Proprietary and Confidential Cyber Threat Awareness Proprietary and Confidential Cyber Threats Understanding the Landscape EJ Hilbert, Kroll February 11, 2015
Aug 16, 2015
Proprietary and Confidential
Cyber Threat Awareness
Proprietary and Confidential
Cyber Threats Understanding the Landscape
EJ Hilbert, Kroll
February 11, 2015
Proprietary and Confidential
Cyber Threat Awareness
About the Speaker
• Managing Director Kroll Advisory Solutions- Head of Cyber Investigations for EMEA
• President of Online Intelligence- A cyber security and investigative firm specializing in social media and online advertising schemes, scams and crimes.
• Director of Security Enforcement for MySpace – Responsible for addressing all security concerns related to MySpace, its systems and its users. Sued spammers and personally won $240 million.
• FBI Special Agent- Specialized in White Collar Crime, Cyber Crime and Counter-Terrorism. Notable cases are Treason charges against Adam Gadahn aka Azzam Al Amriki, FBI.gov email intrusion, Carderplanet takedown/Cardkeeper, and Invita/Flyhook: the Alexey Ivanov case.
• High School Teacher and Coach- History, Science, Baseball, Basketball and Cross Country winning three National Titles
• Got my first computer at 12yrs old, a Commodore 64, upgraded later to an Apple IIe which I designed and built in my garage with my friend Steve Jobs.
• Consultant on TV shows, movies and books, various media coverage including MSNBC, BBC, ITV, CNN, Financial Times, Rolling Stone, WSJ, Wired, and Gizmodo. Childhood movie and TV star on Disney Channel
Proprietary and Confidential
Cyber Threat Awareness
All Attacks Require Access
Joe is your employee in the mail room.
He makes minimum wage
He has a corporate email account
He has a corporate computer where he installed iTunes and downloads his pictures
He banks with HSBC
And he just got this email….
Proprietary and Confidential
Cyber Threat Awareness
Proprietary and Confidential
Cyber Threat Awareness
He Clicked the Link
Your Network Is
Now Owned
Proprietary and Confidential
Cyber Threat Awareness
Do You Know Who You Are Talking To?Here is a clue-
• Managing Director Kroll Advisory Solutions- Head of Cyber Investigations for EMEA
• President of Online Intelligence- A cyber security and investigative firm specializing in social media and online advertising schemes, scams and crimes.
• Director of Security Enforcement for MySpace – Responsible for addressing all security concerns related to MySpace, its systems and its users. Sued spammers and won personally $240 million.
• FBI Special Agent- Specialized in White Collar Crime, Cyber Crime and Counter-Terrorism. Notable cases are Treason charges against Adam Gadahn aka Azzam Al Amriki, FBI.gov email intrusion, Carderplanet takedown/Cardkeeper, and Invita/Flyhook: the Alexey Ivanov case.
• High school Teacher and Coach- History, Science, Baseball, Basketball and Cross Country winning three National Titles
• Got my first computer at 12yrs old, a Commodore 64, upgraded later to an Apple IIe which I designed and built in my garage with my friend Steve Jobs.
• Consultant on TV shows, movies and books, various media coverage including MSNBC, BBC, ITV, CNN, Financial Times, Rolling Stone, WSJ, Wired, and Gizmodo. Childhood movie and TV star on Disney Channel
Proprietary and Confidential
Cyber Threat Awareness
What are Cyber/Digital Threats?
Cyber threats can be broken into four categories: Cyber Crime- Computer-enabled attacks for profit
or gain
Cyber Espionage- Long term data spying for various reasons
Cyber Warfare- Destruction of Critical Infrastructure
Activism – Attacks to embarrass or discredit
Proprietary and Confidential
Cyber Threat Awareness
Cybercrime
Financially motived attacks and breaches intended to make a profit
Computer Dependent Versus Computer Enabled CD- System disruption, phishing and malware CE- Data Theft and Fraud
Rarely is the attack a “hack”, rather it is a compromise of users credentials resulting in an Account Takeover
Credit cards and financial credentials are not the only target but they are a Media “Tangible”
Data “kidnapping” and extortion payments are a viable money maker for criminals
Social media and contact data is more valuable than your credit card.
Proprietary and Confidential
Cyber Threat Awareness
Zeus and SpyEye
Proprietary and Confidential
Cyber Threat Awareness
Cyber Espionage
The intention is to gain long term access
Not just one attack but several intent on creating access
Limited fear of attack discovery but no of prosecution
Economic and Political motivations but loss is hard to calculate
New EU laws may require breach notification for all companies
Proprietary and Confidential
Cyber Threat Awareness
Cyber Warfare
New class of weapons system
Industrial Control Systems targeted
Intention is to disrupt or destroy
Stuxnet, Schmoon, Flame, etc.
Result in hardware and data losses Stuxnet = loss of 10yrs of data
Schmoon = loss of 30,000 systems
WiPall.D (aka G.O.D.) = Petabytes lost at Sony
Weaponized programs that are placed out in the wild for use by others.
Cyber weapons are not contained nor do they self destruct
Proprietary and Confidential
Cyber Threat Awareness
Activism
Why stage a real world protest when you make you point online to everyone
They showcase the weakness in systems exposing them for other attacks
Intent to publically embarrass those companies and people they disagree with while being “anonymous.”
Impact can be devastating to the person, the company, the Infrastructure and the clients.
Most attacks are low level defacements or social engineering of employees.
Proprietary and Confidential
Cyber Threat Awareness
Which Of Those Affect You?
Crime What data do you
have and what is it worth on the market?
Internal vs. External fraud
Disruption and Extortion
Can your systems be used against others?
Espionage Who wants what you
know?
Are there indications of a slow bleed?
Do you have contracts others might want to exploit?
How can I embarrass senior management?
Activism Who are your haters?
Why?
Do you have data that can be used against your allies or your enemies?
Do you have data
What is your company’s social profile?
Warfare What is the effect of
taking you offline?
Can I disturb, disrupt or dismantle a portion of your business?
What is your BC/DR plan?
Resiliency – technical, commercial and reputational
Proprietary and Confidential
Cyber Threat Awareness
Significance?
229The average number of days an intruder sits in your system before being
discovered. Most discoveries are made through third party notification.
Proprietary and Confidential
Cyber Threat Awareness
Parting Thoughts?
What information do you hold and why is it valuable?
Who has access to the information?
How do you know? Is there access monitoring in place?
Can you cut their access right now?
If every megabyte of data held was worth £1, how would you protect it?
(The average laptop hard disk holds 500gb or 500,000mb)
Proprietary and Confidential
Cyber Threat Awareness
Questions?
E.J. HilbertManaging Director
Cyber Practice HeadKroll EMEA
[email protected]/ejhilbert
www.linkedin.com/in/ejhilbert