![Page 1: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/1.jpg)
Data Breaches: Are you next?
What does the data say?
Phil Agcaoili,
VP & Chief Information Security Officer, Elavon
ATPS Worldwide
3rd-4th December 2014
![Page 2: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/2.jpg)
Fear, uncertainty and
doubt (FUD)
…Generally a strategic attempt to
influence perception by
disseminating negative and
dubious or false information…
The term originated to
describe disinformation tactics…
FUD is a manifestation of the
appeal to fear.
Truth
Truth is most often used to
mean being in accord with
fact or reality, or fidelity to
an original or to a standard
or ideal.
FUD and Cyber Security
ATPS Worldwide
3rd-4th December 2014
![Page 3: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/3.jpg)
Fact: Worst Travel Day of the Year
Fiction: Worst day of the year is the Day Before Thanksgiving
ATPS Worldwide
3rd-4th December 2014
![Page 4: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/4.jpg)
//Cyber Security
The interconnection and reliance of physical
lifeline functions over the Internet
(cyberspace) that impacts:
• National security,
• Public health and safety, and/or our
• Economic well-being
ATPS Worldwide
3rd-4th December 2014
Information
Technology
Sector
Transportation
Systems
Sector
Commercial
Facilities
Sector
Financial
Services
Sector
Defense
Industrial Base
Sector
![Page 5: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/5.jpg)
We are All Interconnected
ATPS Worldwide
3rd-4th December 2014
![Page 6: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/6.jpg)
Heightened Concerns on
Cyber Security
Low Barrier of Entry
High Damage Potential / Lucrative
ATPS Worldwide
3rd-4th December 2014
![Page 7: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/7.jpg)
Cost of Data$102.60
Average black market price for all of the data on a credit card
$187.44
Cost of taking control of a bank account
$200K
Average cost of cyber attach to SMB
$1M-$46M
Average cost of breach to a large company
$169M
Target breach clean-up costs
$46M
The Home Depot breach clean-up costs
$350M-1T
Global cost of cyber crime
ATPS Worldwide
3rd-4th December 2014
![Page 8: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/8.jpg)
//Cyber Crime
Global and growing industry
Increasing in size and efficiency
Targets everyone and every company
Leveled playing field for criminal activity
ATPS Worldwide
3rd-4th December 2014
Cyber Crime Orgs
Professional Hackers
Spammers
Mafia
Military
Terrorists
![Page 9: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/9.jpg)
//APT - Nation States Hacking
and a Cyber Cold War
ATPS Worldwide
3rd-4th December 2014
![Page 10: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/10.jpg)
What are your risks?
Have you assessed your risks?
ATPS Worldwide
3rd-4th December 2014
![Page 11: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/11.jpg)
Airlines and Airport Security
Complex ecosystems with advanced IT infrastructures
Real-time exchange of sensitive information
Scan and monitor passenger flow
Complex procedures and rules
Security requirements
Vulnerable to a multitude of attacks and IT-based emerging
threats
ATPS Worldwide
3rd-4th December 2014
Information
Technology
Sector
Transportation
Systems
Sector
Commercial
Facilities
Sector
Financial
Services
Sector
Defense
Industrial Base
Sector
![Page 12: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/12.jpg)
Data Breaches
ATPS Worldwide
3rd-4th December 2014
![Page 13: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/13.jpg)
Data Breaches
ATPS Worldwide
3rd-4th December 2014
![Page 14: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/14.jpg)
Merchants Under Attack
Credit cards
ATPS Worldwide
3rd-4th December 2014
What else must be said?
![Page 15: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/15.jpg)
Case Studies: The Facts
Nothing new here
All information presented is based on:
Past incidents
Reported cyber attacks
ATPS Worldwide
3rd-4th December 2014
![Page 16: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/16.jpg)
2004 Fact: Sasser Worm and British
Airways at Heathrow Airport
British Airways suffered delays
Worm hit Terminal Four at London's Heathrow Airport,
Also affected call centers
Written by a teenager
ATPS Worldwide
3rd-4th December 2014
![Page 17: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/17.jpg)
2008 Fact: Spanair Flight 5022
Crashed just after take off
Over 150 people died
Only 18 people survived
Accident weakened Spanair's image (reputation risk)
Crash exacerbated company’s financial difficulties
Ceased operations in 2012
Internal report issued by airline revealed:
Malware infected airline's central computer system
May have prevented detection of technical problems with aircraft
Final report determined crew failure as root cause
ATPS Worldwide
3rd-4th December 2014
![Page 18: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/18.jpg)
2011 Fact: Delhi’s Indira Gandhi
International (IGI) Airport Incident
Passenger processing system failure
Backend server glitch
Common Use passengers Processing System
(CUPPS)
Down for almost 12 hours
Approximately 50 flights delayed
Passengers had to be manually checked in
Central Bureau of Investigation (CBI) of India
Virus attack / malicious code on the system
Used from an unknown remote location
Someone at a remote location operated the
system
ATPS Worldwide
3rd-4th December 2014
![Page 19: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/19.jpg)
2011 Fact: Computer Virus Hits
U.S. Drone Fleet
Virus infected Predator and Reaper drones
One of the US military’s most important weapons
systems
Virus resisted multiple efforts to remove it
Remote cockpits are not connected to the Internet
Virus believed to have spread through removable drives
ATPS Worldwide
3rd-4th December 2014
![Page 20: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/20.jpg)
2014 Facts: Infected Belgian
Charleroi Airport Servers
Belgian Charleroi airport network servers infected with
malware
Turned them into botnet zombies
Airport and customer data stolen
ATPS Worldwide
3rd-4th December 2014
![Page 21: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/21.jpg)
ATPS Worldwide
3rd-4th December 2014
![Page 22: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/22.jpg)
2014 Fact: Account Backdoors on Airport
Scanners, Default Passwords
Blackhat 2014
Backdoor accounts present in airport scanners
Many machines deployed at airport security checkpoints have embedded accounts with default passwords that can be abused
Attackers may be able to use the accounts as a backdoor to get access to the system
ATPS Worldwide
3rd-4th December 2014
Via Billy Rios
![Page 23: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/23.jpg)
2014 Fact: More Backdoors
FTP, Telnet, and Web hardcoded backdoors
~6000 on Internet at major airports
Foreign made
ATPS Worldwide
3rd-4th December 2014
Via Billy Rios
![Page 24: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/24.jpg)
2014 Fact: More Backdoors
Multiple backdoor accounts
ATPS Worldwide
3rd-4th December 2014
Via Billy Rios
![Page 25: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/25.jpg)
Internet of Things (IoT)
Embedded systems
Devices with an IP stack
May or may not be connected to the Internet
Think smartphones
Drones
ATPS Worldwide
3rd-4th December 2014
![Page 26: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/26.jpg)
Address Cyber Security Now
Raise visibility to senior leadership and Board of
Directors
Use a Cyber Risk Framework
Invest in Cyber Security
ATPS Worldwide
3rd-4th December 2014
Risk Management NIST CSF
![Page 27: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/27.jpg)
Your Responsibility
Ensure Basic Cyber Hygiene
It’s Everyone’s Responsibility
Airlines focus:
Defense in-depth and anti-malware programs
Follow the money
Trust, but Verify
Especially with embedded devices
Supply chain
Vendor Management / Third Party Security
Overall security
Hardcoded backdoors
Participate in an Information Sharing & Analysis Center (ISAC)
ATPS Worldwide
3rd-4th December 2014
![Page 28: Data Breaches. Are you next? What does the data say?](https://reader033.vdocuments.net/reader033/viewer/2022052910/559c038e1a28ab227f8b463e/html5/thumbnails/28.jpg)
ATPS Worldwide
3rd-4th December 2014
ThanksPhil AgcaoiliVP & Chief Information Security Officer, Elavon
Contributor, NIST Cybersecurity Framework version 1
Co-Founder & Board Member, Southern CISO Security Council
Distinguished Fellow and Fellows Chairman, Ponemon Institute
Founding Member, Cloud Security Alliance (CSA)
Inventor & Co-Author, CSA Cloud Controls Matrix,
GRC Stack, Security, Trust and Assurance Registry (STAR), and
CSA Open Certification Framework (OCF)
@hacksec
https://www.linkedin.com/in/philA