Post on 07-Jun-2020
Cyber Security & Privacy Foundation (CSPF)
Vajra Cyber Threat Mitigation
Service (Vajra CTMS)
A Military Grade Cyber Threat Mitigation
Service for Businesses and Governments
Cyber Security & Privacy Foundation Pte. Ltd., Singapore
Cyber Security & Privacy Foundation (CSPF)
“ I’m no expert, but I think it’s some kind of cyber attack! ”
2
Cyber Security & Privacy Foundation (CSPF)
Cyber Threat - A Serious, Live Threat
3
Cyber attacks present financial, operational,
reputational, regulatory, geopolitical and M&A risks
Attacks are an assault on a institution’s strategic
imperatives
• Committed, phenomenally skilled, unconventional and
highly resourceful, Black Hat hackers are an overwhelming problem for conventionally resourced IT setups
No longer just the IT team’s migraine
• Never know when one is around the corner
Cyber attacks are somewhat like a heart attack
CYBER THREATS
NOW A
MAINSTREAM
BUSINESS RISK
THAT DEMAND
CEO AND BOARD
LEVEL ATTENTION
Cyber Security & Privacy Foundation (CSPF)
Cyber Threat - A Serious, Live Threat
4
Financial Impact
Non Financial Impact
Revenue losses
Disruption of business systems
Regulatory penalties
Erosion of customers
Reputational damage
Pirating of products
Stolen product designs or
prototypes
Theft of business and manufacturing processes
Diversion of R&D data
Impact on innovation, loss of
trade secrets
Loss of sensitive information such as M&A plans and corporate strategy
Cyber Security & Privacy Foundation (CSPF)
Major Threats
5
Distributed Denial of Service
• DDoS attacks typically cripple an organisation
• Services like Net banking, Mobile banking, ATMs, Mail servers,
trading/clearing platforms go unavailable for few hours/longer
• Store front is shut down
• Crucial systems needed by hospitals, patients, drug firms,
health insurers are disabled
• SCADA and other control systems failure, power grid collapse,
internet access failure
• Non functional email servers and internet network can lead to
information vacuum internally and with clients, customers,
suppliers, regulators
Hacking
• Black Hat attacks on Web portals, Email servers, Data Base
servers, SCADA systems, App Stores, Routers
• All round attack – Personal, Mobile, Desktop devices &
Firmware
• Results in Leakages – database, personal records, patient
records
• Outages and breakdown in Utilities : power, water, gas,
trading, payment & clearing systems, Tax Information Networks
0 Day & APT Attacks
• Intense, organised attacks on critical sectors & organisations
• -Labeled as Advanced Persistent Threats given their draconian
nature
• -APTs can have long term impact and severely compromise
organisations & their insurers
Interconnected Business Ecosystem Attacks
• Partners, suppliers, supply chains
• -Smaller, less prepared members of ecosystems more tempting
targets to get a foothold into the system
Cyber Security & Privacy Foundation (CSPF)
Establishments vs Hackers
6
• Latest security tools
• A CISO
• Antivirus, firewall, Intrusion prevention system - all updated
• Compliance with best security processes
• Top consultants undertaking audits, vulnerability assessments and penetration testing
Establishments Say We Have
• Ha! We don’t look at your certifications or who did it. Or how good your processes are
• We need a single vulnerability to get in!
• We have 0 day vulnerabilities which none is aware of
• We have an Advanced Persistent Threat Team (criminals, hackers, insiders and money) that never
gives up
Hackers Say
7 Daily Cloud Scan
Cyber Security & Privacy Foundation (CSPF)
Cyber Security Structure
8
Security Technologies – WAF/Firewall/IDS/SIEM is present.
MOST ORGANIZATION ASSUME THEY ARE SECURE.
ISO 270001
Standards are implemented around data center, VAPT is regularly
done to satisfy compliance/regulatory requirement/certification
requirement.
Analysis of SIEM logs
SOC monitors and analyses logs and takes corrective action with
logs from WAF/firewall/IPS. The traffics are blocked which are then
blacklisted. WAF allows signature to be blocked.
Cyber Security & Privacy Foundation (CSPF)
Points to be Noted
9
Hacking Incidents
Global hacking incidents include US Gov & Fortune 100 have happened. BFSI
organization has been recently compromised and regulators have taken strict action.
Point of infiltration(APT):
• External web application/services/mobile application – insecure
• SQL injection/XSS/IDOR/File upload/Broken authentication
• 0day vulnerabilities on exposed services
• Default passwords on frameworks/applications/devices
• Lateral movement through Pivoting(from exposed interfaces)
• Existing Cyber Security Structure not able to address the above point of infiltration.
Cyber Security & Privacy Foundation (CSPF)
10
APMS
Corporate
Anti-Fraud module
extending to Anti –
Phishing, Anti-
Malware and Anti –
Spam (APMS). Protect
against Reputation,
Financial & IP loss.
Secure against Trojan
Horses, Ransom
Demands
Web Reputation
& Security Scan
(WRSS)
Web Security scanner
scans for
vulnerabilities on
webportal/web
services.
Automated
Vulnerability
Assessment
Advanced intrusive
model including
external VA of
network for protective
and compliance
requirements
DF24
Defacement monitor
for customer facing
web portals. Includes
Android mobile
app/windows soc
desktop app
(for quick alerts)
Daily APT Scan Executive Summary
Cyber Security & Privacy Foundation (CSPF)
APMS (Anti Phishing, Malware & Spam)
11
Non-intrusive monitoring to protect against Reputation,
Financial & IP loss
Sandbox application to browse customers’ site/s and check if
iframe, malware, java drive by can be downloaded to infect
the machines of the end users of a bank’s website or a e-
commerce portal
Exhaustive scan of global phishing and spamming databases
to cross-check potential compromises of customer’s domain/s
Cyber Security & Privacy Foundation (CSPF)
APMS
12
Automated daily scan and report generation
Phishing complaints reporting system
Similar Domain Name - Electronic Eye (EE)
Anti-viruses check for web portal infections by
crawling through all known paths
DNS hijack check
Ap24 phish tank, CTL - Feed processing(EE)
13
WRSS (Web Reputation
& Security Scan)
Anti-Phishing, Malware and Spam
(APMS) scrutiny + scan of web portals
and web services – Human Critical
Index(HCI)
Checks for specific CMS
vulnerabilities
Heuristic Shell detector – identifies
hackers web-shells in web
portals/web app.
Manual entry point adding for
security analyst
Cyber Security & Privacy Foundation (CSPF)
WRSS
14
Machine learning assisted Hacker Entry
Point Mapper(HEP) – Maps entry points
normally discovered by hackers
Root cause analysis of Sensitive
Information Leakages on Internet
False positive marker – handled by
security analyst
Accepted Risk/Ignore – Export for auditors
Cyber Security & Privacy Foundation (CSPF)
WRSS
15
Manual APT bug-track for
customer.
Automatic report generation
template for the customer (used by security analyst)
Cyber Security & Privacy Foundation (CSPF)
Automated VA for IP
16
Automated VA for IP
Identification, quantification, and prioritization of
vulnerabilities
Advanced intrusive model including external and
internal vulnerability assessment (VA) of network for
protection and compliance requirements
Cyber Security & Privacy Foundation (CSPF)
Automated VA for IP
Scans multiple IP for open ports, enumerates and
identifies vulnerability.
We mark human critical index of the device(CISO of
organization tells us which are most critical in
organization).
17
Automated VA for IP
AVA IP has facility to mark false positive when scanner
identify it wrongly/when not applicable. The security
analyst dedicated to your organization marks it.
Cyber Security & Privacy Foundation (CSPF)
Automated VA for IP
18
Exporting accepted risk for
auditing purpose.
Security Analyst can mark
Ignore/Accepted risk.
Manual APT bug-track for
customer.
Automatic report generation
template for the customer
(used by security analyst)
Cyber Security & Privacy Foundation (CSPF)
Overall Service
19
Prioritize vulnerability
and work with
SOC/Vendor(network/
application level) to fix
them.
Strive to ensure no
exploitable
vulnerability is there.
Daily APMS report to
customer
Weekly AVA/WRSS
report with Bugtrack
report.
All critical /high
vulnerabilities from
automated WRSS/AVA
and manual apt
testing to be
addressed are
exported into bug
track in the portal.
20
A not-for-profit foundation, Cyber Security & Privacy
Foundation, formed as a vehicle to create hands on
technical competency, initiate R&D and provide
training in cyber security for individuals and
organisations in India
This non-profit foundation benefits from the wisdom of
former senior practitioners from the Government and
CISOs from Industry and Banks who are Trustees and
Advisors of/to the Foundation. We have agreement with
international pre emptive threat intel organization.
E Hacking News (EHN), a leading Information Security
news portal with more than 1,00,000 readers.
EHN delivers the latest news updates related to security
breaches, cyber crime, vulnerability, cyber security and
penetration testing tools and more
EHN provided media support to several International
Security Conferences including NullCon, ClubHack,
OWASP Asia and Hack in Paris, among others
Cyber Security is
our Mission, and
not only a Business
CSPF’s cyber security initiatives are supported by its larger ecosystem including:
Cyber Security & Privacy Foundation (CSPF)
director@cysecurity.co
Contact We can be reached at the following email id:
21