The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and...

14
The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC 22 March 2013

Transcript of The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and...

Page 1: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

The Evolution of Cyber Threats and

Cyber Threat Intelligence

Greg Rattray CEO, Delta Risk LLC

22 March 2013

Page 2: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

2

Today’s Talk

Walk though History

What Does it Mean?

Page 3: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

3

Before the Dawn

Intercept

Orange Book

Espionage as a Constant

Cold War Know Adversaries Signals Intelligence

Cyber Threat Intelligence

Phreaking

Technology

Public Switched Telephone Network

Little in Private Sector

Page 4: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

4

Light on the Horizon

Info War

Hunting Hackers

Speculation on National Security Impact

First Gulf War

Morris Worm

Computers at Risk

President’s Commission on Critical Infrastructure Protection Networked

Reliance Growing

Web

Technology

Cyber Threat Intelligence

Page 5: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

5

Early Wake Up Calls

2000 E-Commerce Attacks

Solar Sunrise

EP-3 and Patriotic Hacking

JTF-CND and others

Moonlight Maze

Rise of E-commerce

Cyber Threat Intelligence

Technology

Slammer Nimda

Code Red

Attribution Difficult Rise of CERTs

Page 6: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

6

The Dark Times 9/11

Afghanistan

Internet Underground

GWOT

Botnets

Byzantine Hades

Global Crossing

Exposures of Espionage

Supply Chain Risks

Little on Adversary Capabilities

\

Iraq

Internet Bubble Bursts Reliance Still Grows

Cyber Threat Intelligence

Page 7: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

7

A Rude Awakening Advanced Persistent Threats

Ghost Net

Estonia Georgia

Night Dragon Control Systems on Internet

Rise of Private Teams – CERTs; Providers and Collaboratives

Korea

Technology

Cyber Threat Intelligence Start Real Focus

RBN Attribution Progress

Page 8: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

8

Rising Fear

STUXNET

Shamoon

Flame

DDoS vs. Banks Mobility

Cloud Social Media

APT 1

Dire Estimates; Need Method

Technology

Cyber Threat Intelligence

Info Sharing

Page 9: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

Improving Enterprise Defense

9

Castle Walls Eroded Enemy Inside Gates

Must Manage Risk > Know Your Attacker

Channel the Attacks

“If you know the enemy and know yourself you need not fear the results of a hundred battles”

Page 10: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

10

What’s Going Well

• Tactical Knowledge and Attribution

• Information Sharing

• Private Sector Intelligence

• Push to Automation & Professionalization

Page 11: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

11

What’s Missing

• Analysis of Operational Risk • Understanding Strategic Impact

• Estimative Analysis

Page 12: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

12

What are the Challenges? •

Avoiding Militarization of Cyberspace

Cyber Risk Management

Growing Full Spectrum Geeks

Page 13: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

13

What Might Happen

Guerilla Conflict

Eradication of Disease

Waveform Attack

Page 14: The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

14

Parting Shots

Technology Drives Risks Take a Global Perspective

Collaboration

Learning


Advanced cyber-threats need advanced solutions 17 session 1 - advanced cy… · Cyber Security Services Encryption Endpoint Compliance Advanced Threat Protection Encrypted Traffic

Advanced cyber-threats need advanced solutions 17 session 1 - advanced cy… · Cyber Security Services Encryption Endpoint Compliance Advanced Threat Protection Encrypted Traffic

The MITRE Corporation Federated Analysis of Cyber Threats (FACT) · 2015-09-03 · MITRE, cyber threat intelligence, STIX, Information Security Analysis Teams, ISATS, CRITS, CyCS,

The MITRE Corporation Federated Analysis of Cyber Threats (FACT) · 2015-09-03 · MITRE, cyber threat intelligence, STIX, Information Security Analysis Teams, ISATS, CRITS, CyCS,

Threat Modeling and Analysis - KAMM...Threat Modeling and Analysis ... • Point Threats • Systems Threats • Distal Threats • Proximal Threats • Terminal Threats • Pathways

Threat Modeling and Analysis - KAMM...Threat Modeling and Analysis ... • Point Threats • Systems Threats • Distal Threats • Proximal Threats • Terminal Threats • Pathways

Cyber Threat Intelligence Enterprise & Cyber … Threat Intelligence Enterprise & Cyber Security August 2017 Copyright Fujitsu Limited 2017 Global Impact Fujitsu Cyber Threat Intelligence

Cyber Threat Intelligence Enterprise & Cyber … Threat Intelligence Enterprise & Cyber Security August 2017 Copyright Fujitsu Limited 2017 Global Impact Fujitsu Cyber Threat Intelligence

The Evolution of Cyber Threats and Cyber Threat Intelligence

The Evolution of Cyber Threats and Cyber Threat Intelligence

Threats from Economical Improvement: Why the Economy in Emerging Countries Can Pose as a Threat to Cyber Security

Threats from Economical Improvement: Why the Economy in Emerging Countries Can Pose as a Threat to Cyber Security

Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure … · 2019-08-08 · RAPIDLY DECLASSIFY CYBER THREAT INFORMATION. and proactively share it with

Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure … · 2019-08-08 · RAPIDLY DECLASSIFY CYBER THREAT INFORMATION. and proactively share it with

Threat Visibility for Cyber Hunters - Kite Distribution · WHITE PAPER Threat Visibility for Cyber Hunters 3 Introduction The challenge of hunting bad actors, insider threats, and

Threat Visibility for Cyber Hunters - Kite Distribution · WHITE PAPER Threat Visibility for Cyber Hunters 3 Introduction The challenge of hunting bad actors, insider threats, and

Optimal Machine Learning Algorithms for Cyber Threat …uksim.info/uksim2018/CD/p32.pdf · naif.otaibi.19@aramco.com Abstract — With the exponential hike in cyber threats, organizations

Optimal Machine Learning Algorithms for Cyber Threat …uksim.info/uksim2018/CD/p32.pdf · [email protected] Abstract — With the exponential hike in cyber threats, organizations

Cyber, Physical or Insider Threat? - ASIS Europe 2018 · Cyber, Physical or Insider Threat? ... navigating a complex risk landscape? physical threat cyber threat insider threat ...

Cyber, Physical or Insider Threat? - ASIS Europe 2018 · Cyber, Physical or Insider Threat? ... navigating a complex risk landscape? physical threat cyber threat insider threat ...

Transforming the U.S. Cyber Threat Partnerships...DRAFT/NIAC Pre-Decisional 2 authorities to achieve cyber mitigations in the private sector and counter extraordinary cyber threats,

Transforming the U.S. Cyber Threat Partnerships...DRAFT/NIAC Pre-Decisional 2 authorities to achieve cyber mitigations in the private sector and counter extraordinary cyber threats,

National Cyber Security Centre Unclassified Cyber Threat ... · National Cyber Security Centre Unclassified Cyber Threat ... It also produces threat prevention and ... can however

National Cyber Security Centre Unclassified Cyber Threat ... · National Cyber Security Centre Unclassified Cyber Threat ... It also produces threat prevention and ... can however

Defeating Cyber Threats

Defeating Cyber Threats

Cyber Security Threats and Threat Actors Training ... · Cyber Security Threats and Threat Actors Training - Assurance ... (shipping), using real operational cyber systems within

Cyber Security Threats and Threat Actors Training ... · Cyber Security Threats and Threat Actors Training - Assurance ... (shipping), using real operational cyber systems within

BUILDING AN ADAPTIVE CYBER STRATEGY · domain, current US cyber strategy has not proven effective. This paper dissects the cyber threat landscape and how advanced threats operate

BUILDING AN ADAPTIVE CYBER STRATEGY · domain, current US cyber strategy has not proven effective. This paper dissects the cyber threat landscape and how advanced threats operate

CYBER THREAT INTELLIGENCE - Microsoft...Cyber threat intelligence supports the following cyber security ... Optiv’s Cyber Threat Intelligence Workshop was developed to advise and

CYBER THREAT INTELLIGENCE - Microsoft...Cyber threat intelligence supports the following cyber security ... Optiv’s Cyber Threat Intelligence Workshop was developed to advise and

MANUFACTURING CYBER THREATS

MANUFACTURING CYBER THREATS

INFORMATION AND ACCOUNT SECURITY - farmersbankgroup.com · • Internal cyber threat exercise to determine top cyber threats to banks and remediation • Credit and debit card fraud

INFORMATION AND ACCOUNT SECURITY - farmersbankgroup.com · • Internal cyber threat exercise to determine top cyber threats to banks and remediation • Credit and debit card fraud

STOPPING CYBER THREATS YOUR FIELD GUIDE ... - Infosec …€¦ · STOPPING CYBER THREATS YOUR FIELD GUIDE TO THREAT HUNTING YOUR FIELD GUIDE TO THREAT HUNTING STOPPING CYBER THREATS

STOPPING CYBER THREATS YOUR FIELD GUIDE ... - Infosec …€¦ · STOPPING CYBER THREATS YOUR FIELD GUIDE TO THREAT HUNTING YOUR FIELD GUIDE TO THREAT HUNTING STOPPING CYBER THREATS

ENTERPRISE SECURITY OPERATIONS AND THREAT … · 2018-03-29 · Enterprise Security Operations and Threat Management Through SIEM Integration | 2 Cyber threats just aren’t what

ENTERPRISE SECURITY OPERATIONS AND THREAT … · 2018-03-29 · Enterprise Security Operations and Threat Management Through SIEM Integration | 2 Cyber threats just aren’t what