1 of 25

Slide Notes

DownloadGo Live

Cyber Risks

Published on Nov 18, 2015

VBL/CML 19.11.2015

View Outline

MORE DECKS TO EXPLORE

PRESENTATION OUTLINE

1.

Cyber Risks

The Good, The Bad and the Ugly
Photo by wiredforlego
2.

The 3 components
of risk

Photo by nic_r
3.

Vulnerability

e.g. greed, love, sorrow, buffer overflow, unpatched system, CSRF...
Photo by misterbisson
4.

Threat

e.g. script kiddie, "hacker", cyber-activist, cyber-criminal, state...
Photo by umezy12
5.

Impact

e.g. money loss, data loss, fraud, service loss, reputation loss...
Photo by Domiriel
6.

RISK = VULNERABILITY * THREAT * IMPACT

Photo by GotCredit
7.

JOsef W. - CHAIRMAN, OCTOPUS GROUP

slowly recovers from a heart attack
Photo by fotos paGoda (http://ppinacho.me) Pedro Pinacho D.
8.

discover what happened!

LIVE DEMO
9.

CYBER Threat Landscape

Luxembourg
Photo by Furryscaly
10.

Statistics 2014 (CIRCL)

11.

Motivations

12.

REal life examples

based on incidents from Luxembourg
Photo by 55Laney69
13.

VOIP/PBX ATTACKS

  • scan for vulnerable PBX interfaces or VoIP servers
  • such systems are often outsourced or outside security scope
  • direct financial benefit by toll fraud
Photo by Per Olof Forsberg
14.

banking/presidential fraud

  • malware, phishing or social engineering (via phone) to access mailboxes
  • banking details changed / transactions executed
  • extreme cases: dedicated malware targeting corporate banking systems
  • targets: mainly huge invoice processing organisations
Photo by epSos.de
15.

RANSOMWARE

  • recent ransomware encrypts harddisk as well as removal drives and shares
  • BYOD increased cases
  • 50% of LU victims had a non-functionnal/incomplete backup
  • ransomDDOS on the rise
Photo by thekeithhall
16.

PLUG AND PRAY

Photo by Lawrence OP
17.

PREVENTION...

  • PEOPLE (awareness, training, competences...)
  • TECHNOLOGY (AV, WAF, IPS, SIEM, SUS...)
  • ORGANISATION (policies, procedures, responsabilities...)
  • COMPLIANCE (privacy, IP...)
Photo by Bods
18.

...IS NOT ENOUGH

  • be organised, have a CISO
  • you are already compromised
  • be proactive, detect and handle (CERT)
  • prepare for a crisis
  • get an insurance
Photo by Reiterlied
19.

THERE ARE NO SMALL INCIDENTS

  • Minor incidents escalate fast
  • Exploitation is still too easy
  • Multi-compromises are used and abused
  • IoT makes it even worse
  • Attacks & attackers don't stop at the borders
Photo by n1colas
20.

DETECTION/CLEANING TOO SLOW

21.

DON'T SUFFER IN SILENCE

Photo by Tree Leaf Clover
22.

CASES.LU

  • security startup kit
  • awareness & training
  • customised check-up (diagnostic)
  • MONARC (optimised risk assessment method & tool)
23.

CIRCL.LU

  • incident handling / coordination
  • DFIR tools & services
  • data feeds & early warning
  • threat & intelligence sharing
  • joint R&D and innovation
  • technical training & courses
24.

Pascal Steichen
SECURITY
MADEIN.LU

Photo by woodleywonderworks
25.

Untitled Slide

Pascal Steichen

https://lhc.lu/