Information Security Awareness

Peran Keamanan Informasi di Tengah Pesatnya Perkembangan ICT

Universitas Al Azhar Indonesia

Jakarta – 10 Juni 2014

Digit Oktaviantohttp://digitoktavianto.web.id

digit dot oktavianto at gmail dot com

IT Security Enthusiast (Opreker)Member of Indonesian Honeynet ChapterMember OWASP Indonesian ChapterLinux Activist (KPLI Jakarta)IT Security Consultant

About Me

Perkembangan Industri IT

Source : http://www.forbes.com/powerful-brands/list/

“After compiling the list of fastest growing industries, there were some apparent trends. Each industry on the list experienced growth as a result of one or more of four drivers: Internet growth, environmental issues, cost cutting and evolving technology.”

Source : IBISWorld (global business intelligence leader specializing in Industry Market Research)

Mengapa Perkembangan Industri IT Sangat Pesat?

Internet growthEnvironmental issuesCost cutting Evolving technology

Faktor Pendukung

Marketing StrategyAdvertisementBusiness ModelDeliverables to CustomerWorking BehaviorChange of Mindset

Perubahan Paradigma Konvensional ke Era Modern

“Keamanan selalu berbading terbalik dengan kenyamanan. Semakin anda merasa nyaman, semakin anda tidak aman.”

(Anonymous)

Correlation?

Information Security Threat

Data BreachesSocial Media HackingMobile Device ThreatMalware and Advanced Persistent Threat

(APT)

Recent Trends

Electronic CrimesDisclosure Sensitive Information

(personal info, credit card, username and password)

Target :Online ShopSocial Media WebsitesGovernment Agency

Data Breach

Why oh Why?

Data Breaches

Data Breaches

Data Breaches

Data Breaches

Data Breaches

Purposes?Business competitionCampaignFor Fun (and Profit?)Ruin your life? (e.g. revenge?)Spying (Government, Agencies, Corporate)

Social Media Hacking

Social Media Hacking

Social Media Hacking

Social Media Hacking

Social Media Hacking

Social Media Hacking

Why? 6 Billion Mobile Subscribers on the Planet

(end of 2012)Little to no patch management for mobile &

Poor QA in the AppStoreFew anti-virus / anti-malware solutionsIncreasing malicious mobile applications and

mobile exploitation

Mobile Device Threat

Mobile Device Threat

Example :- Phishing SMS Link

Mobile Device Threat

Example :Fake App

Mobile Device Threat

Example :Virus / Malware Threat

Mobile Device Threat

What is APT?

World next publicly available comprehensive report on Advanced Persistent Threat

Provided by Mandiant (www.mandiant.com)It’s a nickname for a group that being

government sponsored for doing specific attack and specific purpose

China is the suspected government that sponsored the group

Malware and Advanced Persistent Threat (APT)

Advanced means the adversary can operate in the full spectrum of computer intrusion. They can use the most pedestrian publicly available exploit against a well-known vulnerability, or they can elevate their game to research new vulnerabilities and develop custom exploits, depending on the target's posture.

Persistent means the adversary is formally tasked to accomplish a mission. They are not opportunistic intruders. Like an intelligence unit they receive directives and work to satisfy their masters. Persistent does not necessarily mean they need to constantly execute malicious code on victim computers. Rather, they maintain the level of interaction needed to execute their objectives.

Threat means the adversary is not a piece of mindless code. Some people throw around the term "threat" with reference to malware. If malware had no human attached to it (someone to control the victim, read the stolen data, etc.), then most malware would be of little worry (as long as it didn't degrade or deny data). Rather, the adversary here is a threat because it is organized and funded and motivated. Some people speak of multiple "groups" consisting of dedicated "crews" with various missions.

(Taken from http://taosecurity.blogspot.com/2010/01/what-is-apt-and-what-does-it-want.html)

Malware and Advanced Persistent Threat (APT)

Political objectives that include continuing to suppress its own population in the name of "stability."

Economic objectives that rely on stealing intellectual property from victims. Such IP can be cloned and sold, studied and underbid in competitive dealings, or fused with local research to produce new products and services more cheaply than the victims.

Technical objectives that further their ability to accomplish their mission. These include gaining access to source code for further exploit development, or learning how defenses work in order to better evade or disrupt them.

Military objectives that include identifying weaknesses that allow inferior military forces to defeat superior military forces. The Report on Chinese Government Sponsored Cyber Activities addresses issues like these.

Malware and Advanced Persistent Threat (APT)

Malware and Advanced Persistent Threat (APT)

Malware and Advanced Persistent Threat (APT)

What should we do?

The Answer :

Information Security Awareness

Who?

IT Infrastructure (Sys Admin, Sys Engineer)Application (Developer, Analyst)End User

Information Security Awareness

Social Engineering | Because there is no Patch for Human Stupidity.

Information Security Awareness

Social Engineering simply means manipulating or tricking people to gain their trust in order to give up confidential information without them knowing it.

This leads in gathering confidential information, computer system access or fraud.

Social Engineering

1. Risk Analysis2. Risk Assessment3. Policy4. Procedure5. Standard

Infosec Awareness Requirement

1. A process to take the message to the user community to reinforce the concept that information security is an important part of the business process

2. Identification of the individuals who are responsible for the implementation of the security program

3. The ability to determine the sensitivity of information and the criticality of applications, systems and business processes

4. The business reasons why basic security concepts such as separation of duties, need-to-know, and least privilege must be implemented

5. That senior management supports the goals and objectives of the information security program

5 Key Elements Infosec Awareness Program

Q & A

FINISH