Cyber Security Trends | DTMEnoufexpo.com.kw/egov1/images/sixth.pdfthat unknown hackers were able to...
Transcript of Cyber Security Trends | DTMEnoufexpo.com.kw/egov1/images/sixth.pdfthat unknown hackers were able to...
Cyber Security Trends | DTME
The Strategic Implications of Cyber Security
E-Government Forum
Courtyard Marriott
11-13 November 2013
Presented By:
Fadi Mutlak, Security & Privacy Leader Middle East
1. The Current Threat Landscape
2. Top 10 Cyber Risk
3. Guiding Principals for Cyber Security
5. Q&A
Table of Contents
The Current Threat Landscape
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 4
Breach Incidents are happening more frequently…
In response to the rapid growth in both the sophistication and intensity of attacks basic defensive measures and operations
while remaining important are just the starting point
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 5
The digital revolution is driving business innovation and growth, yet also exposing us to new and emerging threats.
Digital Revolution
According to a recent McKinsey & Co. report
• There are 2 Billion internet users worldwide
• Internet account 3.4% of GDP in 13 Largest Countries (by GDP)
• 21% of GDP growth in the last 5 years in mature countries
• 2.6 jobs created for 1 job lost
• 75% of internet impact arises from traditional industries
The World Economic Forum recognizes that the risks, rewards and governance of the networked economy are
core issues of the global agenda and fundamental for sustainable growth and stability.
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 6
Cyber Resiliency Maturity Model
• Organization sees cyber
risk as largely irrelevant
• Cyber does not form part
of the organizations risk
management processes.
• Organization recognizes
hyper connectivity as a
potential source of risk
• Limited insight in its
cyber risk management
practices
• Siloed approach to cyber
risk with fragmented and
incidental reporting
• Chief Executive Officer
has set the tone for
cyber risk management
• Top-down threat-risk
response program
• Organization does not
view cyber risk
management as a
competitive advantage
• Organizations leadership
takes full ownership of
cyber risk management
and has developed
policies and framework
including responsibilities
and reporting
• Holistic view of
vulnerabilities, controls
and interdependencies
with third parties
• Highly connected to
peers and partners,
sharing information and
jointly mitigating cyber
risk as part of their day
to day operations.
• Exceptional cyber
awareness and the
organization is an
industry leader in
managing cyber risk
management.
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 7
Global Cyber Crime Statistics
≈ 1.6M New cyber
threats are being
Identified everyday
globally
The Major Motivation Behind Cyber Attacks
Top 10 Industries Attacked in 2012
Cyber Crime Hacktivism Cyber Warfare Cyber Espionage
1 in 10 Social Network Users said they’d fallen
victim to a scam or fake link on social networking
platforms ≈ 230M Users
45% 45% 3% 7%
1%
2%
2%
2%
8%
10%
12%
17%
19%
24%
Transportation
Aerospace
Retail
Whole Sale
Services - Professional
Energy & Utilities
Government
Services - Non Traditional
Financial Institutions
Manufacturing
Of business experienced at
least one security event
Of attacks occurred due to
malware infection
Of companies noticed increase
in the number of cyber attacks
Of attacks due to
Vulnerable software
Lost business data
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 8
The Cost of Cyber Crime
$8,933,510
$5,950,725 $5,154,447
$3,386,201 $3,252,912
USAGermanyJapanAustraliaUK
Estimated Annual
Cyber Crime Cost
To Consumers
≈ $114B USD
Estimated Annual
Total Cost of Cyber Crime
Consumers, Government
and Business
≈ $444B USD
2013 Avg per Capita
Cost per Data Breach
≈ $194 USD
2013 Avg # of
breached Records
per incidents
≈ 28,765
Largest # of breached
records in history
≈ 130M
Estimated Total Cost
(Indirect / Direct) of
Largest breach
≈ $7.8B USD
2013 Avg Total Cost
(Indirect / Direct) of
Data Breach
≈ $5.4M USD
2009 Avg per Capita
Cost per Data Breach
≈ $60 USD
Average Cost of Cyber Crime vs. Organization Size
2012 Largest Single
Cyber Crime Cost
≈ $46M USD
Estimated # of Adults that
fell victim to Cyber Crime
≈ 431M Adults
$1,650,976 $2,872,913 $2,832,962 $3,180,182
$5,167,657 $5,440,553 $4,611,172
$7,576,693 $8,664,578
$15,567,136
$17,455,124
$18,795,950
2010 2011 2012
0 > 32K
33K > 64K
64K > 96K
97K > 128K
Average Cost of Cyber Crime by Country
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 9
Cyber Attacks Targeting Governments
Feb 2013 – Cyber Crime,
Hacktivism.
April 2013 – Cyber
Crime, Hacktivism
Mar 2013 – Cyber Crime,
Cyber Espionage,
Hacktivism.
Jan 2013 – Cyber Crime,
Hacktivism.
July 2013 – Cyber
Espionage, Cyber
Warfare, Hacktivism.
Aug 2013 – Targeted
Cyber Attack, Cyber
Espionage, Hacktivism.
These attacks have been launched since January 2013
May 2013 – Cyber
Crime, Cyber Warfare,
Hacktivism.
June 2013 – Cyber
Warfare, Cyber Crime,
Hacktivism.
Sep 2013 – Cyber
Espionage, Hacktivism.
Recent Gov. Data
Compromises
• South Korean officials declare
that unknown hackers were able
to hack and release publicly
personal details of more than
2,000,000 South Korean ruling
party workers and 40,000 US.
troops, including those stationed
in South Korea
• The anonymous hacktivist Ieak
7GB of data from Azerbaijan
government owned Azerenergy.
• The Anonymous collective claims
that it had hacked into accounts
belonging to various members of
US Congress and their staffers,
publishing an online document
that shows 2.000 passwords
online.
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 10
This past year has been especially difficult on the Middle East and has seen cyber-attacks broadened in scope and complexity, targeting critical national infrastructure and the large establishments. The impact of such attacks was felt across the region, and an immediate urgency has materialized to address such risks.
According to Microsoft, the malware infection rate of countries in the Middle East was above the worldwide average in all four quarters of 2012 as depicted in the below graph
The Middle East on High Alert
0
5
10
15
20
25
30
35
1Q12 2Q12 3Q12 4Q12
Worldwide
UAE
KSA
Syria
Qatar
Palestine
Oman
Kuwait
Lebanon
Jordan
Iraq
Egypt
Bahrain
Q1 2012
Q2 2012
Q3 2012
Q4 2012
Q1 2013
Q2 2013
Q3 2013
Q4 2013
Cyber War ME
Syrian Electronic Army
Operation Petrol
Top 10 Cyber Risks
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 12
Top 10 Cyber Trends
1 Data as money 6 Privacy…global battle for
anonymity
2 Hijacked communications 7 IP…battle of knowledge
superpowers
3 Supply chain….the real insider
threat 8 Notification…new laws coming
to a country near you
4 Hacking…. already inside 9 Mobile…internet of things
5 Sitting targets…Boards of
Directors and Senior Execs 10 Crime sourcing – criminal
enterprises go Web 3.0
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 13
Personal information increasingly valuable
• User IDs, addresses, phone numbers, social security numbers, full names
and dates of birth
Data can be monetized quickly, at low risk
• Cybercrime now a $114B underground economy
Thefts are harder to detect and trace
• In several recent incidents, hackers have had undetected access to company
networks for more than a year
Data as money 1
The largest Cyber compromise in recent history is the Heartland Payment Systems with
130,000,000 records being compromise. The fines leveed by the payments card operators
alone were $68,198,380.00 while the estimated costs of compromise are ≈ $7,800,000,000.
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 14
Interrupted video feeds
• 37-second pornography video interrupted the feed of an NBC affiliate delivered to
Comcast subs during 2009 Super Bowl
Social media hacks
• False tweets claiming that President Barack Obama had been assassinated (Fox
news)
Downlinks
• $26 software program was used to hack into US drones… allowing unencrypted
military video to be viewed by insurgents
Hijacked communications 2
Computer hackers, possibly from the Chinese military, interfered with two U.S. government
satellites four times in 2007 and 2008 through a ground station in Norway, according to the final
draft of a report by a congressional commission
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 15
Malicious products
• According to Congressional testimony by DHS in 2011, electronics sold in
the United States are being preloaded with spyware, malware and security-
compromising components by unknown foreign parties
Cross-border partnerships
• Sprint/Nextel announced in 2010 that due to national security concerns, it
would be excluding two of China’s largest networking equipment
manufacturers Huawei and ZTE from a multi-billion dollar government
contract proposal
Supply chain….the real insider threat 3
Russia, China, India, Brazil, and elsewhere are responding to the threat to supply chains with
national laws that make increasing demands on technology firms dependent on location to
demonstrate security
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 16
Compromised partners
• EMC disclosed that it spent $66 million in its second quarter to deal with a
cyber attack that compromised its RSA Security division’s 40 million
customers. Hackers used the same command and control techniques that
infiltrated RSA to target 760 companies around the world.
New Approach
• The National Security Agency (NSA), which acts as the US government’s
primary cyber-security and code-breaking organization, recently stated that
their agency operates under the assumption that critical national security
systems have already been compromised.
Hacking ...already inside 4
“There’s no such thing as ‘secure’ any more. The most sophisticated adversaries are going to
go unnoticed on our networks. We have to build our systems on the assumption that
adversaries will get in.” – National Security Agency (2010)
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 17
Board of Directors
• Sensitive board documents at 300 companies that use NASDAQ OMX’s
board portal service may have been repeatedly compromised for over a
year by hackers, prompting an investigation by the FBI, the Secret Service
and the US Department of Justice
Senior Executives
• CEOs for Goldman Sachs and J.P. Morgan Chase were hacked in 2011,
posting personal addresses, business connections, political contributions ,
legal information, property values and court cases…including information
on family members as well
Sitting targets…Boards of Directors and Senior Execs 5
A survey of 70 international companies in 2011 found that information provided to members of
corporate boards of directors is often in unencrypted email accounts and computers, or
otherwise provided in forms that are easily lost, misplaced or stolen
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 18
Legal & Regulatory pressure
• In 2011, location tracking investigations have initiated in South Korea
France, Germany, Italy and the US over location tracking mobile users'
location without permission
• After calls for an investigation in 2011, OnStar reversed its proposed policy
changes and won’t keep data connection to customers’ vehicles after
OnStar service is canceled
• Facebook sued in 2011 for tracking users after they had logged off and
allegedly violating US wiretap law
Privacy…global battle for anonymity 6
Look into the Future? With continuous behavior tracking, marketers & technology companies
are beginning to generate predictions of consumer intent
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 19
Massive transfer of wealth
• Hackers using Internet servers in China broke into six U.S. and European
energy companies for over 5 years, resulting in the loss of “project-financing
information with regard to oil and gas field bids and operations.” It was
discovered that closely guarded national secrets, source code, bug databases,
email archives, negotiation plans and exploration details for new oil and gas
field auctions, document stores, legal contracts, SCADA configurations, design
schematics and much more among those hacked in a 5-year hacking campaign
• Affected companies include construction, energy production, technology,
telecommunications, media, sports, economics, finance and real estate in 14
countries
IP…battle of knowledge superpowers 7
"The key to these intrusions is that the adversary is motivated by a massive hunger for secrets
and intellectual property; this is different from the immediate financial gratification that drives
much of cybercrime”
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 20
Saudi Arabia
• The Saudi Arabian Monetary Agency (SAMA) In response to the evolving Threat
landscape SAMA has published a set of 21 requirements for IT Evaluation
Program as a means for banks to assess their current Information Security
Programs
EU
• New rules could potentially prohibit ad companies from tracking consumers
without their explicit consent
• Cross border data flows would place more accountability on the organization
(versus the government)`
Notification…new laws coming to a country near you 8
Some privacy advocates have called on the EU to get tougher with the United States and
require it to harden up the current mix of industry self-regulation
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 21
Trillions of identities
• Industry experts predict 1 trillion 'things' will be connected to the Internet -
everything from your body, car, alarm clock (and even cows)….each with an
identity
• Consumers can now be connected with objects to trigger related information,
recommendations and reviews
• Networked printers present a new scenario where cybercriminals can “lock up”
the data on a printer in exchange for money….and espionage, where
information can be stolen remotely
Mobile…internet of things 9
The next frontier? In 2011, researchers have shown showed they could infiltrate a vehicle
(including control over its engine and brakes) by attacking the Bluetooth connection used in
hands-free phone systems
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 22
Organized crime goes digital
• Cybercriminals now micro-tasks to specialists who write malware, people who
deploy it, who control and rent the botnets, receive goods bought with stolen
credit cards and do the money laundering. Criminals even offer SLAs (service
level agreements) and technical support lines
• Tools of the trade for cyber organized crime include malware like viruses, worms
and Trojans to harvest personal data….with over 268 million separate computer
malware having been identified on the internet today
• The crime market obeys the laws of supply and demand…after Sony lost the
details of almost 100 million customers, so much stolen credit card information
was available that underground prices dropped in response
Crimesourcing – criminal enterprises go Web 3.0 10
According to the recently released Norton Cyber Crime Report for 2011, 431 million adults
worldwide were victims of cyber crime last year
Deloitte Cyber: covering all the bases
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 24
Guiding Principals for Cyber Security Only when you have fully
understood your assets, the risks
that threaten them, and how these fit
into the overall threat landscape can
you determine what level of threat
maturity you need to defend against,
and where you draw the line to focus
on limiting the impact of a
successful attack.
2. Ensure close
alignment with
business goals
3. Prepare for the
worst
4. Share
intelligence
5. Instil a broad
awareness of
cyber security
1. Understand
your risk
appetite
It is not practical to prevent all forms
of cyber attack, especially those that
are particularly sophisticated and
targeted (‘APT’). You should ensure
you have the organisational and
technical capability to rapidly detect
and respond to a successful attack in
order to limit its impact.
Ensure that your strategic direction
for cyber security is in close
alignment with business goals, and
the organisation’s strategy for
achieving these. Focus effort on
defending the most strategically
important parts of the business, or
those that are being delivered in the
riskiest way.
Collaborate and share intelligence
with industry, national and
international cyber threat
intelligence organisations. By
sharing intelligence with other
organisations you will be in a
position to receive the benefit of
shared wisdom.
Your security is only as strong as
the weakest link; ensure that the
risks associated with cyber security,
and the steps that your organisation
is taking to combat these risks are
understood across the organisation,
from the board and senior
management, to all staff, partners
and third parties.
Cyber Video
@ 2013 Deloitte & Touche M.E. Strategic Implications of Cyber Security 26
Deloitte supported the creation of a short film to illustrate the complex topic of cyber security and help organizations understand
the huge impact a cyber attack could have.
The digital revolution has brought huge benefits in innovation and growth. But the heavy reliance of many business models on
the Internet brings exposure to new threats. Assets that were once physically protected are now available online; customer
channels are vulnerable to disruption; criminals have entirely new opportunities for theft and fraud. The barriers to cyber crime
are low, the methods increasingly sophisticated, and the risks of detection and capture are seen as small.
Protection against cyber crime must now be a priority for businesses. The issue should be considered as a strategic business
risk involving the organization as a whole from the Board downwards; not just a matter for IT. Organizations must look to build
their capability to cope with the evolving threat in order to satisfy customers, consumers, shareholders and regulators.
Is your organization prepared to deal with cyber threats? Have you considered what assets may be vulnerable? Do you know
what the business costs of a successful attack could be? How can you ensure your business is appropriately securing its
operations?
http://www.deloitte.com/view/en_GB/uk/services/audit/enterprise-risk-services/security-and-resilience/cyber/index.htm
Companies like yours
Q&A
About Deloitte:
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity.
Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.
Deloitte provides audit, tax, consulting, and financial advisory services to public and private clients spanning multiple industries. With a globally connected network of member firms in more than 150 countries,
Deloitte brings world-class capabilities and high-quality service to clients, delivering the insights they need to address their most complex business challenges. Deloitte has in the region of 200,000
professionals, all committed to becoming the standard of excellence.
Deloitte's professionals are unified by a collaborative culture that fosters integrity, outstanding value to markets and clients, commitment to each other, and strength from cultural diversity. They enjoy an
environment of continuous learning, challenging experiences, and enriching career opportunities. Deloitte's professionals are dedicated to strengthening corporate responsibility, building public trust, and making
a positive impact in their communities.
About Deloitte & Touche (M.E.):
Deloitte & Touche (M.E.) is a member firm of Deloitte Touche Tohmatsu Limited (DTTL) and is the first Arab professional services firm established in the Middle East region with uninterrupted presence for over
87 years. Deloitte is among the region’s leading professional services firms, providing audit, tax, consulting, and financial advisory services through 26 offices in 15 countries with over 2,500 partners, directors
and staff. Deloitte has been annually classified as a Tier 1 Tax advisor in the GCC region since 2010 by the International Tax Review World Tax Rankings.