cyber threats
DESCRIPTION
Cyber Security and ThreatsTRANSCRIPT
![Page 1: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/1.jpg)
Global Cyber Threats
Professor John Walker CFIP MFSoc CRISC CISM ITPC CITP SIRM FBCS FRSA
© Red-Spike
![Page 2: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/2.jpg)
Introduction to the Global Threat
1) Thousands of IT systems are compromised every day, some attacks are based on political motives, but most commonly to steal money or commercial secrets.
2) The magnitude and tempo of the attacks pose a real threat to Britain's economic security.
3) National Critical Assets are targeted and exposed.
4) Global economic stability is exposed.
5) Internet root-servers under daily attack.
6) High dependencies on computing, infrastructures and a live-by-wire lifestyle.
7) CyberWar, CyberConflict is here!
![Page 3: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/3.jpg)
Examples of Compromise
Attendance to an incident requires the First Responder to keep an Open Mind:
2) The magnitude and tempo of the attacks pose a real threat to Globalised economic security.
3) National Critical Assets are targeted and exposed.
4) Inter-nation economic stability is impacted.
5) Internet root-servers under daily attack.
6) High dependencies on computing, infrastructures and a live-by-wire lifestyle.
7) CyberWar, CyberConflict is here!
8) Dependency on Technology increases the potentials of attack or compromise
![Page 4: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/4.jpg)
Threat Scale & Position
Non-Profit, Local & SME’s
LOW RISK
MEDIUM RISK
HIGH RISK
Hi-Tech, Media, Retail, Industrial Manufacturing etc.
Governments, Defence, Banking, Oil & Gas, SCADA, & Critical Infrastructure.
![Page 5: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/5.jpg)
Hackers
![Page 6: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/6.jpg)
Non-Disclosure – 911 - Impact
Event on 9/9/2011 [911]saw 5 Million people impacted bytraffic chaos, flight cancellationsand two Nuclear Reactors beingClosed down – all caused byone single employee!
![Page 7: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/7.jpg)
Hacktivists Threat
Pose a High Threat, and are very Motivated
5th November, 2012 = DDoS
![Page 8: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/8.jpg)
Serious-Organised-Crime
Serious-and-Organised Crime Ganges are highly organised, and very successful – considerSome of the top targets:
The Public Home [WiFi in particular] Companies Governments Banks Oil-&-Gas
![Page 9: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/9.jpg)
The ‘Chinese’ Threat
"Whether it be the intrusions of hackers, a major explosion at the World Trade Centre, or a bombing attack by bin Laden, all of these greatly exceed the frequency bandwidths understood by the American military...“
Qiao Liang and Wang Xiangsui
Titan Rain - 2008
![Page 10: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/10.jpg)
The Internet
Cyber-Jihad use the Internet to a very effective extent to support their missions.
![Page 11: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/11.jpg)
The Statistics
High availability of information on the Internet, and the GhostNet – and its on the rise
![Page 12: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/12.jpg)
The ‘Cyber-Terror’ Threat - 1
Cyber-Jihadvs.
Cyber-Terrorism
![Page 13: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/13.jpg)
The ‘Cyber-Terror’ ToolsCyber-Jihadist Tools and Capabilities:
![Page 14: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/14.jpg)
Copyright SBLTD 2012
The ‘Cyber-Terror’ Tools - 3DDoS a speciality:
![Page 15: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/15.jpg)
The ‘AET’The AET was once considered Hype – but they have been seen in the wild, and with some success::
McAfee Firewall
Paloalto
Sourefire
Checkpoint
Juniper
![Page 16: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/16.jpg)
The ‘Cyber-Terror’ Tools - 5Security is accommodated – in some cases to a higher level than most organisations:
![Page 17: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/17.jpg)
The ‘Impact’ of Tools - 6By leveraging free Attack Tools supplied with Linux Speciality Distributions, targeting a LAN based Windows 8 System, a number of attacks were performed against a Firewalled System – the impact was a fully compromised systems, broken, and very infected with Malicious Payload – and this from a GUI environment, with a free, publically available set of tools.
![Page 18: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/18.jpg)
The Infamous Teams
![Page 19: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/19.jpg)
The ImpactCyber-Jihadist impact and payload can arrive in many forms:
Attacks on Critical InfrastructurePromised – and have occurred! - example
![Page 20: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/20.jpg)
The ‘Myth’
![Page 21: Cyber Threats](https://reader033.vdocuments.net/reader033/viewer/2022052905/559641241a28ab3e558b4706/html5/thumbnails/21.jpg)
The Response to the Threat
About 80% of known attacks would be defeated by embedding basic information security
Practices and learning from the First Responder Engagements.
Let us consider the opportunities, options, and what you have in place:
?How many of the aforementioned areas are you covered against?