This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Evolving Threat Landscape-Attackers are creative and smart
6
Attacker
Sop
hist
icat
ion
Motivation Targets
In May, the U.S. Justice Department indicted 5 Chinese military officers on charges of hacking into the computer networks of U.S. companies and stealing commercial secrets. It linked all of them to PLA Unit 61398 in Shanghai.
• Political Statement• Protest
• Military Actions• Industrial Advantage
• $$$$$$• Extortion• Commercial Ransom
• Sell Trade Secrets• Disgruntled Employee
In a manifesto announcing its DDoS operation, Anonymous railed against Sony for going after coders who seek to modify hardware that they own.
Hackers found vulnerabilities in a popular retailer’s network through remotely controlled HVAC systems and were able to access payments system data of over 40 Million credit cards.
Matthew Keys used his access as a former employee of the Tribune Co. to help a hacker deface the website of the Los Angeles Times in 2010.
Low
Med
ium
Hig
hH
igh
Source: Analysis of the North American Managed Security Services Market, July 2014.
Defining Internet of Things (IOT): An infrastructure of interconnected objects, people, systems, and information resources together with intelligent services to allow them to process information of the physical and the virtual world and react.
Source: International Standard Organization, SWG IOT, August 2014
The Internet is changing the way we work, socialize, create and share
information… Yet the magnitude of this transformation is still unknown
• DDoS protection is more than a insurance policy. Disruption by denial-of-service attacks have detrimental consequences for enterprise and financial firms leveraging IoTservices.
• Understand the what and how. Any product offered involving IoT devices must be designed with security in mind. Incorporate security controls, leveraging a pre-built role-based security model.
• Your data is an asset -- understand its value, location, and movement.
• Management: IoT management is the big challenge for enterprises in an IoTenvironment form how to quickly patch IoT device vulnerabilities -- and how to prioritize vulnerability.
• Identifying, implementing security controls . This is a challenge with emerging Internet-connected devices. Some security functions must be done in partnership with your service providers.
• New data, new opportunity, new risk. Wi-Fi-enabled devices connected to the Internet bring a flood of data for enterprises to collect, aggregate, process and analyze. New data means new business opportunities for Enterprises, but also means new risks.
• Mitigation will equal money. Enterprises must be able to identify legitimate traffic vs malicious traffic patterns on IoT devices. It is critical to have actionable threat intelligence measures in place to detect threats and mitigate them before they impact consumer experience, data or worse.