the world wide web facing the cyber threat
play

The World Wide Web: Facing the Cyber Threat John Ansbach, CIPP/US - PowerPoint PPT Presentation

Apr 10, 2024 •394 likes •1.04k views

The image part with relationship ID rId2 was not found in the file. The World Wide Web: Facing the Cyber Threat John Ansbach, CIPP/US General Counsel General Datatech, L.P. #2016PSWAC @johnansbach The image part with relationship ID rId18

  1. The image part with relationship ID rId2 was not found in the file. The World Wide Web: Facing the Cyber Threat John Ansbach, CIPP/US General Counsel General Datatech, L.P. #2016PSWAC @johnansbach

  2. The image part with relationship ID rId18 was not found in the file. 2

  3. The image part with relationship ID rId18 was not found in the file. “…the Russian hacking group Fancy Bear was responsible for the hacks on John Podesta, Colin Powell and the Democratic National Committee (DNC)… Fancy Bear used a spear-phishing campaign to attack their victims. The Podesta spear-phishing hack was instigated with an email that purported to come from Google informing him that someone had used his password to try to access his Google account. It included a link to a spoofed Google webpage that asked him to change his password because his current password had been stolen.” 3

  4. The image part with relationship ID rId18 was not found in the file. “Podesta clicked the link and changed his password. Or so he thought. Instead, he gave his Google password to Fancy Bear and his emails began appearing on WikiLeaks in early October.” 4

  5. The image part with relationship ID rId18 was not found in the file. “Podesta clicked the link and changed his password. Or so he thought. Instead, he gave his Google password to Fancy Bear and his emails began appearing on WikiLeaks in early October.” 5

  6. The image part with relationship ID rId18 was not found in the file. 6

  7. The image part with relationship ID rId18 was not found in the file. These 2 recent incidents alone… § Embarrassment to principal § Embarrassment to principal’s clients, friends, colleagues, partners, etc. § Compromise of principal’s data, as well as principal’s client data, potentially including personal information (email addresses, etc.) § Business disruption, inability to operate Imagine what could be done to you and your organization in similar attacks…? 7

  8. The image part with relationship ID rId18 was not found in the file. Agenda § Landscape § Threats § Defenses (technical and non-technical) § Tips & Takeaways 8

  9. The image part with relationship ID rId2 was not found in the file. Landscape 9

  10. The image part with relationship ID rId18 was not found in the file. 10

  11. The image part with relationship ID rId18 was not found in the file. 11

  12. The image part with relationship ID rId18 was not found in the file. Sony 47,000 NMG 1.1M Image via Statista.com.

  13. The image part with relationship ID rId18 was not found in the file. Source: Identity Theft 13 Resource Center

  14. The image part with relationship ID rId18 was not found in the file.

  15. The image part with relationship ID rId18 was not found in the file. “Nearly half of all cyber- attacks are committed against small businesses… As many as 80 percent of small to medium sized businesses dont have data protection of email security in place... Small businesses – who dont trian their employees on security risks – are susecptible to the Businesss Email Compromise Scam (BEC), which the FBI says has led to over $3 billion in losses.” 15

  16. The image part with relationship ID rId18 was not found in the file. 16

  17. The image part with relationship ID rId18 was not found in the file. June 2016 “average cost of a data breach for companies surveyed has grown to $4 million, representing a 29 percent increase since 2013” “64 percent more security incidents reported in 2015 than in 2014” 17

  18. The image part with relationship ID rId18 was not found in the file. Breach Costs $6.5 mm ($5.8mm) U.S. average cost of a data breach $3.8 mm ($3.5 mm) World average cost of a data breach $154 ($145) World cost per Record $217 (highest) Cost per Record in the U.S. Source: 2015 Cost of Data Breach Study: Global Analysis Sponsored by IBM, Conducted by Ponemon Institute LLC

  19. The image part with relationship ID rId18 was not found in the file. Landscape § More attacks § Against a broader swath of organizations of differing size § With increasing sophistication § Resulting in higher costs There is more risk today for more organizations and their clients, partners and friends 19

  20. The image part with relationship ID rId18 was not found in the file. 20

  21. Threats The image part with relationship ID rId2 was not found in the file. 21

  22. The image part with relationship ID rId2 was not found in the file. Phishing (and Spearphishing, SMiShing, Vishing…) 22

  23. The image part with relationship ID rId18 was not found in the file. Phishing scam Generic email sent to a high number of recipients Not tailored, not engineered to appear valid Likely uses actual company logos Uses a sense of urgency to motivate the intended action 23

  24. The image part with relationship ID rId18 was not found in the file. Spearphishing (& business email compromise) “Ubiquiti Networks is one of the latest companies to admit it’s had the multimillion dollar wool pulled over its eyes. The [ ] networking equipment company disclosed it lost $46.7 million through such a scam in its fourth quarter financial filing.” 24

  25. The image part with relationship ID rId18 was not found in the file. “…authorities said the CFO of a Leoni factory [ ] sent the funds after receiving emails cloned to look like they came from German executives… Investigators say the email was crafted in such a way to take into account Leoni’s internal procedures for approving and transferring funds. This detail shows that attackers scouted the firm in advance… The Bistrita factory was not chosen at random either. Leoni has four factories in Romania, and the Bistrita branch is the only one authorized to make money transfers.” 25

  26. The image part with relationship ID rId18 was not found in the file. “Sources close to the ongoing probe [ ] said officials spotted 'indications' [the foundation] was compromised by 'spearphishing' tactics…” 26

  27. The image part with relationship ID rId18 was not found in the file. Business Email Compromise (BEC) 27

  28. The image part with relationship ID rId18 was not found in the file. SMiShing scam SMS is short message service, a/k/a texting Same scam, sent by text message Requests user to click a link Also uses a sense of urgency to motivate the intended action 28

  29. The image part with relationship ID rId18 was not found in the file. 29

  30. The image part with relationship ID rId18 was not found in the file. Small Texas Law You, your Firm Used in organization and International your people can Cyberattack also be used to perpetrate a “Cybercriminals apparently gained access to and used a phishing campaign valid law firm email account against others… to email an unknown number of recipients with the subject ‘lawsuit subpoena.’ The email contained malware that attackers could use to steal banking credentials and other personal information…” 30

  31. The image part with relationship ID rId2 was not found in the file. Ransomware 31

  32. The image part with relationship ID rId18 was not found in the file. “Ransomware is the hot hacking trend of 2016” Source: cnet, 3.10.2016 California hospital paid $17,000 to get their systems back “Locky” loads Word documents with macros that once “enabled” deliver ransomware Xbot is Android malware that both steals banking credentials and takes a system hostage 32

  33. The image part with relationship ID rId18 was not found in the file. 33

  34. The image part with relationship ID rId18 was not found in the file. 34

  35. The image part with relationship ID rId18 was not found in the file. 35

  36. The image part with relationship ID rId18 was not found in the file. 36

  37. The image part with relationship ID rId18 was not found in the file. 37

  38. The image part with relationship ID rId18 was not found in the file. 38

  39. The image part with relationship ID rId18 was not found in the file. 39

  40. The image part with relationship ID rId2 was not found in the file. Social Engineering 40

  41. The image part with relationship ID rId18 was not found in the file. “…psychological manipulation of people into performing actions or divulging confidential information.” 41

  42. The image part with relationship ID rId18 was not found in the file. Social engineering contest at DefCon “By the end of the call, she’d given him a treasure trove of information about her company’s computer network, antivirus software and web filtering protocols — more than enough information for a hacker to easily infiltrate the network.” 42

  43. The image part with relationship ID rId2 was not found in the file. DoS, DDoS Attacks 43

  44. The image part with relationship ID rId2 was not found in the file. DoS, DDoS Attacks 44

  45. The image part with relationship ID rId2 was not found in the file. Insiders 45

  46. The image part with relationship ID rId18 was not found in the file. In the 2016 Cyber Security Intelligence Index, IBM found that 60% of all attacks were carried out by insiders . Of these attacks, three- quarters involved malicious intent , and one-quarter involved inadvertent actors. 46

  47. The image part with relationship ID rId18 was not found in the file. 47

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge OVERVIEW Define Cyber Threat

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge OVERVIEW Define Cyber Threat

THE ANATOMY OF CYBER THREAT INTELLIGENCE (CTI) Noureen Njoroge OVERVIEW Define Cyber Threat Intelligence (CTI) Define Cyber Intelligence (CI) Understand the importance of CTI to an organization Components of Threat Sources of

197 views • 19 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Health Crisis KOS: Facing the World Wide Health Crisis with Vocabulary Control and Standards

Health Crisis KOS: Facing the World Wide Health Crisis with Vocabulary Control and Standards

Health Crisis KOS: Facing the World Wide Health Crisis with Vocabulary Control and Standards Managing Health Policy KOS during the COVID-19 Pandemic and Beyond Christina Rudyj , Senior Technical Product Manager, Health Affairs September 9, 2020

287 views • 11 slides
Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime Unit RCCU-Tarian@south-wales.pnn.police.uk The criminal landscape is changing OFFICIAL Why worry about Cybercrime? Reduce Threat

330 views • 30 slides
Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation

Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation

Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade Cyber Threat Mitigation Service for Businesses and Governments Cyber Security & Privacy Foundation Pte. Ltd., Singapore Cyber Security & Privacy Foundation (CSPF)

369 views • 21 slides
Agenda What is Cyber Threat Intelligence (CTI) Sandbox Malware analysis Debugger

Agenda What is Cyber Threat Intelligence (CTI) Sandbox Malware analysis Debugger

PUBLIC Agenda What is Cyber Threat Intelligence (CTI) Sandbox Malware analysis Debugger Malware analysis Static RE with IDA pro Arme suisse EPFL 2019 2 Base daide au commandement BAC Applied Cyber Threat Intelligence

765 views • 63 slides
THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean

THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean

THE EVOLVING CYBER THREAT LANDSCAPE : Ensuring the Integrity and Value of Information Sean Kanuck Director of Cyber, Space and Future Conflict The International Institute for Strategic Studies NATO Parliamentary Assembly Warsaw, Poland 27

694 views • 10 slides
Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS:

Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS:

Cyber Catastrophe in the Movies: Realistic Threat or Hollywood Hokum? MODERATOR: PANELISTS: Larry Clinton Scott Borg US Cyber Consequences Unit Internet Security Alliance Paul Davis NJVC Tim McKnight Northrop Grumman Danny McPherson

661 views • 32 slides
CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh,

CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh,

CONFRONTING THE CYBER THREAT David J. Hickton SAC-PA Workshop Founding Director Pittsburgh, Pennsylvania University of Pittsburgh Institute for Cyber June 22, 2017 Law, Policy, and Security Chinese Economic Espionage First time the United

716 views • 13 slides
Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018 The Homeland Security Systems Engineering and Development Institute (HSSEDI) is a trademark of the U.S. Department of Homeland Security (DHS). The HSSEDI

149 views • 13 slides
Overview Introduction Legal framework Dynamics of the threat Nature of cyber

Overview Introduction Legal framework Dynamics of the threat Nature of cyber

BISC : Cyber Security What can the VSSE contribute? 1 BISC - 19/11/12 Overview Introduction Legal framework Dynamics of the threat Nature of cyber attacks Targeting Paradigm shifts Whos targeting what? Tools

340 views • 5 slides
Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect

Threat Modeling and S haring S ummary Proposal to kick off Threat Modeling proj ect Multi-phase approach Initially: create Cyber Domain PIM and S TIX PS M with UML Profile for NIEM Expand to other PS M, create Threat Meta

211 views • 10 slides
From a World-Wide Web of Pages to a World-Wide Web of Things Interoperability for Connected

From a World-Wide Web of Pages to a World-Wide Web of Things Interoperability for Connected

From a World-Wide Web of Pages to a World-Wide Web of Things Interoperability for Connected Devices Dave Raggett 16 March2016 The Internet of Things Still very immature, but with massive potential Lack of interoperability at the application

440 views • 31 slides
Garbay Catherine CNRS, LIG, Grenoble Sensors capturing world-wide information in the

Garbay Catherine CNRS, LIG, Grenoble Sensors capturing world-wide information in the

Garbay Catherine CNRS, LIG, Grenoble Sensors capturing world-wide information in the physical, cyber or social realms Open data initiatives, Web 4.0, crowdsourcing Multi-sensory immersion: skinput, novel generation contact

265 views • 12 slides
CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats

CYBER THREATS AND HOW TO A VOID THEM AGENDA 1. Development of the cyber world 2. Threats to small businesses 3. Cyber Recovery Insurance Y our presenters Anne Jackson Sarah Morton Gary Hibberd Sales Director, Lorega Sales and

342 views • 31 slides
What is Our Greatest Cyber-Security Threat? OT vulnerability explained and national conversation

What is Our Greatest Cyber-Security Threat? OT vulnerability explained and national conversation

What is Our Greatest Cyber-Security Threat? OT vulnerability explained and national conversation about security and privacy urged at ASU Biodesign presentation Where is the U.S. most vulnerable to cyber-security attack? And, what is the greatest

80 views • 4 slides
Support for clubs and community organisations Introduction Sarah Moss Voluntary organisation

Support for clubs and community organisations Introduction Sarah Moss Voluntary organisation

Support for clubs and community organisations Introduction Sarah Moss Voluntary organisation support officer at Community Action Bradford and District. Our charity aims to support other community organisations in the district. 07422 966142

562 views • 19 slides
Aqua Scooter 2.0 Dylan Cannon, Darin Gilliam, Eli Palomares, Elizabeth Tyler, Jiyan Wang, Tyler

Aqua Scooter 2.0 Dylan Cannon, Darin Gilliam, Eli Palomares, Elizabeth Tyler, Jiyan Wang, Tyler

Aqua Scooter 2.0 Dylan Cannon, Darin Gilliam, Eli Palomares, Elizabeth Tyler, Jiyan Wang, Tyler Winston April 24, 2015 Overview Client Introduction Concept Analysis Fuel Analysis Need Statement and Project Goal Engine

864 views • 38 slides
ANDROID MALWARE https://www.cnet.com/android-update/ Rafael Estrada Department of Mathematics

ANDROID MALWARE https://www.cnet.com/android-update/ Rafael Estrada Department of Mathematics

DATA ANALYSIS OF ANDROID MALWARE https://www.cnet.com/android-update/ Rafael Estrada Department of Mathematics New Mexico Tech Mentor: Dr. Golden G. Richard III Postdoctoral Researcher: Aisha Ali-Gombe July 26 th 2017 CCT REU 2017 ANDROID

347 views • 10 slides
Tackling the Challenges of Securing the Cyber

Tackling the Challenges of Securing the Cyber

Tackling the Challenges of Securing the Cyber Space 1 ATLANTIC 9/9/2015 Cyber security challenges Na2onal Cybersecurity and Communica2ons Integra2on

276 views • 16 slides
Allegion Third-Quarter 2015 Results October 29, 2015 Safe Harbor This presentation contains

Allegion Third-Quarter 2015 Results October 29, 2015 Safe Harbor This presentation contains

Allegion Third-Quarter 2015 Results October 29, 2015 Safe Harbor This presentation contains "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995, including statements regarding the

463 views • 15 slides
ICMA European Repo Council Annual General Meeting Luxembourg, 22 January 2014 Welcome and opening

ICMA European Repo Council Annual General Meeting Luxembourg, 22 January 2014 Welcome and opening

ICMA European Repo Council Annual General Meeting Luxembourg, 22 January 2014 Welcome and opening remarks Godfried De Vidts, Chairman of the ICMA European Repo Committee Approval of the Minutes Approval of the minutes of the ERC General

915 views • 79 slides
2017 Annual Shareholders Meeting Greg Cross, Chairman Chris Brennan, CEO Rod Garrett, CFO

2017 Annual Shareholders Meeting Greg Cross, Chairman Chris Brennan, CEO Rod Garrett, CFO

1 st December 2017 2017 Annual Shareholders Meeting Greg Cross, Chairman Chris Brennan, CEO Rod Garrett, CFO Agenda 01 Chairmans Address CEOs Report 02 CFOs Report 03 Formal Business Resolutions 04 05 General Business

506 views • 22 slides
Mining the Peanut Gallery Opinion Extraction and Semantic Classification of Product Reviews A

Mining the Peanut Gallery Opinion Extraction and Semantic Classification of Product Reviews A

Mining the Peanut Gallery Opinion Extraction and Semantic Classification of Product Reviews A paper by Kushal Dave, Steve Lawrence, David M. Pennock Presented by Ledao Chen and David Zhao 1 Problem Product reviews are everywhere! How

632 views • 27 slides

More recommend