workplaces are more vulnerable...deloitte targeted by attack that reveals client confidential mails...
TRANSCRIPT
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
1
WORKPLACES ARE MORE VULNERABLE
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
:)
EVOLUTION OF MALWARE:ANATOMY OF A MODERN ATTACK
Healthy Computer
User Receives Email
User Lured to Malicious Site
Device Infected with
Malware
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
HelpDesk Logs into Device
Identity Stolen, Attacker Has
Increased Privs
:)
Healthy Computer
User Receives Email
User Lured to Malicious Site
Device Infected with
Malware
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
User Lured to Malicious Site
Device Infected with
Malware
HelpDesk Logs into Device
Identity Stolen, Attacker Has
Increased Privs
User Receives Email
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
Source: The Evolution of Cyber Attacks, FireEye
CYBER ATTACKS AND MOTIVES ARE EVOLVING
• Malware is readily available & comes with warranty
• The TAM is large - standardization of PC architecture makes the opportunity of breaches larger
• The reward is high – e.g. in Feb 2016,
Hackers attempted to steal $1B via
compromised SWIFT credentials of bank
employees
• Companies don’t want to publicly admit to security breaches
6
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
2017 IN REVIEW
ATTACKS ACCELERATING
7
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
NotPetya launches destructive attackin Ukraine - age of cyberwarfare?
YAHOO! uncovers that earlier hack affected all 3 billion email addresses
Anthem employee emails 18.5k medical records to his personal account
Dun & Bradstreet database of 33.7M email addresses & contact info leaked
Shamoon 2 reappears in Saudi Arabia as destructive attack on industry
WannaCryransomware features stolen NSA exploit
Equifax discovers they have been attacked. Financial data on 143M people stolen.
Virgin America Login credentials stolen from 3k employees
In the first quarter of 2017, new malware emerged every 4.2 secondsGData, Malware Trends 2017, 2017
Deloitte targeted by attack that reveals client confidential mails of blue-chip clients
Etheriumsuffers heists of $7.4M and $32M weeks apart
Uber reveals breach of 57M customers and drivers personal info
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
NotPetya
8
Ransomware throughMicrosoft vulnerability
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
Shamoon 2
9
Attack via bad link in mailDisk-wiping through BIOS
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
Firmware Attacks are a Reality
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
IN THE OS Operating System, Software, Downloads
ABOVE THE OS Manageability Infrastructure, Visual Hackers
OPEN DOORSSecurity tools are useless unless policies are enforced. Manageability is required to make security effective
!
COMMON TARGETUnpatched software vulnerabilities are easy to exploit. Malicious websites, infected downloads
!
IDEAL TARGETComplex target, but successful attacks mean persistence, stealth, and access to almost anything they want
!!!BELOW THE OS Firmware (BIOS, etc.)
HARDWAREMost Secure. Extremely difficult for hackers and malware to penetrate.
THREATS TARGET EVERY LEVEL OF THE SYSTEM
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
AVG. ENDPOINT SECURITY STACK 2018
12
ABOVE THE OS
INTHE OS
BELOWTHE OS
DATADEVICE IDENTITY
TPM chipEncryption
Fingrerprint reader, IR Cam
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
HP ENDPOINT SECURITY STACK 2018
13
ABOVE THE OS
INTHE OS
BELOWTHE OS
HP Sure Start Gen4Self-healing BIOS with Runtime Intrusion Detection
HP BIOSphere Gen4Comprehensive BIOS management
HP Client Security Manager Gen4
• HP Multi-Factor Authenticate Gen2MFA with hardened policies, 3-factor, face log-in
• HP SpareKeySelf-service password recovery
• HP Device Access ManagerJust-in-Time access for ports and devices
Certified Self-Encrypting DrivesHW data encryption
HP Secure ErasePermanent data removal on HDD/SSD
HP Sure View Gen2Built-in privacy screen
DATADEVICE IDENTITY
HP Sure RunProtection for critical applications
HP Sure RecoverAutomated network-based image recovery
HP Sure Click Browsing security solution
HP Image Assistant Gen3Image creation and testing
HP MIK Gen2Centralized security management
HP Endpoint Security Controller
Key Additions and Updates
TPM chipEncryption
For use with customers under current Confidential Disclosure Agreement only.© Copyright 2018 HP Development Company, L.P. The information contained herein is subject to change without notice.
Yet only 16% of companies and 53% of IT managers realize printers are vulnerable to cyber crime
Firmware and software
Hardware
Network access
Internet
14
ENDPOINTS AREN’T JUST PCS
Building trust with device security
c04912106, March 2018, Rev. 1115
Design for cyber-resilience
Detect RecoverProtect
Software security is not enough
Must start from the firmware up
HP Security ManagerChecks and remediates printer settings
WhitelistingKeeps thefirmware safe
Run-time intrusiondetectionMonitors run-time operations and self-heals
HP ConnectionInspectorMonitors network connectionsand self-heals
Secure the Device
c04912106, March 2018, Rev. 1116
HP Sure StartKeeps the BIOS safe and self-heals
Secure the Data
c04912106, March 2018, Rev. 1117
Monitor for threatsIdentify issues and self-heal
Authenticate usersPrevent unauthorized access
Encrypt the dataPrevent data theft and alteration
Secure the Document
c04912106, March 2018, Rev. 1118
Anti-counterfeitDeter document tampering and fraud
Workplace privacyMaintain your print security defenses
ComplianceSecure document workflows
FLEET SECURITY MONITORINGAND COMPLIANCE
c04912106, March 2018, Rev. 1119
Risk: Printers not compliant with security policySolution: Policy-based print security management
HP JetAdvantage Security Manager
Createpolicy
Adddevices
Assessdevices
Remediatedevices
Reviewresults
Renew Certificates
Highlights• Intuitive Policy Editor and built-in Base Policy
simplify print security policy creation
• Auto-Remediation automatically applies current policy settings to a;; noncompliant features identified during assessment
• Unique Identity Certificates simple one-time set up of certificates for entire fleet, automatically generated or renewed
• Risk-based reporting helps IT quickly monitor & respond to audits
• HP Instant-on Security immediately applies policy to when device when connected to the network
HP JetAdvantage Security ManagerNew Assess-only demo version of HP Security Manager
What is the assess-only demo - Predefined policy including ~10 security settings
- Allows assessment of up to 20 HP network devices
- Show personalized risk assessment report based on ~10 defined settings
Start the conversation- Bring the CISOs into the conversation
- Run the assessment-only Demo
- Review results
- Provide a solution
- Trial version 60 day free
- Buy HP JetAdvantage Security Manager
Risk: No unique digital certificates on printersSolution: Automated certificates management with HP Security Manager
Certificate management via HP JetAdvantage Security Manager✓
To Do !
• Vurdere hvilken risiko der er størst.
• Sikre sig at alle kopi maskiner er opdateret med seneste firmware.
• Sikre at alle kopimaskiner hvor det er muligt, kører med Krypteret harddrive.
• Sikre at Security policy er implementeret på alt HW. Security manager.
• Gamle modeller der har meget lav sikkerhed bør skiftes, løbende.
The Wolf
Security by design