Vajra Cyber Threat Mitigation Service (Vajra CTMS) A Military Grade - - PowerPoint PPT Presentation

Cyber Security & Privacy Foundation (CSPF)

Vajra Cyber Threat Mitigation Service (Vajra CTMS)

A Military Grade Cyber Threat Mitigation Service for Businesses and Governments

Cyber Security & Privacy Foundation Pte. Ltd., Singapore

Cyber Security & Privacy Foundation (CSPF)

“ I’m no expert, but I think it’s some kind of cyber attack! ”

2

Cyber Security & Privacy Foundation (CSPF)

Cyber Threat - A Serious, Live Threat

3

Cyber attacks present financial, operational, reputational, regulatory, geopolitical and M&A risks Attacks are an assault on a institution’s strategic imperatives

• Committed, phenomenally skilled, unconventional and

highly resourceful, Black Hat hackers are an overwhelming problem for conventionally resourced IT setups

No longer just the IT team’s migraine

• Never know when one is around the corner

Cyber attacks are somewhat like a heart attack

CYBER THREATS NOW A MAINSTREAM BUSINESS RISK THAT DEMAND CEO AND BOARD LEVEL ATTENTION

Cyber Security & Privacy Foundation (CSPF)

Cyber Threat - A Serious, Live Threat

4

Financial Impact Non Financial Impact

Revenue losses Disruption of business systems Regulatory penalties Erosion of customers Reputational damage Pirating of products Stolen product designs or prototypes Theft of business and manufacturing processes Diversion of R&D data Impact on innovation, loss of trade secrets Loss of sensitive information such as M&A plans and corporate strategy

Cyber Security & Privacy Foundation (CSPF)

Major Threats

5

Distributed Denial of Service

• DDoS attacks typically cripple an organisation
• Services like Net banking, Mobile banking, ATMs, Mail servers,

trading/clearing platforms go unavailable for few hours/longer

• Store front is shut down
• Crucial systems needed by hospitals, patients, drug firms,

health insurers are disabled

• SCADA and other control systems failure, power grid collapse,

internet access failure

• Non functional email servers and internet network can lead to

information vacuum internally and with clients, customers, suppliers, regulators

Hacking

• Black Hat attacks on Web portals, Email servers, Data Base

servers, SCADA systems, App Stores, Routers

• All round attack – Personal, Mobile, Desktop devices &

Firmware

• Results in Leakages – database, personal records, patient

records

• Outages and breakdown in Utilities : power, water, gas,

trading, payment & clearing systems, Tax Information Networks

0 Day & APT Attacks

• Intense, organised attacks on critical sectors & organisations
• Labeled as Advanced Persistent Threats given their draconian

nature

• APTs can have long term impact and severely compromise
• rganisations & their insurers

Interconnected Business Ecosystem Attacks

• Partners, suppliers, supply chains
• Smaller, less prepared members of ecosystems more tempting

targets to get a foothold into the system

Cyber Security & Privacy Foundation (CSPF)

Establishments vs Hackers

6

• Latest security tools
• A CISO
• Antivirus, firewall, Intrusion prevention system - all updated
• Compliance with best security processes
• Top consultants undertaking audits, vulnerability assessments and penetration testing

Establishments Say We Have

• Ha! We don’t look at your certifications or who did it. Or how good your processes are
• We need a single vulnerability to get in!
• We have 0 day vulnerabilities which none is aware of
• We have an Advanced Persistent Threat Team (criminals, hackers, insiders and money) that never

gives up

Hackers Say

7

Daily Cloud Scan

Cyber Security & Privacy Foundation (CSPF)

Cyber Security Structure

8

Security Technologies – WAF/Firewall/IDS/SIEM is present.

MOST ORGANIZATION ASSUME THEY ARE SECURE. ISO 270001

Standards are implemented around data center, VAPT is regularly done to satisfy compliance/regulatory requirement/certification requirement.

Analysis of SIEM logs

SOC monitors and analyses logs and takes corrective action with logs from WAF/firewall/IPS. The traffics are blocked which are then

• blacklisted. WAF allows signature to be blocked.

Cyber Security & Privacy Foundation (CSPF)

Points to be Noted

9

Hacking Incidents

Global hacking incidents include US Gov & Fortune 100 have happened. BFSI

• rganization has been recently compromised and regulators have taken strict action.

Point of infiltration(APT):

• External web application/services/mobile application – insecure
• SQL injection/XSS/IDOR/File upload/Broken authentication
• 0day vulnerabilities on exposed services
• Default passwords on frameworks/applications/devices
• Lateral movement through Pivoting(from exposed interfaces)
• Existing Cyber Security Structure not able to address the above point of infiltration.

Cyber Security & Privacy Foundation (CSPF)

10

APMS Corporate

Anti-Fraud module extending to Anti – Phishing, Anti- Malware and Anti – Spam (APMS). Protect against Reputation, Financial & IP loss. Secure against Trojan Horses, Ransom Demands

Web Reputation & Security Scan (WRSS)

Web Security scanner scans for vulnerabilities on webportal/web services.

Automated Vulnerability Assessment

Advanced intrusive model including external VA of network for protective and compliance requirements

DF24

Defacement monitor for customer facing web portals. Includes Android mobile app/windows soc desktop app (for quick alerts)

Daily APT Scan

Executive Summary

Cyber Security & Privacy Foundation (CSPF)

APMS

(Anti Phishing, Malware & Spam)

11

Non-intrusive monitoring to protect against Reputation, Financial & IP loss Sandbox application to browse customers’ site/s and check if iframe, malware, java drive by can be downloaded to infect the machines of the end users of a bank’s website or a e- commerce portal Exhaustive scan of global phishing and spamming databases to cross-check potential compromises of customer’s domain/s

Cyber Security & Privacy Foundation (CSPF)

APMS

12

Automated daily scan and report generation Phishing complaints reporting system Similar Domain Name - Electronic Eye (EE) Anti-viruses check for web portal infections by crawling through all known paths DNS hijack check Ap24 phish tank, CTL - Feed processing(EE)

13

WRSS

(Web Reputation & Security Scan)

Anti-Phishing, Malware and Spam (APMS) scrutiny + scan of web portals and web services – Human Critical Index(HCI) Checks for specific CMS vulnerabilities Heuristic Shell detector – identifies hackers web-shells in web portals/web app. Manual entry point adding for security analyst

Cyber Security & Privacy Foundation (CSPF)

WRSS

14

Machine learning assisted Hacker Entry Point Mapper(HEP) – Maps entry points normally discovered by hackers Root cause analysis of Sensitive Information Leakages on Internet False positive marker – handled by security analyst Accepted Risk/Ignore – Export for auditors

Cyber Security & Privacy Foundation (CSPF)

WRSS

15

Manual APT bug-track for customer. Automatic report generation template for the customer (used by security analyst)

Cyber Security & Privacy Foundation (CSPF)

Automated VA for IP

16

Automated VA for IP

Identification, quantification, and prioritization of vulnerabilities Advanced intrusive model including external and internal vulnerability assessment (VA) of network for protection and compliance requirements

Cyber Security & Privacy Foundation (CSPF)

Automated VA for IP

Scans multiple IP for open ports, enumerates and identifies vulnerability. We mark human critical index of the device(CISO of

• rganization tells us which are most critical in
• rganization).

17

Automated VA for IP

AVA IP has facility to mark false positive when scanner identify it wrongly/when not applicable. The security analyst dedicated to your organization marks it.

Cyber Security & Privacy Foundation (CSPF)

Automated VA for IP

18

Exporting accepted risk for auditing purpose. Security Analyst can mark Ignore/Accepted risk. Manual APT bug-track for customer. Automatic report generation template for the customer (used by security analyst)

Cyber Security & Privacy Foundation (CSPF)

Overall Service

19

Prioritize vulnerability and work with SOC/Vendor(network/ application level) to fix them. Strive to ensure no exploitable vulnerability is there. Daily APMS report to customer Weekly AVA/WRSS report with Bugtrack report. All critical /high vulnerabilities from automated WRSS/AVA and manual apt testing to be addressed are exported into bug track in the portal.

20

A not-for-profit foundation, Cyber Security & Privacy Foundation, formed as a vehicle to create hands on technical competency, initiate R&D and provide training in cyber security for individuals and

• rganisations in India

This non-profit foundation benefits from the wisdom of former senior practitioners from the Government and CISOs from Industry and Banks who are Trustees and Advisors of/to the Foundation. We have agreement with international pre emptive threat intel organization. E Hacking News (EHN), a leading Information Security news portal with more than 1,00,000 readers. EHN delivers the latest news updates related to security breaches, cyber crime, vulnerability, cyber security and penetration testing tools and more EHN provided media support to several International Security Conferences including NullCon, ClubHack, OWASP Asia and Hack in Paris, among others

Cyber Security is

• ur Mission, and

not only a Business

CSPF’s cyber security initiatives are supported by its larger ecosystem including:

Cyber Security & Privacy Foundation (CSPF)

director@cysecurity.co

Contact

We can be reached at the following email id:

21