Bank-of-England & Cyber Security Presented by: John Walker 10 May 2013
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Bank-of-England
&
Cyber Security
Presented by: John Walker
10 May 2013
SITREP – The Threat 10/05/13Criminals are Winning – and the Rewards are HIGHhttp://www.bankinfosecurity.co.uk/blogs/new-fraud-scheme-launched-via-chat-p-1403
Hacktivists are, well Active (NOT forgetting Cyber Radicals)
PCI-DSS has been found to be FLAWED
The Standard of ‘Overcompensation’
Skills Low – they need to be honed
International Threats Ignored
Too many Reports – NOT enough Action
Lack of Reporting
Lack of Public Security Awareness
1. DNS2. Exposures & Vulnerabilities3. Users – Education & Awareness (The Human Firewall)4. Patch & Fix (or NOT)5. Bleeding Edge Technologies6. Virtualisation & Cloud (and its not new)7. Lack of Standards8. New Age Malware (Smart Cell Phone)9. Data Leakage (e.g. MetaData)10. Smart Printers (MFD’s)11. BYOD – Smart Phones, and Mobility12. Advanced Threats – the AET
Some Common Threat Examples
Unrestricted Warfare is a book on military strategy written in 1999 by two colonels in the People's Liberation Army, Qiao Liang and Wang Xiangsui.
Actors & Radicals
DDoS
New Threat: The multi-tiered itsoknoproblembro DDoS toolkit has been identified in a spate of damaging attacks against the banking, hosting and energy industries. It is considered to be a critical DDoS threat that leverages a unique, two-tier command mode to launch multiple high-bandwidth attack types simultaneously.
In Q1/13 the average attack Bandwidth totalled 48.25 Gbps, a 718% increase, compared with last quarter, and an average packet-per-second rate of 32.4 Mpps. This represents a significant trend of threat to the Banking Industry.
CaaS - CaaB
Firewall Evasion
Up-to-date Firewall IDS, & IPS are known to be vulnerable – for over three yearsyet was not admitted, or disclosed toBusiness, or the Public.
One overall Society Wide implication is, by Socio-Economic Implication we (the Global Village) have embedded the environment of Internet dependencies into the very fabric of our lives – and Cloud will expand these dependencies.
Social, Business, Government, Banking, all of which are now entwined into the Interconnected environment, the Genie is Out, and may not be placed back in the bottle.
Users [Customers] Business Operations are Governments are highly reliant on Internet Operability. Socially be it from IP TV, VoIP, or even Home working, again dependency is high . . . . Making it, and us an ideal surface of Attack by circumstance.
This dependency on an environment with no real Governance, Cross Boarder Control, or for that SLA, makes us significantly vulnerable, in the Medium to Long Term . . . and it WILL have consequences unless action is taken now!
Socio-Economic Implications
Proactive Response & Initiatives
The challenge is significant, but it is not impossible to address with pragmatism to deliver Joined-up thinking:
1. Look to Baseline & Standardise the Community2. Create a Culture of Proactive Bi-directional information sharing3. Evolve high levels of Situational Awareness – Recognise the current Threat Landscape4. Commission Systems, and Processes to Proactively Monitor for New Threats5. Deliver a Virtual Security Framework for Community Wide Membership 6. Create and Deliver Guides, Documentation, and Suggested Processes7. Evolve links with Industry8. Strengthen Links with Law Enforcement9. Create Bi-Directional open lines with Key Agencies and Businesses based on Trust10. Approach with value-add, and not scrutiny – again, evolving Trust11. Consider the value of scale for Community wide solutions12. Create Service Offerings to reduce cost, whilst increasing security opportunities13. Have an Open-Door Policy
Examples follow:
Understand the profile of Cyber Extortion, and Distance Based Digital Forensics to engage with an attack.
Logs, Alerts, and Notifications should notify adverse conditions.
Copyright SBLTD 2012
Example 1 - Cyber Extortion
Example 2 - First Responders & CSIRT
There is a very realneed to deploy aCSIRT, including:
a) First Responderb) GRCc) Forensics
It can be done a very low cost, and stillProvision high endOperational capabilities
Based on:
ISO 27001ISO 27001CoBIT 5.0
Thank you for listeningQuestions?
Related Documents
