Cristian Pațachia-Sultănoiu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
3. 3
Browsing Communication / Messaging DL/UL/Gaming Mail Other Data Services Streaming
Orange Romania: Video streaming share in total traffic grew
by 14 percentage points in less than 3 years
2015 2018
58%44%
6. 6
from the time
spent by
smartphones
users is related to
apps
~70%75% ~70% ~90%
from smartphones
users are looking
for music video
and funny clips
from
smartphones
users are
Instagram users
from
smartphones
users are
Facebook users
8. 8
“Smart Territories” dashboards
IoT midleware [Live Objects]
storage security compute visualization
flexible connectivity options 2G/3G/4G,
Wi-Fi, Bluetooth, LoRaWAN, LTE-M
actuator sensor actuator sensor
public data
sets
sensor
Open platform and IoT connectivity
To support you in each step of your data journey
9. 9
LoRa Sigfox
NB-IoT
(+range)
2G, 3G,
4G
LTE-M
(+latency)
Licensed networks Unlicensed
High battery
performance,
very low
throughput
Medium battery
performance,
medium
throughput
Complex deployment
(require hardware
installation)
Easy deployment (software
upgrade in most of the cases)
Low Power technologies use cases
10. 10
LTE-M
National availability of LTE-M as the most
appropriate technology for the widest range of
current and future cases
3137localities
11. 11
Hacking
at the
ECSC
day 1, 17:00 - 17:30, track#1
‘unsecured’
Wi-Fi
Using ML to
detect
complex
threats
day 1, 11:30 - 12:15, track#1
RESISTO
masterclass
for critical
infra
day 2, 11:00 - 13:30, Praga
Threat
Map
Orange
Fab for
startups
Who is
Hiring?
Orange stand
12. Threat Map
Real time threat analytics
from data gathered from
Orange Business Internet
Security Agents deployed
across Romania
https://bis-threatmap.orange.ro
13. Are you vulnerable?
Find out if your website is vulnerable to
cyber threats by using Threat Map’s
advanced security scanning engines:
Web Security Scanner
CMS Specific Scanner (for Drupal,
Joomla, WordPress)
APT Watering Hole Malware
Detection Engine
RO Hacked Database
Detailed Reports on found vulnerabilities,
malware and remediation techniques
https://bis-threatmap.orange.ro
14. Scan Results
100 Websites
We gathered info from
the non-intrusive
scanning of 100 of the
most visited Romanian
websites.
Previously Hacked:
One of the 100 websites we
scanned was reported as
previously hacked by
rohacked.ro database
289
Low Vulnerabilities
34
Critical / High Vulnerabilities
Found server-side, across the websites
we scanned such as CVE-2012-2376
80
Medium Vulnerabilities
21. RESISTO MasterClassday 1, 11:00 – 13:30, Praga room
Horizon 2020
Project Large Enterprises
C.I. Operators
Universities
Research &
Technology
Organizations
Consortium of 19
partners
Holistic Approach to Situation
Awareness
Innovative Risk & Resilience &
Improvement Process Mng
Decision Support System
Protection against cyber-
physical threats
Modeled on state-of-the art
technologies (Machine Learning,
IoT, Block chain, Airborne Threat
Detection, Holistic A-V analytics)
The RESISTO project has received funding from
the European Union’s Horizon 2020 Research
and Innovation Programme under Grant
Agreement No786409.
RESIlience enhancement and risk control
platform for communication infraSTructure
Operators
http://www.resistoproject.eu/
22. An insightful presentation on using Machine Learning, Log
Analysis and Correlation to complement our ‘traditional’
security technologies in order to detect and mitigate
complex threats
today, 11:30 – 12:15, track #1
23. Business Internet Security
Report H1-2018
threats, trends
by type, industry vertical
ORO managed security service
H1 of 2018, national level
IoT impact
key takeaways
what’s coming next
24. 24
We are here to fuel
your business innovation.
Thank you.
Hinweis der Redaktion
The conference focus is to connect & inspire. To create a highly interconnected community that supports the individual members driven by the passion of IT security and ensures the research development success in Europe.
DefCamp built in time a global community, welcoming people from every culture who seek a deeper understanding of the information security mysteries and who seek other people with similar skillset.
+ 5050
From one year to another we see exponential growth in our data traffic. For example, at European level it is expected to account for 80% of traffic by 2021. At Orange Romania only, video streaming share in total traffic grew by 14 percentage points in less than 3 years. This behavior will be prevalent not only on the move, but at home as well.
In the years to come, the traffic will continue to rely on a strong, heavily densified 4G network.
Traffic
3,84 milioane de clienţi 4G, +34% Q3 2018 vs Q3 2017.
80% consum de date mobile Q3 2018 vs Q3 2017.
Acoperire 95.9% din populaţia ţării la final de septembrie 2018
În luna septembrie, reţeaua Orange a fost reconfirmată drept cea mai bună reţea de voce şi date din România conform studiului comparativ realizat la nivel naţional în perioada iunie-iulie 2018, de către Systemics PAB. Totodată, Orange a primit recunoașterea de „Cea mai rapidă reţea mobilă din România” prin rezultatele Speedtest by Ookla, ca urmare a testelor realizate chiar de către utilizatorii de reţele mobile din România.
While 5G is the future, 4G is now the strong backbone in a world that gets increasingly connected. Ericsson Mobility report – traffic will increase 9 times by 2022. By 2025, a third of this increased traffic will be over 5G.
In our network, demand for traffic is skyrocketing – in just 3 years it has grown 10 times, which shows, on one hand, the growing usage of devices per user and the data hungry content that is accessed.
In 2018 we see the same trend - with traffic almost doubling YoY
Moreover, thanks to a network upgrade back in March, Romanian customers can reach speeds up to 500MBps in 161 cities over the 4G+ network. (end of Q3 2018)
Folosind noua modulație pentru tehnologia 4G+, crește eficiența celulei și vom putea deservi mai multe dispozitive compatibile. Studiile arată o creștere a capacității celulei cu ~30-40%.
În condițiile în care numărul de utilizatori 4G crește spectaculos de la an la an, la fel ca și traficul de date mobile, este clar de ce este necesară o astfel de evoluție.
Ca sa facem un zoom in pe ce vedem noi in retea, va putem da ex unui site unde, pe parcursulul anului 2017, traficul s-a dublat. Aceasta crestere de trafic se reflecta si la nivelul retelei.
Ne dorim să aducem reţeaua mai aproape de oameni. De aceea vom continua să investim prioritar în extinderea rețelei pentru a facilita accesul cât mai multor clienți la beneficiile tehnologiei 4G.
We notice here the 4G users evolution since 2016. It grows by more than a million yearly. These increases have been supported by the increased availability of compatible devices and by the expansion and densification of our network.
In 2010, 75% of time spent using smartphones involved using voice call and SMS features. Today, 75% of time spent using smartphones involves apps. (Orange Group data)
According to Orange Romania studies:
7 out of 10 ORO smartphone users look for music video and funny clips. These are the most watched video content types.
9 out of 10 ORO smartphone users use Facebook and 7 out of 10 use Instagram.
ORO smartphone users spend on average 166 minutes on Facebook and 103 on YouTube, daily Strategic steering of innovation internal Orange (03. Mastering digital life)
Pictures, video and audio files are the most shared materials. Orange smartphone users usually search information about the weather, products and services, discounts and promotions. (Orange Ro data, according to study on customer base)
IoT must be inclusive, smart and trusted.
- It offers new opportunities to make progress
- An inclusive, smart and trusted technology
ORO is building an open ecosystem for the IoT
- Partnerships
- Starting the conversation
Ecosystem’s stakeholders:
- device manufacturers
- service providers
- Integrators
- industrial corporates
- standards organizations
We bring together the necessary expertise to support you in each step of your data journey.
Threatmap is a platform that offers real-time attack information, statistics and insights on latest threats. We anonimize and publicize data we gather from our sensors in our Business Internet Security MSSP. This data stems from the datasets we feed our ML machines with.
Threatmap has one particular feature both users and us find very appealing: it uses 4 scanning engines to evaluate the security of yours (or any) websites out there. Most users will use this feature to check their own websites or the websites they usually visit. We’re constantly monitoring websites flagged as suspicious for APT delivery, watering hole attacks, phishing schemes etc.
Threatmap uses 4 advanced scanning engines:
-a OWASP –Top 10 web vulnerability scanner that will audit the webserver and services used to host the scanned websites;
-a CMS-specific vulnerability scanner that searches for weaknesses found in platforms like Wordpress, Joomla etc.;
-a APT-Watering Hole Malware scanner called Dekeneas that uses advanced Machine Learning to evaluate scripts running on target websites and runs them in fast spin-up sandboxes and evaluates their output;
-a database of previously reported hacks.
CVE-2012-2376
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.
The first edition of this report highlights the threats, trends and the key takeaways collected at statistical level from our managed security service "Business Internet Security (BIS)", in the first half of 2018, on a national level. It also provides context on the evolving nature of cyber security, offering valuable insights on what’s coming next.
The first edition of this report highlights the threats, trends and the key takeaways collected at statistical level from our managed security service "Business Internet Security (BIS)", in the first half of 2018, on a national level. It also provides context on the evolving nature of cyber security, offering valuable insights on what’s coming next.
The first edition of this report highlights the threats, trends and the key takeaways collected at statistical level from our managed security service "Business Internet Security (BIS)", in the first half of 2018, on a national level. It also provides context on the evolving nature of cyber security, offering valuable insights on what’s coming next.
The first edition of this report highlights the threats, trends and the key takeaways collected at statistical level from our managed security service "Business Internet Security (BIS)", in the first half of 2018, on a national level. It also provides context on the evolving nature of cyber security, offering valuable insights on what’s coming next.
The first edition of this report highlights the threats, trends and the key takeaways collected at statistical level from our managed security service "Business Internet Security (BIS)", in the first half of 2018, on a national level. It also provides context on the evolving nature of cyber security, offering valuable insights on what’s coming next.
The first edition of this report highlights the threats, trends and the key takeaways collected at statistical level from our managed security service "Business Internet Security (BIS)", in the first half of 2018, on a national level. It also provides context on the evolving nature of cyber security, offering valuable insights on what’s coming next.
The first edition of this report highlights the threats, trends and the key takeaways collected at statistical level from our managed security service "Business Internet Security (BIS)", in the first half of 2018, on a national level. It also provides context on the evolving nature of cyber security, offering valuable insights on what’s coming next.