Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly...
Transcript of Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly...
![Page 1: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/1.jpg)
1
Cybersecurity 2020Attackers, Attacks and Security Strategies
![Page 2: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/2.jpg)
2
Cybersecurity Challenge
Open and Accessible
IoT Adoption
Budget
ConstraintsExpertise
![Page 3: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/3.jpg)
3
Attack Process
Identification Enumeration Arm UpInitial
ContactCompromise Persistence
Lateral Movement
Exfiltration/ Exploitation
Reuse / Resell / Recycle
![Page 4: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/4.jpg)
4
People Centric Targets
![Page 5: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/5.jpg)
5
Device Centric Targets
![Page 6: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/6.jpg)
6
ncreased sophistication and targeted.
• Successful attacks often lead to password compromise, malware infection, corporate/personal data loss and financial fraud.
![Page 7: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/7.jpg)
7
![Page 8: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/8.jpg)
8
![Page 9: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/9.jpg)
Getting to Know You!
![Page 10: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/10.jpg)
10
Get your Credentials
Hack You
Hack a Site
Buy Them.
Re-engineer your credentials
01 – 02
Password –Pa55W0rD
Facebook PW with FB
Use your Credentials
Social Media
Banking / Financial
Anything else
Credentials
![Page 11: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/11.jpg)
11
![Page 12: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/12.jpg)
12
![Page 13: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/13.jpg)
13
• New breed of highly persistent and stealthy malware.
• Rise in fileless malware and droppers.
• Using highly sophisticated exploits for delivery. No longer need to be in a nation states crosshair to be impacted by their advance cyber weapons.
• Ransomware still common but also seeing increase in stealthier crypto-mining malware.
• Rise in ease of use and availability of cyber crime platforms, Malware/Ransomware as a Service.
![Page 14: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/14.jpg)
14
Ransomware
![Page 15: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/15.jpg)
15
0-Days
![Page 16: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/16.jpg)
Supply Chain Attacks
![Page 17: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/17.jpg)
17
Device
Vulnerability
Target On-Site
Remote Access
Firmware
Remote Access
Company
Credential Theft
Firmware Manipulation
Direct Access
IoT Supply Chain Attacks
![Page 18: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/18.jpg)
18
What Next for Security?
![Page 19: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/19.jpg)
19
Security As A Process
• Visibility
• Detection
• Control
• Reporting
• Measurement
![Page 20: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/20.jpg)
20
Hacking 101 –Phishing to Credential Theft
![Page 21: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/21.jpg)
21
Cybersecurity 2020
Hacking is a process.
Defense should also be a process.
You can be easily targeted.
Network Segmentation is key for IoT.
Passwords are weak use 2FA.
Integrated and automated gives the highest security.
![Page 22: Attackers, Attacks and Security Strategies · Credentials. 11. 12. 13 •New breed of highly persistent and stealthy malware. •Rise in fileless malware and droppers. •Using highly](https://reader034.fdocuments.us/reader034/viewer/2022050217/5f62d72ec2c568027e12a4ce/html5/thumbnails/22.jpg)