cyber breach
play

CYBER BREACH Preventing Bodily Injury and Property Damage - PowerPoint PPT Presentation

Mar 18, 2023 •48 likes •508 views

CYBER BREACH Preventing Bodily Injury and Property Damage info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 1 THE WORLD WE KNOW TODAY info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 2

  1. CYBER BREACH Preventing Bodily Injury and Property Damage info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 1

  2. THE WORLD WE KNOW TODAY info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 2

  3. INTERNET SECURITY CAMERAS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 3

  4. IoT BOTNET info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 4

  5. WE WARNED YOU IN 2013 info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 5

  6. BUT YOU STILL GOT SUED info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 6

  7. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 7

  8. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 8

  9. AND THE BEAT GOES ON… info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 9

  10. MEDICAL DEVICES info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 10

  11. THE STORY info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 11

  12. VERSUS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 12

  13. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 13

  14. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 14

  15. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 15

  16. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 16

  17. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 17

  18. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 18

  19. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 19

  20. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 20

  21. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 21

  22. THE COST info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 22

  23. ELEMENT IMPACT Fraud losses, legal fees, $Millions to $Billions new security measures in costs info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 23

  24. ELEMENT IMPACT Fraud losses, legal fees, $Millions to $Billions new security measures in costs Drop in stock & profits 5% to 10% drop in stock info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 24

  25. ELEMENT IMPACT Fraud losses, legal fees, $Millions to $Billions new security measures in costs Drop in stock & profits 5% to 10% drop in stock Brand index scores Brand value immediately drop to negative info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 25

  26. ELEMENT IMPACT Credit rating S&P cuts credit rating info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 26

  27. ELEMENT IMPACT Credit rating S&P cuts credit rating Job security Executive shake-ups info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 27

  28. ELEMENT IMPACT Credit rating S&P cuts credit rating Job security Executive shake-ups Some customers never Customers leave return info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 28

  29. DISCOVERING ATTACK VECTORS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 29

  30. AS EASY AS 1, 2, 3 Step 1 Unpack the Firmware Image Open source tool called binwalk can unpack most firmware images. Step 2 Analyze Executable Binaries and System Files Look for low-hanging fruit like insecure coding practices and hidden private crypto keys. Step 3 Fix, Compile, Repeat Replace insecure coding practices with secure methods. Remove all private crypto keys. Recompile code. Re-examine. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 30

  31. BUT MY SOURCE CODE IS SECURE! info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 31

  32. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 32

  33. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 33

  34. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 34

  35. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 35

  36. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 36

  37. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 37

  38. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 38

  39. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 39

  40. HOW TO MITIGATE CYBER SECURITY RISKS IN CONNECTED MEDICAL DEVICES Step 1 Perform a Traditional Security Assessment Open source tools such as Nmap, Nessus, and Metasploit can help. Step 2 Perform Blackbox Testing with Fuzzing Open source tools: w3af, Wfuzz, Wapiti. Commercial tools: Defensics. Step 3 Perform a Firmware Evaluation Open source tool: binwalk, gdb, OllyDbg. Commercial tools: Centrifuge Security Platform. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 40

  41. WHO IS TACTICAL NETWORK SOLUTIONS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 41

  42. Founded 2007 Founders are former NSA/TAO employees Offensive cyber operations focus 12 Employees info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 42

  43. MANAGEMENT TEAM Terry Dunlap, Founder & CEO National Security Agency - 7 years experience Computer Network Exploitation wireless tool development Acting Branch Chief Peter Eacmen, Co-Founder & CTO National Security Agency - 10+ years experience Computer Network Exploitation tool development Close access operation support Embedded directly with USSOCOM unit at NSA info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 43

  44. FIRMWARE EVALUATION TEAM 10 Employees Former NSA Computer Network Exploitation specialists in firmware reverse engineering info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 44

  45. CUSTOMERS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 45

  46. CONTACT Tactical Network Solutions LLC 8825 Stanford Blvd., Suite 308 Columbia, MD 21045 (443) 276-2990 Terry Dunlap Peter Eacmen Partner Partner tdunlap@tacnetsol.com peacmen@tacnetsol.com 240-672-2945 (C) 617-548-5384 (C) info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 46

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Prentice Wealth Management Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape Verizon VBIR 2015 Report Cyber Breach Trending Outsider v Insider Threat Personal Identity Protection

819 views • 12 slides
CYBER INSURANCE Luxury or necessary protection? What is a data breach? A breach is defined as an

CYBER INSURANCE Luxury or necessary protection? What is a data breach? A breach is defined as an

CYBER INSURANCE Luxury or necessary protection? What is a data breach? A breach is defined as an event in which an individuals name plus personal information such as an address, phone number and/or financial record such as a social security

307 views • 16 slides
CAN ORGANIZATIONS SURVIVE A POLI-CYBER BREACH ? K e y n o t e b y K h a l e d F a t t a l MLi

CAN ORGANIZATIONS SURVIVE A POLI-CYBER BREACH ? K e y n o t e b y K h a l e d F a t t a l MLi

CAN ORGANIZATIONS SURVIVE A POLI-CYBER BREACH ? K e y n o t e b y K h a l e d F a t t a l MLi Group, C h a i r m a n ( @ ) M L i G r p ( d o t ) c o m 1 WHAT IS A POLI-CYBER ? CYBER ATTACKS PERPETRATED OR INSPIRED BY EXTREMIST

520 views • 17 slides
W ITH THE DATA BREACH AT information for cyber criminals. As consultants to determine whether

W ITH THE DATA BREACH AT information for cyber criminals. As consultants to determine whether

LAW Best Practices for Protecting Electronic Business Data Companies are under attack from cyber-criminals, hackers and spies. Is your data at risk? C OMPILED BY M ILES Z. E PSTEIN E DITOR , COMMERCE W ITH THE DATA BREACH AT information for

290 views • 3 slides
Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents Yang Liu , Armin Sarabi

Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents Yang Liu , Armin Sarabi

Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents Yang Liu , Armin Sarabi , Jing Zhang , Parinaz Naghizadeh Manish Karir , Michael Bailey , Mingyan Liu , EECS Department, University of Michigan, Ann

842 views • 50 slides
CYBER BREACH MITIGATION How Do I Start & Where is my Money Best Spent ? Speakers: George Adkins

CYBER BREACH MITIGATION How Do I Start & Where is my Money Best Spent ? Speakers: George Adkins

CYBER BREACH MITIGATION How Do I Start & Where is my Money Best Spent ? Speakers: George Adkins , Wortham Power Gen Insurance Brad Luna , N-Dimensions 1 TPPA THE FUTURE IS HERE INCIDENTS WITH PUBLIC POWER ELEMENTS 2010 (Stuxnet) WORM

552 views • 34 slides
Cyber Liability Insurance and How to Respond to a Breach Financial Managers Society NY/NJ Chapter

Cyber Liability Insurance and How to Respond to a Breach Financial Managers Society NY/NJ Chapter

Cyber Liability Insurance and How to Respond to a Breach Financial Managers Society NY/NJ Chapter February 17, 2016 John Lawrence Director, Financial Institution Services Assistant Vice President M&T Insurance Agency Todays Agenda

371 views • 18 slides
Cyber Security Readiness & New Mandatory Data Breach Notification Laws Norton Rose Fulbright

Cyber Security Readiness & New Mandatory Data Breach Notification Laws Norton Rose Fulbright

Cyber Security Readiness & New Mandatory Data Breach Notification Laws Norton Rose Fulbright Australia April 2018 Purpose This presentation has been commissioned by CyberHound Pty Ltd (part of the Superloop Group) to assist schools that are

646 views • 26 slides
MANDATORY BREACH REPORTING: REVIEW OF THE REQUIREMENTS UNDER PHIPA OVERVIEW OF BREACH

MANDATORY BREACH REPORTING: REVIEW OF THE REQUIREMENTS UNDER PHIPA OVERVIEW OF BREACH

MANDATORY BREACH REPORTING: REVIEW OF THE REQUIREMENTS UNDER PHIPA OVERVIEW OF BREACH NOTIFICATION AND IPC STATISTICS Fida Hindi, Legal Counsel Office of the Information and Privacy Commissioner of Ontario This presentation is

352 views • 23 slides
PRIVACY BREACH GUIDELINES Purpose The Privacy Breach Guidelines may provide to contain, assess

PRIVACY BREACH GUIDELINES Purpose The Privacy Breach Guidelines may provide to contain, assess

Office of the Saskatchewan Information and Privacy Commissioner PRIVACY BREACH GUIDELINES Purpose The Privacy Breach Guidelines may provide to contain, assess and analyze a privacy some guidance to government institutions, breach. The

291 views • 10 slides
QUANTIFYING THE COST OF DATA BREACH UNDERSTANDING (AND AVOIDING) FUTURE PITFALLS Prepared by

QUANTIFYING THE COST OF DATA BREACH UNDERSTANDING (AND AVOIDING) FUTURE PITFALLS Prepared by

QUANTIFYING THE COST OF DATA BREACH UNDERSTANDING (AND AVOIDING) FUTURE PITFALLS Prepared by Castlebridge and TechPolis for Verimatrix Source: Cisco 2017 Annual Cyber Security Report

606 views • 16 slides
Auditd for the Masses Philipp Krenn @xeraa Learn about a breach From the press or

Auditd for the Masses Philipp Krenn @xeraa Learn about a breach From the press or

Auditd for the Masses Philipp Krenn @xeraa Learn about a breach From the press or users Learn about a breach Attackers asking for a ransom Learn about a breach Cloud provider's bill Learn about a breach Yourself after the

942 views • 51 slides
Cyber Security User Overview Martin Dinham Martin.Dinham@cfsystems.co.uk 01209 340030 Some

Cyber Security User Overview Martin Dinham Martin.Dinham@cfsystems.co.uk 01209 340030 Some

Cyber Security User Overview Martin Dinham Martin.Dinham@cfsystems.co.uk 01209 340030 Some context Daily Mail online, April 2017 52 % the number of small businesses that had a security breach in 2016 UK Government Cyber Security

619 views • 39 slides
Network Security & Privacy Liability: An Overview of Loss Mitigation Concepts and Data Breach

Network Security & Privacy Liability: An Overview of Loss Mitigation Concepts and Data Breach

Network Security & Privacy Liability: An Overview of Loss Mitigation Concepts and Data Breach Response Services March 20 th , 2012 Brian Cole, Managing Director Professional Liability Specialty Practice Overview of Topics Cyber Security

611 views • 21 slides
SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA

SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA

Angelo Prado Neal Harris Yoel Gluck SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA Proceed with caution: Review of CRIME Introducing BREACH In the weeds Demo time! Mitigations b r e a c h SSL,

526 views • 40 slides
PR PROACTIVE CTIVE SE SECUR CURITY ITY: : DATA A BREA BREACH CH ASSE ASSESSM SSMENT

PR PROACTIVE CTIVE SE SECUR CURITY ITY: : DATA A BREA BREACH CH ASSE ASSESSM SSMENT

PR PROACTIVE CTIVE SE SECUR CURITY ITY: : DATA A BREA BREACH CH ASSE ASSESSM SSMENT ENT CyberSecurity Chicago September 2018 Security In The News Frequency and severity of cyber security news on the rise 2 PROPRIETARY AND

449 views • 21 slides
Electronic Proposal Submission Systems: NSF FastLane Objectives Create a new proposal in

Electronic Proposal Submission Systems: NSF FastLane Objectives Create a new proposal in

Electronic Proposal Submission Systems: NSF FastLane Objectives Create a new proposal in FastLane Enter all parts of the proposal into FastLane Give OSP access to the proposal FastLane Uses For National Science Foundation

226 views • 8 slides
instrumentation we can be more collaborative and sensitive to research needs that reflect

instrumentation we can be more collaborative and sensitive to research needs that reflect

2 nd Largest County in U.S. 140,776 people 18,661 square miles Elevation -~7,000ft >$22/mb Coconino Community College If we could get access to affordable, reliable and fast access to research networks and instrumentation we can be

333 views • 5 slides
Strategic Partnerships Cara Margherio, PhD Julia Williams, PhD Center for Evaluation &

Strategic Partnerships Cara Margherio, PhD Julia Williams, PhD Center for Evaluation &

REvolutionizing engineering and computer science Departments Participatory Action Research (REDPAR) presents: Strategic Partnerships Cara Margherio, PhD Julia Williams, PhD Center for Evaluation & Research for STEM Equity Making Academic

295 views • 7 slides
Increasing outreach activities in the Illinois Geometry Lab Claire Merriman University of

Increasing outreach activities in the Illinois Geometry Lab Claire Merriman University of

Increasing outreach activities in the Illinois Geometry Lab Claire Merriman University of Illinois at Urbana-Champaign Illinois Geometry Lab Undergraduate research lab Outreach in the local community What is outreach? We prove a

351 views • 24 slides
Class 8 Questions about term paperlist of possible topics available later today

Class 8 Questions about term paperlist of possible topics available later today

Class 8 Questions about term paperlist of possible topics available later today Communications discussion Communications assignment 1 CS 4001 Mary Jean Harrold Intercepting Communications Thanks to Sherry Clark for her

536 views • 6 slides
Briefing on Human Capital and Equal Employment Opportunity Commission Meeting June 22,

Briefing on Human Capital and Equal Employment Opportunity Commission Meeting June 22,

Briefing on Human Capital and Equal Employment Opportunity Commission Meeting June 22, 2017 Agenda Key Messages Victor McCree, EDO Overview of Human Capital Miriam Cohen, CHCO Strategic Workforce Planning Working Group

482 views • 35 slides
Security Enhancements (SE) for Android Stephen Smalley Trusted Systems Research Natjonal

Security Enhancements (SE) for Android Stephen Smalley Trusted Systems Research Natjonal

Security Enhancements (SE) for Android Stephen Smalley Trusted Systems Research Natjonal Security Agency CLASSIFICATION HEADER Agenda Motjvatjon/Background Current State Using SELinux in Android What's Next for SELinux in

762 views • 72 slides
Req equest uest for or Proposal oposal Tech echnical nical Ass ssis istance tance Web

Req equest uest for or Proposal oposal Tech echnical nical Ass ssis istance tance Web

Lang ngua uage ge Training aining Cen enter er Program ogram Req equest uest for or Proposal oposal Tech echnical nical Ass ssis istance tance Web ebinar nar Februar ruary 4, 2016 Webinar Participants Defen ense se La

229 views • 10 slides

More recommend