Download to read offline
Uploaded byFernando Romero
Taking the offensive Security Leaders V9.1
Criminal hackers come from various backgrounds and have different motivations. They can be categorized as employees, competitors, hacktivists seeking to avenge a perceived wrong, or criminal entrepreneurs exploiting systems for financial gain. Securing systems is challenging as attacks are increasingly sophisticated and organized. BT Security offers several services to help protect against modern cyber threats like DDoS attacks, malware, and data breaches. Their solutions integrate monitoring, alerts, and threat intelligence to help clients stay one step ahead of cybercriminals.
More Related Content
Taking the offensive Security Leaders V9.1
- 1. Você está prontopara enfrentar os criminosos cibernéticos? Fernando Romero, CISSP Cybersecurity Specialist LATAM fernando.romero@bt.com
- 2. 2 aiming to divert custom. Hacktivists seekingto avenge a perceived wrong. those who use hacking to get their message across. those aiming to exploit for financial gain. amateurs vandalising ‘just because’. Employees Competitors EntrepreneurHackers Como podemos categorizar os criminosos cibernéticos?
- 3. 3 1. Security challenges. Digitalcrime is driven by a criminal dark market – with organised, well resourced and profitable attacks. Beyond the ‘four walls’, remote working, BYOD and complex supply chains increase vulnerability – leaving security teams struggling to keep up with digital thieves. The net cast by criminal entrepreneurs is widening. Every second new malware is created and distributed and new phishing campaigns are launched. Unpatched, legacy IT can be a weak point in digital defences. Phishing tactics are constantly evolving and new trends emerge towards email ‘CEO fraud’. Attacks go beyond distributing malware – organised crime groups exploit, blackmail employees and place people on the inside.
- 4. 44 2. Rethink thedigital security threat.
- 5. 55 3. Ruthless andrational entrepreneurs.
- 6. 66 4. Taking thefight to the attacker.
- 7. 77 4. Taking thefight to the attacker. Keep criminals away from your information. Your first line of defence is to keep criminals out of your information systems. Criminal entrepreneurs are after your data, and without access to this, they can’t make any money. Make it harder for attackers to exploit your data. Should you suffer a breach, the next step is to make it harder for criminals to actually use your data. Encryption is a key element in achieving this — and banks offer a good example to follow. Stop criminals spending their ill-gotten gains. To truly cut off criminal entrepreneurs’ ability to capitalise on their crimes, you have to stop them using their profits. This means being part of a collaborative worldwide effort to prevent money laundering and access to black markets. ’.
- 8. 88 5. Um poucodo Portfolio da BT Security. BT Assure DDoS Mitigation makes sure hackers cannot prevent customers from reaching your ‘storefront’. BT Assure Threat Defence guarantees real-time response to any critical alerts or targeted malware detected within your network. BT Assure Threat Monitoring provides a unique security information and event management (SIEM) service that collects and analyses security information 24x7 across your organisation.
- 9. 9 The Geo-mapping showsthe source and destination of attacks in real time or based on historical data The search function allows you to quickly find information within messages Failures Anomalies Potential Threats Attack 6. Assure analytics - Map View
- 10. 10 7. Assure DDoSMitigation – The problem
- 11. 11 8. Assure DDoSMitigation – A global solution
- 12. BT Assure. Securitythat matters 12 BT SOC • Monitoring • Query • Analysis • Alerts Customer portal & Intelligence Feeds User environment User Web browsing Email servers Check Point SandBlast Internet 9. Assure Threat Defence – Check Point Technology + BT Services REALTIME
- 13.
- 14. 14 BT Security14 Taking the offensive - Report http://bit.ly/29eeS6q
- 15.
Editor's Notes
- #3 Cada um com as suas ferramentas e motivadores. Vou focar um pouco mais nos empreendedores. Small-time hackers have begun using DDoS attacks. There was a recent case in the news of a twelve year old Canadian boy who pleaded guilty to causing $60,000 worth of damage to government websites; security flaws were exploited, websites were flooded and access was gained to confidential databases. This stolen data was then traded with international hacker network Anonymous in return for, would you believe it, video games. This goes to show that while not every attacker has malicious intent, there are always people waiting in the wings to make the most of any kind of security breach. The recent technological advances, easier usage and the unprecedented increase in the use of mobile devices have combined to pose an ever-growing threat when it comes to DDoS attacks and your organisation.
- #4 Digital crime is rising at an astonishing rate but while businesses are aware of a sharp increase in risk that awareness has not translated into effective action. The vast majority of businesses have experienced some kind of attack but only a minority feel fully prepared to face the growing threat. Ruthless criminal entrepreneurs are seizing the opportunity to exploit vulnerable systems. Their attacks are supported by a vast, well resourced and hugely profitable dark market.
- #5 Digital crime currently costs the world in the region of $400 billion every year* (http://www.mcafee.com/uk/resources/reports/rp-economic-impact-digitalcrime2.pdf)
- #6 We live in a world where technology is all-pervasive and as businesses roll out ever more sophisticated and ambitious digital strategies, ruthless criminal entrepreneurs are seizing the opportunity to exploit and monetise vulnerable systems. Their attacks are supported by a vast, well-resourced and hugely profitable dark market in which constantly evolving attack tools can be easily bought and hired. Encryption is a vital security tool, protecting personal and corporate data from the prying eyes of intruders, but in the hands of criminals it can also be used as an attack weapon. Ransomware is currently used by criminal entrepreneurs to extort ransom payments from companies and individuals. Typically, this is achieved by infecting a computer with malware that encrypts files. Once the data has been rendered inaccessible, the victim receives a ransom demand.
- #7 The increasing sophistication and tenacity of cyber criminals mean that no organisation can be 100% assured that its systems are secure. But businesses can take steps to make successful attacks more difficult, more costly and ultimately much less profitable. Taking the fight to the attacker – Action points:§ Build partnerships with law enforcement – this will ensure that if the worst happens you have the trusted contacts you need to respond quickly. This might mean creating the headroom for your team to participate in forums designed to respond to managed cybercrime.§ Share information with your peers. Cybercrime isn’t a competitive issue – it hurts the whole community and you are all being targeted. Online and physical forums exist to allow this to happen in a trusted and confidential environment. Identify and join the most relevant of those forums. § Look at how you can limit the ability of criminals to exploit your data if they are successful in stealing it. Ask yourself if you can detect and block misuse, or respond quickly to a breach? In answering these questions, model the most likely scenarios that could lead to exploitation of data. Foster collaboration with outside organisations (banks, law enforcement agencies, suppliers) who may be the recipients of attempts to exploit the data.
- #8 The increasing sophistication and tenacity of cyber criminals mean that no organisation can be 100% assured that its systems are secure. But businesses can take steps to make successful attacks more difficult, more costly and ultimately much less profitable. Taking the fight to the attacker – Action points:§ Build partnerships with law enforcement – this will ensure that if the worst happens you have the trusted contacts you need to respond quickly. This might mean creating the headroom for your team to participate in forums designed to respond to managed cybercrime.§ Share information with your peers. Cybercrime isn’t a competitive issue – it hurts the whole community and you are all being targeted. Online and physical forums exist to allow this to happen in a trusted and confidential environment. Identify and join the most relevant of those forums. § Look at how you can limit the ability of criminals to exploit your data if they are successful in stealing it. Ask yourself if you can detect and block misuse, or respond quickly to a breach? In answering these questions, model the most likely scenarios that could lead to exploitation of data. Foster collaboration with outside organisations (banks, law enforcement agencies, suppliers) who may be the recipients of attempts to exploit the data.
- #15 Finalizo aqui, convidando vocês a irem ao nosso stand para conhecer as nossas soluçoes e conhecer mais o relatório aqui apresentado.