Top Banner

Click here to load reader

The ever increasing threat of cyber crime

Aug 23, 2014

ReportDownload

Presentation talking about the ever increasing threat of cyber crime and how social media, mobile devices, cloud computing make an interesting point of attack. Cyber security is only getting more and more important due to the widespread of new platforms, increasingly available and simple to use exploit kits as well as attacks becoming more sophisticated and having specific targets.

  • The ever- increasing threat of Cyber Crime Prepared By: Nathan Desfontaines 27 March 2014 Information Protection & Business Resilience
  • 1 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. Agenda Who am I... And How did we get here? Me, in a CMD-shell Evolution of computers Video Time Microsoft Europe Cyber Security Worlds biggest data breaches Worlds Biggest Data Breaches (Graphic) What should you care about? Cyber Security Threats for 2013/2014 Cyber Security Threats: New Platforms Cyber Security Threats: Exploit Kits Cyber Security Threats: Targeted Attacks Video Time 10 Infamous Computer Hackers Questions?
  • Who am I And how did we get here?
  • 3 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. Who am I And how did we get here? (cont.) Do you remember back in the day?
  • 4 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. Who am I And how did we get here? (cont.) Apple II Sinclair ZX-81 Timex Sinclair 1000Sinclair ZX Spectrum Kaypro 4-84 Tandy 1000EX KIM-1 Tandy 102 Digi-Comp Magitronic 286 Atari 800XL Z-180 Commodore PET
  • Microsoft Europe Cyber Security
  • 6 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. Microsoft Europe Cyber Security Source: YouTube.com
  • World's Biggest Data Breaches
  • 8 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. World's Biggest Data Breaches Source: informationisbeautiful.net
  • What should you care about?
  • 10 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. What should you care about? 1. Widespread use of new platforms Cyber Security Threats for 2013/2014 Three significant reasons as to why cyber security will remain a key concern for IT managers: 3. Attacks are becoming more sophisticated and have specific targets 2. Increasingly available and simple to use exploit kits
  • 11 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. What should you care about? (cont.) Mobile Devices Cyber Security Threats: New Platforms Rapid increase in the use of mobile devices Improved functionality of smartphones and tablets Mobile devices make for an interesting point of attack Existence of apps as a source of malware Increase of cyber attacks on the iOS platform Increased use of Bring Your Own Device (BYOD) policies in the workplace
  • 12 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. What should you care about? (cont.) Mobile Devices Cyber Security Threats: New Platforms Impersonation SMS Redirection Sending Email Messages Posting to Social Media Financial Sending premium rate SMS Messages Stealing Transaction Authentication Numbers (TANs) Extortion via Ransomware Fake Antivirus Making Expensive Calls Data Theft Account Details Contracts Call Logs Phone Number Stealing Data via Application Vulnerabilities Stealing International Mobile Equipment Identity Numbers (IMEI) Surveillance Audio Camera Call Logs Location SMS Messages
  • 13 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. What should you care about? (cont.) Cyber Security Threats: New Platforms The Cloud A single point of entry that can be accessed from almost anywhere This access can be abused in different ways: Theft or destruction of data DoS attacks Hijacking of cloud service traffic and redirecting it to other sources of malicious content Attacks can cause significant disruption to businesses
  • 14 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. What should you care about? (cont.) Cyber Security Threats: New Platforms Social Media Easy access to personal information One entry point provides a trusted voice to reach others Check-ins can provide malicious users access to possible transactions: Fraudulent bank transactions Identity theft situations
  • 15 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. What should you care about? (cont.) Cyber Security Threats: Exploit Kits Exploit Kits The For Dummies series equivalent in the world of cyber security Uses pre-written code to target applications with a history of known security exploits or users who fail to update software Can be purchased by anyone and requires no knowledge of how an exploit works Roughly 70% of exploit kits originate from Russia Neutrino 24% Unknown Kit 21% Redkit 19% SweetOrange 11% Styx 10% Glazunov/Sibhost 5%
  • 16 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. What should you care about? (cont.) Cyber Security Threats: Targeted Attacks Targeted & Sophisticated Attacks Higher payoff makes cyber attacks more of an enterprise Hacktivists: Groups of cyber criminals and/or protestors that target government and corporate websites to bring awareness to their cause Cyberwarfare: Nation-state sponsored attacks Advanced Persistent Threat (APT) Zero-Day-Forever
  • 17 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. Zero-Day-Forever Zero-Day-Forever Legacy Windows users are bracing for Microsofts April 8, 2014 deadline to end security updates on Windows XP and Office 2003.
  • 18 2014 KPMG International. KPMG International is a Swiss cooperative of which all KPMG firms are members. KPMG International provides no services to clients. Each member firm is a separate and independent legal entity and each describes itself as such. All rights reserved. What should you care about? (cont.) Cyber Security Threats: Targeted Attacks Targeted & Sophisticated Attacks Malware Ransomware: Common iteration referred to as Cryptolocker. Ransomware has been around for nearly a quarter-century, the latest version uses very strong encryption to make users files inaccessible and extort cash from them. Spyware Adware Scareware: Software that appears to be something legit (usually masquerading as some tool to help fix your computer) but when it runs it tells you that your system is either infected or broken in some way. This message is generally delivered in a manner that is meant to frighten you into doing something.