SlideShare a Scribd company logo
Cyber Security:
Lessons Learned from
Security Incidents
Adli bin Abd Wahid
adli@apnic.net
Let’s Connect!
@adliwahid
• LinkedIn
• Twitter
• Instagram / Unsplash
• Email – adli@apnic.net
APNIC
• Regional Internet Registry (RIR) – www.apnic.net
• IP addresses & ASNs (Autonomous System Numbers)
• Whois Database & RPKI
• Internet Development
• Support for Network Operators Groups (NOGs),
Security & Other Stakeholder Communities
• Community Honeynet Project
• APNIC Academy & ISIF Grants
• academy.apnic.net
• www.isif.asia
Plan
Talk about a few Case Studies
Lessons Learned
Survey (slido.com) #629314
Discussion
Cyber
Security
Realities
#dfir #infosec
#ransomware
Breaches
Talent Shortage
Billion $ Industry
Frameworks, standards & compliance
Digital Forensics, Incident Response and
Threat Intel
Cyber
Security
Realities
How or Where do I start?
We don’t have budget (or I can only use free tools)
This is too technical for me
We already have ‘next-gen’ appliance …
We don’t have backups …
Don’t tell anyone about the breach
Why Learn
from
Incidents?
Typical
Response
What
happened?
Who did it?
What’s in it
for me?
Security Incidents
• Security Policy breached
• Gaps in practice (vs on paper)
• Awareness – threats, tactics, techniques & actors
• Behind the scenes collaboration
Perspectives – Beyond the Headlines
• Victim
• Defender
• Decision Maker
• Users
Continuous Improvements
Increasing Preparedness
• Remediation & Recovery (Time)
• Reducing Impact
Different
Resources but
Same
Concerns
Enterprise
Individual Users & Small
Businesses
How Much
is your
personal
Annual
Security
Budget?
Slido your response
www.slido.com
#629314
Case Study #1
timestamp, source ip, username, password
2021-08-03T03:32:55.693372,a.b.c.d,MikroTik,admin1
2021-08-03T03:32:05.122073,a.b.c.d,MikroTik,qwerty
2021-08-03T03:32:00.652876,a.b.c.d,MikroTik,test
2021-08-03T03:31:56.197063,a.b.c.d,MikroTik,passw0rd
2021-08-03T03:31:51.600284,a.b.c.d,MikroTik,88888888
2021-08-03T03:31:47.069584,a.b.c.d,MikroTik,password
2021-08-03T03:31:42.600393,a.b.c.d,MikroTik,admin123
2021-08-03T03:31:38.003806,a.b.c.d,MikroTik,11
2021-08-03T03:31:33.449066,a.b.c.d,MikroTik,1122
2021-08-03T03:31:28.829793,a.b.c.d,MikroTik,1
2021-08-03T03:30:35.719893,a.b.c.d,MikroTik,password
2021-08-03T03:30:30.080113,a.b.c.d,MikroTik,123456789
2021-08-03T03:30:24.606929,a.b.c.d,MikroTik,12345678
2021-08-03T03:30:20.228537,a.b.c.d,MikroTik,1234567
2021-08-03T03:30:15.089569,a.b.c.d,MikroTik,123456
2021-08-03T03:30:10.729907,a.b.c.d,MikroTik,12345
2021-08-03T03:30:06.381968,a.b.c.d,MikroTik,1234
2021-08-03T03:30:01.894832,a.b.c.d,MikroTik,123
2021-08-03T04:03:16.928385,a.b.c.d,telecomadmin,admin123
2021-08-03T04:03:12.504951,a.b.c.d,telecomadmin,11
2021-08-03T04:03:08.012282,a.b.c.d,telecomadmin,1122
2021-08-03T04:03:01.991040,a.b.c.d,telecomadmin,1
2021-08-03T04:02:57.441684,a.b.c.d,telecomadmin,password
2021-08-03T04:02:52.868634,a.b.c.d,telecomadmin,123456789
2021-08-03T04:02:46.606662,a.b.c.d,telecomadmin,12345678
2021-08-
03T04:02:42.184402,a.b.c.d,telecomadmin,1234567
2021-08-
03T04:02:37.635923,a.b.c.d,telecomadmin,123456
2021-08-
03T04:02:33.158513,a.b.c.d,telecomadmin,12345
2021-08-03T04:02:28.633456,a.b.c.d,telecomadmin,1234
2021-08-03T04:02:24.056157,a.b.c.d,telecomadmin,123
2021-08-
Login attempts via Telnet (and SSH)
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from security incidents
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from security incidents
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from security incidents
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from security incidents
Lessons Learned
1. Internet of Exposed Devices & Services
o Very trivial to find your devices
o Limit what others can see
o Know your network – Scan or Use Shodan.io
2. Value your system and infrastructure
o Take stock of what you have (including printer & routers)
o Monitor it – or have means to do it
3. The Power of Defaults
o Settings and Devices
o Default Password
o Assumed Breach mentality
o Multi-factor Authentication
Shodan.io Country:MY port:3389
Case Study #2
Colonial Pipeline Ransomware Attack (2021)
• Experienced Ransomware Attack on May 7th 2021
• Requested ransom 75 BTC
• Halted pipeline operations leading to fuel supply shortage – state of
Emergency declared
• IT systems affected (including billing) but not OT (operational technology)
• Attackers also exfiltrated 100GB of data
• CP paid and received decryption tool – but recovery was slow
• Operations resumed on May 12th
• Partial ransom payment recovery (63.7 BTC) by 12th
Lessons Learned
1. Impact of Cyber Security Incident & Breach
o Double Extortion – Lose data or we expose your data
o Impact to other stakeholders and industry
2. Dwell Time of Attackers and Detection
o Attacks are not executed overnight - “Left of the Hack” or “Attack Life-Cycle”
o The importance to monitor & detect – How?
3. Backup policy – 3211
o Which data
o Frequency / Automated
o Able to be restored
o TESTED regularly
o Data in cloud is not backup
• 3 copies of the data
• 2 different types of storage media
• 1 offsite
• 1 offline
When was
the last time
you test
recovering
from your
backup?
Slido your response!
www.slido.com
#629314
22
https://www.cert.govt.nz/it-specialists/guides/how-ransomware-happens-and-how-to-stop-it/initial-access/
Case Study #3
Guaranteed Pass!
• Decentralized Exam System
• Discovery of Remote Desktop Tool & a program
• The program modifies the answer of student based on the
exam bank templates
• The program keeps logs of ‘clients’ in a separate database
• Program was built by ex developer*
• The scheme was running for more than 7* years
Lessons Learned
1. Detection is key
o Detection and investigation
2. Audit
o There were some issues about the system design
o But implementation audit could have exposed earlier
o 3rd party independent audit with accountability and follow up
3. ”Insider” attack vs Attacker with Inside Knowledge
o Helps in executing the plan, bypass triggering alert
o Moral & Ethics of key importance
o https://www.wired.com/story/tesla-ransomware-insider-hack-attempt/
4. Non-Technical Aspect of Incident
o How to deal with impact of fraud / scam – Trust
o Investigation & Action
o Forensics and collection of evidence including cooperation with Law Enforcement Agency
o Importance of other policies – including HR
Case Study #4
Pegasus Spyware
• Spyware developed by the ‘NSO Group’
• Target iOS and Android Mobile devices
• Capable of:
• reading text messages, tracking calls, collecting passwords, location tracking, accessing the
target device's microphone and camera, and harvesting information from apps
• Exploited security vulnerabilities of apps and OS of mobile devices (i.e. imessage)
• Sold to governments
• Detected after failed attempt to breach a phone of an activist
• Check out interesting investigative reports from Citizen Lab, Amnesty
International
o https://citizenlab.ca/2020/12/running-in-circles-uncovering-the-clients-of-cyberespionage-
firm-circles/
Lessons Learned
1. Mobile Device Security
oKeep your communications safe
oWhich apps do you trust
oIs your platform secure? Can we trust our environment?
2. Threat Modelling
oWho’s interested in your data or you?
oWhat are their capabilities
3. Security and Politics
oHacking is not reserved to ‘cyber criminals’ only
oMotivation and capabilities
oSurveillance, Espionage and Disinformation
oWhistle blowers, dissident, rights activist are either heroes or enemies
4. Security and Economics
o Not all vulnerabilities are disclosed
o Bug bounties & private buyers
o WannaCry & Eternal Blue Exploit
oEconomics of Information Security (Prof Anderson @ Cambridge)
5. Ethics of Cyber Security Professionals
ohttps://ethicsfirst.org/
oGetting involved in policy making
oCollaboration
Have you
Enabled
MFA/2FA on
your Social
Media
accounts?
Slido your response!
www.slido.com
#629314
Conclusion
Security is about practice and being
practical
Context is key – including self reflection
Continuous Learning – wealth of existing
work, frameworks, standards, and
community actively sharing information
32
https://wwww.unsplash.com/adliwahid
Discussion!
adli@apnic.net
www.apnic.net

More Related Content

What's hot

Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
Veriato
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Storage Switzerland
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
SaraPia5
 
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
North Texas Chapter of the ISSA
 
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
North Texas Chapter of the ISSA
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!
centralohioissa
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
mdagrossa
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?
centralohioissa
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
centralohioissa
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
Priyanka Aash
 
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis ElevateInsider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Fidelis Cybersecurity
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying  Insider Threats with Fidelis EDR Technology Part 1: Identifying  Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Fidelis Cybersecurity
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
James Anderson
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRT
APNIC
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune System
centralohioissa
 
Threat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and ResearchThreat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and Research
Fidelis Cybersecurity
 
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeMeet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
Dragos, Inc.
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
Mayur Nanotkar
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
JK Tech
 

What's hot (20)

Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
 
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
 
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
 
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis ElevateInsider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
Insider Threats Part 2: Preventing Data Exfiltration with Fidelis Elevate
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying  Insider Threats with Fidelis EDR Technology Part 1: Identifying  Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
Setting up CSIRT
Setting up CSIRTSetting up CSIRT
Setting up CSIRT
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune System
 
Threat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and ResearchThreat intelligence Primary Tradecraft and Research
Threat intelligence Primary Tradecraft and Research
 
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and PracticeMeet Me in the Middle: Threat Indications and Warning in Principle and Practice
Meet Me in the Middle: Threat Indications and Warning in Principle and Practice
 
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
Outpost24 webinar: The state of ransomware in 2021 and how to limit your expo...
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
 

Similar to UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from security incidents

ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with trainingASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
APNIC
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Dinesh O Bareja
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
Mohan Jadhav
 
Hunting: Defense Against The Dark Arts v2
Hunting: Defense Against The Dark Arts v2Hunting: Defense Against The Dark Arts v2
Hunting: Defense Against The Dark Arts v2
Spyglass Security
 
Developing A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response ProgramDeveloping A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response Program
BGA Cyber Security
 
Why You'll Care More About Mobile Security in 2020
Why You'll Care More About Mobile Security in 2020Why You'll Care More About Mobile Security in 2020
Why You'll Care More About Mobile Security in 2020
tmbainjr131
 
Why You’ll Care More About Mobile Security in 2020 - Tom Bain
Why	You’ll Care More About Mobile Security in 2020 - Tom BainWhy	You’ll Care More About Mobile Security in 2020 - Tom Bain
Why You’ll Care More About Mobile Security in 2020 - Tom Bain
EC-Council
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
Stephen Cobb
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER Presentation
New Horizons Computer Learning Centers / 5PE
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
APNIC
 
Cyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moimaCyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moima
Theko Moima
 
30 it securitythreatsvulnerabilitiesandcountermeasuresv1_2
30 it securitythreatsvulnerabilitiesandcountermeasuresv1_230 it securitythreatsvulnerabilitiesandcountermeasuresv1_2
30 it securitythreatsvulnerabilitiesandcountermeasuresv1_2
Gaurav Srivastav
 
Security Challenges in Emerging Technologies
Security Challenges in Emerging TechnologiesSecurity Challenges in Emerging Technologies
Security Challenges in Emerging Technologies
Smart Assessment
 
Security Challenges in Emerging Technologies
Security Challenges in Emerging TechnologiesSecurity Challenges in Emerging Technologies
Security Challenges in Emerging Technologies
Praveen Vackayil
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
PECB
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Ivan Sang
 
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Shawn Riley
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 edition
Stephen Cobb
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
Tzar Umang
 
Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3
ShivamSharma909
 

Similar to UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from security incidents (20)

ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with trainingASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
ASEAN-JAPAN Cyber Security Seminar: How to fill your team gaps with training
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in CorporationsManaging Frequently Overlooked Risks & Threats (FORTS) in Corporations
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Hunting: Defense Against The Dark Arts v2
Hunting: Defense Against The Dark Arts v2Hunting: Defense Against The Dark Arts v2
Hunting: Defense Against The Dark Arts v2
 
Developing A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response ProgramDeveloping A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response Program
 
Why You'll Care More About Mobile Security in 2020
Why You'll Care More About Mobile Security in 2020Why You'll Care More About Mobile Security in 2020
Why You'll Care More About Mobile Security in 2020
 
Why You’ll Care More About Mobile Security in 2020 - Tom Bain
Why	You’ll Care More About Mobile Security in 2020 - Tom BainWhy	You’ll Care More About Mobile Security in 2020 - Tom Bain
Why You’ll Care More About Mobile Security in 2020 - Tom Bain
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER Presentation
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
 
Cyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moimaCyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moima
 
30 it securitythreatsvulnerabilitiesandcountermeasuresv1_2
30 it securitythreatsvulnerabilitiesandcountermeasuresv1_230 it securitythreatsvulnerabilitiesandcountermeasuresv1_2
30 it securitythreatsvulnerabilitiesandcountermeasuresv1_2
 
Security Challenges in Emerging Technologies
Security Challenges in Emerging TechnologiesSecurity Challenges in Emerging Technologies
Security Challenges in Emerging Technologies
 
Security Challenges in Emerging Technologies
Security Challenges in Emerging TechnologiesSecurity Challenges in Emerging Technologies
Security Challenges in Emerging Technologies
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032
 
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan PerspectiveCybercrime and Cybersecurity Governance: A Kenyan Perspective
Cybercrime and Cybersecurity Governance: A Kenyan Perspective
 
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis Methodology
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 edition
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
 
Soc analyst course content v3
Soc analyst course content v3Soc analyst course content v3
Soc analyst course content v3
 

More from APNIC

Career Development Advice for Network Engineers across the Pacific, presented...
Career Development Advice for Network Engineers across the Pacific, presented...Career Development Advice for Network Engineers across the Pacific, presented...
Career Development Advice for Network Engineers across the Pacific, presented...
APNIC
 
DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33
APNIC
 
IP address - Past, Present and Future presented by Paul Wilson
IP address - Past, Present and Future presented by Paul WilsonIP address - Past, Present and Future presented by Paul Wilson
IP address - Past, Present and Future presented by Paul Wilson
APNIC
 
Trust and Security, presented by Geoff Huston
Trust and Security, presented by Geoff HustonTrust and Security, presented by Geoff Huston
Trust and Security, presented by Geoff Huston
APNIC
 
'Secure and Sustainable Internet Infrastructure for Emerging Technologies'
'Secure and Sustainable Internet Infrastructure for Emerging Technologies''Secure and Sustainable Internet Infrastructure for Emerging Technologies'
'Secure and Sustainable Internet Infrastructure for Emerging Technologies'
APNIC
 
Seizing the IPv6 Advantage: For a Bigger, Faster and Stronger Internet
Seizing the IPv6 Advantage: For a Bigger, Faster and Stronger InternetSeizing the IPv6 Advantage: For a Bigger, Faster and Stronger Internet
Seizing the IPv6 Advantage: For a Bigger, Faster and Stronger Internet
APNIC
 
Measuring and Understanding the Route Origin Validation (ROV) in RPKI
Measuring and Understanding the Route Origin Validation (ROV) in RPKIMeasuring and Understanding the Route Origin Validation (ROV) in RPKI
Measuring and Understanding the Route Origin Validation (ROV) in RPKI
APNIC
 
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
APNIC
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
APNIC
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
APNIC
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
APNIC
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at  CaribNOG 27APNIC Updates presented by Paul Wilson at  CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
APNIC
 

More from APNIC (20)

Career Development Advice for Network Engineers across the Pacific, presented...
Career Development Advice for Network Engineers across the Pacific, presented...Career Development Advice for Network Engineers across the Pacific, presented...
Career Development Advice for Network Engineers across the Pacific, presented...
 
DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33DASH, presented by Elly Tawhai at PacNOG 33
DASH, presented by Elly Tawhai at PacNOG 33
 
IP address - Past, Present and Future presented by Paul Wilson
IP address - Past, Present and Future presented by Paul WilsonIP address - Past, Present and Future presented by Paul Wilson
IP address - Past, Present and Future presented by Paul Wilson
 
Trust and Security, presented by Geoff Huston
Trust and Security, presented by Geoff HustonTrust and Security, presented by Geoff Huston
Trust and Security, presented by Geoff Huston
 
'Secure and Sustainable Internet Infrastructure for Emerging Technologies'
'Secure and Sustainable Internet Infrastructure for Emerging Technologies''Secure and Sustainable Internet Infrastructure for Emerging Technologies'
'Secure and Sustainable Internet Infrastructure for Emerging Technologies'
 
Seizing the IPv6 Advantage: For a Bigger, Faster and Stronger Internet
Seizing the IPv6 Advantage: For a Bigger, Faster and Stronger InternetSeizing the IPv6 Advantage: For a Bigger, Faster and Stronger Internet
Seizing the IPv6 Advantage: For a Bigger, Faster and Stronger Internet
 
Measuring and Understanding the Route Origin Validation (ROV) in RPKI
Measuring and Understanding the Route Origin Validation (ROV) in RPKIMeasuring and Understanding the Route Origin Validation (ROV) in RPKI
Measuring and Understanding the Route Origin Validation (ROV) in RPKI
 
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at  CaribNOG 27APNIC Updates presented by Paul Wilson at  CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 

Recently uploaded

Open Source TCP or Netflow Log Server Using Graylog
Open Source TCP or Netflow Log Server Using GraylogOpen Source TCP or Netflow Log Server Using Graylog
Open Source TCP or Netflow Log Server Using Graylog
Bangladesh Network Operators Group
 
Why Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAEWhy Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAE
adelewhite125
 
Enhancing seamless access using TIGERfed
Enhancing seamless access using TIGERfedEnhancing seamless access using TIGERfed
Enhancing seamless access using TIGERfed
Bangladesh Network Operators Group
 
Use of Ontologies in Chemical Kinetic Database CHEMCONNECT
Use of Ontologies in Chemical Kinetic Database CHEMCONNECTUse of Ontologies in Chemical Kinetic Database CHEMCONNECT
Use of Ontologies in Chemical Kinetic Database CHEMCONNECT
Edward Blurock
 
SisAi World - Software is AI - Providing AI as Software - Protecting the Inte...
SisAi World - Software is AI - Providing AI as Software - Protecting the Inte...SisAi World - Software is AI - Providing AI as Software - Protecting the Inte...
SisAi World - Software is AI - Providing AI as Software - Protecting the Inte...
QingjieDu1
 
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docxBitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
SFC Today
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
ashishkumarrana9
 
Geolocation and Geofeed Implementation bdNOG18
Geolocation and Geofeed Implementation bdNOG18Geolocation and Geofeed Implementation bdNOG18
Geolocation and Geofeed Implementation bdNOG18
Bangladesh Network Operators Group
 
UMN degree offer diploma Transcript
UMN degree offer diploma TranscriptUMN degree offer diploma Transcript
UMN degree offer diploma Transcript
cenocb
 
Trump Assassination Shirt Trump Assassination Shirt
Trump Assassination Shirt Trump Assassination ShirtTrump Assassination Shirt Trump Assassination Shirt
Trump Assassination Shirt Trump Assassination Shirt
exgf28
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
ssuser2f6682
 
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
shamrisumri
 
Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...
Edward Blurock
 
Rent remote desktop server mangohost .net
Rent remote desktop server mangohost .netRent remote desktop server mangohost .net
Rent remote desktop server mangohost .net
pdfsubmission50
 
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
mahigarg2024#G05
 
Network Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptxNetwork Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptx
Infotainmentforall
 
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai AvailableChennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
shamrisumri
 
Dewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show caseDewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show case
DEWANSTUDIO.COM
 
Top 50 Data Science Jobs on LinkedIn.docx
Top 50 Data Science Jobs on LinkedIn.docxTop 50 Data Science Jobs on LinkedIn.docx
Top 50 Data Science Jobs on LinkedIn.docx
analyticsinsightmaga
 
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
elbertablack
 

Recently uploaded (20)

Open Source TCP or Netflow Log Server Using Graylog
Open Source TCP or Netflow Log Server Using GraylogOpen Source TCP or Netflow Log Server Using Graylog
Open Source TCP or Netflow Log Server Using Graylog
 
Why Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAEWhy Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAE
 
Enhancing seamless access using TIGERfed
Enhancing seamless access using TIGERfedEnhancing seamless access using TIGERfed
Enhancing seamless access using TIGERfed
 
Use of Ontologies in Chemical Kinetic Database CHEMCONNECT
Use of Ontologies in Chemical Kinetic Database CHEMCONNECTUse of Ontologies in Chemical Kinetic Database CHEMCONNECT
Use of Ontologies in Chemical Kinetic Database CHEMCONNECT
 
SisAi World - Software is AI - Providing AI as Software - Protecting the Inte...
SisAi World - Software is AI - Providing AI as Software - Protecting the Inte...SisAi World - Software is AI - Providing AI as Software - Protecting the Inte...
SisAi World - Software is AI - Providing AI as Software - Protecting the Inte...
 
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docxBitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
Bitcoin vs Ethereum Which Crypto Performed Better in Q2, 2024.docx
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
 
Geolocation and Geofeed Implementation bdNOG18
Geolocation and Geofeed Implementation bdNOG18Geolocation and Geofeed Implementation bdNOG18
Geolocation and Geofeed Implementation bdNOG18
 
UMN degree offer diploma Transcript
UMN degree offer diploma TranscriptUMN degree offer diploma Transcript
UMN degree offer diploma Transcript
 
Trump Assassination Shirt Trump Assassination Shirt
Trump Assassination Shirt Trump Assassination ShirtTrump Assassination Shirt Trump Assassination Shirt
Trump Assassination Shirt Trump Assassination Shirt
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
 
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
 
Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...Ontology for the semantic enhancement, database definition and management and...
Ontology for the semantic enhancement, database definition and management and...
 
Rent remote desktop server mangohost .net
Rent remote desktop server mangohost .netRent remote desktop server mangohost .net
Rent remote desktop server mangohost .net
 
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
Girls Call Mahipalpur 000XX00000 Provide Best And Top Girl Service And No1 in...
 
Network Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptxNetwork Security version1.0 - Module 3.pptx
Network Security version1.0 - Module 3.pptx
 
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai AvailableChennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
Chennai Girls Call ServiCe X00XXX00XX Tanisha Best High Class Chennai Available
 
Dewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show caseDewanstudio Project Portfolio 2023 show case
Dewanstudio Project Portfolio 2023 show case
 
Top 50 Data Science Jobs on LinkedIn.docx
Top 50 Data Science Jobs on LinkedIn.docxTop 50 Data Science Jobs on LinkedIn.docx
Top 50 Data Science Jobs on LinkedIn.docx
 
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
Female Service Girls Call Delhi 9873940964 Provide Best And Top Girl Service ...
 

UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from security incidents

  • 1. Cyber Security: Lessons Learned from Security Incidents Adli bin Abd Wahid adli@apnic.net
  • 2. Let’s Connect! @adliwahid • LinkedIn • Twitter • Instagram / Unsplash • Email – adli@apnic.net
  • 3. APNIC • Regional Internet Registry (RIR) – www.apnic.net • IP addresses & ASNs (Autonomous System Numbers) • Whois Database & RPKI • Internet Development • Support for Network Operators Groups (NOGs), Security & Other Stakeholder Communities • Community Honeynet Project • APNIC Academy & ISIF Grants • academy.apnic.net • www.isif.asia
  • 4. Plan Talk about a few Case Studies Lessons Learned Survey (slido.com) #629314 Discussion
  • 5. Cyber Security Realities #dfir #infosec #ransomware Breaches Talent Shortage Billion $ Industry Frameworks, standards & compliance Digital Forensics, Incident Response and Threat Intel
  • 6. Cyber Security Realities How or Where do I start? We don’t have budget (or I can only use free tools) This is too technical for me We already have ‘next-gen’ appliance … We don’t have backups … Don’t tell anyone about the breach
  • 8. What’s in it for me? Security Incidents • Security Policy breached • Gaps in practice (vs on paper) • Awareness – threats, tactics, techniques & actors • Behind the scenes collaboration Perspectives – Beyond the Headlines • Victim • Defender • Decision Maker • Users Continuous Improvements Increasing Preparedness • Remediation & Recovery (Time) • Reducing Impact
  • 10. How Much is your personal Annual Security Budget? Slido your response www.slido.com #629314
  • 12. timestamp, source ip, username, password 2021-08-03T03:32:55.693372,a.b.c.d,MikroTik,admin1 2021-08-03T03:32:05.122073,a.b.c.d,MikroTik,qwerty 2021-08-03T03:32:00.652876,a.b.c.d,MikroTik,test 2021-08-03T03:31:56.197063,a.b.c.d,MikroTik,passw0rd 2021-08-03T03:31:51.600284,a.b.c.d,MikroTik,88888888 2021-08-03T03:31:47.069584,a.b.c.d,MikroTik,password 2021-08-03T03:31:42.600393,a.b.c.d,MikroTik,admin123 2021-08-03T03:31:38.003806,a.b.c.d,MikroTik,11 2021-08-03T03:31:33.449066,a.b.c.d,MikroTik,1122 2021-08-03T03:31:28.829793,a.b.c.d,MikroTik,1 2021-08-03T03:30:35.719893,a.b.c.d,MikroTik,password 2021-08-03T03:30:30.080113,a.b.c.d,MikroTik,123456789 2021-08-03T03:30:24.606929,a.b.c.d,MikroTik,12345678 2021-08-03T03:30:20.228537,a.b.c.d,MikroTik,1234567 2021-08-03T03:30:15.089569,a.b.c.d,MikroTik,123456 2021-08-03T03:30:10.729907,a.b.c.d,MikroTik,12345 2021-08-03T03:30:06.381968,a.b.c.d,MikroTik,1234 2021-08-03T03:30:01.894832,a.b.c.d,MikroTik,123 2021-08-03T04:03:16.928385,a.b.c.d,telecomadmin,admin123 2021-08-03T04:03:12.504951,a.b.c.d,telecomadmin,11 2021-08-03T04:03:08.012282,a.b.c.d,telecomadmin,1122 2021-08-03T04:03:01.991040,a.b.c.d,telecomadmin,1 2021-08-03T04:02:57.441684,a.b.c.d,telecomadmin,password 2021-08-03T04:02:52.868634,a.b.c.d,telecomadmin,123456789 2021-08-03T04:02:46.606662,a.b.c.d,telecomadmin,12345678 2021-08- 03T04:02:42.184402,a.b.c.d,telecomadmin,1234567 2021-08- 03T04:02:37.635923,a.b.c.d,telecomadmin,123456 2021-08- 03T04:02:33.158513,a.b.c.d,telecomadmin,12345 2021-08-03T04:02:28.633456,a.b.c.d,telecomadmin,1234 2021-08-03T04:02:24.056157,a.b.c.d,telecomadmin,123 2021-08- Login attempts via Telnet (and SSH)
  • 17. Lessons Learned 1. Internet of Exposed Devices & Services o Very trivial to find your devices o Limit what others can see o Know your network – Scan or Use Shodan.io 2. Value your system and infrastructure o Take stock of what you have (including printer & routers) o Monitor it – or have means to do it 3. The Power of Defaults o Settings and Devices o Default Password o Assumed Breach mentality o Multi-factor Authentication Shodan.io Country:MY port:3389
  • 19. Colonial Pipeline Ransomware Attack (2021) • Experienced Ransomware Attack on May 7th 2021 • Requested ransom 75 BTC • Halted pipeline operations leading to fuel supply shortage – state of Emergency declared • IT systems affected (including billing) but not OT (operational technology) • Attackers also exfiltrated 100GB of data • CP paid and received decryption tool – but recovery was slow • Operations resumed on May 12th • Partial ransom payment recovery (63.7 BTC) by 12th
  • 20. Lessons Learned 1. Impact of Cyber Security Incident & Breach o Double Extortion – Lose data or we expose your data o Impact to other stakeholders and industry 2. Dwell Time of Attackers and Detection o Attacks are not executed overnight - “Left of the Hack” or “Attack Life-Cycle” o The importance to monitor & detect – How? 3. Backup policy – 3211 o Which data o Frequency / Automated o Able to be restored o TESTED regularly o Data in cloud is not backup • 3 copies of the data • 2 different types of storage media • 1 offsite • 1 offline
  • 21. When was the last time you test recovering from your backup? Slido your response! www.slido.com #629314
  • 24. Guaranteed Pass! • Decentralized Exam System • Discovery of Remote Desktop Tool & a program • The program modifies the answer of student based on the exam bank templates • The program keeps logs of ‘clients’ in a separate database • Program was built by ex developer* • The scheme was running for more than 7* years
  • 25. Lessons Learned 1. Detection is key o Detection and investigation 2. Audit o There were some issues about the system design o But implementation audit could have exposed earlier o 3rd party independent audit with accountability and follow up 3. ”Insider” attack vs Attacker with Inside Knowledge o Helps in executing the plan, bypass triggering alert o Moral & Ethics of key importance o https://www.wired.com/story/tesla-ransomware-insider-hack-attempt/ 4. Non-Technical Aspect of Incident o How to deal with impact of fraud / scam – Trust o Investigation & Action o Forensics and collection of evidence including cooperation with Law Enforcement Agency o Importance of other policies – including HR
  • 27. Pegasus Spyware • Spyware developed by the ‘NSO Group’ • Target iOS and Android Mobile devices • Capable of: • reading text messages, tracking calls, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps • Exploited security vulnerabilities of apps and OS of mobile devices (i.e. imessage) • Sold to governments • Detected after failed attempt to breach a phone of an activist • Check out interesting investigative reports from Citizen Lab, Amnesty International o https://citizenlab.ca/2020/12/running-in-circles-uncovering-the-clients-of-cyberespionage- firm-circles/
  • 28. Lessons Learned 1. Mobile Device Security oKeep your communications safe oWhich apps do you trust oIs your platform secure? Can we trust our environment? 2. Threat Modelling oWho’s interested in your data or you? oWhat are their capabilities 3. Security and Politics oHacking is not reserved to ‘cyber criminals’ only oMotivation and capabilities oSurveillance, Espionage and Disinformation oWhistle blowers, dissident, rights activist are either heroes or enemies
  • 29. 4. Security and Economics o Not all vulnerabilities are disclosed o Bug bounties & private buyers o WannaCry & Eternal Blue Exploit oEconomics of Information Security (Prof Anderson @ Cambridge) 5. Ethics of Cyber Security Professionals ohttps://ethicsfirst.org/ oGetting involved in policy making oCollaboration
  • 30. Have you Enabled MFA/2FA on your Social Media accounts? Slido your response! www.slido.com #629314
  • 31. Conclusion Security is about practice and being practical Context is key – including self reflection Continuous Learning – wealth of existing work, frameworks, standards, and community actively sharing information