SlideShare ist ein Scribd-Unternehmen logo

Cybersecurity during real WAR [English version]

Vladyslav Radetsky
Vladyslav Radetsky

Slides&video on my blog https://radetskiy.wordpress.com/2022/03/19/security_in_warzone/ Threat model for business in WAR zone, OpSec, main cyber threats and necessary protection measurements. Video [EN]: https://youtu.be/nnMK-lMdwHI If you like it - please, share and subscribe to our YouTube. Join to Ukraine International Legion https://fightforua.org// - - - - - - - - - - - - - - - - - - - - - - - - - - - Useful free security tools: - - - - - - - - - - - - - - - - - - - - - - - - - - - https://signal.org/install https://protonvpn.com/ https://protonmail.com/ https://www.virustotal.com/gui/home/upload https://analyze.intezer.com/ https://urlscan.io/ https://haveibeenpwned.com/ https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2 https://apps.apple.com/us/app/google-authenticator/id388497605 - - - - - - - - - - - - - - - - - - - - - - - - - - - My writeups about protection enforcement: https://radetskiy.wordpress.com/2022/03/02/messenger_wars/ https://www.youtube.com/watch?v=NspCtpbLkQY https://radetskiy.wordpress.com/2022/02/21/ens_vs_remote/

Technologie
1 von 29
Downloaden Sie, um offline zu lesen
Cybersecurity during real WAR 17 / 03 / 22 Vlad Radetskiy vr@optidata.com.ua
#whoami My name is Vlad. From 2016 I am Technical Lead of OptiData team. Implementation and support of Trellix (McAfee) solutions. I like to do dynamic malware analysis. Also I make education courses for our customers. vr@optidata.com.ua radetskiy.wordpress.com pastebin.com/u/VRad slideshare.net/Glok17 VR
Attention!
Attention! Donetsk Regional Drama Theatre
I not ask you to came in Ukraine to fight our enemies I not ask you for help. We appreciate your support I ask you about one simple favor. Not for me. In the name of all civilians who died in this brutal war Attention!
Please, do not make any business with people from Russia and Belarus. Attention!
Russians & Belarusians didn’t care about casualties. They cry only for closed IKEA, KFC, McDonalds etc. Each of them share responsibility for this WAR. Some of them just stay and watch, others – kills us. Attention!
Russian bomb was dropped on theatre not by Putin, no. Bomb was dropped by Russian pilot. He saw “children”. He could abort mission, reject order or just miss target. Russians and Byelorussians kill innocent women an children consciously Attention!
Attention! Donetsk Regional Drama Theatre
Avoid any business with people from Russia and Belarus Do not use / buy their products Do not trust them If you can`t avoid them, i.e. if they need your services/products – at least make double price for them Attention!
1. How WAR change aspects of cybersecurity? 2. Threat model for business during WAR 3. OpSec for each employee 4. Main cyber threats for business in War zone 5. Protection measurements (cybersec. solutions) 6. Conclusions Agenda:
How WAR change aspects of cybersecurity? 1. Physical threats to employees and their families (captivity, bombing) 2. Physical threats to factories or real estate (demolition) 3. Switching to remote work for 99% staff (like during COVID-19) 4. Disruption of logistics, finance operations and Internet access 5. Involving your staff in to homeland defense (military service) 6. Increase level of target and chaotic cyber attacks by enemy
How WAR change aspects of cybersecurity? 1. Physical threats to employees and their families (captivity, bombing) 2. Physical threats to factories or real estate (demolition) 3. Switching to remote work for 99% staff (like during COVID-19) 4. Disruption of logistics, finance operations and Internet access 5. Involving your staff in to homeland defense (military service) 6. Increase level of target and chaotic cyber attacks by enemy
Factory / Office Threat model for business during WAR
Бізнес / установа Threat model for business during WAR
Threat model for business during WAR Factory / Office
Threat model for business during WAR Factory / Office
✓ GSM and SMS are nonencrypted. Conversation by cell phone are “open” ✓ Mandatory MFA, but not SMS! – application or token ✓ Signal, Threema, WhatsApp, Facebook Messenger – clean history ✓ Do not use rogue Wi-Fi and / or USB / charger ✓ When possible – use mobile access point + VPN – ProtonVPN ✓ Do not send docs in plain text – Trellix FRP or at least 7z + passwd OpSec for each employee #1
protonmail.com protonvpn.com signal.org/install OpSec for each employee #2
• VirusTotal – file (docs) reputation check. 50/50, better than nothing • Intezer Analyse – static & dynamic PE analysis (very good) • urlscan – URL reputation and web content check • Haveibeenpwned (Troy Hunt) – compromised account check • Google Authenticator – establish MFA for Android & iOS OpSec for each employee #3
1. Malware delivery by fake emails (spear phishing) 2. Malware delivery by IM or/and by social networks (mostly by URL) 3. Software & Hardware vulnerabilities, esp. published to Internet 4. Intrusion by compromised contractor or service provider / supply chain 5. DDoS or/and deface of webpages Main cyber threats for business in War zone:
https://cert.gov.ua/article/37788 50 shades of spear phishing Fake emails (spear phishing)
https://cert.gov.ua/article/37704 50 shades of spear phishing Fake emails (spear phishing)
Fake emails (spear phishing) https://cert.gov.ua/article/37688 50 shades of spear phishing
1. Locked boot device priority, BIOS passwd, Drive Encryption (Trellix) 2. Block anomaly behavior on endpoints and servers (Trellix) 3. Legit (licensed) software with regular updates 4. Strict filters for Web content (reputation + category) (Trellix) 5. Strict filters for Email (AntiSPAM + by file type) (Trellix) Protection measurements #1
6. Mandatory MFA (GA/Token) for each corporate & personal accounts 7. None “naked” RDP or other internal services without VPN & PAM 8. Vulnerability scanner + Patch Management solution 9. EDR, SIEM, Sandbox, SOAR – OK, but 1st you need PAM solution 10. Continuous online education about actual cyber threats (examples) 11. Shutdown, cut all non mission critical Protection measurements #2
1. Main parts of cybersecurity are not changed 2. War just disrupt logistics, communication and force you to adopt 3. You must adopt not only cybersec but all business processes 4. Your technical stuff needs to be exchangeable (people & knowledge) 5. Spear phishing, critical vulnerabilities, DDoS, Deface, remote workers PS + Data Backups in cloud + Backup communication channels Conclusions:
• My thoughts about Viber & Telegram + Smartphone Security • 50 shades of spear phishing • The art of protection (case about compromised contractor) • why I use and implement McAfee ? (ENS how to) • McAfee ENS10.6 vs IE exploit • How to block scripts an other harmful files from archives • McAfee ENS 10.7 – enforced malware protection • How to test all parts of McAfee ENS My publications about security
Thank you for your time! Glory to Ukraine!

Empfohlen

"Cryptography, Data Protection, and Security For Start-Ups In The Post Snowde...
"Cryptography, Data Protection, and Security For Start-Ups In The Post Snowde..."Cryptography, Data Protection, and Security For Start-Ups In The Post Snowde...
"Cryptography, Data Protection, and Security For Start-Ups In The Post Snowde...HackIT Ukraine
 
Windows Local Hacking Stmik Amikbandung 7 Maret 2009
Windows Local Hacking Stmik Amikbandung 7 Maret 2009Windows Local Hacking Stmik Amikbandung 7 Maret 2009
Windows Local Hacking Stmik Amikbandung 7 Maret 2009adinugroho
 
"Using cryptolockers as a cyber weapon", Alexander Adamov
"Using cryptolockers as a cyber weapon", Alexander Adamov"Using cryptolockers as a cyber weapon", Alexander Adamov
"Using cryptolockers as a cyber weapon", Alexander AdamovHackIT Ukraine
 
ShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackVladyslav Radetsky
 
Alice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the netAlice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the netChris Hammond-Thrasher
 
Palestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry morePalestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry moreBHack Conference
 
"Preventing Loss of Personal Data on a Mobile Network", Oleksii Lukin
"Preventing Loss of Personal Data on a Mobile Network", Oleksii Lukin"Preventing Loss of Personal Data on a Mobile Network", Oleksii Lukin
"Preventing Loss of Personal Data on a Mobile Network", Oleksii LukinHackIT Ukraine
 
Palestra Filipi Pires - Ransomware – Existe proteção para isso?
Palestra Filipi Pires - Ransomware – Existe proteção para isso?Palestra Filipi Pires - Ransomware – Existe proteção para isso?
Palestra Filipi Pires - Ransomware – Existe proteção para isso?BHack Conference
 

Empfohlen

"Cryptography, Data Protection, and Security For Start-Ups In The Post Snowde...
"Cryptography, Data Protection, and Security For Start-Ups In The Post Snowde..."Cryptography, Data Protection, and Security For Start-Ups In The Post Snowde...
"Cryptography, Data Protection, and Security For Start-Ups In The Post Snowde...HackIT Ukraine
 
Windows Local Hacking Stmik Amikbandung 7 Maret 2009
Windows Local Hacking Stmik Amikbandung 7 Maret 2009Windows Local Hacking Stmik Amikbandung 7 Maret 2009
Windows Local Hacking Stmik Amikbandung 7 Maret 2009adinugroho
 
"Using cryptolockers as a cyber weapon", Alexander Adamov
"Using cryptolockers as a cyber weapon", Alexander Adamov"Using cryptolockers as a cyber weapon", Alexander Adamov
"Using cryptolockers as a cyber weapon", Alexander AdamovHackIT Ukraine
 
ShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attackVladyslav Radetsky
 
Alice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the netAlice and bob: Love & the most important crypto on the net
Alice and bob: Love & the most important crypto on the netChris Hammond-Thrasher
 
Palestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry morePalestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry moreBHack Conference
 
"Preventing Loss of Personal Data on a Mobile Network", Oleksii Lukin
"Preventing Loss of Personal Data on a Mobile Network", Oleksii Lukin"Preventing Loss of Personal Data on a Mobile Network", Oleksii Lukin
"Preventing Loss of Personal Data on a Mobile Network", Oleksii LukinHackIT Ukraine
 
Palestra Filipi Pires - Ransomware – Existe proteção para isso?
Palestra Filipi Pires - Ransomware – Existe proteção para isso?Palestra Filipi Pires - Ransomware – Existe proteção para isso?
Palestra Filipi Pires - Ransomware – Existe proteção para isso?BHack Conference
 
Work from home under the lockdown
Work from home under the lockdownWork from home under the lockdown
Work from home under the lockdownNaseem Khoodoruth
 
Petya Outbreak
Petya OutbreakPetya Outbreak
Petya OutbreakSophos Benelux
 
Low Cost Tools for Security Challenges - Timothy De Block
Low Cost Tools for Security Challenges - Timothy De BlockLow Cost Tools for Security Challenges - Timothy De Block
Low Cost Tools for Security Challenges - Timothy De BlockIT-oLogy
 
stackconf 2020 | Visualize Your Threats by David Pilato
stackconf 2020 | Visualize Your Threats by David Pilatostackconf 2020 | Visualize Your Threats by David Pilato
stackconf 2020 | Visualize Your Threats by David PilatoNETWAYS
 
The what and how's of cybersecurity
The what and how's of cybersecurityThe what and how's of cybersecurity
The what and how's of cybersecurityGDSCBVCOENM
 
TRAPMINE Next-Generation Endpoint Security
TRAPMINE Next-Generation Endpoint SecurityTRAPMINE Next-Generation Endpoint Security
TRAPMINE Next-Generation Endpoint SecurityTRAPMINE
 
10 Essential Digital Security Processes
10 Essential Digital Security Processes10 Essential Digital Security Processes
10 Essential Digital Security ProcessesWiley
 
Advanced exploit development
Advanced exploit developmentAdvanced exploit development
Advanced exploit developmentDan H
 
Beyond Security Theater
Beyond Security TheaterBeyond Security Theater
Beyond Security TheaterSam Bowne
 
[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hackingubew4tg34
 
Security hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersSecurity hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersJiri Danihelka
 
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложениеJS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложениеJSFestUA
 
Beyond Security Theater -- With a CTF
Beyond Security Theater -- With a CTFBeyond Security Theater -- With a CTF
Beyond Security Theater -- With a CTFSam Bowne
 
Security awareness for information security team
Security awareness for information security teamSecurity awareness for information security team
Security awareness for information security teamKirill Ermakov
 
User Credentials and the New Rules
User Credentials and the New RulesUser Credentials and the New Rules
User Credentials and the New RulesJeffrey R Williams
 
2014
2014 2014
2014 Ferdinand_u
 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to InfrastructureJorge Orchilles
 
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Kyle Lai
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04Kyle Lai
 
Esteban Próspero
Esteban PrósperoEsteban Próspero
Esteban PrósperoClusterCba
 
Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
The importance of Cybersecurity
The importance of CybersecurityThe importance of Cybersecurity
The importance of CybersecurityBenoit Callebaut
 

Weitere ähnliche Inhalte

Was ist angesagt?

Work from home under the lockdown
Work from home under the lockdownWork from home under the lockdown
Work from home under the lockdownNaseem Khoodoruth
 
Low Cost Tools for Security Challenges - Timothy De Block
Low Cost Tools for Security Challenges - Timothy De BlockLow Cost Tools for Security Challenges - Timothy De Block
Low Cost Tools for Security Challenges - Timothy De BlockIT-oLogy
 
stackconf 2020 | Visualize Your Threats by David Pilato
stackconf 2020 | Visualize Your Threats by David Pilatostackconf 2020 | Visualize Your Threats by David Pilato
stackconf 2020 | Visualize Your Threats by David PilatoNETWAYS
 
The what and how's of cybersecurity
The what and how's of cybersecurityThe what and how's of cybersecurity
The what and how's of cybersecurityGDSCBVCOENM
 
TRAPMINE Next-Generation Endpoint Security
TRAPMINE Next-Generation Endpoint SecurityTRAPMINE Next-Generation Endpoint Security
TRAPMINE Next-Generation Endpoint SecurityTRAPMINE
 
10 Essential Digital Security Processes
10 Essential Digital Security Processes10 Essential Digital Security Processes
10 Essential Digital Security ProcessesWiley
 
Advanced exploit development
Advanced exploit developmentAdvanced exploit development
Advanced exploit developmentDan H
 
Beyond Security Theater
Beyond Security TheaterBeyond Security Theater
Beyond Security TheaterSam Bowne
 
[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hackingubew4tg34
 
Security hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersSecurity hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersJiri Danihelka
 
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложениеJS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложениеJSFestUA
 
Beyond Security Theater -- With a CTF
Beyond Security Theater -- With a CTFBeyond Security Theater -- With a CTF
Beyond Security Theater -- With a CTFSam Bowne
 
Security awareness for information security team
Security awareness for information security teamSecurity awareness for information security team
Security awareness for information security teamKirill Ermakov
 
User Credentials and the New Rules
User Credentials and the New RulesUser Credentials and the New Rules
User Credentials and the New RulesJeffrey R Williams
 

Was ist angesagt? (16)

Work from home under the lockdown
Work from home under the lockdownWork from home under the lockdown
Work from home under the lockdown
 
Petya Outbreak
Petya OutbreakPetya Outbreak
Petya Outbreak
 
Low Cost Tools for Security Challenges - Timothy De Block
Low Cost Tools for Security Challenges - Timothy De BlockLow Cost Tools for Security Challenges - Timothy De Block
Low Cost Tools for Security Challenges - Timothy De Block
 
stackconf 2020 | Visualize Your Threats by David Pilato
stackconf 2020 | Visualize Your Threats by David Pilatostackconf 2020 | Visualize Your Threats by David Pilato
stackconf 2020 | Visualize Your Threats by David Pilato
 
The what and how's of cybersecurity
The what and how's of cybersecurityThe what and how's of cybersecurity
The what and how's of cybersecurity
 
TRAPMINE Next-Generation Endpoint Security
TRAPMINE Next-Generation Endpoint SecurityTRAPMINE Next-Generation Endpoint Security
TRAPMINE Next-Generation Endpoint Security
 
10 Essential Digital Security Processes
10 Essential Digital Security Processes10 Essential Digital Security Processes
10 Essential Digital Security Processes
 
Advanced exploit development
Advanced exploit developmentAdvanced exploit development
Advanced exploit development
 
Beyond Security Theater
Beyond Security TheaterBeyond Security Theater
Beyond Security Theater
 
[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking
 
Security hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developersSecurity hardening and drown attack prevention for mobile backend developers
Security hardening and drown attack prevention for mobile backend developers
 
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложениеJS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
 
Beyond Security Theater -- With a CTF
Beyond Security Theater -- With a CTFBeyond Security Theater -- With a CTF
Beyond Security Theater -- With a CTF
 
Security awareness for information security team
Security awareness for information security teamSecurity awareness for information security team
Security awareness for information security team
 
User Credentials and the New Rules
User Credentials and the New RulesUser Credentials and the New Rules
User Credentials and the New Rules
 
2014
2014 2014
2014
 

Ähnlich wie Cybersecurity during real WAR [English version]

Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to InfrastructureJorge Orchilles
 
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Kyle Lai
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04Kyle Lai
 
Esteban Próspero
Esteban PrósperoEsteban Próspero
Esteban PrósperoClusterCba
 
Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
The importance of Cybersecurity
The importance of CybersecurityThe importance of Cybersecurity
The importance of CybersecurityBenoit Callebaut
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII studentsAkiumi Hasegawa
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managmentDean Iacovelli
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hackingsatish kumar
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationTom Eston
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Codemotion
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
 
amrapali builders @@hacking printers.pdf
amrapali builders @@hacking printers.pdfamrapali builders @@hacking printers.pdf
amrapali builders @@hacking printers.pdfamrapalibuildersreviews
 
Detection of webshells in compromised perimeter assets using ML algorithms
Detection of webshells in compromised perimeter assets using ML algorithms Detection of webshells in compromised perimeter assets using ML algorithms
Detection of webshells in compromised perimeter assets using ML algorithms Rod Soto
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
DMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal TricksDMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal TricksCiNPA Security SIG
 
Philippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsPhilippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsAPNIC
 

Ähnlich wie Cybersecurity during real WAR [English version] (20)

Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to Infrastructure
 
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
Cyber Hacking & Security - IEEE - Univ of Houston 2015-04
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04
 
Esteban Próspero
Esteban PrósperoEsteban Próspero
Esteban Próspero
 
Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA Compliance
 
The importance of Cybersecurity
The importance of CybersecurityThe importance of Cybersecurity
The importance of Cybersecurity
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
 
Defining Cyber Crime
Defining Cyber CrimeDefining Cyber Crime
Defining Cyber Crime
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hacking
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and Exploitation
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for Activists
 
Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
 
amrapali builders @@hacking printers.pdf
amrapali builders @@hacking printers.pdfamrapali builders @@hacking printers.pdf
amrapali builders @@hacking printers.pdf
 
Detection of webshells in compromised perimeter assets using ML algorithms
Detection of webshells in compromised perimeter assets using ML algorithms Detection of webshells in compromised perimeter assets using ML algorithms
Detection of webshells in compromised perimeter assets using ML algorithms
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
DMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal TricksDMA - Stupid Cyber Criminal Tricks
DMA - Stupid Cyber Criminal Tricks
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
 
Philippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsPhilippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTs
 

Mehr von Vladyslav Radetsky

Сам собі sandbox або як перевіряти файли
Сам собі sandbox або як перевіряти файлиСам собі sandbox або як перевіряти файли
Сам собі sandbox або як перевіряти файлиVladyslav Radetsky
 
2й фактор для телефону
2й фактор для телефону2й фактор для телефону
2й фактор для телефонуVladyslav Radetsky
 
Безпека телефонів для ЗСУ, ТРО та волонтерів
Безпека телефонів для ЗСУ, ТРО та волонтерівБезпека телефонів для ЗСУ, ТРО та волонтерів
Безпека телефонів для ЗСУ, ТРО та волонтерівVladyslav Radetsky
 
Кіберзахист в умовах війни
Кіберзахист в умовах війниКіберзахист в умовах війни
Кіберзахист в умовах війниVladyslav Radetsky
 
"Мистецтво захисту бар'єрів"
"Мистецтво захисту бар'єрів""Мистецтво захисту бар'єрів"
"Мистецтво захисту бар'єрів"Vladyslav Radetsky
 
Практичні рецепти захисту
Практичні рецепти захистуПрактичні рецепти захисту
Практичні рецепти захистуVladyslav Radetsky
 
McAfee – конструктор Lego для ІБ
McAfee – конструктор Lego для ІБMcAfee – конструктор Lego для ІБ
McAfee – конструктор Lego для ІБVladyslav Radetsky
 
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threatBasic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threatVladyslav Radetsky
 
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.Vladyslav Radetsky
 
Як не стати жертвою ?
Як не стати жертвою ?Як не стати жертвою ?
Як не стати жертвою ?Vladyslav Radetsky
 
Логи (анти)вірусних війн 2019-2020
Логи (анти)вірусних війн 2019-2020Логи (анти)вірусних війн 2019-2020
Логи (анти)вірусних війн 2019-2020Vladyslav Radetsky
 
McAfee ENS 10.7 - що нового ?
McAfee ENS 10.7 - що нового ?McAfee ENS 10.7 - що нового ?
McAfee ENS 10.7 - що нового ?Vladyslav Radetsky
 
Типові помилки при впровадженні DLP #2
Типові помилки при впровадженні DLP #2Типові помилки при впровадженні DLP #2
Типові помилки при впровадженні DLP #2Vladyslav Radetsky
 
Типові помилки при впровадженні DLP
Типові помилки при впровадженні DLPТипові помилки при впровадженні DLP
Типові помилки при впровадженні DLPVladyslav Radetsky
 
Невивчені уроки або логи антивірусних війн
Невивчені уроки або логи антивірусних війнНевивчені уроки або логи антивірусних війн
Невивчені уроки або логи антивірусних війнVladyslav Radetsky
 
NSP та MWG - захист мережевого трафіку
NSP та MWG - захист мережевого трафікуNSP та MWG - захист мережевого трафіку
NSP та MWG - захист мережевого трафікуVladyslav Radetsky
 
Робота із malware. McAfee ATD+TIE+DXL/OpenDXL
Робота із malware. McAfee ATD+TIE+DXL/OpenDXLРобота із malware. McAfee ATD+TIE+DXL/OpenDXL
Робота із malware. McAfee ATD+TIE+DXL/OpenDXLVladyslav Radetsky
 
Історії з практики. Боротьба із malware.
Історії з практики. Боротьба із malware. Історії з практики. Боротьба із malware.
Історії з практики. Боротьба із malware. Vladyslav Radetsky
 
Практики застосування рішень McAfee. Історії успіху.
Практики застосування рішень McAfee. Історії успіху.Практики застосування рішень McAfee. Історії успіху.
Практики застосування рішень McAfee. Історії успіху.Vladyslav Radetsky
 
Правила поведінки при роботі з ІТ 2017
Правила поведінки при роботі з ІТ 2017Правила поведінки при роботі з ІТ 2017
Правила поведінки при роботі з ІТ 2017Vladyslav Radetsky
 

Mehr von Vladyslav Radetsky (20)

Сам собі sandbox або як перевіряти файли
Сам собі sandbox або як перевіряти файлиСам собі sandbox або як перевіряти файли
Сам собі sandbox або як перевіряти файли
 
2й фактор для телефону
2й фактор для телефону2й фактор для телефону
2й фактор для телефону
 
Безпека телефонів для ЗСУ, ТРО та волонтерів
Безпека телефонів для ЗСУ, ТРО та волонтерівБезпека телефонів для ЗСУ, ТРО та волонтерів
Безпека телефонів для ЗСУ, ТРО та волонтерів
 
Кіберзахист в умовах війни
Кіберзахист в умовах війниКіберзахист в умовах війни
Кіберзахист в умовах війни
 
"Мистецтво захисту бар'єрів"
"Мистецтво захисту бар'єрів""Мистецтво захисту бар'єрів"
"Мистецтво захисту бар'єрів"
 
Практичні рецепти захисту
Практичні рецепти захистуПрактичні рецепти захисту
Практичні рецепти захисту
 
McAfee – конструктор Lego для ІБ
McAfee – конструктор Lego для ІБMcAfee – конструктор Lego для ІБ
McAfee – конструктор Lego для ІБ
 
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threatBasic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
 
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
 
Як не стати жертвою ?
Як не стати жертвою ?Як не стати жертвою ?
Як не стати жертвою ?
 
Логи (анти)вірусних війн 2019-2020
Логи (анти)вірусних війн 2019-2020Логи (анти)вірусних війн 2019-2020
Логи (анти)вірусних війн 2019-2020
 
McAfee ENS 10.7 - що нового ?
McAfee ENS 10.7 - що нового ?McAfee ENS 10.7 - що нового ?
McAfee ENS 10.7 - що нового ?
 
Типові помилки при впровадженні DLP #2
Типові помилки при впровадженні DLP #2Типові помилки при впровадженні DLP #2
Типові помилки при впровадженні DLP #2
 
Типові помилки при впровадженні DLP
Типові помилки при впровадженні DLPТипові помилки при впровадженні DLP
Типові помилки при впровадженні DLP
 
Невивчені уроки або логи антивірусних війн
Невивчені уроки або логи антивірусних війнНевивчені уроки або логи антивірусних війн
Невивчені уроки або логи антивірусних війн
 
NSP та MWG - захист мережевого трафіку
NSP та MWG - захист мережевого трафікуNSP та MWG - захист мережевого трафіку
NSP та MWG - захист мережевого трафіку
 
Робота із malware. McAfee ATD+TIE+DXL/OpenDXL
Робота із malware. McAfee ATD+TIE+DXL/OpenDXLРобота із malware. McAfee ATD+TIE+DXL/OpenDXL
Робота із malware. McAfee ATD+TIE+DXL/OpenDXL
 
Історії з практики. Боротьба із malware.
Історії з практики. Боротьба із malware. Історії з практики. Боротьба із malware.
Історії з практики. Боротьба із malware.
 
Практики застосування рішень McAfee. Історії успіху.
Практики застосування рішень McAfee. Історії успіху.Практики застосування рішень McAfee. Історії успіху.
Практики застосування рішень McAfee. Історії успіху.
 
Правила поведінки при роботі з ІТ 2017
Правила поведінки при роботі з ІТ 2017Правила поведінки при роботі з ІТ 2017
Правила поведінки при роботі з ІТ 2017
 

Kürzlich hochgeladen

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 

Kürzlich hochgeladen (20)

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 

Cybersecurity during real WAR [English version]

  • 1. Cybersecurity during real WAR 17 / 03 / 22 Vlad Radetskiy vr@optidata.com.ua
  • 2. #whoami My name is Vlad. From 2016 I am Technical Lead of OptiData team. Implementation and support of Trellix (McAfee) solutions. I like to do dynamic malware analysis. Also I make education courses for our customers. vr@optidata.com.ua radetskiy.wordpress.com pastebin.com/u/VRad slideshare.net/Glok17 VR
  • 5. I not ask you to came in Ukraine to fight our enemies I not ask you for help. We appreciate your support I ask you about one simple favor. Not for me. In the name of all civilians who died in this brutal war Attention!
  • 6. Please, do not make any business with people from Russia and Belarus. Attention!
  • 7. Russians & Belarusians didn’t care about casualties. They cry only for closed IKEA, KFC, McDonalds etc. Each of them share responsibility for this WAR. Some of them just stay and watch, others – kills us. Attention!
  • 8. Russian bomb was dropped on theatre not by Putin, no. Bomb was dropped by Russian pilot. He saw “children”. He could abort mission, reject order or just miss target. Russians and Byelorussians kill innocent women an children consciously Attention!
  • 10. Avoid any business with people from Russia and Belarus Do not use / buy their products Do not trust them If you can`t avoid them, i.e. if they need your services/products – at least make double price for them Attention!
  • 11. 1. How WAR change aspects of cybersecurity? 2. Threat model for business during WAR 3. OpSec for each employee 4. Main cyber threats for business in War zone 5. Protection measurements (cybersec. solutions) 6. Conclusions Agenda:
  • 12. How WAR change aspects of cybersecurity? 1. Physical threats to employees and their families (captivity, bombing) 2. Physical threats to factories or real estate (demolition) 3. Switching to remote work for 99% staff (like during COVID-19) 4. Disruption of logistics, finance operations and Internet access 5. Involving your staff in to homeland defense (military service) 6. Increase level of target and chaotic cyber attacks by enemy
  • 13. How WAR change aspects of cybersecurity? 1. Physical threats to employees and their families (captivity, bombing) 2. Physical threats to factories or real estate (demolition) 3. Switching to remote work for 99% staff (like during COVID-19) 4. Disruption of logistics, finance operations and Internet access 5. Involving your staff in to homeland defense (military service) 6. Increase level of target and chaotic cyber attacks by enemy
  • 14. Factory / Office Threat model for business during WAR
  • 15. Бізнес / установа Threat model for business during WAR
  • 16. Threat model for business during WAR Factory / Office
  • 17. Threat model for business during WAR Factory / Office
  • 18. ✓ GSM and SMS are nonencrypted. Conversation by cell phone are “open” ✓ Mandatory MFA, but not SMS! – application or token ✓ Signal, Threema, WhatsApp, Facebook Messenger – clean history ✓ Do not use rogue Wi-Fi and / or USB / charger ✓ When possible – use mobile access point + VPN – ProtonVPN ✓ Do not send docs in plain text – Trellix FRP or at least 7z + passwd OpSec for each employee #1
  • 20. • VirusTotal – file (docs) reputation check. 50/50, better than nothing • Intezer Analyse – static & dynamic PE analysis (very good) • urlscan – URL reputation and web content check • Haveibeenpwned (Troy Hunt) – compromised account check • Google Authenticator – establish MFA for Android & iOS OpSec for each employee #3
  • 21. 1. Malware delivery by fake emails (spear phishing) 2. Malware delivery by IM or/and by social networks (mostly by URL) 3. Software & Hardware vulnerabilities, esp. published to Internet 4. Intrusion by compromised contractor or service provider / supply chain 5. DDoS or/and deface of webpages Main cyber threats for business in War zone:
  • 22. https://cert.gov.ua/article/37788 50 shades of spear phishing Fake emails (spear phishing)
  • 23. https://cert.gov.ua/article/37704 50 shades of spear phishing Fake emails (spear phishing)
  • 24. Fake emails (spear phishing) https://cert.gov.ua/article/37688 50 shades of spear phishing
  • 25. 1. Locked boot device priority, BIOS passwd, Drive Encryption (Trellix) 2. Block anomaly behavior on endpoints and servers (Trellix) 3. Legit (licensed) software with regular updates 4. Strict filters for Web content (reputation + category) (Trellix) 5. Strict filters for Email (AntiSPAM + by file type) (Trellix) Protection measurements #1
  • 26. 6. Mandatory MFA (GA/Token) for each corporate & personal accounts 7. None “naked” RDP or other internal services without VPN & PAM 8. Vulnerability scanner + Patch Management solution 9. EDR, SIEM, Sandbox, SOAR – OK, but 1st you need PAM solution 10. Continuous online education about actual cyber threats (examples) 11. Shutdown, cut all non mission critical Protection measurements #2
  • 27. 1. Main parts of cybersecurity are not changed 2. War just disrupt logistics, communication and force you to adopt 3. You must adopt not only cybersec but all business processes 4. Your technical stuff needs to be exchangeable (people & knowledge) 5. Spear phishing, critical vulnerabilities, DDoS, Deface, remote workers PS + Data Backups in cloud + Backup communication channels Conclusions:
  • 28. • My thoughts about Viber & Telegram + Smartphone Security • 50 shades of spear phishing • The art of protection (case about compromised contractor) • why I use and implement McAfee ? (ENS how to) • McAfee ENS10.6 vs IE exploit • How to block scripts an other harmful files from archives • McAfee ENS 10.7 – enforced malware protection • How to test all parts of McAfee ENS My publications about security
  • 29. Thank you for your time! Glory to Ukraine!