Can cyber extortion happen to you? Practical tools for assessing the threat

•

1 like•238 views

Slides from Tony Martin-Vegue's presentation at Security BSides, Seattle: February 20, 2016. "Can cyber extortion happen to you? Practical tools for assessing the threat" Abstract: Ransom is more than just the stuff of Hollywood thrillers. Action packed extortion schemes are as old as history itself, but today’s criminals are trading in information. Extortion rackets such as the Ashley Madison and Sony Pictures Entertainment hacks are well-known cases and many security professionals have experienced ransom attempts of their own, ranging from CryptoWall and CryptoLocker malware to DDoS attacks that promise to continue until the attackers are paid. This session will take a detailed look at the different threat actors that perpetrate these attacks and how companies can assess the risk and potential impact of an incident. Participants will learn how to model threats, identify assets at risk, determine the impact and calculate risk. These methods help security professionals understand the impact of various forms of cyber ransom, determine if it is applicable to their organization and how to communicate risk effectively to management. When an organization faces a cyber ransom, quick action is needed to respond to the attackers, safeguard systems and bring systems back online. Participants will also learn how to strengthen their incident response plans and make risk-aware decisions.

Technology

ABOUT ME
Tony Martin-Vegue
tony.martinvegue@gmail.com
www.thestandarddeviant.com
@tdmv

AGENDA
•What is extortion?
•DDoS for ransom
•Ransomware
•Targeted victims (Sony, Ashley Madison)
•Assessing the risk at your company

LEGAL DEFINITION
”The obtaining of property from another induced
by wrongful use of actual or threatened force,
violence, or fear, or under color of official right.”
- 18 U.S.C.A. §871 et seq.; §1951

Attack website with a small and
short attack
Simultaneous attack on others in
the sector
Send a ransom note demanding
payment
Increase DDoS attack
intensity/duration OR move on
ANATOMY OF AN ATTACK

WHY DOES IT WORK?
ATTACKER
• Attack is Very low cost per hour
• Can attack multiple websites in
the time allotted
• Scalable – can scale up in
bandwidth to make a point or
scale down to save costs
• The attacker knows what they are
capable of (information
asymmetry)
DEFENDER
• Costs a company on average of
$40,000 an hour1
• Can be only or primary source of
revenue
• Reputational issues
• Have no idea if attack is isolated
or worst nightmare
1 Source: Incapsula DDoS Survey: http://lp.incapsula.com/rs/incapsulainc/images/eBook%20-
%20DDoS%20Impact%20Survey.pdf

DD4BC
Source: Recorded Future, DD4BC, Armada Collective, and the Rise of Cyber Extortion;
https://www.recordedfuture.com/dd4bc-cyber-extortion/

KNOWN PAYMENTS
NITROGEN SPORTS
• EU based sports betting site
• Patrons pay in Bitcoin
• DDoS Attacks started in
September 2014
• Attackers continually asked for 2
BC
• Copycats also attacked
PROTON MAIL
• Swiss encrypted email provider
• On November 4th, 2015 they
were hit with one of the largest
DDoS attacks seen in Europe –
50gbps
• Armada Collective demanded
$6000 in ransom which was paid
• A copycat attacked, hoping to
get paid

DETECTION AND RESPONSE
•Risk models should include DDoS for ransom
•Cost/benefit analysis on DDoS protection services
•Update incident response plans
•Review and update crisis team members

HOW IT WORKS
Image Source: TrendMicro.com

ANATOMY OF A RISK ASSESSMENT
Risk
Loss Event Frequency
Threat Event
Frequency
Vulnerability
Threat
Capability
Control
Strength
Loss Magnitude
Primary Loss
Secondary
Loss

RISK ANALYSIS
•US-based credit union founded in 2008
•Has on online banking presence with several thousand
customers
•In 2014, was hit with one DDoS for ransom attack for 30
minutes; response costs were high but no loss of customers
•Last attack, we decided to wait it out until the attackers
stopped

THREAT EVENT FREQUENCY
Threat
Event
Frequency
Method
Objectives Resources
Limits

VULNERABILITY
Vulnerability
Threat
Capability
Control
Strength
The probability that an asset will be
unable to resist the actions of a threat
agent.
Top 2%
Top 16%
Average
Bottom 16%
Bottom 2%

DERIVE RISK
Loss Event Frequency
1x to .1x / year
Vulnerability
Threat Capability
Low- Bottom 16%
Control Strength
Very Low – Only protects
against the bottom 2%
Probable Loss
$40,000 / hour
Risk
ALE: 9k

RESIDUAL RISK
Loss Event Frequency
1x to .1x / year
Vulnerability
Threat Capability
Low- Bottom 16%
Control Strength
Very High – Protects against
all but the top 2%
Probable Loss
$40,000 / hour
Risk
ALE: $260

Similar to Can cyber extortion happen to you? Practical tools for assessing the threat

Security

Dick Pirozzolo, APR

types of cyber attack by taufiqurrahman.pptx

taufiq463421

DNS Cybersecurity in 2012-2015

Andrzej Bartosiewicz

Malware attack Social engineering attack

taufiq463421

Cyber Risk Quantification - CyberTLV

Iftach Ian Amit

Prepared by Radware’s Emergency Response Team (ERT), 2012 Global Application and Network Security Report highlights server-based botnets and encrypted layer attacks as just two of the new attack tools challenging organizations during DDoS attacks. Most recently, these tactics were leveraged by perpetrators in the attacks against U.S. financial institutions that have been ongoing since September 2012.

2012 Global Application and Network Security Report

Radware

Cyber Security Briefing for Beginners

István Lőrincz

DDoS Hurts Everyone

DNS Made Easy

SMBs are a major target in today’s threat landscape since larger organizations have invested in security measures in the last couple of years. Find out how much your data is worth and the best way to safeguard those assets from our experts. According to StaySafeOnline.org, attacks on SMBs account for over 70% of data breaches, a figure that is on the rise. Sophisticated digital criminals easily exploit businesses with limited security budgets, outdated security controls, and untrained employees. Not to mention, insider threats are becoming more prevalent. Each security incident costs SMBs a loss of $120k, on average. So what can you do about it? Data security requires implementing the right technology, people, and processes. Like many SMBs, you may see the value in security, but may not be sure where to start. Join our panel of experts in this educational webinar to find out what steps you can take to protect your business today and its valuable assets. We’ll review current trends in attack methods, how to determine what to protect, and what methods are best suited for your objectives. Takeaways and Learning Objectives Find out what threats are most common today and how to prevent them. Get actionable tips on how to protect your business in the short-term and long-term, despite budget and resource constraints. Get clarity on data security best practices, including tools, policies, processes and developing a culture of security.

Too Small to Get Hacked? Think Again (Webinar)

OnRamp

Akamai___WebSecurity_eBook_Final

Cheryl Goldberg

With cyber-attacks becoming a growing concern for organizations, availability-based attacks, also known as Denial of Service or Distributed Denial of Service attacks, have long moved from a form of cyber protest to a destructive weapon that is used by cyber criminals, hacktivists and even governments. In 2013 we saw a growing use of a new type of attack where attackers used legitimate transactions to saturate application servers’ resources. In this presentation, Security Expert Werner Thalmeier demonstrates how such an advanced attack can be created from a laptop running in an anonymous public WiFi network. He also evaluates the attack landscape and its impact on organizations as well as shares the best practices to protect against such cyber-attacks. Understand the current availability-based threat landscape and learn about new types of cyber-attacks that are being used to saturate resources. For more information on the state of Application and Network Security, please visit: http://www.radware.com/ert-report-2013/

InfoSecurity Europe 2014: The Art Of Cyber War

Radware

Whether people admit or not, everyone is moving to the cloud and all future business will run somewhere on the internet. Moving to the cloud requires different set of architecture and mindset. Data is stored, accessed and processed on different platforms and devices. Employees are working anywhere from the world, corporate data is no more under company IT custody. CISOs and CIOs need to think differently and set new Cloud Security Architecture. This session will try to draw the main areas of concern from Security perspective while moving to the cloud.

Cloud Security Architecture - a different approach

EC-Council

Web Attack Survival Guide

- Mark - Fullbright

Most businesses are aware that the DDoS threat is real, but are they aware of the business impacts of cyber security compromises? Companies must be prepared to face not only the $100,000+ costs associated with DDoS attacks, but also the loss of customer trust and damage to their brand as a result of leaked personal information. Is your company adequately protected against the growing number of DDoS security threats? For more information, please visit neustar.biz.

A Responder's Guide to DDoS Attacks: Seeing Clearly Through the Smoke

Neustar, Inc.

Brooks18

Chuck Brooks

Data Driven Risk Assessment

Resolver Inc.

Information Security Basics.pptx

Ron Price

Clear and present danger: Cyber Threats and Trends 2017

Morakinyo Animasaun

Zero Trust.pptx

ThavaselviMunusamy1

Protecting your business from ddos attacks

Saptha Wanniarachchi

Similar to Can cyber extortion happen to you? Practical tools for assessing the threat (20)

Security

types of cyber attack by taufiqurrahman.pptx

DNS Cybersecurity in 2012-2015

Malware attack Social engineering attack

Cyber Risk Quantification - CyberTLV

2012 Global Application and Network Security Report

Cyber Security Briefing for Beginners

DDoS Hurts Everyone

Too Small to Get Hacked? Think Again (Webinar)

Akamai___WebSecurity_eBook_Final

InfoSecurity Europe 2014: The Art Of Cyber War

Cloud Security Architecture - a different approach

Web Attack Survival Guide

A Responder's Guide to DDoS Attacks: Seeing Clearly Through the Smoke

Brooks18

Data Driven Risk Assessment

Information Security Basics.pptx

Clear and present danger: Cyber Threats and Trends 2017

Zero Trust.pptx

Protecting your business from ddos attacks

More from Tony Martin-Vegue

Slides from Tony Martin-Vegue's presentation at SIRAcon (Cincinatti, OH) on May 1, 2019 Abstract: What do Tom Jones’ chest hair, alien abductions, and Tylenol’s brand recognition have in common? An actuary – somewhere in the world – determined the probability and impact of a loss event and reduced enough uncertainty to issue an insurance policy. Yet, in the field of risk management, we hear that this is impossible: we can’t measure intangibles; we can’t determine the probability of an event that’s never happened, and oftentimes, measuring probability itself is not possible. The insurance industry shows us that this just isn’t true, and they have the money to prove it. Insurance is a thriving business with excellent margins, built on uncertainty reduction. Why? The answer lies in incentives. Insurance is based on making uncertainty reduction profitable. With very few exceptions, cyber risk is set up to disincentivize good decisions. Using superstition and gut checks as a cheap replacement for data and utilizing debunked risk models are deemed “good enough” at best, and “really good!” at worst. Attendees will learn about how actuaries have historically tackled these challenges and receive practical tips on how companies and risk managers alike can be incentivized toward better risk decisions.

Incentivizing Better Risk Decisions - Lessons from Rogue Actuaries - SIRAcon ...

Tony Martin-Vegue

Slides from Tony Martin-Vegue's presentation at CircleCityCon 5.0 (Indianapolis, IN) on June 2, 2018 Abstract: Stiff statistics, prismatic pie charts, and questionable survey results drown the Information Security space in a sea of never-ending numbers that can be difficult to sift through. Have you ever finished reading a research institution’s annual security report and felt your Spidey sense begin to tingle with doubt or disbelief? What you are probably sensing is a manipulation of statistics, an age-old hoodwink that has been occurring as long as numbers have been used to convey information. This critical subject was first examined over 60 years ago, when Darrell Huff first published the groundbreaking book “How to Lie with Statistics,” over 60 years ago. This presentation takes the foundation Huff created and updates the core concepts for the contemporary Information Security field. Most people would be shocked to find that data is often manipulated to lead the reader to a particular conclusion. Several areas are examined: bias in vendor-sponsored security reports, data visualization misuse and common security fallacies. There is a silver lining - once you are aware of the subtle ways data is manipulated, it’s easy to spot. Attendees will walk away with a new understanding of ways to identify and avoid unintentionally using some of the methods described.

How to Lie with Statistics, Information Security Edition

Tony Martin-Vegue

Slides from Tony Martin-Vegue's webinar for the FAIR Institute on May 11, 2018 "Crowdsourced Probability Estimates: A Field Guide" Abstract: Probability estimates are the cornerstone of any good risk assessment in which data is sparse or expensive to come by, and are often thought of as one of the best ways to supplement existing information with subject matter expertise. Many risk analysts, however, can run into issues when trying to integrate the opinions of many subject matter experts into a risk management program. Some of these problems are: seemingly contradictory probability estimates, bias that can creep into results and the challenge of collecting and using large amounts of data. This talk covers: Building a program within a company to crowdsource probability estimates from a varied group of subject matter experts Controlling for bias Weeding out non-experts

Crowdsourced Probability Estimates: A Field Guide (FAIR Institute)

Tony Martin-Vegue

Slides from Tony Martin-Vegue's presentation at PRMIA 2018 Risk Management and Regulatory Compliance Round Table in San Francisco, CA | April 11, 2018 "Cybersecurity Aspects of Blockchain and Cryptocurrency" Abstract: Many companies are considering blockchain technologies to make transactions faster, more secure and cost effective. If you are performing risk analysis on these emerging technologies, you ask be asking yourself: how do I even start to analyze risk when there are so many unknowns? A successful analysis requires a paradigm shift in thinking into two areas: casting aside the defense-in-depth metaphor to describe security controls; and, how we assess and analyze risk of new and emerging technologies that have a high degree of uncertainty. This talk will cover how to reframe your assessments for emerging technologies, such as blockchain, and how risk quantification methodologies such as Factor Analysis of Information Risk (FAIR) can help answer some of these questions and produce a credible risk assessment.

Cybersecurity aspects of blockchain and cryptocurrency

Tony Martin-Vegue

Slides from Tony Martin-Vegue's presentation at SIRAcon 2018, February 7, 2018 "Crowdsourced Probability Estimates: A Field Guide" Abstract: Crowdsourced Probability Estimates: A Field Guide Probability estimates are the cornerstone of any good risk assessment in which data is sparse or expensive to come by, and are often thought of as one of the best ways to supplement existing information with subject matter expertise. Many risk analysts, however, can run into issues when trying to integrate the opinions of many subject matter experts into a risk management program. Some of these problems are: seemingly contradictory probability estimates, bias that can creep into results and the challenge of collecting and using large amounts of data. This talk covers the presenter's own experience in building a program within a company to crowdsource probability estimates from a varied group of subject matter experts, controlling for bias, weeding out those that aren’t exactly experts and scaling the program for large companies. Participants will be surprised to find that they already have many of the tools they need to get started, such as the ability to email surveys and simple models to create distributions from many the probability estimates they collect.

Crowdsourced Probability Estimates: A Field Guide

Tony Martin-Vegue

Slides from Tony Martin-Vegue's presentation at NBTcon, San Francisco: December 03, 2016. "Ransomware & Game Theory: To Pay, or Not to Pay?" Abstract: What do the San Francisco Giants, Cryptolocker and nuclear war all have in common? They all involve conflicts in which incentives, payouts and winning strategies can be analyzed with game theory. Game theory is a branch of mathematics that models conflict and cooperation between parties and is used in many real-world decision making scenarios, inside and outside the Information Security field. Game theory is particularly useful in analyzing the extortionist / victim dynamic present in ransomware infection scenarios. Ransomware comes in many varieties and works in different ways, but the basic setting is the same: cybercriminals infect a computer with malicious software that blocks access to the system or important files until the ransom is paid. The conventional wisdom in information security regarding ransomware is to never pay. But, why? The answer is a little more nuanced than “never pay” or “always pay.” The decision is a complex scenario of incentives and payoffs. Who stands to gain when ransomware is paid? Who gains when it is not paid? This talk will use the familiar topic of ransomware to introduce participants to game theory concepts like rational decision-making, zero-sum games, incentives, utility and Nash Equilibrium – all important tools that can help solve security problems. By analyzing ransomware decision-making with a game theory mindset, participants will learn a new set of skills and a new way of incentive-driven thinking.

Ransomware & Game Theory: To Pay, or Not to Pay?

Tony Martin-Vegue

Slides from Tony Martin-Vegue's presentation at Security BSides, San Francisco: February 12, 2017. "Should I Pay or Should I Go? Game Theory and Ransomware" Ransomware infections are nasty and potentially devastating events that can cripple large companies and home computers alike. Ransomware comes in many varieties and works in different ways, but the basic scenario is the same: cybercriminals infect your computer with malicious software that blocks access to your system or important files until you pay the ransom. You have a finite amount of days to pay if you ever want to see your files again. Should you pay? The answer is a little more nuanced than “never pay” or “always pay.” The decision is a complex scenario of incentives and payoffs that can be analyzed with game theory. Game theory is a branch of mathematics that models conflict and cooperation between parties and is used in many real-world scenarios, inside and outside the Information Security field, including machine learning, poker games, allocation of security resources, kidnappings and nuclear war. This talk will use the familiar topic of ransomware to introduce participants to game theory concepts like rational decision-making, zero-sum games, incentives, utility and Nash Equilibrium – all important tools that can help solve security problems. By analyzing ransomware decision-making with a game theory mindset, participants will learn a new set of skills and a new way of incentive-driven thinking. Participants may be surprised to find that ransomware response isn’t black or white.

Should I Pay or Should I Go? Game Theory and Ransomware

Tony Martin-Vegue

Measuring DDoS Risk using FAIR (Factor Analysis of Information Risk

Tony Martin-Vegue

Slides from Tony Martin-Vegue's presentation at Security BSides, San Francisco: April 20, 2015. "How to Lie with Statistics, Information Security Edition" Abstract: Stiff statistics, prismatic pie charts, and stodgy survey results drown the Information Security space in a sea of never-ending numbers that can be difficult to sift through and find the relevant information contained within. Have you ever finished reading a vendor whitepaper or a research institution's annual security report and felt your Spidey sense begin to tingle with doubt or disbelief? What you are probably sensing is a manipulation of statistics, an age-old hoodwink that has been occurring as long as numbers have been used to convey information. This critical subject was first examined over 60 years ago, when Darrell Huff first published the groundbreaking book "How to Lie with Statistics", over 60 years ago, and since then has become required reading in many college Statistics classes. This presentation takes the foundation Huff created and updates the core concepts for the contemporary Information Security field. Most people would be shocked to find that data can be easily manipulated to leave the reader with a certain impression or to lead them to a particular conclusion. Nothing is sacred in this presentation! Several areas are examined, from bias in vendor-sponsored security reports to common ways pie charts are used to misrepresent data. Extra time is given to the scourge of risk analysts everywhere: the post hoc fallacy (correlation does not imply causation), perhaps the most prevalent and most damaging of all logical fallacies seen in Information Security. There is a silver lining - once you are aware of the subtle ways data is manipulated, it's easy to spot. Attendees will walk away with a new understanding of ways to identify and avoid unintentionally using some of the methods described.

How to Lie with Statistics, Information Security Edition

Tony Martin-Vegue

Slides from Tony Martin-Vegue's presentation at the ISACA Fall Conference: October 15th, 2014 "How to Improve Your Risk Assessments with Attacker-Centric Threat Modeling" Abstract: CISO’s and risk analysts alike often get caught up in checking boxes on a list of control objectives in order to satisfy compliance and regulatory requirements. However, companies that only view risk through a narrow, regulatory or compliance-focused lens have the potential to overlook a myriad of threats that could impact business continuity, customer privacy and security and financial solvency. The last several high-profile data breaches prove that compliance does not equal security. There are many ways to assess risk in a meaningful, efficient way that drives business value. Many top companies are moving away from control-based and vulnerability-based risk assessments and are instead putting themselves in the shoes of an attacker. In order to keep up with the rapidly evolving world of cyber criminals and crime rings, organizations are learning to utilize threat intelligence to ascertain the methods, goals, and objectives of threat agents that are targeting their firm or similar firms in their sector. This helps an organization produce focused risk assessments that take a business-centric approach. This is a beginner to intermediate-level presentation designed to provide an introduction to threat modeling, a primer on threat modeling techniques, ways to integrate threat modeling into risk management frameworks (such as FAIR and NIST), and how to build a library of threat agents specific to one’s firm. Attendees will learn hands-on techniques to perform threat modeling that they will be able to immediately integrate into their risk assessment processes.

How to Improve Your Risk Assessments with Attacker-Centric Threat Modeling

Tony Martin-Vegue

More from Tony Martin-Vegue (10)

Incentivizing Better Risk Decisions - Lessons from Rogue Actuaries - SIRAcon ...

How to Lie with Statistics, Information Security Edition

Crowdsourced Probability Estimates: A Field Guide (FAIR Institute)

Cybersecurity aspects of blockchain and cryptocurrency

Crowdsourced Probability Estimates: A Field Guide

Ransomware & Game Theory: To Pay, or Not to Pay?

Should I Pay or Should I Go? Game Theory and Ransomware

Measuring DDoS Risk using FAIR (Factor Analysis of Information Risk

How to Lie with Statistics, Information Security Edition

How to Improve Your Risk Assessments with Attacker-Centric Threat Modeling

Recently uploaded

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Navi Mumbai Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Navi Mumbai Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Navi Mumbai Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Zilliz

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

MySQL Webinar, presented on the 25th of April, 2024. Summary: MySQL solutions enable the deployment of diverse Database Architectures tailored to specific needs, including High Availability, Disaster Recovery, and Read Scale-Out. With MySQL Shell's AdminAPI, administrators can seamlessly set up, manage, and monitor these solutions, ensuring efficiency and ease of use in their administration. MySQL Router, on the other hand, provides transparent routing from the application traffic to the backend servers in the architectures, requiring minimal configuration. Completely built in-house and supported by Oracle, these solutions have been adopted by enterprises of all sizes for their business-critical applications. In this presentation, we'll delve into various database architecture solutions to help you choose the right one based on your business requirements. Focusing on technical details and the latest features to maximize the potential of these solutions.

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Miguel Araújo

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Real Time Object Detection Using Open CV

Khem

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

AXA XL - Insurer Innovation Award Americas 2024

The Digital Insurer

Scalable LLM APIs for AI and Generative AI Application Development Ettikan Karuppiah, Director/Technologist - NVIDIA Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...

apidays

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Recently uploaded (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

A Year of the Servo Reboot: Where Are We Now?

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Exploring the Future Potential of AI-Enabled Smartphone Processors

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Boost Fertility New Invention Ups Success Rates.pdf

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Real Time Object Detection Using Open CV

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

presentation ICT roal in 21st century education

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

AXA XL - Insurer Innovation Award Americas 2024

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Can cyber extortion happen to you? Practical tools for assessing the threat

1. #BSidesSeattle

2. ABOUT ME Tony Martin-Vegue tony.martinvegue@gmail.com www.thestandarddeviant.com @tdmv

3. AGENDA •What is extortion? •DDoS for ransom •Ransomware •Targeted victims (Sony, Ashley Madison) •Assessing the risk at your company

4. EXTORTION

5. LEGAL DEFINITION ”The obtaining of property from another induced by wrongful use of actual or threatened force, violence, or fear, or under color of official right.” - 18 U.S.C.A. §871 et seq.; §1951

6. FIRST SEXTORTION?

7. DDOS

8. Attack website with a small and short attack Simultaneous attack on others in the sector Send a ransom note demanding payment Increase DDoS attack intensity/duration OR move on ANATOMY OF AN ATTACK

9. WHY DOES IT WORK? ATTACKER • Attack is Very low cost per hour • Can attack multiple websites in the time allotted • Scalable – can scale up in bandwidth to make a point or scale down to save costs • The attacker knows what they are capable of (information asymmetry) DEFENDER • Costs a company on average of $40,000 an hour1 • Can be only or primary source of revenue • Reputational issues • Have no idea if attack is isolated or worst nightmare 1 Source: Incapsula DDoS Survey: http://lp.incapsula.com/rs/incapsulainc/images/eBook%20- %20DDoS%20Impact%20Survey.pdf

10. DD4BC Source: Recorded Future, DD4BC, Armada Collective, and the Rise of Cyber Extortion; https://www.recordedfuture.com/dd4bc-cyber-extortion/

11. TO PAY OR NOT TO PAY?

12. KNOWN PAYMENTS NITROGEN SPORTS • EU based sports betting site • Patrons pay in Bitcoin • DDoS Attacks started in September 2014 • Attackers continually asked for 2 BC • Copycats also attacked PROTON MAIL • Swiss encrypted email provider • On November 4th, 2015 they were hit with one of the largest DDoS attacks seen in Europe – 50gbps • Armada Collective demanded $6000 in ransom which was paid • A copycat attacked, hoping to get paid

13. DETECTION AND RESPONSE •Risk models should include DDoS for ransom •Cost/benefit analysis on DDoS protection services •Update incident response plans •Review and update crisis team members

14. RANSOMWARE

15. HOW IT WORKS Image Source: TrendMicro.com

16.

17.

18. Bad Guy

19.

20. DETECTION AND RESPONSE

21. TO PAY OR NOT TO PAY?

22. TARGETED ATTACKS

23.

24. ASHLEY MADISON

25. PAY THE RANSOM?

26. RISK ANALYSIS

27. ANATOMY OF A RISK ASSESSMENT Risk Loss Event Frequency Threat Event Frequency Vulnerability Threat Capability Control Strength Loss Magnitude Primary Loss Secondary Loss

28. RISK ANALYSIS •US-based credit union founded in 2008 •Has on online banking presence with several thousand customers •In 2014, was hit with one DDoS for ransom attack for 30 minutes; response costs were high but no loss of customers •Last attack, we decided to wait it out until the attackers stopped

29. THREAT EVENT FREQUENCY Threat Event Frequency Method Objectives Resources Limits

30. VULNERABILITY Vulnerability Threat Capability Control Strength The probability that an asset will be unable to resist the actions of a threat agent. Top 2% Top 16% Average Bottom 16% Bottom 2%

31. DERIVE RISK Loss Event Frequency 1x to .1x / year Vulnerability Threat Capability Low- Bottom 16% Control Strength Very Low – Only protects against the bottom 2% Probable Loss $40,000 / hour Risk ALE: 9k

32. RESIDUAL RISK Loss Event Frequency 1x to .1x / year Vulnerability Threat Capability Low- Bottom 16% Control Strength Very High – Protects against all but the top 2% Probable Loss $40,000 / hour Risk ALE: $260

33. FINAL THOUGHTS •Ransomware can and does happen to anyone – plan for it •Other types of extortion are rare, but model the threats and see if you are fit the target profile •Update your incident response plans & BC/DR plans •A good risk analysis can help execs make better decisions •Have a way for extortionists to contact you •Partner with law enforcement BEFORE something bad happens  do this Monday

34. QUESTIONS?

Can cyber extortion happen to you? Practical tools for assessing the threat

Recommended

Recommended

More Related Content

Similar to Can cyber extortion happen to you? Practical tools for assessing the threat

Similar to Can cyber extortion happen to you? Practical tools for assessing the threat (20)

More from Tony Martin-Vegue

More from Tony Martin-Vegue (10)

Recently uploaded

Recently uploaded (20)

Can cyber extortion happen to you? Practical tools for assessing the threat