International Computer Association July 27 th , 2017 Leveraging - - PowerPoint PPT Presentation

international computer association july 27 th 2017
SMART_READER_LITE
LIVE PREVIEW

International Computer Association July 27 th , 2017 Leveraging - - PowerPoint PPT Presentation

Oct 23, 2023 330 likes •584 views

International Computer Association July 27 th , 2017 Leveraging Artificial Intelligence to detect New, Emerging Cyber Threats in Realtime John Kirch Regional Director - North Asia ICA Darktrace : Background & Growth Founded by

slide-1
SLIDE 1

John Kirch

Regional Director - North Asia

International Computer Association July 27th, 2017 Leveraging Artificial Intelligence to detect New, Emerging Cyber Threats in Realtime

slide-2
SLIDE 2

Darktrace : Background & Growth

  • Founded by world-leading mathematicians,

from the University of Cambridge, and cyber operations experts

  • Fundamental technology innovation
  • Powered by machine learning and

mathematics

  • 3,000+ deployments worldwide
  • 600% year-on-year growth
  • Dual HQs in San Francisco, and

Cambridge, UK, and over 24 offices worldwide “Darktrace detects threats without having to define the activity in advance”

CIO, City of Las Vegas

“Darktrace’s technology is unique”

CISO, Telstra

ICA

slide-3
SLIDE 3

Evolution

ICA

slide-4
SLIDE 4

The Evolution of Cyber Security

Source: National Oil Company Conference 2014 - Evolving Cyber Security ICA

slide-5
SLIDE 5

The Cyber Landscape – Evolving Attack Sophistication

Source: National Oil Company Conference 2014 - Evolving Cyber Security ICA

slide-6
SLIDE 6

Selected Large Hacking Incidents Worldwide (1-6)

SONY 2014 Hackers believed to be associated with North Korea rampaged through the servers of Sony Pictures Entertainment in retaliation for a film comedy showing North Korean leader Kim Jong-un’s face being melted off. ICA TARGET 2013 - Dec 110M customers’ personal and financial information was exposed. The CEO later resigned as part of the fallout from the massive breach. JPMorgan 2014 Hackers hijacked a - JPMorgan Chase server and stole data

  • f millions of

the bank’s

  • accounts. The

data allegedly used in fraud schemes generating US$100M+. HOME DEPOT 2014 Hackers stole email and credit card data for 50M

  • customers. The

breach cost the retail chain at least $179M in settlements with consumers and credit card companies. US Office Personnel Mgmt 2015 A data breach of SSNs, names, addresses of 21.5M persons including an undisclosed number of persons who had background checks but were not current or former government employees! YAHOO 2013-Aug Hackers compromised

  • ne billion of

Yahoo’s user accounts in August 2013. That makes this the biggest known hack of user data of all time.

slide-7
SLIDE 7

Selected Large Hacking Incidents Worldwide (6-10)

Chipotle 2017 An Eastern European gang reportedly used phishing to steal the credit card information of millions of Chipotle

  • customers. The

breach was part

  • f a larger scam

targeting restaurants. ICA LEGAL FIRMs 2015 Chinese hackers accessed email accounts at firms Cravath Swaine & Moore and Weil Gotshal & Manges—and learned about upcoming corporate

  • mergers. They

allegedly made

  • ver US$4M

trading on the information. SWIFT 2016 North Korean hackers reportedly exploited weaknesses in the SWIFT payment system to steal US$8M from the Bangladesh Central Bank’s account at the New York Federal Reserve. TESCO 2016 Hackers drained a total of around $3.2M from more than 9,000 accounts in Tesco Bank, the bank run by the giant grocery chain. Tesco was forced to reimburse customers for the stolen money. WANNA CRY May 12th, 2017 The WannaCry ransomware attack was a global cyber attack affecting 200K+ devices running in 150 countries which targeted computers running the Windows OS by encrypting data and demanding ransom payments in the Bitcoin.

slide-8
SLIDE 8

The World’s Ten Largest Cyber Security Hotspots in 2016

0.00% 5.00% 10.00% 15.00% 20.00% 25.00% USA China BRA IND GER Russia UK FR JPN Viet 1 2 3 4 5 6 7 8 9 10 23.96% 9.63% 5.84% 5.11% 3.35% 3.07% 2.61% 2.35% 2.25% 2.16%

1 USA 23.96% 2 China 9.63% 3 BRA 5.84% 4 IND 5.11% 5 GER 3.35% 6 Russia 3.07% 7 UK 2.61% 8 FR 2.35% 9 JPN 2.25% 10 Viet 2.16% Source Business Insider: May, 2017

ICA

slide-9
SLIDE 9

Key Hacking Incidents Japan (1-5)

ICA 2013 – April Japan Aerospace Exploration Agency (JAXA) Found unauthorized access to servers from

  • utside.

2011 – Sept Mitsubishi Heavy Industries,

  • Ltd. (MHI),

and Japan’s House of Represent- Atives (HR) Experienced a virus infection by targeted attacks 2012 – May Japan Nuclear Energy Safety Organization (JNES) Information leakage for possibly months 2013 – Jan Ministry of Agriculture, Forestry & Fisheries TPP negotiations- related information stolen 2013 – Fall Various Japan government agencies. Zero-day attack infected targeted user’s web browsers Source: Sasakawa USA February, 2016

slide-10
SLIDE 10

Key Hacking Incidents Japan (6-10)

ICA 2016– May In just three hours, criminals managed to steal ¥1.4 Billion (~US$12.7M) using about 1,400 7-11 BANK ATMs in Japan 2016 – Jan Data on 7.93M JTB clients leaked by unauthorized server access, including client names, addresses, email addresses and passport numbers. Cause: an employee

  • pened a

virus-infected email file 2016 – Oct Hackers attacked the University of Toyama's Hydrogen Isotope Research Center and research on Fukushima nuclear crisis - personal information

  • n nearly

1,500 researchers was leaked. 2014 – Jan Japan Atomic Energy Agency (JAEA) Experienced data breach via virus infection 2015 – May Japan Pension Service - An email virus infected desktops causing the loss of 1.25M confidential data records Source: Sasakawa USA February, 2016

slide-11
SLIDE 11

Key Global Cyber Security Trends

Source: The Global State of Information Security Survey 2016 PwC ICA

slide-12
SLIDE 12

An Increasingly Complex Digital World

Source: The Global State of Information Security Survey 2016 PwC ICA

slide-13
SLIDE 13

Increasing Damages from Cyber Incidents

Enterprise + Mobility + Scada/ICS + IoT + SaaS/Cloud Larger Attack Surface -> More Threats A Larger Number of Attacks -> Greater Damages

ICA

slide-14
SLIDE 14

The Volume of Data Leakages is Increasing

ICA

slide-15
SLIDE 15

Network Breaches: Increasingly Caused by Email Spam/ Phishing

Source: AntiPhishing Working Group Phishing Activity Trends Report - Q4 2016; IBM X-Force Threat Intelligence Index 2017

ICA

slide-16
SLIDE 16

Average Cost of Data Breach by Amount of Data Leaked

ICA

slide-17
SLIDE 17

Average Cost of a Data Breach

ICA

slide-18
SLIDE 18

Four Main Types of Cyber Adversaries

ICA

slide-19
SLIDE 19

Data Breach Perpetrators (2016)

Source: Verizon 2017 ICA

slide-20
SLIDE 20

Tactics Used in Data Breaches (2016)

Source: Verizon 2017 ICA

slide-21
SLIDE 21

Cyber Attacks: The Scene is Changing

ICA

slide-22
SLIDE 22

Business Impact

  • Hac

Reputation Operations Financial

ICA

The Hacking of TARGET Cost Over US$300 Million +

slide-23
SLIDE 23

Boardroom Conversations

"Cyber security is a board level issue, and I am responsible for it.”

Dido Harding, CEO, Talktalk ICA

slide-24
SLIDE 24

Advanced External Threats

Looking for what you expect an attacker to do isn’t enough

  • Technical knowledge is advanced
  • Barrier to entry is lower - download

an exploit kit

  • Attack methods are constantly

evolving

ICA

slide-25
SLIDE 25

Insider Threat

Insiders move at consumer technology speeds, not enterprise tech speeds

  • Insiders are technically enabled
  • Wearable technology
  • Blocking or monitoring of cloud services
  • Learn normality for every piece of tech, across environments

ICA