ask your questions on twitter with #hackeracademyuk · 2018. 12. 18. · significance of security...

15
www.hackeracademy.uk HACKER ACADEMY Ask your quesons on Twier with #HackerAcademyUK

Upload: others

Post on 29-Aug-2020

4 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

www.hackeracademy.uk

HACKER ACADEMY

Ask your questions on Twitter with #HackerAcademyUK

Page 2: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

www.hackeracademy.ukHACKER ACADEMY

Stops 750Mharmful emails

Monitors 1B

11

simulated phishing emails

over each has over 1000+ Employee

Wannacry, Stuxnet etc.

%53

Tests on 40 millionPhishing emails over

%31

Phishing E-mails

Digital

HACKER ACADEMY

How Easy Is It To Hack Your Hospitaland How Can You Prevent It?

Data breaches cost the health care industry approximately $5.6 billion every year

HAC

KER

ACAD

EMY

www.hackeracademy.uk

[1]

Page 3: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

Wireless Hackingof Insulin PumpsMcAfee FOCUS 11 conference - 2011

Hacking Pace MakerBreakPoint security conference - 2012

Barnaby JackComputer security expert

Scans for any insulin pumps that communicate wirelessly within 300 feet

wearing a pacemaker within a50-foot radius

Hacks without the

Changes insulin amount than necessary

www.hackeracademy.ukHACKER ACADEMY

Page 4: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

Top 5 Industries At

Manufacturing

Financial Services

Government

2.

3.

4.

5.

Healthcare 1.

20162015

The percentage of Business, needed to pay at

ransomware was 70%

via ransomware

$209 million

$

$10.000

of the ransomware

in USA

www.hackeracademy.ukHACKER ACADEMY

Ref. No: 1

Cyber Attacks 2015-2016

70%

$1 Billion

Cybercriminals were paid for ransomware

The estimated revenue from criminal's use of the ransomware

[2]

The percentage of businesses, needed to pay at least10K $ to regain access, locked by a ransomware

Page 5: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

20182017

in Q1

in Q2

in Q3

3.14 m

1.13 m

3.14 m

4.4 m

Awaring of basic security principles prevent

1

1.4 m

One incident1

$8

$200

$200/$8

Spread out via

Breach in Healthcare

www.hackeracademy.ukHACKER ACADEMY

Ref. No: 3

Ref. No: 4

Ref. No: 2

Cyber Attacks 2017-2018

Number of affected patientsby breached records in USA

20182017

in Q1

in Q2

in Q3

3.14 m

1.13 m

3.14 m

4.4 m

Awaring of basic security principles prevent

1

1.4 m

One incident1

$8

$200

$200/$8

Spread out via

Breach in Healthcare

www.hackeracademy.ukHACKER ACADEMY

Ref. No: 3

Ref. No: 4

Ref. No: 2

20182017

in Q1

in Q2

in Q3

3.14 m

1.13 m

3.14 m

4.4 m

Awaring of basic security principles prevent

1

1.4 m

One incident1

$8

$200

$200/$8

Spread out via

Breach in Healthcare

www.hackeracademy.ukHACKER ACADEMY

Ref. No: 3

Ref. No: 4

Ref. No: 2

20182017

in Q1

in Q2

in Q3

3.14 m

1.13 m

3.14 m

4.4 m

Awaring of basic security principles prevent

1

1.4 m

One incident1

$8

$200

$200/$8

Spread out via

Breach in Healthcare

www.hackeracademy.ukHACKER ACADEMY

Ref. No: 3

Ref. No: 4

Ref. No: 2

20182017

in Q1

in Q2

in Q3

3.14 m

1.13 m

3.14 m

4.4 m

Awaring of basic security principles prevent

1

1.4 m

One incident1

$8

$200

$200/$8

Spread out via

Breach in Healthcare

www.hackeracademy.ukHACKER ACADEMY

Ref. No: 3

Ref. No: 4

Ref. No: 2[3]

[4]

[5]

[7][6]

Spread out viaofficial-looking emails

Estimated cost of a major breach in healthcare

Page 6: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

Type: Ransomware Target-OS: WindowsExploit: EternalBlueBirth: 12 May 2017, Achieved: 230,000+ computers in 150+ countries within a day.

MRIBlood Test Analysis Devices

80 out of 236 hospital trusts across England

595 out of 7,454 GP

$4B

$ Hundreds of millions

www.hackeracademy.ukHACKER ACADEMY

Patch for EternalBlue was

Ref. No: 5

WannaCry Ransomware

6[8]

Birth: 12 May 2017Achieved: 230,000+ computersin 150+ countries in a dayType: RansomwareTarget-OS: WindowsExploit: EtarnelBlue

14 March 2017

59 days before attack

The date, patch is published

Page 7: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

www.hackeracademy.ukHACKER ACADEMY

MRI, Blood Test Analysis...

devices/equipment 1.000 of computers in 42 Domain Admin privileges: 96%if is included

within the network.

over , each has over

In 2016

Ref. No: 7

Outdated Systems & Importance of Keeping Systems Up-to-Date

in 42 separate NHS trusts in England were reported

to be still running Windows XP

1.000 ComputersEscalating to domain adminprivileges if Windows XP isincluded within the network

96% Success RateCritical medical

devices/equipments still use Windows XP such as

MRI, Blood Test Analysis

[9] [10]Penetration tests, performed by Hacker Academy,

over 100+ entities, each has over 1000+ employees

Page 8: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

www.hackeracademy.ukHACKER ACADEMY

Stops 750Mharmful emails

Monitors 1B

11

simulated phishing emails

over each has over 1000+ Employee

Wannacry, Stuxnet etc.

%53

Tests on 40 millionPhishing emails over

%31

Phishing E-mails

Digital

Significance of Security Awareness

Rate of employees phished by official-looking emails

Tests with 40 million phishing emails over 1000 organizations

Rate of healthcare staff phished after receivingone awareness training

www.hackeracademy.ukHACKER ACADEMY

Stops 750Mharmful emails

Monitors 1B

11

simulated phishing emails

over each has over 1000+ Employee

Wannacry, Stuxnet etc.

%53

Tests on 40 millionPhishing emails over

%31

Phishing E-mails

Digital

%53%31

%91 Successful Cyber Attacks

Penetration tests, performed by Hacker Academyover 43 public entities, 32 financial instutions

each has over 1000+ employee

[11]

Page 9: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

Hacker Academy

Lack of cyber security awareness causesother security measures to be trashed!

Page 10: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

www.hackeracademy.ukHACKER ACADEMY

Demos

What dowe need?

Laptop

1 2 Collection of sensitive data byimpersonating corporate systems

Fun SessionBypassing million-dollar systems

Page 11: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

www.hackeracademy.ukHACKER ACADEMY

Secure Network Architecture

91% 91% 12%

Maldistribution of Cyber Security Investments

20182017

in Q1

in Q2

in Q3

3.14 m

1.13 m

3.14 m

4.4 m

Awaring of basic security principles prevent

1

1.4 m

One incident1

$8

$200

$200/$8

Spread out via

Breach in Healthcare

www.hackeracademy.ukHACKER ACADEMY

Ref. No: 3

Ref. No: 4

Ref. No: 2

20182017

in Q1

in Q2

in Q3

3.14 m

1.13 m

3.14 m

4.4 m

Awaring of basic security principles prevent

1

1.4 m

One incident1

$8

$200

$200/$8

Spread out via

Breach in Healthcare

www.hackeracademy.ukHACKER ACADEMY

Ref. No: 3

Ref. No: 4

Ref. No: 2

[12]

Distribution of Cyber SecurityInvestments in 2017

www.hackeracademy.ukHACKER ACADEMY

Secure Network Architecture

91% 91% 12%

Secure network architecture

Keeping systems up-to-date

Strengthen the human layer

of Successful cyber attackscaused by human layer

www.hackeracademy.ukHACKER ACADEMY

Secure Network Architecture

91% 91% 12%

Page 12: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

Attack your own systems before hackersby taking cyber security tests & audits!

Hacker Academy

Track security awareness of employees,customers and partners with KPIs by trainings!

Page 13: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

HACKER ACADEMY

www.hackeracademy.uk

Page 14: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

www.hackeracademy.uk

HACKER ACADEMY

Page 15: Ask your questions on Twitter with #HackerAcademyUK · 2018. 12. 18. · Significance of Security Awareness Rate of employees phished by official-looking emails Tests with 40 million

www.hackeracademy.uk

HACKER ACADEMY

Ask your questions on Twitter with #HackerAcademyUK