TekMonks LoginCat Security Software 1
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
TekMonksLoginCat Security Software
1
2
Introduction
Today’s Security Challenges
Issues with current solutions
LoginCat: Secure by Design / How we secure ourselves
LoginCat: How we secure you
Summary
Agenda
• TekMonks is a global, full service, fast growing, and highly skilled software technology firm.
• We have operations in 6 countries, and 3 continents.• Experience in multiple industry verticals – including Government,
Finance, Health, and Transportation.• Working with the largest Fortune 100 firms and governments
worldwide
TekMonks – A bit about us
3
4
Key ThemeA brief overview of the
Cybersecurity Challenges
• In 2016, 89% of breaches had a financial or espionage motive.• 95% of all web app breaches were financially motivated.• There were 10,489 insider and privilege misuse based hacks
in 2016. These caused the most damage which could take months or years to heal.• Approximately 85% of hacks are external actors, and 15% are internal, but internal
ones are most devastating. • Majority of attacks use phishing and known vulnerabilities in the security
appliances to steal the initial credentials, that is VPN or Corporate Login passwords. • 82% of all Cyberattacks started with stealing credentials which is password theft.
Hackers then quickly walk across the VPN / Firewall door using legit stolen credentials.
*All data from 2016 Data Breach Investigations Report
Cybersecurity – Some startling facts…*
5
Why am I being attacked … Money + Spying
6
External vs Internal Attacks…
7
• It takes days for an attacker to “exfiltrate” data – i.e. steal valuable data post attack. It is not the initial breach per-se which causes damage, it is this step of stealing valuable company data – where the attacker is then compromising internal systems and stealing data from them. This step takes days to succeed. It is not instantaneous, but it doesn’t take 3 or 6 months either.
Cybersecurity – time is not on our side…
8
• Time to compromise is systems is trending down, time to detect is trending up. Most hackers are able to get in, hide effectively, and then steal corporate data from internal applications, undetected and unchallenged!
Cybersecurity – Some startling facts…
9
• Almost 100% of phishing attacks used to steal credentials and secrets (passwords). 30% of Phishing messages are opened, and 12% are successful in installing malware, a very large number.
Credential Theft – Phishing Statistics
10
Anatomy of a typical cyberattack – 2016 Data
11
$280 BillionTotal loss to businesses from Cyber-attacks in 2016*2
$2.1 TrillionEstimated Cyber Losses in 2019*2
$74.54 Billion – Google’s 2015 Revenue
Hacking industry is a business that is 3.75 times bigger than Google! Hackers today are a well funded multi-Billion dollar illegal corporations with significant computing and research power, all dedicated to hacking you for profits.
Cybersecurity – Yes it is a serious situation
12*2 Forbes: http://www.forbes.com/sites/stevemorgan/2016/01/17/cyber-crime-costs-projected-to-reach-2-trillion-by-2019/#2e21dd3f3bb0
13
Key ThemeIssues with the current solutions
• The continued, high frequency of successful cyberattacks against today’s enterprises has made it abundantly clear that traditional, perimeter-centric security strategies e.g. Firewalls, VPNs, while necessary, are no longer sufficient.
• When a hacker manages to breach them it is much easier to hide and hack the internal core business applications and assets. An internal, application layer security solution is needed.
• Internal applications, which run core business today, were designed 10 years ago, or 5 years ago, even 3 years ago – we are in a different world today.
• Rewriting core business applications is not a solution – plus it is a cat and mouse game, by the time they are rewritten, security threats and standards would have evolved.
Network layer security: Necessary but not sufficient
14
Anatomy of a typical cyberattack – 2016 Data
15
16
A short analysis of the hacker landscape
Just why are things getting worse?Why do hackers succeed more easily lately?
Or – what’s the cause, and thus, the solution to stop these hacks.
• Two words: Very easy, even the complicated ones
Commonly used strategies (2016 data):• Keyloggers – when they work are the easiest• Rainbow tables – Hack passwords as a service
• http://project-rainbowcrack.com/table.htm• 6 TB of Rainbow tables ; can crack all characters on keyboard
• GPU based cracking - much faster than using CPUs, using massive parallelization - a home built GPU cluster can crack every Windows password in less than 6 hours. http://goo.gl/mU5EFB
17
Just how easy are IDs and passwords to hack?
• Crackers today are really efficient at breaking passwords.• Deep Blue Supercomputer - around 1999 - beat Garry Kasparov - 11.38 GFLOPS.• Samsung Galaxy S7 with SnapDragon 820 packs 498.5 GFLOPS. Your Samsung
Smartphone is approximately 44 times faster than the Deep Blue Supercomputer.
• On Desktop Radeon R9 Fury X2 = 17,204 GLOPS. 1,511 times faster than Deep Blue.
• Hackers routinely build rigs with up to 25 of these GPUs, which is 430 TeraFLOPS. https://goo.gl/1nVst6. This is same power as Blue Gene Supercomputer at Livermore Nuclear Laboratory to simulate nuclear reactions.
• If one thinks passwords are secure because decrypting them will take a lot of computing power – one is not living in the reality of 2016.
18
Just how easy are passwords to hack?
19
Password Cracking Rigs
• Biometric and Thumb? Every thing you touch will now contain your password. This is one of the easiest "security measures" to break. There are at least 7 different currently known ways to defeat this. For example, simple inkjets can be used to defeat fingerprint based authentication.
• Iris Scanning? Megapixel cameras can steal your Iris patterns.
• Facial Identification? Face masks take care of defeating this security measure.• Token / RSA? No longer secure. Quantum computers can hack it very easily.
US Government has already abandoned it. MIT has already developed a Quantum Computer capable of easily hacking RSA.
What about other technologies? Biometrics?
20
21
LoginCatPart 1: How do we secure ourselves
first?
• First we eliminates passwords. • Pass phrase based authentication – Mathematically proven to be extremely hard to hack,
even with today’s computing power.• Human brains can’t remember good passwords e.g. $@)Nq;F*(.JRwd#$ , but even babies
learn to put together two or three words quickly and make short sentences
• Second we eliminates User IDs as well. No hack targets, zero exposure, zero trust.
• Third – Deep algorithm based edge security which stops hackers from even trying to attempt a hack.
• Finally, quantum computing resistant – No use of asymmetric keys which are easily hacked by Quantum computers.
Securing LoginCat
22
As the processing speed of computers has increased, passwords are notoriously easy to hack. 8 character passwords take 15 hours at most to hack these days.
Secure by design – End of Passwords
23
LoginCat exclusively uses pass phrases instead of passwords. Pass phrases are next to impossible to crack, even with the fastest computers today and tomorrow!
Secure by design – Pass Phrases
24
• Most attempts to hack a User ID start with – knowing a User ID.
• A User ID is like painting a target sign on your back. Hackers gain access to accounts by targeting User IDs first.
• LoginCat eliminates using User ID for logins. This significantly reduces the attack surface very significantly.
• Specific user accounts can no longer be targeted for hacking attacks.
Secure by design – End of User ID
25
• Edge of network security features.
• Deep AI based security algorithms – beyond IP firewalls LoginCat will analyze incoming login attempts and ban hackers using AI algorithms.
• Some examples• Hacker with incorrect digital signature• Pattern analysis of incoming request headers to ban distributed attacks, for example same
request headers from multiple IPs, will trigger off the DDoS attack prevention monitor.• Successful login from unknown locations, or locations that don’t match mobile devices.,
login times which don’t match habits, etc.
Secure by design – Edge of network AI based hack detection
26
• All current security token based solutions are prone to Quantum attacks. This is because technologies like RSA etc. are based on factorization series problems which Quantum computers can solve and decrypt instantaneously.
• US Government already requires all authentication methods to be Quantum resistant. Quantum computing is becoming mainstream, e.g. IBM provides Quantum computing as a cloud service. http://csrc.nist.gov/publications/drafts/nistir-8105/nistir_8105_draft.pdf
• Both the single and two factor authentication methods used in LoginCat are resistant to being hacked by Quantum computers – as we don’t use Token based authentication schemes. We are safe today – and ready for tomorrow!
Future resistant – Resistant to Quantum attacks
27
28
LoginCatPart 2: How do we secure existing internal and cloud applications?
• Approximately 85% of hacks are external actors, and 15% are internal, but internal ones are most devastating.
• Majority of attacks use phishing and known vulnerabilities in the security appliances to steal the initial credentials, that is VPN or Corporate Login passwords.
• 82% of all Cyberattacks started with stealing credentials which is password theft. Hackers then quickly walk across the VPN / Firewall door using legit stolen credentials.
• They then steal credentials for internal applications, databases by using password crackers – while staying hidden on the internal network.
Core Problem• How do we secure existing applications, which were written in a different security
landscape, use insecure logins and algorithms SHA1, SHA5 or even MD5? We thought we could hide them behind a firewall but clearly that doesn’t work when the hacker is inside!
Quick Recap – From 2016 Data
29
Anatomy of a typical cyberattack – 2016 Data
30
• True Zero Trust – Assume there is an unwanted hacker either an outside actor (85% of the time) who has gotten past the firewalls and VPNs, or an internal actor (15% of the times) and they are trying to hack into internal applications. To steal valuable corporate data – this is the ends to every hack attack.
• A Cybersecurity solution is required to fight such attacks pro-actively, instead of depending on passive measures. This solution should be zero trust, and work at the application layer, and would be great if it secures existing applications, without requiring modifications.
This is what LoginCat does.
31
Zero Trust and Application Layer Level Cybersecurity
LoginCat Protection – 2016 Data
32
• LoginCat secures the User’s ID and passwords across all internal applications, without having to modify them.
• Remember hackers are getting in via cracking passwords. How do we typically get around this? Password policy that says change passwords every 3 months – but it takes hackers days, not 3 months.
• LoginCat will automatically, and frequently change the associated login credentials (passwords) for example every 6 hours.
• Further LoginCat will automatically generate the toughest passwords possible. This makes it harder to hack the accounts, while creating a constantly moving target for the hackers.
• LoginCat comes with a built in SSO solution which works across all major Cloud and in-house applications. Users no longer need to be aware of their constantly changing passwords, since LoginCat will log them into the end systems.
• When an application is hacked, LoginCat will either lock out the attackers automatically by changing the credentials – or detect the hack (if the hacker has locked the account) – either way preventing damages.
Secure by design – Credential Management
33
• LoginCat scripting based authentication adapters will work with all your existing applications – Web based, terminal or cloud.
• For the first time have a unified security policy across internal applications and the cloud.
• No changes needed to existing applications. Do they use MD5? SHA1? We still secure them without having to recode them.
• We manage the passwords, change them on a frequent basis, making your existing application un-hackable, and quickly detect any hack attempts.
• Appliance or Cloud Based – bring us on premise with an appliance, or run LoginCat via from our hosted cloud.
34
Easily integrate to your existing applications – Cloud or Appliance
• User ID provisioning and instant locking from all internal applications, if needed.
• Constantly updated – TekMonks will provide firmware updates to include latest security and AI algorithms to protect against emerging threats.
• Both mobile (iOS and Android) and web based.
• Readily auditable – provides entire audit history of who logged in, when did someone access an internal application, how long they were active, their IP, mobile or web based access and even their location!
35
Other Benefits
36
Demo
37
Summary
• A secure by design solution.
• No User ID equals no easy way in. No way to target an individual.
• Pass phrases – mathematically impossible to crack.
• AI based Algorithmic security to stop hackers from even trying.
• Works will all your existing applications – Cloud or Appliance based solution. The only affordable way to add security to existing applications.
Secure by design, from ground up
38
• Cybersecurity and cyber attacks are the top issues for any government or corporate IT department.
• Hackers are increasingly professional, well funded and causing billions of dollars in losses.
• LoginCat provides a secure, easily Integra table, managed environment which is designed ground up to secure existing applications.
Can You Afford Not To?
39
Demo.
Technology and business IT assessment.
Solution proposal.
Next Steps
40
THANK YOU
41
Related Documents
