risks, threats and policies we need cyprus egovernment conference 2012 · 2015-04-24 · security...
TRANSCRIPT
Security challenges for eGovernmentRisks, threats and policies we needCyprus eGovernment Conference 2012Ilias Chantzos Senior Director EMEA& APJ Government Affairs
Four Key Security Trends impacting eGov
Malware AttacksAlways Rising
Targeted Attacks Expand
Data Breaches on Rise
Mobile -‘Paradigm’
Shift
2010 177M corp PCs2015 246M corp PCs
2010 173 M personal PCs
2015 293M personal PCs
2010 300M smartphones
2015 1017M smartphones
2010 15M tablets
2015 326M tablets
39% 69% 340% 2,170%
Mobile Device ExplosionPaves Way for Bring Your Own Device (BYOD)
3
4
Why would somebody attack an Government system?• To collect
intelligence– Political– Economic/industria
l– On individuals
• To achieve political objective– Protest– Conflict– Terrorism?
• To commit cybercrime
5
External attackers
Wellmeaninginsiders
Maliciousinsiders
Civilian systems being a target
6
Cyber and political tensions• Estonia 2007
• Georgia 2008
• Ghostnet 2009
• Google and Stuxnet 2010
• Japan vs China 2011
• Austerity measures 2012• 2013?
Internet Security Threat Report 17 8
How big is the problem?
Targeted Attacks by Sector and Function
25,428%
15,431%
13,507%
6,247%
5,990%
5,866%
4,291%
3,169%3,157% 3,005% Government & Public Sector
Manufacturing
Finance
IT Services
Chemical & Pharmaceutical
Transport & Utilities
Non-Profit
Marketing & Media
Education
Retail
9
25%
8%
9%
12%10%
23%
7%6% C-Level
Senior
R&D
Sales
Media
Shared Mailbox
PA
Recruitment11.6
7.3
3.83.1
5.9
36.7
0
5
10
15
20
25
30
35
40
1-250 251-500 501-1000 1001-1500 1501-2500 2501+
Data Breaches
Internet Security Threat Report 17 10
• 232 million idenities exposed in 2011
• On average 1.1 million identities were exposed per breach
Data Breaches
Internet Security Threat Report 17 11
How are the attacks actually done?
2011 - Taidoor (14 variants)
• Negotiations - US and Taiwan modernization of Taiwan‘s air- force.
• Targets: primarily private industry and influential international think tanks involved
Specifically those who have expertise in South Asia and South-East Asia policy and military strategy
– They reached their peak during the ̳US-Taiwan Defense Industry Conference‘ held on September 18th-20th
browseLegitimateWeb site
DriveBy Download infections
Browser is analysed308 Plug-in vulnerabilities (2011)
351 Browser vulnerabilities (2011)
Malicious Script
• hacked website• Misconfigured server
• Weak password• Banner Ads
• …
No user interactionrequired by the user!
Serverside polymorphism-> repacked malware for each victim
Social Engineering is Effective in Social Media
• Users willing to help infect themselves
Internet Security Threat Report 17 15
Targeted attack modus operandi
16
Targeted
Email, attachmentcontains exploit
(often 0-day)
payload
Payload exploit
auto-installsBackdoor onto
target. Backdoor
connectsback to C & C
server
Attacker elevates
access to important
user, service, and
admin accounts, and specific
systems
Data acquired
from targetmachines and
staged for
exfiltration
Data exfiltrated
back to attackeror to
compromised
dumpsiteowned by attacker
Infiltration Foothold Exploit DataDiscovery
Exfiltration
Mobile Malware on the Rise
• This represents families of mobile malware
• There are 3,000-4,000 variants in the wild today and growing
Internet Security Threat Report 17 17
18
What are the policies we need?
EU policies on security
• Data protection and public sector– Covered or not covered?– Security requirements
– Encryption and breach notification
• Cybersecurity strategy– Covers only critical infrastructure…..is public sector
included?– Breach notification requirements
– Empowerment of national CERTs and authorities– Information sharing and feasibility
19
eSign and eGov• eID and eSign a key component of
security• CA as critical infrastructure• Cloud and authentication• Drive of existing proposal towards
qualified signatures• Weakest link in the supply chain –
Diginotar vs Stuxnet• Technology neutrality and global
marketplace“Anything that is complex is not useful and anything that is useful is simple”
20
21
Changes In Working Style
21
New apps deployedin the cloud
Enterprises allow mobile access to
their network
Workers use threeor more devices
80% 65% 52%1 2 3
Sources:1.IDC Predictions 2012: Competing for 2020, Frank Gens, IDC, 2011
2.The Impact of Mobile Devices on Information Security: A December Survey of IT Professionals, Check Point, January 20123.Info Workers Using Mobile And Personal Devices For Work Will Transform Personal Tech Markets, Frank E. Gillett, Forrester Research, February 22, 2012
The Mobile Challenge
22
Increased Risk of Data Loss
Explosion of New Devices
New Apps Must Be Supported
• How to allow these large number of devices to securely connect to the enterprise?
• How do I manage application deployment & associated costs?
• How do I protect confidential information and image while complying with policies?
1B+ SmartPhones / Tablets by 2014
EndpointHeterogeneity
• How to manage multiple mobile platforms with varying capabilities and form factors?
4 Mayor pain points
Cloud + Mobile : Opportunity and Challenge
23
‘We should embrace BYOA and the new mobile platform to augment productivity and
innovate new business models’
Mobile
‘How do we layer common protection across cloud and mobile without undermining the convenience of
the mobile experience?’Challenge
Cloud
Private Cloud
What the future holds
• Cloud computing and mobility will be the paradigm shift in computing
• Cloud will become a security enabler and a threat
• Government clouds and interoperable eGov services across geographies
• Development of eID will depend on the success of new framework
• More eGov services and dependency on them• More attacks and more complex attack on high value targets
24
Thank you!
Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Thank [email protected]
25