National INFOSEC Organisations and INFOSEC Management in Hungary.
Cybersecurity Landscape...Approximately 25,000-30,000 attendees from law enforcement, InfoSec and...
Transcript of Cybersecurity Landscape...Approximately 25,000-30,000 attendees from law enforcement, InfoSec and...
Cybersecurity Landscape
Paul LoveChief Information Security Officer, CO-OP Financial Services
Topics
Impact
Motivations
How
The Future
Open Q&A
5.30%
6.15%
2015 2016
of U.S. Consumers Impacted
of U.S. Consumers Impacted
More Consumers are Affected by Fraud
Source: Javelin - 2017 Identity Fraud: Securing the Connected Life
Overall Fraud Incidence Rose 16%
The Big Story in 2017
Source: 2017 Identity Fraud Study, Javelin Strategy & Research
CARD-NOT-PRESENT FRAUD
40%
UP
ACCOUNT TAKOVER FRAUD
60%
UP
Both were driven by EMV migration in the U.S. making in-store fraud more difficult
2017 Breaches
HEALTH CARE
Motivations
Vernacular of Hacking
Motivation/SupportSkill LabelsMotivation Labels
• Hacker (white hat)
• Grey Hat
• Bad Hacker (black hat)
• Blue Hat
• Elite Hacker
• Script Kiddie
• Neophyte/Noob
• Lone attacker
• Hacktivist
• Nation State
• Organized Criminal Gangs (OCG)
History
Late 50’s – Late 70’sPhreaking/System Exploration
Late 80’s – Late 90’sHacking Increases
Nation State
1983Wargames
Movie
1986Computer Fraud
and Abuse Act
1988Morris Worm
1989First Ransomware
detected (PC Cyborg)
19921260 Polymorphic Virus
1993First DEFCON Conference
1994Citibank
1996Cryptovirology(basis of Modern Ransomware)
2000ILOVEYOU
Worm
2001Code Red
2003Blaster
2005CardSystemsSolutions
2007TJ Maxx
2009Conficker
2010Stuxnet
2013Target/Yahoo
2014Sony
2015Ashley Madison
2016Bangladesh Bank Robbery
2000’s and BeyondMonetary/Political attacks
1950 1960 1970 1980 1990 2000 2010
Why
Money
Resources (medical)
Impersonation for non monetary (criminal arrest)
Extension of Political goals
Other (prestige, etc)
How
Cybercrime Business Model
Individual or small team who created malware, delivered malware and exploited malware.
(CyberCrime as a Service or CAAS)
• Project Manager
• Coder/Malware developer
• Bot herder (as needed)
• Intrusion Specialist
• Data Miner
• Money Specialist
These roles can be further specialized to component parts, initial access tools all the way to full service models
PAST CURRENT
CyberCrime as a Service (CAAS)
Can consist of specializations
Malware as a service
Counter AV as a Service
Ransomware as a service
Fraud as a service
Escrow Services
Drop Services
And others
Costs
Type Amount
Server Hacking Approximately $250
Home Computer Hacking Approximately $150
Creating Malware Approximately $200
Bulk Stolen Data depending on gigabytes stolen
Hack Service Rental (depending on size) $200 - $1000
Full project hack (end to end) Varies depend and can include fixed fee
or portion of proceeds
How a Typical Attack Happens
Tools
Networks
Deep Web
Dark Web/Darknet
Public/Internet/Clearnet
Botnets
Approaches
Watering Hole attacks
Malvertisements
DDOS
Ransomware
Malware
BlackHat – DefCon Security Conference
Hacker conference discussing new trends, attacks and intelligence sharing
Approximately 25,000-30,000 attendees from law enforcement, InfoSec and hacker communities.
Key learnings
Crime as a Service is growing
IoT, Vehicles and Voting Machines can be hacked in minutes
Thermostats and other IoT are susceptible to ransomware
Mobile wallets are a target. One attacker showed how a hacker could make fraudulent payments through Samsung Pay1.
Mag Stripes are susceptible to guessing (brute force) allowing attackers to create mag stripe cards on the fly for POS, hotel rooms and other uses2.
1 http://www.itproportal.com/2016/08/10/fraudulent-payments-through-samsung-pay-are-real/2 http://www.esecurityplanet.com/hackers/hacking-hotel-keys-and-point-of-sale-systems-at-defcon.html
Many Sites to Support Attackers
Remote Administration Spreaders
Other Services• Full fledged services (MAAS)
• Marketing services
• Training
• Support
Information Sharing
Source: https://www.hackaday.com
Security Testing Tools Available
Source: https://www.hak5.org/
Skimming and Fraud
Skimming is a common form of criminal activity where data is captured from the magnetic stripe
Phishing Example
Phishing Example
Phishing Example
Source: https://www.irs.gov/pub/irs-utl/phishing_email.pdf
Phishing Example
Source: https://www.ups.com/media/news/en/fraud_email_examples.pdf
Smishing Example
The Future
Nation State
More sophisticated criminal networks
More focus on Small to Medium sized businesses as targets of opportunity
How to Protect Yourself and Company
User education
Don’t click on links in emails you weren’t expecting
Don’t download or click on attachments in emails
If it feels suspicious, assume it is and contact your security team
Keep systems and antivirus patched