Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Information Security Awareness
1. Peran Keamanan Informasi
di Tengah Pesatnya
Perkembangan ICT
Universitas Al Azhar Indonesia
Jakarta – 10 Juni 2014
Digit Oktavianto
http://digitoktavianto.web.id
digit dot oktavianto at gmail dot com
2. IT Security Enthusiast (Opreker)
Member of Indonesian Honeynet Chapter
Member OWASP Indonesian Chapter
Linux Activist (KPLI Jakarta)
IT Security Consultant
5. “After compiling the list of fastest growing industries,
there were some apparent trends. Each industry on
the list experienced growth as a result of one or more
of four drivers: Internet growth, environmental
issues, cost cutting and evolving technology.”
Source : IBISWorld (global business intelligence leader specializing in
Industry Market Research)
17. Purposes?
Business competition
Campaign
For Fun (and Profit?)
Ruin your life? (e.g. revenge?)
Spying (Government, Agencies, Corporate)
18.
19.
20.
21.
22.
23. Why?
6 Billion Mobile Subscribers on the Planet (end of
2012)
Little to no patch management for mobile & Poor QA
in the AppStore
Few anti-virus / anti-malware solutions
Increasing malicious mobile applications and mobile
exploitation
28. What is APT?
World next publicly available comprehensive report
on Advanced Persistent Threat
Provided by Mandiant (www.mandiant.com)
It’s a nickname for a group that being government
sponsored for doing specific attack and specific
purpose
China is the suspected government that sponsored the
group
29. Advanced means the adversary can operate in the full spectrum of computer intrusion.
They can use the most pedestrian publicly available exploit against a well-known
vulnerability, or they can elevate their game to research new vulnerabilities and develop
custom exploits, depending on the target's posture.
Persistent means the adversary is formally tasked to accomplish a mission. They are not
opportunistic intruders. Like an intelligence unit they receive directives and work to satisfy
their masters. Persistent does not necessarily mean they need to constantly execute
malicious code on victim computers. Rather, they maintain the level of interaction needed
to execute their objectives.
Threat means the adversary is not a piece of mindless code. Some people throw around the
term "threat" with reference to malware. If malware had no human attached to it (someone
to control the victim, read the stolen data, etc.), then most malware would be of little worry
(as long as it didn't degrade or deny data). Rather, the adversary here is a threat because it is
organized and funded and motivated. Some people speak of multiple "groups" consisting of
dedicated "crews" with various missions.
(Taken from http://taosecurity.blogspot.com/2010/01/what-is-apt-and-what-does-it-
want.html)
30. Political objectives that include continuing to suppress its own population in the
name of "stability."
Economic objectives that rely on stealing intellectual property from victims.
Such IP can be cloned and sold, studied and underbid in competitive dealings, or
fused with local research to produce new products and services more cheaply than
the victims.
Technical objectives that further their ability to accomplish their mission. These
include gaining access to source code for further exploit development, or learning
how defenses work in order to better evade or disrupt them.
Military objectives that include identifying weaknesses that allow inferior
military forces to defeat superior military forces. The Report on Chinese
Government Sponsored Cyber Activities addresses issues like these.
38. Social Engineering simply means manipulating or
tricking people to gain their trust in order to give up
confidential information without them knowing it.
This leads in gathering confidential information,
computer system access or fraud.
40. 1. A process to take the message to the user community to
reinforce the concept that information security is an
important part of the business process
2. Identification of the individuals who are responsible for
the implementation of the security program
3. The ability to determine the sensitivity of information
and the criticality of applications, systems and business
processes
4. The business reasons why basic security concepts such
as separation of duties, need-to-know, and least
privilege must be implemented
5. That senior management supports the goals and
objectives of the information security program