CRITICAL INFORMATICS Our stuff keeps your stuff from becoming their - - PowerPoint PPT Presentation

critical informatics
SMART_READER_LITE
LIVE PREVIEW

CRITICAL INFORMATICS Our stuff keeps your stuff from becoming their - - PowerPoint PPT Presentation

May 27, 2023 359 likes •589 views

CRITICAL INFORMATICS www.criticalinformatics.com January 31, 2018 CRITICAL INFORMATICS Our stuff keeps your stuff from becoming their stuff CRITICAL INFORMATICS www.criticalinformatics.com Page 2 UW UW T Tec ech h Co Conn nnec ect

slide-1
SLIDE 1

CRITICAL INFORMATICS

Our stuff keeps your stuff from becoming their stuff

www.criticalinformatics.com CRITICAL INFORMATICS January 31, 2018

slide-2
SLIDE 2

Page 2 www.criticalinformatics.com CRITICAL INFORMATICS

Trends In Information Security

Preparing for an animated future

UW UW T Tec ech h Co Conn nnec ect Mar arch ch 13 13, 2 201 018

slide-3
SLIDE 3

www.criticalinformatics.com Page 3 CRITICAL INFORMATICS

Outcomes to Avoid

  • Records Breach: ~$150/record
  • Theft: $75K-$1.2M in our region,

multiple millions elsewhere

  • Disruption: Loss of business continuity
  • r operating capacity, loss of life for

critical services

slide-4
SLIDE 4

www.criticalinformatics.com Page 4 CRITICAL INFORMATICS

Leaning Into OSINT

Tre rends emerge, which lend themselves to prediction, or at least noticing which way the wind is starting to blow

slide-5
SLIDE 5

www.criticalinformatics.com Page 5 CRITICAL INFORMATICS

Recent Public Sector Events

slide-6
SLIDE 6

www.criticalinformatics.com Page 6 CRITICAL INFORMATICS

Ransomware

slide-7
SLIDE 7

www.criticalinformatics.com Page 7 CRITICAL INFORMATICS

Cryptocurrency Mining

Low-Risk for organized crime Uses existing botnets Becoming legitimized Operational Continuity Threat Better than ransomware

slide-8
SLIDE 8

www.criticalinformatics.com Page 8 CRITICAL INFORMATICS

IoT Weaponization

  • Not secured when deployed
  • If exposed to the Internet,

immediate takeover

  • Mirai, Reaper, DoubleDoor
  • Used for DDOS, and TBD
slide-9
SLIDE 9

www.criticalinformatics.com Page 9 CRITICAL INFORMATICS

What’s Going Wrong Here?

  • Manufacturers – do not

produce products that are certified as free of known security defect

  • Procurement – does not

require any attestation of product security as a requirement for purchase

  • In

Integrators – do not install products with security controls

  • Operatio

ions – does not address roles and responsibilities delineation for security

slide-10
SLIDE 10

www.criticalinformatics.com Page 10 CRITICAL INFORMATICS

https://bol.bna.com/threats-of-litigation-after-data-breaches-at-major-law- firms/ https://www.rawstory.com/2016/09/yahoo-sued-for-gross-negligence-over- cyber-attack-that-exposed-500-million-accounts/ https://www.scmagazine.com/after-the-breach-settlement-expected-for-50m- home-depot-customers/article/529135/ http://www.bizjournals.com/phoenix/blog/health-care-daily/2016/08/class- action-cyber-attack-lawsuit-against-banner.html

Lawsuits

slide-11
SLIDE 11

www.criticalinformatics.com Page 11 CRITICAL INFORMATICS

Shareholders Sue Companies For Lying About Cyber Security

Another key area to focus on is litigation exposure. While this area of law is still developing, breaches ca can giv ive rise to to co consumer lit litigation, se securi rities fr fraud lit litigation, even li liability for for co corp rporate dire irectors under r De Delaware law law. […] The markets are becoming much more sophisticated in their understanding of the financial consequences of breaches that result in the loss of key intellectual property, and legal exposure is also expanding rapidly, especially on the consumer front. Som

  • me co

court rts are re st start rting to to perm rmit co consumers to to bri ring ca cases based on

  • n th

the fe fear of

  • f fra

fraud th that th they su suff ffer aft fter th their data is is st stolen—even with ithout being able to to sh show th that anybody has act ctually tri tried to to use se th their data. As we start to see share prices drop after news of previously undisclosed breaches emerges, I think we will be seeing more securities fraud suits as well.

http://www.forbes.com/sites/christopherskroupa/2016/10/27/exposing-litigation-the-hidden-risks-of-cyber-breach/#6f4f218f1988

slide-12
SLIDE 12

www.criticalinformatics.com Page 12 CRITICAL INFORMATICS

Nation-State Collateral Damage

slide-13
SLIDE 13

www.criticalinformatics.com Page 13 CRITICAL INFORMATICS

The Third Party Microscope

slide-14
SLIDE 14

www.criticalinformatics.com Page 14 CRITICAL INFORMATICS

“This ability enables an agency to instantly disable or destroy a target. Cyber strike capability is an ‘always online weapon’ that can be fired at any IP connected terminal with power to disable or destroy a target permanently,” a copy of the brochure reads, referring to Aglaya’s self-described ‘Cyber Strike’ product. “This weapon is comparable to a Nuclear Strike that can destroy ci city wid ide Cyber in infra rastructure re or

  • r render a co

county wid ide IP co communications in ineffective,” the brochure adds.

source: https://motherboard.vice.com/en_us/article/59weqb/a-spyware-company-audaciously-offers-cyber-nukes

slide-15
SLIDE 15

www.criticalinformatics.com Page 15 CRITICAL INFORMATICS

Gigantic DDOS

Memcached Amplification Att ttack Breaks New DDoS Record At t 1.7 .7 Tb/s

Arbor believes that we’ve entered a new era in which Tb/s DDoS attacks will be common, whether it’s through memcached server vulnerabilities or through other vulnerabilities attackers may be able to find later.

slide-16
SLIDE 16

www.criticalinformatics.com Page 16 CRITICAL INFORMATICS

Hardware Vulnerabilities

"One of the problems with Spectre is that it's completely silent," Evtyushkin said. "You don't see anything happening. Compared to traditional attacks, where an application usually crashes and you can see the damage, with microarchitecture attacks you won't see it or know it happened." Meltdown-Spectre: Now th the cla lass action suit its against In Intel are re sta tarting to to mount up

https://phys.org/news/2018-03-exposing-biggest-chip-vulnerability.html

slide-17
SLIDE 17

www.criticalinformatics.com Page 17 CRITICAL INFORMATICS

Surveillance, Privacy, and Encryption

Tension between ad revenue and product companies GDPR and the right to data removal Disinformation, propaganda, and voter manipulation US wants private sector cooperation w/foreign govt data requests Role of local law enforcement

https://www.eff.org/deeplinks/2018/02/cloud-act-dangerous-expansion-police-snooping-cross-border-data

slide-18
SLIDE 18

www.criticalinformatics.com Page 18 CRITICAL INFORMATICS

Not Everything is Bad… We Think

AI, ML, and Security Automation

slide-19
SLIDE 19

www.criticalinformatics.com Page 19 CRITICAL INFORMATICS

Not-So-Crazy Predictions

SADLY

  • DDOS will become a more prevalent (and effective)

extortion tool

  • Ransomware will affect transportation, manufacturing,

and health sectors

  • Our economy will be poked by a nation-state actor
  • Government surveillance will increase
  • The 2018 election will be chaos
  • Extortion against a hospital will result in a death

BUT ALSO

  • Boards of Directors will treat "cyber" as a business risk
  • Automation with human oversight will start to help
  • Security will become a competitive differentiator
slide-20
SLIDE 20

www.criticalinformatics.com Page 20 CRITICAL INFORMATICS

Mike Hamilton Michael.Hamilton@criticalinformatics.com @critinformatics – Company Tweets @seattlemkh – Unvarnished Opinions The IT Security News Blast https://criticalinformatics.com/resources/it-security-news/

THANK YOU

slide-21
SLIDE 21

CRITICAL INFORMATICS

Our stuff keeps your stuff from becoming their stuff

www.criticalinformatics.com CRITICAL INFORMATICS January 31, 2018

info@criticalinformatics.com Twitter @seattlemkh @critinformatics