Upload File

from russia with love - modern tools used in cyber attacks

  • Home
  • Technology
  • From Russia with Love - modern tools used in Cyber Attacks
23
- A note on notes: The speaker strives to keep most of his slides empty, for that reason some slides contain extensive notes at the bottom (right here). Ignore at your own peril… copyright (2014) comForte 21 1

Upload: thomas-burg

Post on 10-May-2015

458 views

Category:

Technology


3 download

Report

Tags:

DESCRIPTION

Cyber Attacks have come a long way since the first computer Virus "Brain" was created in 1986. This presentation looks at the changes and the consequences resulting for the state of computer security today.

TRANSCRIPT

Page 1: From Russia with Love - modern tools used in Cyber Attacks

- A note on notes: The speaker strives to keep most of his slides empty, for that reason some slides contain extensive notes at the bottom (right here). Ignoreat your own peril…

copyright (2014) comForte 21 1

Page 2: From Russia with Love - modern tools used in Cyber Attacks

- Thomas Burg has an extensive background in systems programming, networking, and security. For more than 30 years, Thomas has worked with a range of computingplatforms, including Windows, UNIX, and HP NonStop. Burg is Chief Technology Officer for comForte, a software vendor specializing in security, connectivity, andmodernization solutions for the HP NonStop market. At comForte, he has helped guide the company’s strategic product direction and orchestrated a range of technologyinitiatives, such as the company’s SSL/SSH encryption suite, which was ultimately adopted by HP within the NonStop OS.

copyright (2014) comForte 21 2

Page 3: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 3

Page 4: From Russia with Love - modern tools used in Cyber Attacks

“Brain” was …• created by a pair of programmers from Pakistan• They did include their phone number and address in the first version (!)

copyright (2014) comForte 21 4

Page 5: From Russia with Love - modern tools used in Cyber Attacks

In 2011, the Chief Research officer of F-Secure (http://en.wikipedia.org/wiki/Mikko_Hypponen) travelled to Pakistan and did find the two guys who are nowworking as computer professionals

copyright (2014) comForte 21 5

http://en.wikipedia.org/wiki/Mikko_Hypponen
Page 6: From Russia with Love - modern tools used in Cyber Attacks

Initially, viruses were spreading through BBS systemsEventually they started spreading through e-mailNew concepts were introduced:

Macro language viruses (Visual Basic for Word)Worms (self-replicating)

Still the viruses were mostly experimental, “hacking”, “to prove something could be done”. Sometimes they were damaging already though.

copyright (2014) comForte 21 6

Page 7: From Russia with Love - modern tools used in Cyber Attacks

New techniques for hiding and avoiding of detection arrived:rootkitsself-encrypting, polymorphismbotnets

The Cost of attacks / effects on global economy are risingVirus-infection has become part of ‘normal’ computer businessMost importantly, more and more viruses were simply created to make money – rather than to ‘prove something’. Hence the difference between “white hat”and “black hat” hackers.

copyright (2014) comForte 21 7

Page 8: From Russia with Love - modern tools used in Cyber Attacks

The Zeus botnet ring of 2007 provides a good example for ‘separation of duties’ among a ring of criminals“malware coders” create the malware“mules” launder the money“exploiters” get the money

Victims can be individuals, businesses, financial institutions

copyright (2014) comForte 21 8

Page 9: From Russia with Love - modern tools used in Cyber Attacks

The geography of Zeus shows how the Internet allows to attack anyone from anywhere:malware written in Eastern Europevictims targeted in USA and UK

copyright (2014) comForte 21 9

Page 10: From Russia with Love - modern tools used in Cyber Attacks

Recent breaches include Sony, RSA, New York Times, as of late 2013 Target…

copyright (2014) comForte 21 10

Page 11: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 11

Page 12: From Russia with Love - modern tools used in Cyber Attacks

The timeframe for an attack can easily be weeks or months as the attacks are “multi-staged”. ((Side note: none of these techniques are new; they are knowamong the security community for 10+ years.))

Note the “targeted server” – the attacker was looking for specific source code and found it. Servers (rather than user workstations) are increasingly becoming thetarget of attacks.

It is only the increased motivation of the attacker which made this possible

copyright (2014) comForte 21 12

Page 13: From Russia with Love - modern tools used in Cyber Attacks

It is still not known who was behind the RSA data breach – yet obviously the attacker had a very specific goal in mind and was clearly focused on that goal; evenif this involved a ‘multi-staged’ attack.

copyright (2014) comForte 21 13

Page 14: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 14

Page 15: From Russia with Love - modern tools used in Cyber Attacks

This slide sums up the massive changes in the “attack vectors”, namely the malware often central to an attack:• Shift from “simple” to “complex” viruses. Complex viruses are often _not_ detected by Antivirus software• Shift from “for fun”/”hacking” to commercial or state-sponsored interest

Beyond this, there is a new quality of the attacks: APT, Advanced Persistent Threats, see next slide

copyright (2014) comForte 21 15

Page 16: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 16

Page 17: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 17

Page 18: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 18

Page 19: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 19

Page 20: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 20

Page 21: From Russia with Love - modern tools used in Cyber Attacks

This presentation was intended to provide a quick overview how the “attack landscape” has changed in the last 18 years. The author believes it is ratherimportant to understand that todays’ attacks differ radically from the usual attacks on computer systems about a decade ago: Todays’ attacks are more and moremulti-stepped and sophisticated rather than (as in the good ol’ times) just employing a single weakness in the defenses.

This is _not_ to say that one should use the “head in the sand” approach.

copyright (2014) comForte 21 21

Page 22: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 22

Page 23: From Russia with Love - modern tools used in Cyber Attacks

copyright (2014) comForte 21 23


Overcoming Cyber Attacks

Future Cyber Attacks & Solution - Symantec

Responding to Cyber Attacks: Introduction

Attributing Cyber Attacks - Brown Universitycs.brown.edu/courses/cs180/sources/Attributing_Cyber_Attacks.pdf · Attributing Cyber Attacks ... Clifford Stoll, The Cuckoo’s Egg

Cyber-attacks to SAP Systems

Presentation on Cyber Attacks

The Evolution of Cyber Attacks

The rising threat of Cyber Attacks & expectations from the ... · The rising threat of Cyber Attacks & expectations from the Professional Accountants. Cyber attacks against Banks

Cyber-Attacks on Electric Power System€¦ · EPS Cyber-Attacks: The Good • Recent cyber-attacks involve hacking into databases and learning/revealing information. • Electric

Safeguarding applications from cyber attacks

Anticipating Cyber Attacks

Cyber-security - Defending your company against cyber attacks

Cyber Security: Cyber Crime, Attacks and Terrorism...Ukraine.8 Three days before Ukraine’s 2014 Presidential election, Russia hacked into the Central Election Commission and disabled

Cyber Attacks Implications for Uk

Security Attacks and Cyber Crime: Computing through Failures and Cyber Attacks

Understanding Cyber-Attacks - Part I. The Cyber-Kill …resources.pandasecurity.com/enterprise/solutions/ad360/1704... · Understanding Cyber-attacks. Part I | 2 Table of ... team

Cyber attacks 2015

Cyber Attacks, Threats, Espionage and Hackingvenkrajen.in/docs/CyberWarAttacksandHacking.pdf · Cyber Attacks, Threats, Espionage and Hacking V. Rajendran Advocate and Cyber Law Consultant

Cyber attacks september 2014

Cyber Russia

Preventing zero day cyber attacks

Cyber Crisis Management Plan for Countering Cyber Attacks

DLIB Cyber - 5 Types of Cyber Attacks - Dan Lawriedanlawrie.com/...Cyber-5-Types-of-Cyber-Attacks.pdf · 5 Types of Cyber Attacks That Threaten Small Businesses Small businesses face

Cyber Attacks Threaten:

COMMUNIST CHINESE CYBER–ATTACKS, CYBER–ESPIONAGE … · COMMUNIST CHINESE CYBER–ATTACKS, CYBER–ESPIONAGE AND THEFT OF AMER-ICAN TECHNOLOGY FRIDAY, APRIL 15, 2011 HOUSE OF

Collective Ingenuity against Cyber Attacks

Cyber Analytics – A Proactive Approach to Cyber Attacks

Cyber attacks

Impact of Alleged Russian Cyber Attacksnsarchive.gwu.edu/NSAEBB/NSAEBB424/docs/Cyber-027.pdf · The high likelihood of future cyber attacks, the ease of conducting cyber attacks,

Cyber attacks 101

Cybersecurity 2 cyber attacks

CHECKLIST Cyber Attacks

Cyber attacks in Ukraine during revolution and Russian ...Russia has big potential for future cyber conflict: • Mass attacks similar (like against Estonia and Georgia); • Data

Cyber Attacks & Defense

Cyber Attacks and the Beginnings of an International Cyber