SlideShare a Scribd company logo

Professor Walker's Guide to Cybersecurity Threats

Download as PPTX, PDF
Prof John Walker FRSA Purveyor Dark Intelligence
Prof John Walker FRSA Purveyor Dark Intelligence

Professor John Walker provides information on cybersecurity threats. He has over 30 years of experience in infosecurity and cyber fields. Some key points from the document: - Dependencies on internet and cloud have increased vulnerabilities globally as social, business, and government operations rely heavily on online connectivity. - Criminals are succeeding financially from cybercrimes like fraud schemes while hacktivists remain active. Skills shortage is an issue. - Emerging threats like advanced persistent threats can evade firewalls and antivirus. Mobile devices and BYOD trends have increased attack surfaces. - Nation-state cyberattacks from countries like China and Russia are a concern. Cyber warfare and conflicts may escalate physical violence

Technology
1 of 35
0000000000000000000000 Professor John Walker FBCS CISM CRISC ITPC CITP FRSA MSSoc 000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Take-Down 2014 [AKA – The Yellow Brick Road to Insecurity] 000000000000000000000000000000000000000000000000000000000000000000000000000000000 http://www.cytelligence.co.uk/ 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Who AM I CTI Cytelligence Ltd Member ENISA CEI Listed Experts - http://www.enisa.europa.eu/ Registered International Expert Witness Editorial Board – Cyber Security Research Institute (CRSI) Microsoft Partner Freelance Writer International Presenter Visiting Professor School of Science and Technology NTU Visiting Professor/Lecturer – University of Slovenia 30 Years Experience in the Fields of Infosecurity, and Cyber 100+ Papers Published Internationally Presented 100+ Internationally http://www.cytelligence.co.uk/
Die Hard – 4 – With Nails Fiction-or-Fact! http://www.cytelligence.co.uk/
Socio-Economic Implications One overall Society Wide implication is, by Socio-Economic Implication we [the Global Village] have embedded the environment of Internet dependencies into the very fabric of our lives – Cloud has expand these dependencies. Social, Business, Government, all of which are now entwined into the interconnected environment, the Genie is Out, and may not be placed back in the bottle. Business Operations are highly dependent - Governments are highly reliant on Internet Operability. Socially be it from IP TV, VoIP, or even Home working, again dependency is high . . . . Making it, and us an ideal surface of Attack. This dependency on an environment with no real Governance, Cross Boarder Control, or for that SLA, makes us significantly vulnerable, in the Medium to Long Term . . . and it WILL have consequences! http://www.cytelligence.co.uk/
SITREP – 11/02/13/14 Criminals are Winning – and the Rewards are HIGH http://www.bankinfosecurity.co.uk/blogs/new-fraud-scheme-launched-via-chat-p-1403 Hacktivists are, well Active (NOT forgetting Cyber Radicals) PCI-DSS has been found to be FLAWED The Standard of ‘Overcompensation’ Skills Low – they need to be honed International Threats Ignored Too many Reports – NOT enough Action Lack of Reporting Lack of Public Security Awareness http://www.cytelligence.co.uk/
Yesterdays Threat a) Malware – Once considered by Government Agencies [GCHQ/CESG] to be a passing nuisance - is now a significant threat and in a new guise! b) SPAM – Thought to only be a communication which had to be managed [House or Lords Technology Committee]. Now a major conduit for Malware, and other adverse infiltrations! c) Cyber Intelligence Gathering [OSINT] is a reality and not a myth [consider the Cuckoos Egg]! d) Cyber Attacks have taken place against the UK, US, and Germany to name but a few – Titan Rain! e) Root Servers are regular targets! f) IP is everywhere [Including Fridges] and so the threats are commensurate and rising – The Dirty Shirt! http://www.cytelligence.co.uk/
Some Good Bad Examples 1. DNS 2. Exposures & Vulnerabilities 3. Users – Education & Awareness (Not me Gov) 4. Patch & Fix (or NOT) 5. Bleeding Edge Technologies 6. Virtualisation & Cloud (and its not new) 7. Lack of Standards 8.New Age Malware (Smart Cell Phone) http://www.cytelligence.co.uk/
The Promise of Third Parties When Contracting out into a Specialty Third Parties there is an expectation that they will provision the required level of Best Practice support to secure the enterprise under contract, and do what they say they do – as stated in the following article form published in Secure Computing magazine, by a CSIO representing a well known Big Name Third Party: Problem was – when working with a major brand Company this same supplier was supporting, they did not follow any such path, and the service was so wanting it left [and is leaving today] that client exposed to Uncontrolled Security Incidents, Exposure to Malware, and Insider Threats to mention just three of many shortfalls. http://www.cytelligence.co.uk/
Real-Time, Real-World LONDON, Jan/07: The Director General of MI5 warned British companies of possible cyber-attacks originating from China. The Prime Minister's office accused China of engaging in state-sponsored espionage targeting integral parts of Britain's economy, using the computer infrastructure of Banks and financial services. April 2010 the Cabinet Office assessed the threat from Electronic Attack from Russia, and China was rated SEVERE. Better late than never: Copyright SBLTD 2012 http://www.cytelligence.co.uk/
Unrestricted Warfare Unrestricted Warfare is a book on military strategy written in 1999 by two colonels in the People's Liberation Army, Qiao Liang and Wang Xiangsui. http://www.cytelligence.co.uk/ Copy supplied as a ‘Hand-Out-1’
Public Exposures Hotels & Public Access Points can present very insecure & hostile environments which can & do exposure their users! Example of a deployed Access Point at a well know London Hotel which is compromised & possibly being exploited today! http://www.computing.co.uk/ctg/opinion/1844378/incidents-hotels-sow-reservations-security http://www.cytelligence.co.uk/
Exposures 2013/14 1. Large Global Oil & Gas – Insecure SCADA 2. UK Smart Metering – Open to Abuse 3. Connected Homes – Hacked and Insecure 4. Major London Based Bank - Compromised 5. London City Insurance Broker – Total Insecurity 6. Scot’s Care Home Hacked – Heating Systems] 7. Betting Agency – Cyber and DDoS Attack 8.Operational Security – Learning on the Job!!! http://www.cytelligence.co.uk/
DDoS DDoS has been growing in popularity year-on-year, with the throughput of adverse traffic increasing - it requires zero skill to join in and to play: http://www.cytelligence.co.uk/
Italy = 20 China = 428 Global Attacks Attacks – 2012 - 2013 Hong Kong = 66 Turkey = 52 Poland = 10 Brazil = 19 California = 20 Turkey = 161 California = 22 South Korea = 24 Japan = 36 Venezuela = 15 Brazil = 34 California = 24 Indiana = 25 Australia = 4 Italy = 24 California = 30 Brazil = 53 California = 33 California = 31 Venezuela = 11 California = 38 Honk Kong = 50 http://www.cytelligence.co.uk/
DDoS http://www.cytelligence.co.uk/
Mediocrity will NOT Suffice It was the BofE who were the main orchestrators of Waking Shark II – Yet they have a number of significant security exposures, and vulnerabilities, of which they have been informed under respectful, Channelled Disclosure Notification – With no response, or action. If we are to lead the riotous path to evolve security and to protect the public, then it must surly follow a route to secure our infrastructures, and not just Ignore the open states of potential compromise! We must take the Threat serious – or there is no point. Waking Shark II – ‘Hand Out-2’ In fact we are already here! See article in Digital Forensics Magazine – [If you want a cope just drop me a line]. http://www.cytelligence.co.uk/
The Statistics http://www.cytelligence.co.uk/
Critical Unacceptable Exposures If I were to tell you that because of a breakdown in process there are potentially hundreds of Highly Classified Soft Copy Files sitting on Laptops, Servers, unencrypted, and then just left there – TS, STRAP etc would you believe me? – And such documents are replicated in a very uncontrolled manner. If I were to tell you that FOI has been employed in an unthinking way and exposed lives to threat – would you believe me? – then you should!! http://www.cytelligence.co.uk/
Critical Infrastructures Exposed By the very nature of what the Power Industry supply, and support - they are a Target! – But they don’t seem to know it! http://www.cytelligence.co.uk/
911 – The Power Event? http://www.cytelligence.co.uk/
Play Safe – The Vulnerability of WiFi WiFi everywhere – but still not being used security, or sensibly – An example: http://www.cytelligence.co.uk/
Advanced Threats Called Advanced Threats, Advanced Persistent Threats [APT], Advanced Evasion Techniques [AET] – they are all New Age Cyber Threats that carry Payload. And it is highly likely they are responsible for many of the well Publicised security breaches, and the state of Assumed Compromise. http://www.cytelligence.co.uk/
Firewall Evasion http://www.cytelligence.co.uk/ Proven Real-Time & in Lab Conditions by Nottingham Trent University in Research Partnership with Commercial Vendors – Firewalls Can Be Broken!
Smart Phones and BYOD The advent of the Smart Cell Pones – (Hand Held Micro Computers) host a vast range of features, and are no longer simple devices which just make Telephone Calls. They are installed with high capacity storage capabilities well in excess of their early Big Brothers and Sisters based on 8086 Chips. They are hosting Bluetooth, WiFi (802.11 . ..), and Web Access – they talk to the Internet, and communicate into Clouds. __________________________________________________________________________ They are also enjoying the interest of Malware Writers, and currently there are approximately 300 such applications in circulation. The AV Companies are responding with early solutions . . . . But they are the new target And User are happy to Accept All Access to All Things!!! http://www.cytelligence.co.uk/
Advanced Threats Cyber Attacks of eCrime/eFraud are, Phishing, RockPhish and FastFlux, Scams (419), Spear Phishing, Malware, Botnets, Rootkits, and DoS/DDoS are some examples of the methods of choice of Criminals, Organised Crime, and Hacktivist to attack business, systems, and the end-user community alike. These acts are remote from the enterprise perimeter, so physical assess may prove to be impossible as the related artifacts will be dynamic. The Missing element is the CSIRT First Responder Digital Forensics, and Investigative Response. http://www.cytelligence.co.uk/
Cyber Extortion – Anatomy of Attack Distance Based Digital Forensics should be triggered by the manifestation of impact from any one of many variations of attack conditions – and Footprinting can also include eMail based Social Engineering - This is a Real-Time Map of an attacks on against an on-line betting deployment. Logs, Alerts, and Notifications should notify adverse conditions. http://www.cytelligence.co.uk/
Radicals 5/11/12 http://www.cytelligence.co.uk/
Islamic Jihad – Its Serious Global Islamic Media Front's (GIMF) http://www.cytelligence.co.uk/
Physical Threats – Real Time •Times are Changing – Consider! • East Midlands Airport • Stephen Timm’s • Chicago • Mumbai (x2) May we conclude that, if the prospect of ‘Radicalisation’ is interwoven in our Society, should we expect to see more use of Cyber Tools to support these missions in 2014! – Low Cost Munitions, with High Impact Potentials! http://www.cytelligence.co.uk/
From Russia with Love - CaaS Source = Trend Micro http://www.cytelligence.co.uk/
CyberWar - CyberConflict Just 8 years ago a CPNI Agent commented that the Cyber Threat was over-hyped! Cyber War is now considered to be a reality, and represents an Aggressive capability which hostile nations may utilise against a target. Cyber War capabilities exist in Nations where their internal technology Capabilities are extremely low, but they do have high capabilities to attack outside their logical boarders. It is anticipated that Cyber War will be an activity which would be a joined force alongside Kinetic Warfare. In certain conditions, Cyber War holds the potential to escalate into Kinetic engagements. Early singes have been seen of Hostile Government Capabilities – North Korea. See: http://www.scmagazineuk.com/north-korean-electro-magnetic-pulse-able-to-attack-us-via-south-pole/article/369451/ http://www.cytelligence.co.uk/
Abusive Images - Accepted See: http://www.scmagazineuk.com/1-in-5-corporate-networks-host-child-sex-abuse-content/article/368786/ http://www.cytelligence.co.uk/
Response - DOING Upon engaging with an event classified as Distance Forensics (the Unknown) DO: a) Triage the event - trace b) Contain all Dynamic Artifacts (Logs, traces, events, eMail (including headers) c)Conduct Intelligence Gathers from known facts, to reveal the unknown circumstance, d) Taxonomy of the attack type (e.g. below, Utube Page containing Malware) e) Investigate Logs/Service Desk Reports, and any other form of possible information f) Confirm with other CSIRT Members their status – communicate the event for purpose of Situational Awareness g) Document h)Real-Time Threats Assessment i) Monitor j) Preserve Artifacts & Evidence k) Assess need for Third Party Reporting – Law Enforcement Vice (CMA), DPA68, PCI-DSS, ISP etc l) Consider Corporate Communications Position m) Consider taking down impacted systems/or reducing their operability - n) Assess any Sprawl Conditions http://www.cytelligence.co.uk/
Intelligent Postures & Response Know your Critical assets Find out what you ‘Don’t Know’ Consider the element of Data Leakage – Conduct a Triage Conduct Intelligent Testing Know your Business Exposure Employ Situational Awareness Practices Evolve an Incident Response Process, and Capability [Not just Lights on stuff] Don’t do ‘Lip-Service’ do ‘Security’ Take the Threat Seriously http://www.cytelligence.co.uk/
http://www.cytelligence.co.uk/ Hand Out-3

Recommended

Clt3328fisk
Clt3328fiskClt3328fisk
Clt3328fiskJulesroa
 
Cybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastCybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastMohamed N. El-Guindy
 
Cyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastCyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastMohamed N. El-Guindy
 
Cyberterrorism - Conflict in Cyberspace
Cyberterrorism - Conflict in CyberspaceCyberterrorism - Conflict in Cyberspace
Cyberterrorism - Conflict in CyberspaceDr David Probert
 
ITrust Company Overview EN
ITrust Company Overview ENITrust Company Overview EN
ITrust Company Overview ENITrust - Cybersecurity as a Service
 
Webinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystWebinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystTuan Yang
 
The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016William Slater III
 
Integrated Cybersecurity and the Internet of Things
Integrated Cybersecurity and the Internet of ThingsIntegrated Cybersecurity and the Internet of Things
Integrated Cybersecurity and the Internet of ThingsDr David Probert
 

Recommended

Clt3328fisk
Clt3328fiskClt3328fisk
Clt3328fiskJulesroa
 
Cybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastCybercrime Legislation in the Middle East
Cybercrime Legislation in the Middle EastMohamed N. El-Guindy
 
Cyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastCyber Crime Challenges in the Middle East
Cyber Crime Challenges in the Middle EastMohamed N. El-Guindy
 
Cyberterrorism - Conflict in Cyberspace
Cyberterrorism - Conflict in CyberspaceCyberterrorism - Conflict in Cyberspace
Cyberterrorism - Conflict in CyberspaceDr David Probert
 
ITrust Company Overview EN
ITrust Company Overview ENITrust Company Overview EN
ITrust Company Overview ENITrust - Cybersecurity as a Service
 
Webinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystWebinar - How to Become a Cyber-threat Intelligence Analyst
Webinar - How to Become a Cyber-threat Intelligence AnalystTuan Yang
 
The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016William Slater III
 
Integrated Cybersecurity and the Internet of Things
Integrated Cybersecurity and the Internet of ThingsIntegrated Cybersecurity and the Internet of Things
Integrated Cybersecurity and the Internet of ThingsDr David Probert
 
40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazineBradford Sims
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Avirot Mitamura
 
Financier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual reviewFinancier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual reviewMorgan Jones
 
Merit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your SystemsMerit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your Systemsmeritnorthwest
 
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3Asad Zaman
 
Network Security
Network SecurityNetwork Security
Network SecurityMyles Freedman
 
En CCNA Security v11_ch01
En CCNA Security v11_ch01En CCNA Security v11_ch01
En CCNA Security v11_ch01Ajith Pathirana
 
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post PandemicCyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post PandemicUmang Singh
 
Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Marco Morana
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsInvincea, Inc.
 
50+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 201550+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 2015Marcos Ortiz Valmaseda
 
CyberSecurity: Intellectual Property dispute fuels Cyberwar
CyberSecurity: Intellectual Property dispute fuels CyberwarCyberSecurity: Intellectual Property dispute fuels Cyberwar
CyberSecurity: Intellectual Property dispute fuels CyberwarElyssa Durant
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismSavigya Singh
 
The Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismThe Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismPierluigi Paganini
 
Hackers don’t discriminate
Hackers don’t discriminateHackers don’t discriminate
Hackers don’t discriminateGFI Software
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Ajay Serohi
 
The growing hacking threat to websites
The growing hacking threat to websitesThe growing hacking threat to websites
The growing hacking threat to websitesBee_Ware
 
20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final ResultsCIONET
 
Chapter 5
Chapter 5Chapter 5
Chapter 5Nada G.Youssef
 
Cyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FutureCyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FuturePriyanka Aash
 
ASAE "Engaging Community" - Expanded Version
ASAE "Engaging Community" - Expanded VersionASAE "Engaging Community" - Expanded Version
ASAE "Engaging Community" - Expanded VersionCharlene Li
 
hershey _MDA_2002
hershey _MDA_2002hershey _MDA_2002
hershey _MDA_2002finance47
 

More Related Content

What's hot

40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazineBradford Sims
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Avirot Mitamura
 
Financier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual reviewFinancier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual reviewMorgan Jones
 
Merit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your SystemsMerit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your Systemsmeritnorthwest
 
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3Asad Zaman
 
En CCNA Security v11_ch01
En CCNA Security v11_ch01En CCNA Security v11_ch01
En CCNA Security v11_ch01Ajith Pathirana
 
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post PandemicCyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post PandemicUmang Singh
 
Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Marco Morana
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsInvincea, Inc.
 
50+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 201550+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 2015Marcos Ortiz Valmaseda
 
CyberSecurity: Intellectual Property dispute fuels Cyberwar
CyberSecurity: Intellectual Property dispute fuels CyberwarCyberSecurity: Intellectual Property dispute fuels Cyberwar
CyberSecurity: Intellectual Property dispute fuels CyberwarElyssa Durant
 
The Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismThe Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismPierluigi Paganini
 
Hackers don’t discriminate
Hackers don’t discriminateHackers don’t discriminate
Hackers don’t discriminateGFI Software
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Ajay Serohi
 
The growing hacking threat to websites
The growing hacking threat to websitesThe growing hacking threat to websites
The growing hacking threat to websitesBee_Ware
 
20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final ResultsCIONET
 
Cyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FutureCyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FuturePriyanka Aash
 

What's hot (20)

40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine40 under 40 in cybersecurity. top cyber news magazine
40 under 40 in cybersecurity. top cyber news magazine
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186
 
Financier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual reviewFinancier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual review
 
Merit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your SystemsMerit Event - Closing the Back Door in Your Systems
Merit Event - Closing the Back Door in Your Systems
 
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
ZamanAsad_INFA 670_9041_RPAPER_Cybersecurity-3
 
Network Security
Network SecurityNetwork Security
Network Security
 
En CCNA Security v11_ch01
En CCNA Security v11_ch01En CCNA Security v11_ch01
En CCNA Security v11_ch01
 
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post PandemicCyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
Cyber Crime Statistics and Trends in COVID-19 Pandemic and Post Pandemic
 
Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
 
50+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 201550+ facts about State of CyberSecurity in 2015
50+ facts about State of CyberSecurity in 2015
 
CyberSecurity: Intellectual Property dispute fuels Cyberwar
CyberSecurity: Intellectual Property dispute fuels CyberwarCyberSecurity: Intellectual Property dispute fuels Cyberwar
CyberSecurity: Intellectual Property dispute fuels Cyberwar
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
The Role Of Technology In Modern Terrorism
The Role Of Technology In Modern TerrorismThe Role Of Technology In Modern Terrorism
The Role Of Technology In Modern Terrorism
 
Hackers don’t discriminate
Hackers don’t discriminateHackers don’t discriminate
Hackers don’t discriminate
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015
 
The growing hacking threat to websites
The growing hacking threat to websitesThe growing hacking threat to websites
The growing hacking threat to websites
 
20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results20101012 CIOnet Cyber Security Final Results
20101012 CIOnet Cyber Security Final Results
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
 
Cyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, FutureCyberterrorism. Past, Present, Future
Cyberterrorism. Past, Present, Future
 

Viewers also liked

ASAE "Engaging Community" - Expanded Version
ASAE "Engaging Community" - Expanded VersionASAE "Engaging Community" - Expanded Version
ASAE "Engaging Community" - Expanded VersionCharlene Li
 
hershey _MDA_2002
hershey _MDA_2002hershey _MDA_2002
hershey _MDA_2002finance47
 
speakyourhealingfinalwoackwithwebsites333
speakyourhealingfinalwoackwithwebsites333speakyourhealingfinalwoackwithwebsites333
speakyourhealingfinalwoackwithwebsites333Lonnie Trevisan
 
Scott Edmunds, HKU Open Access Week: Experiences from the front-line of Open ...
Scott Edmunds, HKU Open Access Week: Experiences from the front-line of Open ...Scott Edmunds, HKU Open Access Week: Experiences from the front-line of Open ...
Scott Edmunds, HKU Open Access Week: Experiences from the front-line of Open ...GigaScience, BGI Hong Kong
 
Scott Edmunds A*STAR open access workshop: how licensing can change the way w...
Scott Edmunds A*STAR open access workshop: how licensing can change the way w...Scott Edmunds A*STAR open access workshop: how licensing can change the way w...
Scott Edmunds A*STAR open access workshop: how licensing can change the way w...GigaScience, BGI Hong Kong
 
Luigi Giubbolini | 2D Image Fuzzy Deconvolution and Scattering Centre Detection
Luigi Giubbolini | 2D Image Fuzzy Deconvolution and Scattering Centre DetectionLuigi Giubbolini | 2D Image Fuzzy Deconvolution and Scattering Centre Detection
Luigi Giubbolini | 2D Image Fuzzy Deconvolution and Scattering Centre DetectionLuigi Giubbolini
 
JERRY JACOBS OF MIAMI, FL INVESTING IN INSURANCE OFFERINGS
JERRY JACOBS OF MIAMI, FL INVESTING IN INSURANCE OFFERINGSJERRY JACOBS OF MIAMI, FL INVESTING IN INSURANCE OFFERINGS
JERRY JACOBS OF MIAMI, FL INVESTING IN INSURANCE OFFERINGSJerryJacobs MiamiFL
 
ITFest 2014 - Open Source Marketing
ITFest 2014 - Open Source MarketingITFest 2014 - Open Source Marketing
ITFest 2014 - Open Source MarketingSammy Fung
 
Klocwork_Detected_Java_Defects
Klocwork_Detected_Java_DefectsKlocwork_Detected_Java_Defects
Klocwork_Detected_Java_DefectsAbrarMoiz
 
A snapshot about dhara sansthan
A snapshot about dhara sansthanA snapshot about dhara sansthan
A snapshot about dhara sansthanDHARASANSTHAN
 
Scott Edmunds at OASP Asia: Open (and Big) Data – the next challenge
Scott Edmunds at OASP Asia: Open (and Big) Data – the next challengeScott Edmunds at OASP Asia: Open (and Big) Data – the next challenge
Scott Edmunds at OASP Asia: Open (and Big) Data – the next challengeGigaScience, BGI Hong Kong
 
Kent Taylor Resume August 2011
Kent Taylor Resume August 2011Kent Taylor Resume August 2011
Kent Taylor Resume August 2011kstaylor
 
Experiment
ExperimentExperiment
Experimentjbashask
 
SA Skills to Succeed article
SA Skills to Succeed articleSA Skills to Succeed article
SA Skills to Succeed articleKhethiwe Nkuna
 
BGI training lecture: Scott Edmunds - Science 2.0, why new developments on th...
BGI training lecture: Scott Edmunds - Science 2.0, why new developments on th...BGI training lecture: Scott Edmunds - Science 2.0, why new developments on th...
BGI training lecture: Scott Edmunds - Science 2.0, why new developments on th...Scott Edmunds
 
David Butler Digital Health Assembly 2015
David Butler Digital Health Assembly 2015David Butler Digital Health Assembly 2015
David Butler Digital Health Assembly 2015DHA2015
 
Examining the FLNG Market Masterclass
Examining the FLNG Market MasterclassExamining the FLNG Market Masterclass
Examining the FLNG Market MasterclassDale Butler
 

Viewers also liked (20)

ASAE "Engaging Community" - Expanded Version
ASAE "Engaging Community" - Expanded VersionASAE "Engaging Community" - Expanded Version
ASAE "Engaging Community" - Expanded Version
 
hershey _MDA_2002
hershey _MDA_2002hershey _MDA_2002
hershey _MDA_2002
 
Newsletter 1
Newsletter 1Newsletter 1
Newsletter 1
 
speakyourhealingfinalwoackwithwebsites333
speakyourhealingfinalwoackwithwebsites333speakyourhealingfinalwoackwithwebsites333
speakyourhealingfinalwoackwithwebsites333
 
Scott Edmunds, HKU Open Access Week: Experiences from the front-line of Open ...
Scott Edmunds, HKU Open Access Week: Experiences from the front-line of Open ...Scott Edmunds, HKU Open Access Week: Experiences from the front-line of Open ...
Scott Edmunds, HKU Open Access Week: Experiences from the front-line of Open ...
 
Scott Edmunds A*STAR open access workshop: how licensing can change the way w...
Scott Edmunds A*STAR open access workshop: how licensing can change the way w...Scott Edmunds A*STAR open access workshop: how licensing can change the way w...
Scott Edmunds A*STAR open access workshop: how licensing can change the way w...
 
Luigi Giubbolini | 2D Image Fuzzy Deconvolution and Scattering Centre Detection
Luigi Giubbolini | 2D Image Fuzzy Deconvolution and Scattering Centre DetectionLuigi Giubbolini | 2D Image Fuzzy Deconvolution and Scattering Centre Detection
Luigi Giubbolini | 2D Image Fuzzy Deconvolution and Scattering Centre Detection
 
JERRY JACOBS OF MIAMI, FL INVESTING IN INSURANCE OFFERINGS
JERRY JACOBS OF MIAMI, FL INVESTING IN INSURANCE OFFERINGSJERRY JACOBS OF MIAMI, FL INVESTING IN INSURANCE OFFERINGS
JERRY JACOBS OF MIAMI, FL INVESTING IN INSURANCE OFFERINGS
 
ITFest 2014 - Open Source Marketing
ITFest 2014 - Open Source MarketingITFest 2014 - Open Source Marketing
ITFest 2014 - Open Source Marketing
 
Sexting
SextingSexting
Sexting
 
Ctf110213 public
Ctf110213 publicCtf110213 public
Ctf110213 public
 
Klocwork_Detected_Java_Defects
Klocwork_Detected_Java_DefectsKlocwork_Detected_Java_Defects
Klocwork_Detected_Java_Defects
 
A snapshot about dhara sansthan
A snapshot about dhara sansthanA snapshot about dhara sansthan
A snapshot about dhara sansthan
 
Scott Edmunds at OASP Asia: Open (and Big) Data – the next challenge
Scott Edmunds at OASP Asia: Open (and Big) Data – the next challengeScott Edmunds at OASP Asia: Open (and Big) Data – the next challenge
Scott Edmunds at OASP Asia: Open (and Big) Data – the next challenge
 
Kent Taylor Resume August 2011
Kent Taylor Resume August 2011Kent Taylor Resume August 2011
Kent Taylor Resume August 2011
 
Experiment
ExperimentExperiment
Experiment
 
SA Skills to Succeed article
SA Skills to Succeed articleSA Skills to Succeed article
SA Skills to Succeed article
 
BGI training lecture: Scott Edmunds - Science 2.0, why new developments on th...
BGI training lecture: Scott Edmunds - Science 2.0, why new developments on th...BGI training lecture: Scott Edmunds - Science 2.0, why new developments on th...
BGI training lecture: Scott Edmunds - Science 2.0, why new developments on th...
 
David Butler Digital Health Assembly 2015
David Butler Digital Health Assembly 2015David Butler Digital Health Assembly 2015
David Butler Digital Health Assembly 2015
 
Examining the FLNG Market Masterclass
Examining the FLNG Market MasterclassExamining the FLNG Market Masterclass
Examining the FLNG Market Masterclass
 

Similar to Professor Walker's Guide to Cybersecurity Threats

Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)naveen p
 
IoT Devices Security Threats in 2023. How to Protect Your IoT Ecosystem?
IoT Devices Security Threats in 2023. How to Protect Your IoT Ecosystem?IoT Devices Security Threats in 2023. How to Protect Your IoT Ecosystem?
IoT Devices Security Threats in 2023. How to Protect Your IoT Ecosystem?Utah Tech Labs
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Samuel Kamuli
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeMurray Security Services
 
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....zayadeen2003
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...Shah Sheikh
 
Future-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threatsFuture-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threatsSteven SIM Kok Leong
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trumpMAXfocus
 
Cybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelCybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelSURFnet
 
2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper FinalLarry Taylor Ph.D.
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sDr Lendy Spires
 

Similar to Professor Walker's Guide to Cybersecurity Threats (20)

Bo e v1.0
Bo e v1.0Bo e v1.0
Bo e v1.0
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1
 
IoT Devices Security Threats in 2023. How to Protect Your IoT Ecosystem?
IoT Devices Security Threats in 2023. How to Protect Your IoT Ecosystem?IoT Devices Security Threats in 2023. How to Protect Your IoT Ecosystem?
IoT Devices Security Threats in 2023. How to Protect Your IoT Ecosystem?
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
 
Lipstick on a pig
Lipstick on a pigLipstick on a pig
Lipstick on a pig
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber Crime
 
Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018 Conférence ENGIE ACSS 2018
Conférence ENGIE ACSS 2018
 
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
Future-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threatsFuture-proofing maritime ports against emerging cyber-physical threats
Future-proofing maritime ports against emerging cyber-physical threats
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
 
Cybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafelCybersecurity op de bestuurstafel
Cybersecurity op de bestuurstafel
 
2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final
 
Hamza
HamzaHamza
Hamza
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Security
SecuritySecurity
Security
 
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT'sWSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
WSIS10 Action Line C5 Building Confidence and Security in the use of ICT's
 

More from Prof John Walker FRSA Purveyor Dark Intelligence

More from Prof John Walker FRSA Purveyor Dark Intelligence (10)

Forensics Expo, London 2015
Forensics Expo, London 2015Forensics Expo, London 2015
Forensics Expo, London 2015
 
White hat march15 v2.2
White hat march15 v2.2White hat march15 v2.2
White hat march15 v2.2
 
White Hat 6 March 2015 v2.2
White Hat 6 March 2015 v2.2White Hat 6 March 2015 v2.2
White Hat 6 March 2015 v2.2
 
DarkWeb
DarkWebDarkWeb
DarkWeb
 
Wax Switch
Wax SwitchWax Switch
Wax Switch
 
Cyber Threats
Cyber ThreatsCyber Threats
Cyber Threats
 
APT Event - New York
APT Event - New YorkAPT Event - New York
APT Event - New York
 
Info sec 12 v1 2
Info sec 12 v1 2Info sec 12 v1 2
Info sec 12 v1 2
 
Info leakage 200510
Info leakage 200510Info leakage 200510
Info leakage 200510
 
Bt tower v1.1
Bt tower v1.1Bt tower v1.1
Bt tower v1.1
 

Recently uploaded

How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Recently uploaded (20)

How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Professor Walker's Guide to Cybersecurity Threats

  • 1. 0000000000000000000000 Professor John Walker FBCS CISM CRISC ITPC CITP FRSA MSSoc 000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Take-Down 2014 [AKA – The Yellow Brick Road to Insecurity] 000000000000000000000000000000000000000000000000000000000000000000000000000000000 http://www.cytelligence.co.uk/ 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  • 2. Who AM I CTI Cytelligence Ltd Member ENISA CEI Listed Experts - http://www.enisa.europa.eu/ Registered International Expert Witness Editorial Board – Cyber Security Research Institute (CRSI) Microsoft Partner Freelance Writer International Presenter Visiting Professor School of Science and Technology NTU Visiting Professor/Lecturer – University of Slovenia 30 Years Experience in the Fields of Infosecurity, and Cyber 100+ Papers Published Internationally Presented 100+ Internationally http://www.cytelligence.co.uk/
  • 3. Die Hard – 4 – With Nails Fiction-or-Fact! http://www.cytelligence.co.uk/
  • 4. Socio-Economic Implications One overall Society Wide implication is, by Socio-Economic Implication we [the Global Village] have embedded the environment of Internet dependencies into the very fabric of our lives – Cloud has expand these dependencies. Social, Business, Government, all of which are now entwined into the interconnected environment, the Genie is Out, and may not be placed back in the bottle. Business Operations are highly dependent - Governments are highly reliant on Internet Operability. Socially be it from IP TV, VoIP, or even Home working, again dependency is high . . . . Making it, and us an ideal surface of Attack. This dependency on an environment with no real Governance, Cross Boarder Control, or for that SLA, makes us significantly vulnerable, in the Medium to Long Term . . . and it WILL have consequences! http://www.cytelligence.co.uk/
  • 5. SITREP – 11/02/13/14 Criminals are Winning – and the Rewards are HIGH http://www.bankinfosecurity.co.uk/blogs/new-fraud-scheme-launched-via-chat-p-1403 Hacktivists are, well Active (NOT forgetting Cyber Radicals) PCI-DSS has been found to be FLAWED The Standard of ‘Overcompensation’ Skills Low – they need to be honed International Threats Ignored Too many Reports – NOT enough Action Lack of Reporting Lack of Public Security Awareness http://www.cytelligence.co.uk/
  • 6. Yesterdays Threat a) Malware – Once considered by Government Agencies [GCHQ/CESG] to be a passing nuisance - is now a significant threat and in a new guise! b) SPAM – Thought to only be a communication which had to be managed [House or Lords Technology Committee]. Now a major conduit for Malware, and other adverse infiltrations! c) Cyber Intelligence Gathering [OSINT] is a reality and not a myth [consider the Cuckoos Egg]! d) Cyber Attacks have taken place against the UK, US, and Germany to name but a few – Titan Rain! e) Root Servers are regular targets! f) IP is everywhere [Including Fridges] and so the threats are commensurate and rising – The Dirty Shirt! http://www.cytelligence.co.uk/
  • 7. Some Good Bad Examples 1. DNS 2. Exposures & Vulnerabilities 3. Users – Education & Awareness (Not me Gov) 4. Patch & Fix (or NOT) 5. Bleeding Edge Technologies 6. Virtualisation & Cloud (and its not new) 7. Lack of Standards 8.New Age Malware (Smart Cell Phone) http://www.cytelligence.co.uk/
  • 8. The Promise of Third Parties When Contracting out into a Specialty Third Parties there is an expectation that they will provision the required level of Best Practice support to secure the enterprise under contract, and do what they say they do – as stated in the following article form published in Secure Computing magazine, by a CSIO representing a well known Big Name Third Party: Problem was – when working with a major brand Company this same supplier was supporting, they did not follow any such path, and the service was so wanting it left [and is leaving today] that client exposed to Uncontrolled Security Incidents, Exposure to Malware, and Insider Threats to mention just three of many shortfalls. http://www.cytelligence.co.uk/
  • 9. Real-Time, Real-World LONDON, Jan/07: The Director General of MI5 warned British companies of possible cyber-attacks originating from China. The Prime Minister's office accused China of engaging in state-sponsored espionage targeting integral parts of Britain's economy, using the computer infrastructure of Banks and financial services. April 2010 the Cabinet Office assessed the threat from Electronic Attack from Russia, and China was rated SEVERE. Better late than never: Copyright SBLTD 2012 http://www.cytelligence.co.uk/
  • 10. Unrestricted Warfare Unrestricted Warfare is a book on military strategy written in 1999 by two colonels in the People's Liberation Army, Qiao Liang and Wang Xiangsui. http://www.cytelligence.co.uk/ Copy supplied as a ‘Hand-Out-1’
  • 11. Public Exposures Hotels & Public Access Points can present very insecure & hostile environments which can & do exposure their users! Example of a deployed Access Point at a well know London Hotel which is compromised & possibly being exploited today! http://www.computing.co.uk/ctg/opinion/1844378/incidents-hotels-sow-reservations-security http://www.cytelligence.co.uk/
  • 12. Exposures 2013/14 1. Large Global Oil & Gas – Insecure SCADA 2. UK Smart Metering – Open to Abuse 3. Connected Homes – Hacked and Insecure 4. Major London Based Bank - Compromised 5. London City Insurance Broker – Total Insecurity 6. Scot’s Care Home Hacked – Heating Systems] 7. Betting Agency – Cyber and DDoS Attack 8.Operational Security – Learning on the Job!!! http://www.cytelligence.co.uk/
  • 13. DDoS DDoS has been growing in popularity year-on-year, with the throughput of adverse traffic increasing - it requires zero skill to join in and to play: http://www.cytelligence.co.uk/
  • 14. Italy = 20 China = 428 Global Attacks Attacks – 2012 - 2013 Hong Kong = 66 Turkey = 52 Poland = 10 Brazil = 19 California = 20 Turkey = 161 California = 22 South Korea = 24 Japan = 36 Venezuela = 15 Brazil = 34 California = 24 Indiana = 25 Australia = 4 Italy = 24 California = 30 Brazil = 53 California = 33 California = 31 Venezuela = 11 California = 38 Honk Kong = 50 http://www.cytelligence.co.uk/
  • 16. Mediocrity will NOT Suffice It was the BofE who were the main orchestrators of Waking Shark II – Yet they have a number of significant security exposures, and vulnerabilities, of which they have been informed under respectful, Channelled Disclosure Notification – With no response, or action. If we are to lead the riotous path to evolve security and to protect the public, then it must surly follow a route to secure our infrastructures, and not just Ignore the open states of potential compromise! We must take the Threat serious – or there is no point. Waking Shark II – ‘Hand Out-2’ In fact we are already here! See article in Digital Forensics Magazine – [If you want a cope just drop me a line]. http://www.cytelligence.co.uk/
  • 18. Critical Unacceptable Exposures If I were to tell you that because of a breakdown in process there are potentially hundreds of Highly Classified Soft Copy Files sitting on Laptops, Servers, unencrypted, and then just left there – TS, STRAP etc would you believe me? – And such documents are replicated in a very uncontrolled manner. If I were to tell you that FOI has been employed in an unthinking way and exposed lives to threat – would you believe me? – then you should!! http://www.cytelligence.co.uk/
  • 19. Critical Infrastructures Exposed By the very nature of what the Power Industry supply, and support - they are a Target! – But they don’t seem to know it! http://www.cytelligence.co.uk/
  • 20. 911 – The Power Event? http://www.cytelligence.co.uk/
  • 21. Play Safe – The Vulnerability of WiFi WiFi everywhere – but still not being used security, or sensibly – An example: http://www.cytelligence.co.uk/
  • 22. Advanced Threats Called Advanced Threats, Advanced Persistent Threats [APT], Advanced Evasion Techniques [AET] – they are all New Age Cyber Threats that carry Payload. And it is highly likely they are responsible for many of the well Publicised security breaches, and the state of Assumed Compromise. http://www.cytelligence.co.uk/
  • 23. Firewall Evasion http://www.cytelligence.co.uk/ Proven Real-Time & in Lab Conditions by Nottingham Trent University in Research Partnership with Commercial Vendors – Firewalls Can Be Broken!
  • 24. Smart Phones and BYOD The advent of the Smart Cell Pones – (Hand Held Micro Computers) host a vast range of features, and are no longer simple devices which just make Telephone Calls. They are installed with high capacity storage capabilities well in excess of their early Big Brothers and Sisters based on 8086 Chips. They are hosting Bluetooth, WiFi (802.11 . ..), and Web Access – they talk to the Internet, and communicate into Clouds. __________________________________________________________________________ They are also enjoying the interest of Malware Writers, and currently there are approximately 300 such applications in circulation. The AV Companies are responding with early solutions . . . . But they are the new target And User are happy to Accept All Access to All Things!!! http://www.cytelligence.co.uk/
  • 25. Advanced Threats Cyber Attacks of eCrime/eFraud are, Phishing, RockPhish and FastFlux, Scams (419), Spear Phishing, Malware, Botnets, Rootkits, and DoS/DDoS are some examples of the methods of choice of Criminals, Organised Crime, and Hacktivist to attack business, systems, and the end-user community alike. These acts are remote from the enterprise perimeter, so physical assess may prove to be impossible as the related artifacts will be dynamic. The Missing element is the CSIRT First Responder Digital Forensics, and Investigative Response. http://www.cytelligence.co.uk/
  • 26. Cyber Extortion – Anatomy of Attack Distance Based Digital Forensics should be triggered by the manifestation of impact from any one of many variations of attack conditions – and Footprinting can also include eMail based Social Engineering - This is a Real-Time Map of an attacks on against an on-line betting deployment. Logs, Alerts, and Notifications should notify adverse conditions. http://www.cytelligence.co.uk/
  • 28. Islamic Jihad – Its Serious Global Islamic Media Front's (GIMF) http://www.cytelligence.co.uk/
  • 29. Physical Threats – Real Time •Times are Changing – Consider! • East Midlands Airport • Stephen Timm’s • Chicago • Mumbai (x2) May we conclude that, if the prospect of ‘Radicalisation’ is interwoven in our Society, should we expect to see more use of Cyber Tools to support these missions in 2014! – Low Cost Munitions, with High Impact Potentials! http://www.cytelligence.co.uk/
  • 30. From Russia with Love - CaaS Source = Trend Micro http://www.cytelligence.co.uk/
  • 31. CyberWar - CyberConflict Just 8 years ago a CPNI Agent commented that the Cyber Threat was over-hyped! Cyber War is now considered to be a reality, and represents an Aggressive capability which hostile nations may utilise against a target. Cyber War capabilities exist in Nations where their internal technology Capabilities are extremely low, but they do have high capabilities to attack outside their logical boarders. It is anticipated that Cyber War will be an activity which would be a joined force alongside Kinetic Warfare. In certain conditions, Cyber War holds the potential to escalate into Kinetic engagements. Early singes have been seen of Hostile Government Capabilities – North Korea. See: http://www.scmagazineuk.com/north-korean-electro-magnetic-pulse-able-to-attack-us-via-south-pole/article/369451/ http://www.cytelligence.co.uk/
  • 32. Abusive Images - Accepted See: http://www.scmagazineuk.com/1-in-5-corporate-networks-host-child-sex-abuse-content/article/368786/ http://www.cytelligence.co.uk/
  • 33. Response - DOING Upon engaging with an event classified as Distance Forensics (the Unknown) DO: a) Triage the event - trace b) Contain all Dynamic Artifacts (Logs, traces, events, eMail (including headers) c)Conduct Intelligence Gathers from known facts, to reveal the unknown circumstance, d) Taxonomy of the attack type (e.g. below, Utube Page containing Malware) e) Investigate Logs/Service Desk Reports, and any other form of possible information f) Confirm with other CSIRT Members their status – communicate the event for purpose of Situational Awareness g) Document h)Real-Time Threats Assessment i) Monitor j) Preserve Artifacts & Evidence k) Assess need for Third Party Reporting – Law Enforcement Vice (CMA), DPA68, PCI-DSS, ISP etc l) Consider Corporate Communications Position m) Consider taking down impacted systems/or reducing their operability - n) Assess any Sprawl Conditions http://www.cytelligence.co.uk/
  • 34. Intelligent Postures & Response Know your Critical assets Find out what you ‘Don’t Know’ Consider the element of Data Leakage – Conduct a Triage Conduct Intelligent Testing Know your Business Exposure Employ Situational Awareness Practices Evolve an Incident Response Process, and Capability [Not just Lights on stuff] Don’t do ‘Lip-Service’ do ‘Security’ Take the Threat Seriously http://www.cytelligence.co.uk/