u s embassy event - today’s cyber threats
DESCRIPTION
Presented on 3 Nov. 2010TRANSCRIPT
![Page 1: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/1.jpg)
CHAIYAKORN APIWATHANOKULCISSP, IRCA:ISMS, SANS GCFA
Chief Security OfficerPTT ICT Solutions Company Limited
Stay Ahead of Cyber Threats
Committee Member of Thailand Information Security Association
![Page 2: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/2.jpg)
Speaker Profile
Cyber Defense Initiative Confere
nce 20102
![Page 3: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/3.jpg)
Current Cyber Threats
Cyber Threats Summary
Threat Convergence
▪ Digital world and physical world is now homogeneous
▪ CCTV, Door Access Control, ID Badge, HVAC, Medical Devices and other Automation System
Threat Summary of 2010
2011 Outlook
![Page 4: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/4.jpg)
Economic condition continue to fluctuate More people is out of job Criminal has more incentive Budget is tighten Technology makes things faster, smaller, better,
cheaper and more available to those who never ever had accessibility before.
Technology is easier to user but much more sophisticated behind like an iceberg
New technology allows newer and innovative threats
![Page 5: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/5.jpg)
Individual
- Privacy
- Life
- Bank acc.
Enterprise
- Business espionage
- Sabotage
- Fraud
- Financial loss
- Reputation
Industry
- Specific industry sector damage i.e. telecom, healthcare, energy, financial
Country
- Cyber Warfare
- Sabotage
- Criminal
- Terrorism
- National symbol
Global- Criminal
- Terrorism
![Page 6: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/6.jpg)
Stolen Credit cards
Botnets
Exploits
Spam
Phishing &Identity Theft
Scam Websites Compromised E-Merchants
Credit Card Fraud
Hacked Databases
Identities
UndergroundCurrency
Credit Cards
![Page 7: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/7.jpg)
The threat is out there and more and more innocence users are getting on-board
More bandwidth (3G/4G)
More smarter devices
More users/subscribers
More innocence targets
More accessibility
More application (good & bad)
![Page 8: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/8.jpg)
Criminal utilizes leading-edge technology/methodology, while many people still: Using password as “password” or “12345”
Password length not less than 8, fine, then “12345678”
Have to mix alphabet with number, ok, “password123”
Leave their WiFi router/AP no password
Leave their ADSL router configuration as default
![Page 9: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/9.jpg)
Simple trick still work well
Win a Lotto
Celebs’ clip
Free ticket
Fake Antivirus
Malicious link
Bit.ly
Our_picture.zip
![Page 10: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/10.jpg)
(National) Cybersecurity Day Security awareness medias and contents in
local language (National) Cybersecurity Awareness Program
![Page 11: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/11.jpg)
Keep the bad guy out (from outside)
What if the bad guy is inside?
Strong external security perimeterbut weak internal control
![Page 12: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/12.jpg)
From the response of over 10,000 executives around the globe
Organizations have more visibility on their environment as the number of “Don’t know” decreases
![Page 13: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/13.jpg)
The attacks aim more on the data Network and system exploitations seem steady
From the response of over 10,000 executives around the globe
![Page 14: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/14.jpg)
CEO’s or CFO’s may consider allocating budget not only for maintaining current security level but to advance security capability of the whole organization
From the response of over 10,000 executives around the globe
![Page 15: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/15.jpg)
Board of directors need to hear from CISO CISO and CIO has some contradict aspect of function (check and balance)
From the response of over 10,000 executives around the globe
![Page 16: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/16.jpg)
Use custom software to infiltrate computers
Steal information Steal credential Steal intellectual property
Key logger BotNet Virus/worm Rootkit
![Page 17: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/17.jpg)
![Page 18: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/18.jpg)
DEVICES
Network Computer Mobile phone Home automation IP camera Access door Building Automation System
(BAS) Medical device Implantable device Power grid, power substation SCADA/DCS/Industrial
Automation Super car (Porsche 911) Many many others
COMMON ATTACK SURFACE
Network (protocol) Operating system Application Implementation
![Page 19: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/19.jpg)
19
![Page 20: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/20.jpg)
Cyber Defense Initiative Confere
nce 201020
![Page 21: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/21.jpg)
21
![Page 22: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/22.jpg)
22
![Page 23: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/23.jpg)
1. Attack to unpatched/outdated OS/service/software/application
2. Operator screen taken over3. Attack to database or file server4. Password brute force5. Malware propagation6. Eavesdrop (sniff) information from the network7. Incomplete implementation of TCP/IP8. Denial of Service (DOS)9. Embedded web interface in the device10. Default authentication password or no password at all
23
![Page 24: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/24.jpg)
1) More focus on Data Correlation2) Threat intelligence analysis will become more important3) Endpoint security becomes more important4) Focusing in on proactive forensics instead of being reactive5) Moving beyond signature detection6) Users will continue to be the target of attack7) Shifting from focusing on data encryption to key
management8) Cloud computing will continue regardless of the security
concerns9) New Internet protocols with increase exposure10) Integrated/embedded security devices
![Page 25: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/25.jpg)
![Page 26: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/26.jpg)
![Page 27: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/27.jpg)
M&A in IT Security Industry More targeted custom malware attacks More on the “white-list” approach rather than “black-
list” More on hardware (design) security Memory (RAM) attack (decrypted data, password, pin
and etc.) As a result from PCI, HIPAA, GLBA that asked for
encrypting sensitive data at rest and in transit Monitoring and Analysis Capability will increase Wireless in more other purposes More Cloud Computing Issues Digital investigator job will be highly demanded
![Page 28: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/28.jpg)
Emerging of legislation compliance requirement Royal Decree (ETA.C25) (announced in Sep. 2010 and will be enforced after 180 days)
ISO27001 Critical Infrastructure Sectors
Business Continuity BS 25999
Increase of infosec workforce in government, public sector and private sector
Raise awareness and inspiration in infosec career in academic institutes
Increase user awareness of Thailand citizen
![Page 29: U S Embassy Event - Today’S Cyber Threats](https://reader034.vdocuments.us/reader034/viewer/2022052315/5567ab7dd8b42ada108b504d/html5/thumbnails/29.jpg)