation & the future of a consumer-led data economyKeynote: Unified decentralisation & the future of a consumer-led data economy
Keynote: Unified decentralisation & the future of a consumer-led data economyNicholas Oliver
 
Robin8 ICO Deck
Robin8 ICO DeckRobin8 ICO Deck
Robin8 ICO DeckJah Ying Chung 鍾嘉穎
 
Tarya - Stolen identities
Tarya - Stolen identitiesTarya - Stolen identities
Tarya - Stolen identitiesCyberX-Labs
 
Navigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance GuidelinesNavigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance GuidelinesDATAVERSITY
 
Artificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud PreventionArtificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud PreventionJérôme Kehrli
 
Preventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite GroupPreventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite GroupLaurent Pacalin
 
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...TrustArc
 
The Privacy Advantage 2016 - Amit Pau
The Privacy Advantage 2016 - Amit PauThe Privacy Advantage 2016 - Amit Pau
The Privacy Advantage 2016 - Amit PauKrowdthink
 
Cyber security (2) (2)
Cyber security (2) (2)Cyber security (2) (2)
Cyber security (2) (2)ameyjakate
 
CYBERSECURITY 3.0: The Single Most Important Event of this Century
CYBERSECURITY 3.0: The Single Most Important Event of this CenturyCYBERSECURITY 3.0: The Single Most Important Event of this Century
CYBERSECURITY 3.0: The Single Most Important Event of this CenturyCasey Fleming
 
Your Employees at Risk: The New, Dangerous Realities of Identity Theft
Your Employees at Risk: The New, Dangerous Realities of Identity TheftYour Employees at Risk: The New, Dangerous Realities of Identity Theft
Your Employees at Risk: The New, Dangerous Realities of Identity TheftElizabeth Dimit
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxwlynn1
 
Identity Theft & Account Fraud
Identity Theft & Account FraudIdentity Theft & Account Fraud
Identity Theft & Account Fraud- Mark - Fullbright
 
Location & CPG: Turning Real-World Insights into Sales
Location & CPG: Turning Real-World Insights into SalesLocation & CPG: Turning Real-World Insights into Sales
Location & CPG: Turning Real-World Insights into SalesLocalogy
 
Security Practices: The Generational Gap | Infographic
Security Practices: The Generational Gap | InfographicSecurity Practices: The Generational Gap | Infographic
Security Practices: The Generational Gap | InfographicPing Identity
 
Smart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CitySmart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CityPeter Waher
 
Stephanie Llamas (SuperData): XR by the Numbers: What the Data Tells Us
Stephanie Llamas (SuperData): XR by the Numbers: What the Data Tells UsStephanie Llamas (SuperData): XR by the Numbers: What the Data Tells Us
Stephanie Llamas (SuperData): XR by the Numbers: What the Data Tells UsAugmentedWorldExpo
 
Biggest Data Breaches of 2016
Biggest Data Breaches of 2016Biggest Data Breaches of 2016
Biggest Data Breaches of 2016ThrottleNet, Inc
 
Data Wars - How Barclays manage the threat from cyber attacks
Data Wars - How Barclays manage the threat from cyber attacksData Wars - How Barclays manage the threat from cyber attacks
Data Wars - How Barclays manage the threat from cyber attacksWhite Clarke Group
 
TECHTalks - Buffalo NY - Adam Stotz
TECHTalks - Buffalo NY - Adam StotzTECHTalks - Buffalo NY - Adam Stotz
TECHTalks - Buffalo NY - Adam StotzEagleDream Technologies
 
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Jef Lacson
 
Mobile App Security Predictions 2019
Mobile App Security Predictions 2019Mobile App Security Predictions 2019
Mobile App Security Predictions 2019NowSecure
 
Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Grant Barker
 
Normshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing ReportNormshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing ReportNormShield
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 

More Related Content

Similar to Stolen identities

Artificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud PreventionArtificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud PreventionJérôme Kehrli
 
Preventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite GroupPreventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite GroupLaurent Pacalin
 
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...TrustArc
 
The Privacy Advantage 2016 - Amit Pau
The Privacy Advantage 2016 - Amit PauThe Privacy Advantage 2016 - Amit Pau
The Privacy Advantage 2016 - Amit PauKrowdthink
 
Cyber security (2) (2)
Cyber security (2) (2)Cyber security (2) (2)
Cyber security (2) (2)ameyjakate
 
CYBERSECURITY 3.0: The Single Most Important Event of this Century
CYBERSECURITY 3.0: The Single Most Important Event of this CenturyCYBERSECURITY 3.0: The Single Most Important Event of this Century
CYBERSECURITY 3.0: The Single Most Important Event of this CenturyCasey Fleming
 
Your Employees at Risk: The New, Dangerous Realities of Identity Theft
Your Employees at Risk: The New, Dangerous Realities of Identity TheftYour Employees at Risk: The New, Dangerous Realities of Identity Theft
Your Employees at Risk: The New, Dangerous Realities of Identity TheftElizabeth Dimit
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxwlynn1
 
Location & CPG: Turning Real-World Insights into Sales
Location & CPG: Turning Real-World Insights into SalesLocation & CPG: Turning Real-World Insights into Sales
Location & CPG: Turning Real-World Insights into SalesLocalogy
 
Security Practices: The Generational Gap | Infographic
Security Practices: The Generational Gap | InfographicSecurity Practices: The Generational Gap | Infographic
Security Practices: The Generational Gap | InfographicPing Identity
 
Smart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CitySmart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CityPeter Waher
 
Stephanie Llamas (SuperData): XR by the Numbers: What the Data Tells Us
Stephanie Llamas (SuperData): XR by the Numbers: What the Data Tells UsStephanie Llamas (SuperData): XR by the Numbers: What the Data Tells Us
Stephanie Llamas (SuperData): XR by the Numbers: What the Data Tells UsAugmentedWorldExpo
 
Biggest Data Breaches of 2016
Biggest Data Breaches of 2016Biggest Data Breaches of 2016
Biggest Data Breaches of 2016ThrottleNet, Inc
 
Data Wars - How Barclays manage the threat from cyber attacks
Data Wars - How Barclays manage the threat from cyber attacksData Wars - How Barclays manage the threat from cyber attacks
Data Wars - How Barclays manage the threat from cyber attacksWhite Clarke Group
 
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Jef Lacson
 
Mobile App Security Predictions 2019
Mobile App Security Predictions 2019Mobile App Security Predictions 2019
Mobile App Security Predictions 2019NowSecure
 
Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Grant Barker
 
Normshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing ReportNormshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing ReportNormShield
 

Similar to Stolen identities (20)

Artificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud PreventionArtificial Intelligence for Banking Fraud Prevention
Artificial Intelligence for Banking Fraud Prevention
 
Preventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite GroupPreventing P2P Fraud with Aite Group
Preventing P2P Fraud with Aite Group
 
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
Privacy Risk Management - Emerging Trends, Benchmarking Research and Best Pra...
 
The Privacy Advantage 2016 - Amit Pau
The Privacy Advantage 2016 - Amit PauThe Privacy Advantage 2016 - Amit Pau
The Privacy Advantage 2016 - Amit Pau
 
Cyber security (2) (2)
Cyber security (2) (2)Cyber security (2) (2)
Cyber security (2) (2)
 
CYBERSECURITY 3.0: The Single Most Important Event of this Century
CYBERSECURITY 3.0: The Single Most Important Event of this CenturyCYBERSECURITY 3.0: The Single Most Important Event of this Century
CYBERSECURITY 3.0: The Single Most Important Event of this Century
 
Your Employees at Risk: The New, Dangerous Realities of Identity Theft
Your Employees at Risk: The New, Dangerous Realities of Identity TheftYour Employees at Risk: The New, Dangerous Realities of Identity Theft
Your Employees at Risk: The New, Dangerous Realities of Identity Theft
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
 
Identity Theft & Account Fraud
Identity Theft & Account FraudIdentity Theft & Account Fraud
Identity Theft & Account Fraud
 
Location & CPG: Turning Real-World Insights into Sales
Location & CPG: Turning Real-World Insights into SalesLocation & CPG: Turning Real-World Insights into Sales
Location & CPG: Turning Real-World Insights into Sales
 
Security Practices: The Generational Gap | Infographic
Security Practices: The Generational Gap | InfographicSecurity Practices: The Generational Gap | Infographic
Security Practices: The Generational Gap | Infographic
 
Smart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CitySmart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart City
 
Stephanie Llamas (SuperData): XR by the Numbers: What the Data Tells Us
Stephanie Llamas (SuperData): XR by the Numbers: What the Data Tells UsStephanie Llamas (SuperData): XR by the Numbers: What the Data Tells Us
Stephanie Llamas (SuperData): XR by the Numbers: What the Data Tells Us
 
Biggest Data Breaches of 2016
Biggest Data Breaches of 2016Biggest Data Breaches of 2016
Biggest Data Breaches of 2016
 
Data Wars - How Barclays manage the threat from cyber attacks
Data Wars - How Barclays manage the threat from cyber attacksData Wars - How Barclays manage the threat from cyber attacks
Data Wars - How Barclays manage the threat from cyber attacks
 
TECHTalks - Buffalo NY - Adam Stotz
TECHTalks - Buffalo NY - Adam StotzTECHTalks - Buffalo NY - Adam Stotz
TECHTalks - Buffalo NY - Adam Stotz
 
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
Accounting for Cyber Risks - How much does Cyber actually cost the Industry?
 
Mobile App Security Predictions 2019
Mobile App Security Predictions 2019Mobile App Security Predictions 2019
Mobile App Security Predictions 2019
 
Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601
 
Normshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing ReportNormshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing Report
 

Recently uploaded

Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Recently uploaded (20)

Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

Stolen identities

  • 2. © 2018, Ariel Saghiv PRESS RELEASE $4,000,000,000 VALUATION LOSS
  • 3. A NEW MINDSET FOR DATA SECURITY IS NEEDED IF ORGANIZATIONS ARE TO STAY AHEAD OF THE ATTACKERS
  • 4. © 2018, Ariel Saghiv -750 BC
  • 5. © 2018, Ariel Saghiv 2016
  • 6. © 2018, Ariel Saghiv
  • 7. Should WE be worried? You
  • 8. © 2018, Ariel Saghiv Identity Theft The fraudulent acquisition and use of a person's private identifying information, usually for financial gain.  Virus  Worm  Malicious code  Social Engineering
  • 9. © 2018, Ariel Saghiv
  • 10. © 2018, Ariel Saghiv A Growing Trend  16.7 million people were affected with identity fraud in the USA alone  16.8 billion US$ were stolen! (Increase 12% from 2016)  Social security numbers are highly popular (exceeded credit card number theft) Javelin Strategy & Research (2017)
  • 11. © 2018, Ariel Saghiv https://breachlevelindex.com (2018 H1)
  • 12. © 2018, Ariel Saghiv https://breachlevelindex.com (2018 H1)
  • 13. © 2018, Ariel Saghiv TYPE OF ID FRAUD THAT CAN IMPACT YOU AND NEEDS PROTECTION: 49% 16% 10% 6% 4% 3% Gov’t Documents & Benefit Information Credit Cards Phone & Utilities Bank Documents Loan Information Employee Related Information Other – 19% Personal documents pertaining to an individual’s assets or identity What is Being Stolen?
  • 14. © 2018, Ariel Saghiv Opening new credit card or bank accounts in your name using your $$ Requesting Medical service in your name Forging your signature on blank checks Buying a car (home, etc.) by taking out a loan in your name Authorizing ATM transfers Giving your name to the police during an arrest… WHAT THIEVES ARE DOING WITH THIS INFORMATION
  • 15. © 2018, Ariel Saghiv $1 Drivers license $20 $100-$400 $20-$200 $20 Social security number Diplomas Online payment services login info Loyalty accounts $1000 - $2000 $5-$110 $1 $1-$10 $1-$1000 Passports (US) General non- financial institution logins Subscription services Medical records Credit or debit card (credit cards are more popular) It Doesn’t Cost Much Either…
  • 16. © 2018, Ariel Saghiv Online Payment Services Account Information Value depends on the balance of the account $400-$1000 Balance is worth $20-$50! $1000-$2500 Balance is worth $50-$120! 2500-$5000 Balance is worth $120-$200!
  • 17. © 2014 TARYA– Proprietary & Confidential
  • 18. © 2018, Ariel Saghiv Marketplace • 90% sold on the dark web • Tor (*.onion) web sites that have multiple identities • Identity of the seller and buyer is anonymous
  • 19. © 2018, Ariel Saghiv
  • 20. © 2014 TARYA– Proprietary & Confidential
  • 21. © 2018, Ariel Saghiv Consumers’ Reaction to a Data Breach 48% 33% 19% MUST BE CONVINCED THE PROBLEM WAS FIXED (BEFORE RESUMING BUSINESS) WOULD CONTINUE TO DO BUSINESS WOULD NO LONGER CONDUCT BUSINESS KPMG, Consumer Loss Barometer 2016
  • 22. © 2018, Ariel Saghiv Social Networks Online Services Honest Users Attackers REGULATION EDUCATION / TOOLS LAW ENFORCEMENT Asymmetry of an Online World
  • 23. Case Study - Equifax Breach Breach = “Shaming”
  • 24. © 2018, Ariel Saghiv 143 Million consumers private data records hacked! – Names – social security numbers – birth dates – home addresses – driver's license numbers – 209,000 consumers credit cards – Tax identification numbers
  • 25. © 2014 TARYA– Proprietary & Confidential Equifax Breach
  • 26. © 2018, Ariel Saghiv Equifax Breach • Equifax utilized Apache struts for an online dispute portal designed for customers to log issues with credit reports • The vulnerability exploited was CVE-2017-5638 - an arbitrary command execution vulnerability within Apache Struts.
  • 27. © 2014 TARYA– Proprietary & Confidential
  • 28. © 2014 TARYA– Proprietary & Confidential
  • 29. © 2018, Ariel Saghiv Breach = “Shaming” ►Leadership ►Management Responsibility ►Transparency ►Organizational Ethics ►Commitment to the Customer
  • 30. From Breach Prevention to Breach Acceptance
  • 31. © 2018, Ariel Saghiv
  • 32. © 2018, Ariel Saghiv THE FUTURE ►Early Warning on identity theft (What was stolen? What can be done?) ►Blocking Identity theft (as a service) ►Cleanup (after the breach has occurred) ►Trust - currency of the future The Future 3
  • 33. © 2014 TARYA– Proprietary & Confidential
  • 34. © 2018, Ariel Saghiv Identity Protection Products
  • 35. © 2018, Ariel Saghiv
  • 36. © 2018, Ariel Saghiv

Editor's Notes

  1. שלום, אני אריאל סגיב לא באתי לספר על FIREWALL ולא על סיסמאות חזקות וגם לא על רגולציה באתי לשנות את נקודת המבט שלכם מה קורה אחרי שהמידע הסודי ביותר ידלוף. וזה יקרה.
  2. קחו רגע להפנים את הגרף --הפסקה אנחנו רואים פה את שווי המנייה של חברת EQUIFAX אחת מ-3 חברות האשראי הגדולות בארה"ב רגע אחרי שדיווחו על דליפת המידע הגדולה ביותר של 2017, וצברה הפסד של 4 מיליארד דולר. לא נעים
  3. מידע ידלוף. כמה שלא נשקיע, טעות פשוטה של עובד – והמידע בחוץ. We are already worried - so should you צריך לעשות חישוב מסלול מחדש
  4. בנקים נראו ככה
  5. עדיין נראים ככה
  6. ה SHARING ECONOMY קרה
  7. ועדיין מתעוררים כל יום עם חששות מה יוליד יום
  8. גניבת מידע מתבצעת למטרה של רווח כלכלי או התחזות אפשר לגנוב באמצעים טכנולוגיים כמו וירוסים או חולשות במערכת, ואפילו על ידי גניבת תיק עם מסמכים ואם יש על זה סרטים, בטוח יש בעיה
  9. הסרט הזה לא הזוי כמעט 17 מיליון אמריקאים חוו זאת ב 2017 פרטים אישיים הרבה יותר פופולריים מגניבת כרטיסי אשראי
  10. מדובר בתופעה גלובלית כל אירוע במפה (מהחצי הראשון של 2018) מייצג אירוע דליפת מידע קטן או גדול האירועים מתוחזקים ומפורסמים עי אתר BREACH LEVEL INDEX
  11. אין תעשיה של נפגעת מדליפות מידע – רפואה, ממשלה, קמעונאות ואלה הנתונים רק לחצי הראשון של 2018
  12. איזה סוגי מידע פופולרי? העתקי מסמכים ופרטים מזהים ניתן להדפיס תעודות מזויפות בקלות רבה
  13. מה עושים עם הזהות שקניתי?
  14. וזה גם ממש לא יקר, מתחיל ב 1$ ועד אלפי דולרים לפי שווי המידע שנרכש ומה אפשר לעשות איתו
  15. גם חשבונות ONLINE שווים לא מעט ומאפשרים ביצוע רכישות על חשבון מישהו אחר או אף משיכת הכסף ככה נראית פרסומת ב FACEBOOK של מישהו שמוכר
  16. שימו לב למידע הרב הזמין בקלות לכל דורש רובו נמכר ב DARKWEB
  17. ב DARKWEB גם האתרים, גם הקונים, וגם המוכרים אנונימיים בגלל שמדובר ברכישת מידע אין שליחה בפועל של מוצרים
  18. ממש EBAY של מידע אישי צריך לחפש FULLZ או SSN
  19. ואפשר גם להזמין במייל
  20. הלקוחות היום מודעים מאי פעם לפרטיות שלהם, ומצביעים ברגליים מחקרים מראים שחשוב מאוד לתקשר באופן שקוף את האירוע וכיצד פועלים לכבות את השריפה
  21. מציאות מטרידה ואסימטרית ולכן חשוב שנהיה מודעים אליה האמצעים של אכיפת החוק והחינוך למשתמשים והרגולציה אינם נותנים מענה להיקפים המסיביים
  22. אירוע של דליפת מידע = BREACH הינו SHAMING מודרני לחברה שנכשלה בשמירה על אמון המשתמשים ופעלה בחוסר אחריות
  23. EQUIFAX אחת מ-3 החברות הגדולות בארה"ב לניתוח ומתן שירותי CREDITSCORE בדליפה נגנבו פרטים של כחצי מאוכלוסיית ארה"ב ומשתמשים רבים בקנדה ואירופה בעידן האינטרנט קשה לשמור על זה בסוד. וגם על הדעה של הלקוחות
  24. In todays age - its very difficult to contain a breach
  25. הפרצה נבעה מתוכנה לא מעודכנת באתר האינטרנט של החברה במודול תלונות לקוחות
  26. למעשה כבר בפברואר פורסמה התראה על חולשה במנוע האפליקטיבי שלא טופלה. הפורצים חדרו למערכת והוציאו מידע במשך כמעט 3 חודשים לקח לחברה כחודש לפרסם את האירוע ובמהלכו כדור השלג רק התגבר – בכירים מכרו מניות לפני פרסום, פורטל בירור פרטי הפריצה נפרץ אף הוא וגנב פרטי משתמשים, התברר שגם אזרחים אירופים וקנדיים נפגעו ומנכ"ל החברה התפטר
  27. בראיה לאחור ניהול המשבר יכול היה להתנהל אחרת – החל מתיקון החולשה בזמן, גילוי של הפרצה מוקדם יותר והתנהלות אחראית ושקופה של ההנהלה הייתה פה שרשרת של אירועים שאפשר היה לפתור אחרת וניתן ללמוד מזה הרבה. האחריות אינה רק של המנכ"ל אלא של כלל עובדי החברה ניהול נכון של המשבר הוא חלק חשוב לא פחות ממניעתו
  28. אנו היום חיים בעידן שהאירוע יקרה. והשאלה איך נפעל?
  29. ממש מהחודש שעבר, פייסבוק שאחרי המשפט בסנאט ופרשת קמברידג אנליטיקה חווה פריצה נוספת ונגישות למידע של 50 מיליון משתמשים
  30. המשברים הרבים מייצרים בשוק הזדמנויות לשירותים חדשים לחברות ולפרטיים: החל מגילוי מוקדם של אירוע, חסימת שימוש בפרטים אישיים ואף טיפול בנפגעים לאחר אירוע דלף מדד האמון והיכולת למדוד ולפרסם אותו הופך למעשה להיות המטבע של העתיד כך נראה סרט הדרכה של BANK OF AMERICA ללקוחות הבנק במקרה של גניבת המידע האישי
  31. חברות חדשות צצות כדי לאפשר הגנה על הזהות
  32. ניטור שימוש בזהות, ביטוח, חסימה אוטומטית של הזהות במוסדות שונים ונותנות שירותים לפרטיים וחברות
  33. לסיכום