cyber security threats y y
play

Cyber Security Threats y y Shehzad Mirza Director of the MS ISAC - PowerPoint PPT Presentation

Jan 13, 2023 •316 likes •972 views

Cyber Security Threats y y Shehzad Mirza Director of the MS ISAC SOC Will Pelgrin CIS President and CEO CIS President and CEO MS ISAC Chair 2.6 Billion Internet Users 2.6 Billion Internet Users 1% Asia 44% 3% 6% Europe 22 7% Europe

  1. Cyber Security Threats y y Shehzad Mirza Director of the MS ‐ ISAC SOC Will Pelgrin CIS President and CEO CIS President and CEO MS ‐ ISAC Chair

  2. 2.6 Billion Internet Users 2.6 Billion Internet Users 1% Asia 44% 3% 6% Europe 22 7% Europe 22.7% 10% 10% 44% North America 13.0% 13% Lat Am / Carib 10.3% Africa 5.7% 23% Middle East 3.3% Oceania / Australia 1.0%

  3. Connect with constituents Connect with constituents Learn new ideas Learn new ideas The Internet is a tremendous tool t d t l for governments Broadcast public functions live Broadcast public functions live Allows your constituents to Pay employees easily register online register online

  4. Criminals look for data… and state and local governments have a lot of it! To Grave From Cradle And Beyond! Confidential Informants

  6. Leon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very well be a cyber attack that cripples our b k h l power systems, our grid, our security systems, our y y government systems… Cyber war could paralyze the U S ” U.S.

  7. Who Is Behind The Threats? Who Is Behind The Threats? Cyber Criminals Hacktivists N Nation States i S

  8. Cyber Threats Hacktivism Mobile Devices Insider Threats & Human Error Phishing Old Infrastructure

  9. Hacktivism Hacktivism

  10. H Hacktivism kti i “Attacking corporations governments Attacking corporations, governments, organizations and individuals…to make a point” Sophos 2012 Sophos 2012 Hacktivist groups target: • Private corporations • Federal Government • State Government St t G t • Local Government • • Education Education • Law enforcement groups

  11. User Account Compromise Attack Scenario A k S i 1. Law Enforcement Association (i.e. Sheriff association, Police Benevolent Society, etc) gets i i P li B l S i ) compromised 2. Attackers gather the stolen credentials and either post to sharing website (i.e. Pastebin) or keep the login information for themselves 3. Either the hackers themselves or other malicious actors then download and use the credentials from sharing website to login and access local and federal law enforcement systems 4. The compromise of the "association" system may lead to the compromise of the SLTT government systems

  14. What Can You Do To Prevent This? What Can You Do To Prevent This? • Perform regular vulnerability assessments of all Perform regular vulnerability assessments of all Internet facing systems • Remind employees not to re ‐ use work passwords • Monitor Webmail for: – Failed logins – Logins from out of the area or country – Logins at odd hours dd h

  15. Mobile Devices Mobile Devices Mobile Devices Mobile Devices

  16. Smartphone and Tablet Security Risks Too Many Individuals Still Too Many Individuals Still… – Don’t use encryption, passwords, time-out settings or any other security time out settings or any other security protection – Store their sensitive corporate information on smartphones – Lose one of these devices at some point point

  17. Mobile Devices – Targets of Attack Mobile Devices Targets of Attack “The number of variants of malicious software aimed at mobile devices has reportedly risen from about 14,000 to 40,000 or about 185% in less than a year” – U.S. Government Accountability Office

  18. Leaving your laptop or l t smartphone unattended tt d d can lead to big problems… bl More than 10,000 laptops are reported lost every week at 36 of the p p p y largest U.S. airports, and 65 percent of those laptops are not reclaimed. Ponemon Institute

  19. Insider Threats Insider Threats and Human Error and Human Error

  20. Insider Threats are Real… Can be intentional or accidental • WikiLeaks – Hundreds of thousands of confidential documents leaked by military employee • Inadvertent posting of the Social Security numbers and birth dates of 22,000 government retirees on a state procurement website • Disgruntled city employee tampers with city network to deny access to top administrators t k t d t t d i i t t

  21. Human Error – Weak Passwords tomshardware.com

  22. A longer password is a better password Strong passwords should be 9-12 characters and h t d possess a combination of letters, numbers, , , and special characters.

  23. Example of Strong Password Example of Strong Password • This • Is I • A • Better Better Password = • Password • Which T1@bPwWBH2C T1@bPwWBH2C • Would • Be • Harder • Harder • To • Crack Crack

  24. Most Dangerous Cyber Celebrity!!!! g y y

  25. Phishing Phishing Phi hi Phi hi

  26. Gone Phishing… g Phishing scams entice email recipients into clicking on a link or opening an attachment which is malicious. c s a c ous • WELL WRITTEN • APPEARS CREDIBLE • ENTICING OR SHOCKING SUBJECT SUBJECT • APPARENT TRUSTED SOURCE

  28. Protect Yourself Protect Yourself • Never click on a link in a suspicious e ‐ mail. Never click on a link in a suspicious e mail. • Open a new web browser and manually go to the vendors website to log into your account. g y • Call your vendor using a phone number from an official source to get the information you need. g y

  29. Old Infrastructure Old Infrastructure Old Infrastructure Old Infrastructure

  30.  Old hardware and software that is beyond the end of its support lif i life is often still in use today ft till i t d  No longer supported by the vendors  Using them after end of life places your organization at great risk since any security vulnerability will NOT be fixed, making it easy for hackers to launch a successful cyber attack

  31. Industrial Control Systems

  32. Internet Facing Industrial Control Systems Approximately 7,200 Internet Facing Control System Devices Source: US Department of Homeland Security ICS ‐ CERT Monthly Oct ‐ Dec2012

  33. Case Studies Case Studies

  34. South Carolina 2012 South Carolina 2012 • More than 3.3 million unencrypted bank account numbers and 3.8 million tax returns were stolen in an attack against the South Carolina Department of Revenue. • Data lost: SSNs, bank account numbers and credit card numbers. • Breach due to a state employee falling for a phishing attack that enabled hackers to leverage p g g that employee's access rights to gain access to the government entity's systems and databases.

  35. State of Utah 2012 • 280,000 Social Security numbers were stolen, and another 500 000 people lost personal and another 500,000 people lost personal information. • Eastern European hackers broke into the server maintained by the Utah Department of maintained by the Utah Department of Technology Services in the spring of 2012 by taking advantage of a misconfiguration. g g g

  36. What Can You Do? What Can You Do? • Keep your systems patched Keep your systems patched • Have cyber security policies • Monitor compliance with the policies i li i h h li i • Log and monitor network traffic • Backup your systems on a regular basis and check them before storing off site g • Train employees on good cyber security practices practices

  37. Zeus Financial Fraud Zeus Financial Fraud A bank informed a School District that $758,758.70 was to be transferred overseas was to be transferred overseas The School District cancelled the transaction The Bank than asked about the $1,190,400 that was already sent overseas already sent overseas And the $1,862,400… also already sent overseas

  38. What Can You Do? What Can You Do? • Have a dedicated computer for financial Have a dedicated computer for financial transactions • IP Filtering/white list • IP Filtering/white list • Limit software programs (no java, flash, email, etc.) t ) • Set up “non ‐ privileged user” account • Take advantage of two factor authentication where available where available

  39. Stats Stats

  42. Number of Infections – All MSS Partners Number of Infections All MSS Partners 450 Dec ‐ 12 Jan ‐ 13 400 Feb ‐ 13 Mar ‐ 13 350 300 250 200 150 100 50 0

  43. Daily Activity Summary – All MSS Partners 350 Dec ‐ 12 Jan ‐ 13 300 300 Feb 13 Feb ‐ 13 Mar ‐ 13 250 200 150 100 100 50 0 Accepted Inbound Port Peer ‐ to ‐ Peer Usage SQL Injection Exploit System File Access Login Brute Forcing Server Attack: Web Spyware Traffic Events Scans Attempts Attempts Server

  44. Notifications Notifications 300 Dec ‐ 12 Jan ‐ 13 Feb ‐ 13 Mar ‐ 13 250 200 150 150 100 50 0 Darknet Keylogger Defacement Credentials

  45. The MS-ISAC is here to help!

  46. What is the MS ‐ ISAC? What is the MS ISAC? The Multi ‐ State Information Sharing and Analysis Center (MS ‐ ISAC) is the focal point for l i C ( S S C) i h f l i f cyber threat prevention, protection, response and recovery for the nation’s state, local, d f h i ’ l l territorial and tribal (SLTT) governments.

  47. MS-ISAC Is Built On A Strong Foundation Federal Government Situational Awareness Situational Awareness Homeland Security Advisors SHARE SHARE States & US Territories COLLABORATE Local Governments Local Governments TRUST

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber

The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber

The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber Crime Growth Number of mobile 200M devices affected IBM 11.6M Number of accounts hacked CNN Money 432M Number of malware samples collected Intel

652 views • 30 slides
CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats to small businesses 3. Cyber Recovery Insurance Y our presenters Anne Jackson Sarah Morton Gary Hibberd Sales Director, Lorega Sales and

342 views • 31 slides
Cyber-Physical Systems Security IECE 553/453 Fall 2019 Prof. Dola Saha 1 Security Threats

Cyber-Physical Systems Security IECE 553/453 Fall 2019 Prof. Dola Saha 1 Security Threats

Cyber-Physical Systems Security IECE 553/453 Fall 2019 Prof. Dola Saha 1 Security Threats in the IoT Cyber attack on the Ukrainian power grid Power outage caused by hackers Security in the IoT is essential, not just for information

1.21k views • 76 slides
ITU- Arab Regional Cyber Security Centers Activities & Regional Threats landscape ENG.

ITU- Arab Regional Cyber Security Centers Activities & Regional Threats landscape ENG.

ITU- Arab Regional Cyber Security Centers Activities & Regional Threats landscape ENG. BADAR ALI ALSALEHI HEAD OF ITU-ARAB REGIONALCYBER SECURITY CENTER DG OF OMAN NATIONAL CERT Dar es Salaam November - 2017 2 3 2014 2015 April-

909 views • 29 slides
Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and

Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and

1 Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and Strategies Symposium University of Bahrain 21 st September 2016 By: Ahmed Albalooshi, CISA, CISM, CGEIT. First Vice President IT Al Baraka Banking

200 views • 15 slides
Commonwealth of Virginia Cyber Commission First Year Report Threats and Opportunities

Commonwealth of Virginia Cyber Commission First Year Report Threats and Opportunities

Commonwealth of Virginia Cyber Commission First Year Report Threats and Opportunities Executive Order Number 8 Identify high risk cyber security issues facing COV. Provide advice and recommendations to secure COV networks,

449 views • 20 slides
MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat

MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat

MENA Information Security Conference 2017 On the Verge : Combating Cyber Threats leveraging Threat Intelligence, Faster Detection & Automated Response Adaptive Security Strategy for SOC Ramy AlDamati Principle CyberSecurity Solution

680 views • 31 slides
Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security Research Scientist Oak Ridge National Laboratory Main Points Information Sharing Enable discovering and sharing information about real threats to

216 views • 6 slides
Australia's cyber security landscape Threats, Challenges and Opportunities THINK AHEAD, CHANGE

Australia's cyber security landscape Threats, Challenges and Opportunities THINK AHEAD, CHANGE

Australia's cyber security landscape Threats, Challenges and Opportunities THINK AHEAD, CHANGE THE WORLD, CREATE THE FUTURE $139Bn industry by 2020 81,000 new jobs needed by 2020 IoT FAST FACTS IoT consists of all the web-enabled devices that

307 views • 20 slides
Cyber Threats P R E S E N T E D T O C A S R E I N S U R A N C E S E M I N A R B O S T O N ,

Cyber Threats P R E S E N T E D T O C A S R E I N S U R A N C E S E M I N A R B O S T O N ,

Cyber Threats P R E S E N T E D T O C A S R E I N S U R A N C E S E M I N A R B O S T O N , M A S S A C H U S E T T S J U N E 4 , 2 0 12 Antitrust Notice 2 The Casualty Actuarial Society is committed to adhering strictly to the

577 views • 26 slides
Integrated Security Curriculum Conceptions of SECURITY RISK THREATS TECH VALUES The Big

Integrated Security Curriculum Conceptions of SECURITY RISK THREATS TECH VALUES The Big

5/18/2017 Integrated Security Curriculum Conceptions of SECURITY RISK THREATS TECH VALUES The Big Picture: Integrated Security Pathways Cyber Security ISERC Student portal National Security Studies CAPSTONE: Gateway course Peace Studies

298 views • 3 slides
CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC 410 / 611 : Operating Systems CPSC410/611: Security Security Security Attacks Security Threats Crypto Authentication Examples SSL Security Threats Breach of confidentiality unauthorized access to

458 views • 18 slides
Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced Persistent Threats (APT) Cybercriminals, Exploits and Malware Denial of Service attacks (DDoS) Domain name hijacking Corporate

347 views • 13 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
Cyber Security in Marine Nuclear Transport Systems Contents: 1. What are we protecting? 2.

Cyber Security in Marine Nuclear Transport Systems Contents: 1. What are we protecting? 2.

Cyber Security in Marine Nuclear Transport Systems Contents: 1. What are we protecting? 2. Why do we need Cyber Security? 3. How do they do it? 4. Cyber incidents and threats why it should be important to you 5. The dangers of

450 views • 18 slides
#Hacked How safe is your city? Mike Sturm, IT Director, City of San Marcos Beth Ann Unger, IS

#Hacked How safe is your city? Mike Sturm, IT Director, City of San Marcos Beth Ann Unger, IS

2/28/2019 #Hacked How safe is your city? Mike Sturm, IT Director, City of San Marcos Beth Ann Unger, IS Manager, City of Frisco How frequently are local governments under cyberattack? 70 60 50 40 30 20 10 0 Hourly or more At least

437 views • 18 slides
Legal and Policy Issues with Maritime Cybersecurity Paula S. deWitte, J.D., Ph.D., P.E.

Legal and Policy Issues with Maritime Cybersecurity Paula S. deWitte, J.D., Ph.D., P.E.

Legal and Policy Issues with Maritime Cybersecurity Paula S. deWitte, J.D., Ph.D., P.E. Paula.dewitte@tamu.edu Associate Professor of Practice Computer Science & Engineering ENGR 461 October 10, 2017 1 Agenda Maritime assets as

583 views • 20 slides
North Carolina Cybersecurity Awareness Month (NCSAM) Maria S. Thompson State Chief Risk

North Carolina Cybersecurity Awareness Month (NCSAM) Maria S. Thompson State Chief Risk

North Carolina Cybersecurity Awareness Month (NCSAM) Maria S. Thompson State Chief Risk Officer WHY CYBERSECURITY AWARENESS IS CRITICAL https://www.youtube.com/watch?v=Ru0y5rCETqc&feature=youtu.be AGENDA 0900 09:45 Opening

342 views • 9 slides
Understanding Federal Circuit Scrutiny To Date THURSDAY, MARCH 30, 2017 1pm Eastern | 12pm

Understanding Federal Circuit Scrutiny To Date THURSDAY, MARCH 30, 2017 1pm Eastern | 12pm

Presenting a live 90-minute webinar with interactive Q&A Latest PTAB Decisions: Leveraging Trends in Institution and Final Written Decisions, Understanding Federal Circuit Scrutiny To Date THURSDAY, MARCH 30, 2017 1pm Eastern | 12pm

1.07k views • 95 slides
National Protection and Programs Directorate Office of Cyber and Infrastructure Analysis (OCIA)

National Protection and Programs Directorate Office of Cyber and Infrastructure Analysis (OCIA)

National Protection and Programs Directorate Office of Cyber and Infrastructure Analysis (OCIA) Director John Murphy Virginia Tech Science & Technology & Policy Leadership Seminar Series October 9, 2014 National Protection and Programs

374 views • 20 slides
Beazley Breach Response Select p g Making the connection on data breach complexities P

Beazley Breach Response Select p g Making the connection on data breach complexities P

1 Making the connection on data breach complexities Beazley Breach Response Select p g Making the connection on data breach complexities P Presented by d b Jeffrey Norton underwriter Jeffrey Norton, underwriter, Beazley US Private

533 views • 25 slides
Improving Community Preparedness to Assist Victims of Mass Violence or Domestic Terrorism:

Improving Community Preparedness to Assist Victims of Mass Violence or Domestic Terrorism:

OVC Fiscal Year 2020 Improving Community Preparedness to Assist Victims of Mass Violence or Domestic Terrorism: Training and Technical Assistance Project April 22, 2020 Presenters Mary Atlas-Terry Eugenia Pedley Victim Justice Program

701 views • 31 slides
Virginia Association of School Business Officials May 24, 2018 Clarence Rhudy, CPA, CISA, CITP

Virginia Association of School Business Officials May 24, 2018 Clarence Rhudy, CPA, CISA, CITP

Virginia Association of School Business Officials May 24, 2018 Clarence Rhudy, CPA, CISA, CITP Course Objectives Current Cybersecurity Trends and Statistics The Role of Audit Committees and Internal Audit Understanding Your IT Risks

386 views • 38 slides

More recommend