tim holman, director, 2-sec - cyber security, putting liberated technology back in the cage
TRANSCRIPT
Cyber SecurityPutting technology back in the cage..
Tim Holman
CEO, 2-sec
26th February 2015
Tim Holman, CEO 2-sec
• 20 years security experience
• Cyber security, auditing, penetration testing, credit card security, ethical hacking, training, incident response
• The Times, Guardian, Computer Weekly, SC Magazine
• President ISSA-UK
• Fellow of ISSA
• Microsoft MVP Security
17/03/2015
Wall of Shame
• Apple, Dropbox, Snapchat, 2014, password guessing…• Home Depot, 2014, 56 million cards• eBay, 2014 – 145 million passwords• Facebook, 2013 – 6 million records• Adobe, 2013 – 41 million records• Target, 2013 – 110 million records• LinkedIn, 2012 – 6.5 million passwords• eHarmony 2012 – 1.5 million passwords• Sony Online, 2011 – 102 million records• Heartland Payment Systems, 2008-9 – 130 million records• National Archives & Records Admin, 2008 – 76 million records• TJX (TK Maxx), 2006-7 – 46 million records
17/03/2015
Where does all the data go?
YOUR information is for sale
• Credit Card + CCV - $3• Credit Card + CCV + DOB - $35• Credit Card + CCV + DOB + Address - $45
- Balance In Wachovia:………….24K To 80K==========180$- Balance In Boa………………….5K To 45K==========400$- Balance In Credit Union:………Any Amount:=========420$- Balance In Hallifax…………..ANY AMOUNT=========720$- Balance In Compass………….ANY AMOUNT=========700$- Balance In Wellsfargo……….ANY AMOUNT=========800$- Balance In Barclays………………8K To 10K=========550$- Balance In Abbey:…………………………82K ===========650$- Balance in Hsbc:…………………..50K========650$ and more
• Pay by MoneyGram, Bitcoin only please• 95% guarantee
Cyber Crime is BIG business
• High rewards for little risk:– 2bn+ potential victims (ie Internet users).
– Easy pickings.
• In 2013, Cyber Crime cost £266 BILLION.– It’s already overtaken the global narcotics trade:
• If cybercrime was a country, its GDP would rank 27th -above Singapore, Austria and Denmark.
• One British company told officials that it had incurred revenue losses of £770m because of one attack, through the loss of intellectual property.
Why me?
• Why us?
• We’re in the G8.
• We’ll always be targeted.
• We’ve valuable IP.
• To a hacker in a 3rd world country, we’re HNWIs.
• Hackers don’t care who you are, just what you have, or might have.
IP Theft
IP Theft
Military Systems
Industrial Control Systems
Medical Systems
Public Tenders
DNS
Liberating Technology
• Software, services and products are clearly released to the market in an insecure state.
– That’s how vendors make money.
• There’s no such thing as a vulnerability-free world.
– All major products – hardware and software, seem to be affected.
• If you’re going to buy the next big thing, think carefully as to what risks it will bring to your company.
Questions?
[email protected] 502 2066