SlideShare ist ein Scribd-Unternehmen logo

Ht seminar uniten-cyber security threat landscape

Haris Tahir
Haris Tahir

Cyber threat landscape materials presented at CSIT’s Knowledge Sharing Series (KSS), Universiti Tenaga Nasional (UNITEN) on 18th October 2016

Internet
1 von 31
Downloaden Sie, um offline zu lesen
CYBERTHREATLANDSCAPE HARIS TAHIR 18 NOVEMBER 2016
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. 21 November 201610:06:06 2 of 39 Introduction Setting the right expectations ONE Top Cyber Threats The current threat landscape TWO Key Trends asia pacific region THREE Mitigation for the better information security FOUR
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. What is Cyber Threat Landscape? Threat Actor Attack Vectors Threat Agents The Cyber Threat Landscape is a list of threats containing information about threat agents and attack vectors affecting the Information Security assurance and/or objective.
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. How many kinds of Threat Landscape? Region Group of assets Sector
5 of 39 21 November 201610:06:07 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. Factors leading to change of threat landscape Risks Assets Attack vectors Vulnerabilities Threats Security control Threat agents use based on to increase thatexploit give rise to leading to may be aware of these impose Wish to abuse and/or damage reduce reevaluate reduced by to wish to minimise Owners
6 of 39 21 November 201610:06:07 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. Risks Assets Attack vectors Vulnerabilities Threats Security control Threat agents use based on to increase thatexploit give rise to leading to may be aware of these wish to minimise impose Wish to abuse and/or damage reduce reevaluate reduced by to capabilities change over time introduction of new people, process and technology Owners Factors leading to change of threat landscape
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. 21 November 201610:06:07 7 of 39 Introduction setting the right expectations ONE Top Cyber Threats the current threat landscape report TWO Key Trends asia pacific region THREE Mitigation for the better information security FOUR
8 of 39 21 November 201610:06:07 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. # cyber threat landscape 2014 and 2015 Overview and comparison of cyber threat landscape Top Threats 2014 Ranking Top Threats 2015 Ranking Ranking Status Malware  Malware   Web-based attacks  Web-based attacks   Web application attacks  Web application attacks   Botnets  Botnets   Denial of service  Denial of service   Spam  Physical damage/theft/loss   Phishing  Insider threat   Exploit kits  Phishing   Data breaches  Spam   Physical damage/theft/loss  Exploits kits   Insider threat  Data breaches   Cyber espionage  Ransomware   Ransomware  Cyber espionage   Legends: Trends: declining, Stable, Increasing Ranking: Going up, Same, Going down
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. 20 years old malware infection (Microsoft Office documents via Visual Basic macros) CONFICKER still in the wild (7 years old works leads to 37% infection) Increasing of malicious URLs compared to malicious email attachment Mobile devices innovation slows down mobile malware Apple store and app stores remain as a main target for “packaging” and spreading of malware 60% 60% 58% 58% 58% Top Countries Infected 50% 12% 8% 5% 3% Top Countries Hosting Malware Top Cyber Threat: malicious software
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Top Cyber Threat: web based attack Social networking and social media became important tactics for infection campaigns 90% of bad URLs are used for spam (change within hours or minutes) Malicious advertising (malvertising) campaigns uses 4000 different name and 500 domains 40% 6% 3% 2% United State Russia Portugal Netherlands Top Countries Hosting Maliciouis URLs
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Top Cyber Threat: web application attack 30-55% web sites are vulnerable to web application attack Lack of transport layer protection, information leakage, XSS, brute force, content sniffing, cross- site request forgery and URL redirection 80% 7% 4% 9% United State Brazil China Others Top Targeted Countries 18% 28% 40% LFI SQLi Shellshock Top Web Attacks
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Top Cyber Threat: Botnets Between 20% and 40% of the DDoS attacks have botnet fingerprint Reached market maturity in the area of cybercrime- as-a-service (CaaS) Average lifetime of a botnet is estimated with 38 days, and average size of a single botnet is 1700 infected servers Botnet operators are in favour of using rogue virtual machines for C2 server infrastructure US, Ukraine, Russia, The Netherlands, Germany, Turkey, France, UK, Vietnam and Romania
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Top Cyber Threat: Insider Threat Reduced care, insufficient training, increased work load, inconvenience of security policies, users do not take security seriously Many companies do not have an insider threat prevention program Increasing of monetization opportunities created by cyber-criminals or cyber- espionage Ineffective security measure for Bring Your Own Device (BYOD) and open Wi-Fi
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. 21 November 201610:06:09 14 of 39 Introduction setting the right expectations ONE Top Cyber Threats the current threat landscape report TWO Key Trends asia pacific region THREE Mitigation for the better information security FOUR
15 of 39 21 November 201610:06:09 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. Key trends: asia pacific region Breaches in APAC never make the news headlines Unprepared to identify and respond to breaches Detection period too long Tools exclusively target organizations within APAC Failed to eradicate
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. APAC Incident responses statistics for 2015 Characteristic Quantity (average) Number of days compromise went undiscovered 520 Number of machines analysed in an organization 21,584 Number of machines compromised by threat actor 78 Number of user accounts compromised by threat actor 10 Number of admin accounts compromised by threat actor 3 Amount of stolen data 3.7GB
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. APAC threat actor main objectives Email 40% Sensitive Docs 20% Personally Identifiable Information (PII) 20% Infrastructure Docs 20%
18 of 39 21 November 201610:06:10 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. • Custom malware • Command and control • Web-based backdoor • Staging servers • Data consolidation • Data theft • Credential theft • Password cracking • “Pass-the-hash” • Local root/admin exploitation • Social engineering • Internet-based attack • Via service provider Case study: how it’s happened? Attack lifecycle model with classic attacker techniques Initial Attack Establish Foothold Internal Recon Escalate Privileges Complete Missions } { • net use commands • smbclient commands • mount commands • reverse shell access • Backdoors • VPN • Sleeper malware • Account abuse • Service provider Lateral movement Maintain Access
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: social engineering Reconnaissance Develop attack vector Distribution medium Remote Access
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: reconnaissance passive recon 4 pdf docs, 66 employee details haveibeenpwned.com: 109 email addresses used in different sites 208 employee details (mostly email) from online contacts database 105 profiles 780 email addresses from an unprotected site Search engines, associated forums, websites, social networks etc. passive recon Assistant manager HR services Assistant Vice President Company secretary Executive secretary Human resources dev & training consultant Legal counsel Project executive Senior HR manager Senior Vice President Vice President Clerk
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: develop attack vector File type Status EXE Quarantined/blocked DLL Quarantined/blocked JavaScript Quarantined/blocked MSI File Quarantined/blocked Double extension Quarantined/blocked CVE-15-1641 doc Quarantined/blocked PowerShell cmd Quarantined/blocked Java code Quarantined/blocked ASP code Quarantined/blocked Docx (encrypted) Quarantined/blocked Docx Quarantined/blocked Phishing link Quarantined/blocked Generic content
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: develop attack vector Non-generic content File type Status EXE Quarantined/blocked DLL Deleted JavaScript Quarantined/blocked MSI File Quarantined/blocked Double extension Deleted CVE-15-1641 doc Delivered PowerShell cmd Delivered Java code Delivered ASP code Deleted Docx (encrypted) Delivered Docx Delivered Phishing link Delivered
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: distribution medium Email Packet injection USB drop 
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: distribution medium
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: remote access
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. 21 November 201610:06:14 26 of 39 Introduction setting the right expectations ONE Top Cyber Threats the current threat landscape report TWO Key Trends asia pacific region THREE Mitigation for the better information security FOUR
27 of 39 21 November 201610:06:14 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. Technology is not enough Listen to the expert Security Technologies, Cryptographer and Author Bruce Schneier “If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology” Chairman and CEO, Google Eric Schmidt “The Internet is the first thing that humanity has build that humanity doesn’t understand, the largest experiment in anarchy that we have ever had”
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. No single unique solution to protect the people People Application Presentation Session Transport Network Data Link Physical Lower Layers Upper Layers Most difficult to secure and the weakest link in the security chain
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Security People ProcessTechnology Continue process not a static state
All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Securing the human it starts with you Metric Long term sustainment Promoting awareness & change Compliance focused Non-existent
“thankyou”“gracias”“terimakasih”“謝謝”“dankie”“jeveremerci”“धन्यवाद” “Спасибо”“takkskalduha”“고맙습니다”“hvalati”“ありがとうございました” HARIS TAHIR 18 NOVEMBER 2016

Empfohlen

2016 Trends in Security
2016 Trends in Security 2016 Trends in Security
2016 Trends in Security
Ioannis Aligizakis, M.Sc.
 
Most dangerous searchterm_us
Most dangerous searchterm_usMost dangerous searchterm_us
Most dangerous searchterm_us
Angeline KH
 
State of Web Application Security by Ponemon Institute
State of Web Application Security by Ponemon InstituteState of Web Application Security by Ponemon Institute
State of Web Application Security by Ponemon Institute
Jeremiah Grossman
 
Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016
Jeremiah Grossman
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers Guide
Jeremiah Grossman
 
Selling Your Organization on Application Security
Selling Your Organization on Application SecuritySelling Your Organization on Application Security
Selling Your Organization on Application Security
Veracode
 
application-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodeapplication-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracode
sciccone
 
The Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t IgnoreThe Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t Ignore
Veracode
 

Empfohlen

2016 Trends in Security
2016 Trends in Security 2016 Trends in Security
2016 Trends in Security
Ioannis Aligizakis, M.Sc.
 
Most dangerous searchterm_us
Most dangerous searchterm_usMost dangerous searchterm_us
Most dangerous searchterm_us
Angeline KH
 
State of Web Application Security by Ponemon Institute
State of Web Application Security by Ponemon InstituteState of Web Application Security by Ponemon Institute
State of Web Application Security by Ponemon Institute
Jeremiah Grossman
 
Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016
Jeremiah Grossman
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers Guide
Jeremiah Grossman
 
Selling Your Organization on Application Security
Selling Your Organization on Application SecuritySelling Your Organization on Application Security
Selling Your Organization on Application Security
Veracode
 
application-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracodeapplication-security-fallacies-and-realities-veracode
application-security-fallacies-and-realities-veracode
sciccone
 
The Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t IgnoreThe Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t Ignore
Veracode
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial Industry
William McBorrough
 
Hacked Revealed: Penetration Profession
Hacked Revealed: Penetration ProfessionHacked Revealed: Penetration Profession
Hacked Revealed: Penetration Profession
Haris Tahir
 
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never SleepCybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
IBM Security
 
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Cristian Driga
 
SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212
Haris Tahir
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
Haris Tahir
 
Whois - Addressing the Asia Pacifc
Whois - Addressing the Asia PacifcWhois - Addressing the Asia Pacifc
Whois - Addressing the Asia Pacifc
APNIC
 
Security Digital Connect
Security Digital ConnectSecurity Digital Connect
Security Digital Connect
Grafic.guru
 
2016 Cybersecurity Predictions for Asia Pacific from Palo Alto Networks VP, C...
2016 Cybersecurity Predictions for Asia Pacific from Palo Alto Networks VP, C...2016 Cybersecurity Predictions for Asia Pacific from Palo Alto Networks VP, C...
2016 Cybersecurity Predictions for Asia Pacific from Palo Alto Networks VP, C...
PaloAltoNetworks
 
Uud amandemen
Uud amandemenUud amandemen
Uud amandemen
Billy Buhaiba
 
Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP
APNIC
 
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Albert Hui
 
Grc t17
Grc t17Grc t17
Grc t17
SelectedPresentations
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016
Kyle Lai
 
Inside Srl - Emilio Luchetta
Inside Srl - Emilio LuchettaInside Srl - Emilio Luchetta
Inside Srl - Emilio Luchetta
bnioceanoblu
 
kyoungju_kwak_the_new_wave_of_cyber_terror
kyoungju_kwak_the_new_wave_of_cyber_terrorkyoungju_kwak_the_new_wave_of_cyber_terror
kyoungju_kwak_the_new_wave_of_cyber_terror
PacSecJP
 
Trojan di stato
Trojan di statoTrojan di stato
Trojan di stato
Antonio Lepore ✔ ✈
 
A Reconfiguração do Jornalismo Investigativo e a Influência do Hacktivismo, d...
A Reconfiguração do Jornalismo Investigativo e a Influência do Hacktivismo, d...A Reconfiguração do Jornalismo Investigativo e a Influência do Hacktivismo, d...
A Reconfiguração do Jornalismo Investigativo e a Influência do Hacktivismo, d...
Ruy De Queiroz
 
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
Andrea Maggipinto [+1k]
 
VLADIMIR KRYSHEVYCH
VLADIMIR KRYSHEVYCHVLADIMIR KRYSHEVYCH
VLADIMIR KRYSHEVYCH
slidequintasia
 
En msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurityEn msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurity
Online Business
 
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
Tunde Ogunkoya
 

Weitere ähnliche Inhalte

Andere mochten auch

Cybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never SleepCybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
IBM Security
 
Inside Srl - Emilio Luchetta
Inside Srl - Emilio LuchettaInside Srl - Emilio Luchetta
Inside Srl - Emilio Luchetta
bnioceanoblu
 
kyoungju_kwak_the_new_wave_of_cyber_terror
kyoungju_kwak_the_new_wave_of_cyber_terrorkyoungju_kwak_the_new_wave_of_cyber_terror
kyoungju_kwak_the_new_wave_of_cyber_terror
PacSecJP
 

Andere mochten auch (20)

Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial Industry
 
Hacked Revealed: Penetration Profession
Hacked Revealed: Penetration ProfessionHacked Revealed: Penetration Profession
Hacked Revealed: Penetration Profession
 
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never SleepCybercrime Threat Landscape: Cyber Criminals Never Sleep
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
 
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
Capabilities of Cyber-Trerrorists - POTENTIAL ATTACKS - Possibility, Likelyho...
 
SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
 
Whois - Addressing the Asia Pacifc
Whois - Addressing the Asia PacifcWhois - Addressing the Asia Pacifc
Whois - Addressing the Asia Pacifc
 
Security Digital Connect
Security Digital ConnectSecurity Digital Connect
Security Digital Connect
 
2016 Cybersecurity Predictions for Asia Pacific from Palo Alto Networks VP, C...
2016 Cybersecurity Predictions for Asia Pacific from Palo Alto Networks VP, C...2016 Cybersecurity Predictions for Asia Pacific from Palo Alto Networks VP, C...
2016 Cybersecurity Predictions for Asia Pacific from Palo Alto Networks VP, C...
 
Uud amandemen
Uud amandemenUud amandemen
Uud amandemen
 
Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP
 
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
 
Grc t17
Grc t17Grc t17
Grc t17
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016
 
Inside Srl - Emilio Luchetta
Inside Srl - Emilio LuchettaInside Srl - Emilio Luchetta
Inside Srl - Emilio Luchetta
 
kyoungju_kwak_the_new_wave_of_cyber_terror
kyoungju_kwak_the_new_wave_of_cyber_terrorkyoungju_kwak_the_new_wave_of_cyber_terror
kyoungju_kwak_the_new_wave_of_cyber_terror
 
Trojan di stato
Trojan di statoTrojan di stato
Trojan di stato
 
A Reconfiguração do Jornalismo Investigativo e a Influência do Hacktivismo, d...
A Reconfiguração do Jornalismo Investigativo e a Influência do Hacktivismo, d...A Reconfiguração do Jornalismo Investigativo e a Influência do Hacktivismo, d...
A Reconfiguração do Jornalismo Investigativo e a Influência do Hacktivismo, d...
 
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
intervento CONFAPI 27.10.2016 - Avv.Maggipinto (estratto)
 
VLADIMIR KRYSHEVYCH
VLADIMIR KRYSHEVYCHVLADIMIR KRYSHEVYCH
VLADIMIR KRYSHEVYCH
 

Ähnlich wie Ht seminar uniten-cyber security threat landscape

ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
Tunde Ogunkoya
 
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
Tunde Ogunkoya
 
State of endpoint risk v3
State of endpoint risk v3State of endpoint risk v3
State of endpoint risk v3
Lumension
 
State of endpoint risk v3
State of endpoint risk v3State of endpoint risk v3
State of endpoint risk v3
Lumension
 
State of endpoint risk v3
State of endpoint risk v3State of endpoint risk v3
State of endpoint risk v3
Lumension
 
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin KleczynskiKaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya
 

Ähnlich wie Ht seminar uniten-cyber security threat landscape (20)

En msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurityEn msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurity
 
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
ISACA 2016 Annual Conference SA_State of Risk_Tunde Ogunkoya_DeltaGRiC_Consul...
 
Open Source Insight: 2017 Top 10 IT Security Stories, Breaches, and Predictio...
Open Source Insight: 2017 Top 10 IT Security Stories, Breaches, and Predictio...Open Source Insight: 2017 Top 10 IT Security Stories, Breaches, and Predictio...
Open Source Insight: 2017 Top 10 IT Security Stories, Breaches, and Predictio...
 
Cyber threats landscape and defense
Cyber threats landscape and defenseCyber threats landscape and defense
Cyber threats landscape and defense
 
Trendlabs 1h-2016-security-roundup-en
Trendlabs 1h-2016-security-roundup-enTrendlabs 1h-2016-security-roundup-en
Trendlabs 1h-2016-security-roundup-en
 
How ransomware can hold your business hostage
How ransomware can hold your business hostageHow ransomware can hold your business hostage
How ransomware can hold your business hostage
 
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
DeltaGRiC_Consulting_SMAC_Digital Innovation Security Conference_Presentation...
 
Índice de software sin licencia en el mundo.
Índice de software sin licencia en el mundo. Índice de software sin licencia en el mundo.
Índice de software sin licencia en el mundo.
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
 
1530 track1 ulinski
1530 track1 ulinski1530 track1 ulinski
1530 track1 ulinski
 
Edgescan vulnerability stats report 2020
Edgescan vulnerability stats report 2020Edgescan vulnerability stats report 2020
Edgescan vulnerability stats report 2020
 
Estado del ransomware en 2020
Estado del ransomware en 2020Estado del ransomware en 2020
Estado del ransomware en 2020
 
State of endpoint risk v3
State of endpoint risk v3State of endpoint risk v3
State of endpoint risk v3
 
State of endpoint risk v3
State of endpoint risk v3State of endpoint risk v3
State of endpoint risk v3
 
State of endpoint risk v3
State of endpoint risk v3State of endpoint risk v3
State of endpoint risk v3
 
McAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats PredictionsMcAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats Predictions
 
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin KleczynskiKaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
 
Exploring the Capabilities and Economics of Cybercrime
Exploring the Capabilities and Economics of CybercrimeExploring the Capabilities and Economics of Cybercrime
Exploring the Capabilities and Economics of Cybercrime
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 

Kürzlich hochgeladen

Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
Escorts Call Girls
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Sheetaleventcompany
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
SUHANI PANDEY
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
gwenoracqe6
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
soniya singh
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
@Chandigarh #call #Girls 9053900678 @Call #Girls in @Punjab 9053900678
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
kojalkojal131
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
SUHANI PANDEY
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
soniya singh
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls Dubai
Escorts Call Girls
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
imonikaupta
 

Kürzlich hochgeladen (20)

Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
Al Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls DubaiAl Barsha Night Partner +0567686026 Call Girls Dubai
Al Barsha Night Partner +0567686026 Call Girls Dubai
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 

Ht seminar uniten-cyber security threat landscape

  • 2. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. 21 November 201610:06:06 2 of 39 Introduction Setting the right expectations ONE Top Cyber Threats The current threat landscape TWO Key Trends asia pacific region THREE Mitigation for the better information security FOUR
  • 3. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. What is Cyber Threat Landscape? Threat Actor Attack Vectors Threat Agents The Cyber Threat Landscape is a list of threats containing information about threat agents and attack vectors affecting the Information Security assurance and/or objective.
  • 4. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. How many kinds of Threat Landscape? Region Group of assets Sector
  • 5. 5 of 39 21 November 201610:06:07 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. Factors leading to change of threat landscape Risks Assets Attack vectors Vulnerabilities Threats Security control Threat agents use based on to increase thatexploit give rise to leading to may be aware of these impose Wish to abuse and/or damage reduce reevaluate reduced by to wish to minimise Owners
  • 6. 6 of 39 21 November 201610:06:07 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. Risks Assets Attack vectors Vulnerabilities Threats Security control Threat agents use based on to increase thatexploit give rise to leading to may be aware of these wish to minimise impose Wish to abuse and/or damage reduce reevaluate reduced by to capabilities change over time introduction of new people, process and technology Owners Factors leading to change of threat landscape
  • 7. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. 21 November 201610:06:07 7 of 39 Introduction setting the right expectations ONE Top Cyber Threats the current threat landscape report TWO Key Trends asia pacific region THREE Mitigation for the better information security FOUR
  • 8. 8 of 39 21 November 201610:06:07 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. # cyber threat landscape 2014 and 2015 Overview and comparison of cyber threat landscape Top Threats 2014 Ranking Top Threats 2015 Ranking Ranking Status Malware  Malware   Web-based attacks  Web-based attacks   Web application attacks  Web application attacks   Botnets  Botnets   Denial of service  Denial of service   Spam  Physical damage/theft/loss   Phishing  Insider threat   Exploit kits  Phishing   Data breaches  Spam   Physical damage/theft/loss  Exploits kits   Insider threat  Data breaches   Cyber espionage  Ransomware   Ransomware  Cyber espionage   Legends: Trends: declining, Stable, Increasing Ranking: Going up, Same, Going down
  • 9. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. 20 years old malware infection (Microsoft Office documents via Visual Basic macros) CONFICKER still in the wild (7 years old works leads to 37% infection) Increasing of malicious URLs compared to malicious email attachment Mobile devices innovation slows down mobile malware Apple store and app stores remain as a main target for “packaging” and spreading of malware 60% 60% 58% 58% 58% Top Countries Infected 50% 12% 8% 5% 3% Top Countries Hosting Malware Top Cyber Threat: malicious software
  • 10. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Top Cyber Threat: web based attack Social networking and social media became important tactics for infection campaigns 90% of bad URLs are used for spam (change within hours or minutes) Malicious advertising (malvertising) campaigns uses 4000 different name and 500 domains 40% 6% 3% 2% United State Russia Portugal Netherlands Top Countries Hosting Maliciouis URLs
  • 11. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Top Cyber Threat: web application attack 30-55% web sites are vulnerable to web application attack Lack of transport layer protection, information leakage, XSS, brute force, content sniffing, cross- site request forgery and URL redirection 80% 7% 4% 9% United State Brazil China Others Top Targeted Countries 18% 28% 40% LFI SQLi Shellshock Top Web Attacks
  • 12. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Top Cyber Threat: Botnets Between 20% and 40% of the DDoS attacks have botnet fingerprint Reached market maturity in the area of cybercrime- as-a-service (CaaS) Average lifetime of a botnet is estimated with 38 days, and average size of a single botnet is 1700 infected servers Botnet operators are in favour of using rogue virtual machines for C2 server infrastructure US, Ukraine, Russia, The Netherlands, Germany, Turkey, France, UK, Vietnam and Romania
  • 13. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Top Cyber Threat: Insider Threat Reduced care, insufficient training, increased work load, inconvenience of security policies, users do not take security seriously Many companies do not have an insider threat prevention program Increasing of monetization opportunities created by cyber-criminals or cyber- espionage Ineffective security measure for Bring Your Own Device (BYOD) and open Wi-Fi
  • 14. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. 21 November 201610:06:09 14 of 39 Introduction setting the right expectations ONE Top Cyber Threats the current threat landscape report TWO Key Trends asia pacific region THREE Mitigation for the better information security FOUR
  • 15. 15 of 39 21 November 201610:06:09 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. Key trends: asia pacific region Breaches in APAC never make the news headlines Unprepared to identify and respond to breaches Detection period too long Tools exclusively target organizations within APAC Failed to eradicate
  • 16. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. APAC Incident responses statistics for 2015 Characteristic Quantity (average) Number of days compromise went undiscovered 520 Number of machines analysed in an organization 21,584 Number of machines compromised by threat actor 78 Number of user accounts compromised by threat actor 10 Number of admin accounts compromised by threat actor 3 Amount of stolen data 3.7GB
  • 17. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. APAC threat actor main objectives Email 40% Sensitive Docs 20% Personally Identifiable Information (PII) 20% Infrastructure Docs 20%
  • 18. 18 of 39 21 November 201610:06:10 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. • Custom malware • Command and control • Web-based backdoor • Staging servers • Data consolidation • Data theft • Credential theft • Password cracking • “Pass-the-hash” • Local root/admin exploitation • Social engineering • Internet-based attack • Via service provider Case study: how it’s happened? Attack lifecycle model with classic attacker techniques Initial Attack Establish Foothold Internal Recon Escalate Privileges Complete Missions } { • net use commands • smbclient commands • mount commands • reverse shell access • Backdoors • VPN • Sleeper malware • Account abuse • Service provider Lateral movement Maintain Access
  • 19. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: social engineering Reconnaissance Develop attack vector Distribution medium Remote Access
  • 20. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: reconnaissance passive recon 4 pdf docs, 66 employee details haveibeenpwned.com: 109 email addresses used in different sites 208 employee details (mostly email) from online contacts database 105 profiles 780 email addresses from an unprotected site Search engines, associated forums, websites, social networks etc. passive recon Assistant manager HR services Assistant Vice President Company secretary Executive secretary Human resources dev & training consultant Legal counsel Project executive Senior HR manager Senior Vice President Vice President Clerk
  • 21. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: develop attack vector File type Status EXE Quarantined/blocked DLL Quarantined/blocked JavaScript Quarantined/blocked MSI File Quarantined/blocked Double extension Quarantined/blocked CVE-15-1641 doc Quarantined/blocked PowerShell cmd Quarantined/blocked Java code Quarantined/blocked ASP code Quarantined/blocked Docx (encrypted) Quarantined/blocked Docx Quarantined/blocked Phishing link Quarantined/blocked Generic content
  • 22. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: develop attack vector Non-generic content File type Status EXE Quarantined/blocked DLL Deleted JavaScript Quarantined/blocked MSI File Quarantined/blocked Double extension Deleted CVE-15-1641 doc Delivered PowerShell cmd Delivered Java code Delivered ASP code Deleted Docx (encrypted) Delivered Docx Delivered Phishing link Delivered
  • 23. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: distribution medium Email Packet injection USB drop 
  • 24. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: distribution medium
  • 25. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Case study: remote access
  • 26. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. 21 November 201610:06:14 26 of 39 Introduction setting the right expectations ONE Top Cyber Threats the current threat landscape report TWO Key Trends asia pacific region THREE Mitigation for the better information security FOUR
  • 27. 27 of 39 21 November 201610:06:14 All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarksof their respective owners. Technology is not enough Listen to the expert Security Technologies, Cryptographer and Author Bruce Schneier “If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology” Chairman and CEO, Google Eric Schmidt “The Internet is the first thing that humanity has build that humanity doesn’t understand, the largest experiment in anarchy that we have ever had”
  • 28. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. No single unique solution to protect the people People Application Presentation Session Transport Network Data Link Physical Lower Layers Upper Layers Most difficult to secure and the weakest link in the security chain
  • 29. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Security People ProcessTechnology Continue process not a static state
  • 30. All images used in this presentation are for educational purposes only. All images are either in the public domain and not subject to copyright, or they have been purchased from the relevant websites. Any and all marks used throughout this presentation are trademarks of their respective owners. Securing the human it starts with you Metric Long term sustainment Promoting awareness & change Compliance focused Non-existent