Cyber Security – The Threat Picture
Joe Franzi
Assistant Secretary Cyber Security
Overview
• The Threat Landscape
• Tactics, Techniques and Procedures used by Advanced and Persistent Threat Actors
• Movers and Shakers in Tackling Cyber Intrusions
Threat Environment
0
500
1000
1500
2000
2500
2011 2012 2013
1259 1790 2168
14%
6%80%
State Sponsored Cyber Crime Individuals & Hacktivists
Incidents Actors
Cyber Security Picture 2013
The Threat Environment
Foreign state-sponsored
48%
Unknown
40%
Cybercrime
9%
Hacktivism
3%
Tactics, Techniques and Procedures (TTPs)
Most common themes:
• G20
• ASEAN
• Taxation
• Recruitment, HR, Finance Operations
• Current affairs
Most Common Words in Spear-Phishing - 2013
Source: Symantec's 2014 Internet Security Threat Report
Java Vulnerabilities
Most common attachments:
• Microsoft Word (including RTF)
• Zip
• JAR
• RAR
Strategies to Mitigate Targeted Cyber Intrusions
The Movers and Shakers
(Was #21)
Now #7
(Was #18)
Now #5
New in 2014:
#6 Automated
Dynamic Analysis