Post on 04-Jun-2018
8/13/2019 Cyber Attacking -.Financial Institution
1/22
Kyhfr Gttgkas ie O`egek`gc
`est`tut`iesDr. Mieg Gc gkbagr Jghhiur^rfs`dfet io C@TGOiuedfr io tbf ^ge grgh Ihsfrvgtiry oir
kyhfr sfkur`tyKriwe pcgzg- Bgmrg7>/Mgy/8>7;
8/13/2019 Cyber Attacking -.Financial Institution
2/22
Veprfkfetfd rgtf io dgtg & r`sakiccfkt`ie Ouccy `etflrgtfd `eoirmgt`ie hgsfd systfm
Tbrff cgyfrs: gcc bgvf vucefrgh`c`t`fs
Tfkbeicily gcief kgeeit fesurf sfkur`ty
Tbf eft `s ipfe ged fvfry kimpgey `s kieefktfd
Tbf kgpgk`ty ti `etfrgkt `s tbf mgjir pgrt io tbf
r`sa fev`riemfet
8/13/2019 Cyber Attacking -.Financial Institution
3/22
Kyhfr Gttgkas `ekrfgs`el r`sa
Kyhfr gttgkas grf gmiel tbf h`llfst kr`mf tbrfgts
[fr`ius o`egek`gc kiesfqufekfs
@etrus`vf, s`cfet ged dgelfrius
Kimmie gttgkas `ekcudf: Dgtg tbfot, Dfe`gc io sfrv`kf
gttgkas, bgka`el, fsp`ieglf, [pgm, ^b`sb`el fmg`cs,afystriaf cillfrs, Xfmitf Gkkfss Trijges (XGT)
ftk
8/13/2019 Cyber Attacking -.Financial Institution
4/22
Kyhfrkr`mf & Kyhfrsfkur`ty
Cfl`scgt`vf s`tugt`ie
@ekies`stfet dfo`e`t`ies Kimputfr rfcgtfd kr`mf
Kimputfr kr`mf
@etfreft kr`mf
Efw Tfkbeicil`fs: efw ippirtue`t`fs ( mih`cfkciud kimput`el ,sik`gc eftwira pcgtoirms.)
8/13/2019 Cyber Attacking -.Financial Institution
5/22
[fkied Geeugc Kist io Kyhfr Kr`mf [tudy
Xfpirt
study ie g rfprfsfetgt`vf sgmpcf io 6? cgrlfr-s`zfdirlge`zgt`ies `e vgr`ius `edustry sfktirs
tbf mfd`ge geeugc`zfd kist io kyhfrkr`mf `s $2.0
m`cc`ie pfr yfgr g rgelf io $7.6 m`cc`ie ti $;?.6 m`cc`ie fgkb yfgr pfr
kimpgey.
7>8 sukkfssouc gttgka pfr wffa
8/13/2019 Cyber Attacking -.Financial Institution
6/22
[imf ogmius \fgpies9!
[tuxeft 8>7>
Lguss 8>77 Ocgmf 8>78 O`egek`gc orgud pcgtoirms c`af Zfus,
[pyFyf
8/13/2019 Cyber Attacking -.Financial Institution
7/22
\bgt `s gt stgaf9 Ei kimpgey ir irlge`zgt`ie `s `mmuef
Lcihgc o`egek`gc trgesgkt`ies systfm
Trust `e F-sfrv`kfs Kieo`dfekf `e simf o`egek`gc systfms
O`egek`gc pfroirmgekf
Kimpft`t`vf pis`t`ie `e tbf mgraft
rfputgt`ie Egt`iegc [fkur`ty
8/13/2019 Cyber Attacking -.Financial Institution
8/22
\fgpies
b`lb-piwfrfd gppc`kgt`ie sfrvfrs
Gdvgekfd Hiteft eftwira
spywgrf ged gcc gttgka siotwgrfs
mgss`vf mgcwgrf gttgkas
Bgkat`v`sts
8/13/2019 Cyber Attacking -.Financial Institution
9/22
Ihjfkt`vfs
kimprim`sf o`egek`gc `est`tut`ie eftwiras
ihtg`e fmpciyff cil`e krfdfet`gcs
uedfrm`ef tbf hus`efss
Fxtfes`vf mfd`g kivfrglf
^frsiegc dgtg tbfot
8/13/2019 Cyber Attacking -.Financial Institution
10/22
Xfgsies
^ic`t`kgc rfspiesf
Cgw Feoirkfmfet `e Kriss Hirdfr Kr`mfs
Vedfrlriued fkieimy
@dficil`kgc
Kyhfr Fsp`ieglf
[tfgc miefy Gkkfss ti hgeas ged o`egek`gc `est`tut`ies
8/13/2019 Cyber Attacking -.Financial Institution
11/22
^rfvfet`ie (OH@ rfkimmgedgt`ies)Fdukgtf fmpciyffs ie tbf dgelfrs gssik`gtfd w`tbipfe`el gttgkbmfets ir kc`ka`el ie c`eas `e uesic`k`tfdfmg`cs.
Di eit gcciw fmpciyffs ti gkkfss pfrsiegc ir wirafmg`cs ie tbf sgmf kimputfrs usfd ti `e`t`gtfpgymfets.
Di eit gcciw fmpciyffs ti gkkfss tbf @etfreft orffcy
ie tbf sgmf kimputfrs usfd ti `e`t`gtf pgymfets.Di eit gcciw fmpciyffs ti gkkfss gdm`e`strgt`vfgkkiuets orim bimf kimputfrs ir cgptips kieefktfd
ti bimf eftwiras.
8/13/2019 Cyber Attacking -.Financial Institution
12/22
^rfvfet`ie Fesurf fmpciyffs di eit cfgvf V[H tiafes `e
kimputfrs usfd ti kieefkt ti pgymfet systfms.
Xfv`fw get`-mgcwgrf dfofesfs ged fesurf tbf usf iorfputgt`ie hgsfd kietfet ged wfhs`tf gkkfss o`ctfrs.
Fesurf tbgt wirastgt`ies ut`c`zf bist-hgsfd @^[tfkbeicily ged/ir gppc`kgt`ie wb`tfc`st`el ti prfvfet
tbf fxfkut`ie io uegutbir`zfd prilrgms. Mie`tir fmpciyff cil`es tbgt ikkur iuts`df io eirmgchus`efss biurs.
8/13/2019 Cyber Attacking -.Financial Institution
13/22
^rfvfet`ie
Kies`dfr `mpcfmfet`el t`mf-io-dgy cil`erfstr`kt`ies oir tbf fmpciyff gkkiuets w`tb
gkkfss ti pgymfet systfms.
Xfstr`kt gkkfss ti w`rf trgesofr c`m`t sftt`els.
Xfdukf fmpciyff w`rf c`m`ts `e gutimgtfd w`rf
systfms ti rfqu`rf g sfkied fmpciyff ti gpprivfcgrlfr w`rf trgesofrs.
8/13/2019 Cyber Attacking -.Financial Institution
14/22
^rfvfet`ie
@o w`rf trgesofr geimgcy dftfkt`ie systfms grf usfd,kies`dfr kbgel`el "rucfs" ti dftfkt tb`s typf io
gttgka ged, `o piss`hcf, krfgtf gcfrts ti eit`oy hgeagdm`e`strgtirs `o w`rf trgesofr c`m`ts grf mid`o`fd.
[fkurf ged/ir stirf mgeugcs iooc`ef ir rfstr`kt
gkkfss ti tbf trg`e`el systfm mgeugcs w`tb ourtbfrsfkur`ty, sukb gs febgekfd gkkfss kietrics ged/irsflrflgt`ie orim tbf pgymfet systfms tbfmsfcvfs.
8/13/2019 Cyber Attacking -.Financial Institution
15/22
^rfvfet`ie
Mie`tir oir sp`afs `e wfhs`tf trgoo`k tbgt mgy `ed`kgtftbf hfl`ee`el io g DDi[ ged `mpcfmfet g pcge tifesurf tbgt wbfe pitfet`gc DDi[ gkt`v`ty `s dftfktfd,
tbf gppripr`gtf gutbir`t`fs bgedc`el w`rf trgesofrs grfeit`o`fd si w`rf trgesofr rfqufsts w`cc hf mirf kcisfcyskrut`e`zfd.
[trielcy kies`dfr `mpcfmfet`el ge iut io hged
gutbir`zgt`ie pr`ir ti gcciw`el w`rf trgesofrs tifxfkutf.
C`m`t systfms orim wb`kb krfdfet`gcs usfd oir w`rfgutbir`zgt`ie kge hf ut`c`zfd.
8/13/2019 Cyber Attacking -.Financial Institution
16/22
@s `t feiulb9
Ei
Hf`el kimpc`get difsetmfge hf`el sgof
Cflgc C`gh`c`t`fs grf st`cc ti hf mgeglfd
\bi wiucd hf rfspies`hcf9
\bgt kgusfs tbf dgmglf9
8/13/2019 Cyber Attacking -.Financial Institution
17/22
Tr`kay cgedskgpf
Dgtg = tbf gssfts
Cflgc rfspies`h`c`ty ti pritfkt dgtg
O@ grf ti suppirt tbf dgmglf ged tbf cissfs
@ekielrufet cflgc ged rflucgtiry orgmfwira
\bgt s tbf c`ef hftwffe kustimfrs c`gh`c`t`fs
ged tbf o`egek`gc `est`tut`ie9
8/13/2019 Cyber Attacking -.Financial Institution
18/22
Cflgc orgmfwira
[iot cgw : tbfy bfcp gvi`d kgtgstripb`k c`gh`c`t`fs
Bgrd cgw ( egt`iegc cfl`scgt`ies, rfl`iegc & `etckievfet`ies
@e kgsf io Orgud, hgea kge rfcy ie: glrffmfets,kfrt`o`kgt`ies, ged gcc dikumfets tbgt mgy goofkt
tbf rfcgt`vf r`lbts & ihc`lgt`ies [fkur`ty mfgsurfs ged pic`ky sbiucd hf
rfv`fwfd, rfspfktfd, ged updgtfd
8/13/2019 Cyber Attacking -.Financial Institution
19/22
@etfregt`iegc tiics
Dgtg pritfkt`ie Gkts
Orffdim io `eoirmgt`ie Gkts
^r`vgky & Fcfktrie`ks kimmue`kgt`iesrflucgt`ies
Kimmfrk`gc kidfs
^fegc kidf Tbf ihc`lgt`ie io eit`o`kgt`ie `e tbf V.[.G ged `e
tbf ti hf gmfedfd FVs tfxt- Dgtg ^ritfkt`ieXflucgt`ie rfcfgsfd ie tbf 86tbio Jgeugry 8>78
8/13/2019 Cyber Attacking -.Financial Institution
20/22
\bgt ti kies`dfr `e kgsf io hrfgkb
[fco-rflucgt`ie
Tbf tfkbe`kgc sfkur`ty pic`ky
Tbf rflucgt`ie sfktir
Tbf glrffmfet io pic`ky io sfkur`ty
Tbf kimmfrk`gccy rfgsieghcf kiekfpt ged tbffoo`k`feky io fooirts- tbf tbf purpisf io tbf systfm
wfrf dfofgtfd Tbf hgea wgs bicd gt oguct
\bfe tbf hgea og`cs ti stip tbf orguducfetipfrgt`ie ie t`mf
8/13/2019 Cyber Attacking -.Financial Institution
21/22
Ihc`lgt`ies io tbf O@
Gh`df hy tbf sfktir rflucgt`ies
Xfv`fw `ts pic`ky
@mpcfmfet trgespgrfet prgkt`kf io sfkur`ty gedie biw tbf dgtf `s bgedcfd
@etflrgtf pr`vgky `e tbf pcgtoirm
Xfspfkt `etfregt`iegc stgedgrds ged eirms ^riio io kgrfoucefss
8/13/2019 Cyber Attacking -.Financial Institution
22/22
Tbgea yiu