1 / 31

Security Trends and Threats Affecting Innovations in Technology

Security Trends and Threats Affecting Innovations in Technology.

rebaw
Télécharger la présentation

Security Trends and Threats Affecting Innovations in Technology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Trends and Threats Affecting Innovations in Technology

  2. 𝒜𝓃𝒹𝓇𝑒𝓌 𝒟𝑒𝓇𝒷𝑜𝒷𝑒𝓃 Sr. Director, Head of Global Security Operations Meet Andrew Over 15 Years of Security Experience • Specializing in Security Operations, Incident Response, and Computer Forensics B.S. System & Network Administration – Bellevue University MBA – Cornell University 2

  3. Current Threat Landscape Impacting Financial Community

  4. Cybercriminal Attackers intent on making money and often tied to organized crime or other criminal endeavors. These groups are primarily responsible for the current prevalence of ransomware and CRYPTOJACKING Current Threat Landscape – Today’s Discussion

  5. Cryptojacking Overview “Cryptojacking is a form of cyber attack in which a hacker hijacks a target's processing power in order to mine cryptocurrency on the hacker's behalf.” Why Are Attackers Using Cryptojacking? Money: This falls in line with many other types of cyber attacks traditionally seen. Low Risk of Getting Caught: Businesses are reluctant to pursue attackers because data is NOT taken or destroyed. Cryptojacking Definition | Investopedia https://www.investopedia.com/terms/c/cryptojacking.asp#ixzz5KUTh4y4M

  6. Traditional Cyber Attacks vs Cryptojacking • Similarities • Several exploitation techniques and vectors of attack (e.g. phishing, malware, exploiting existing app vulnerabilities) • Attack payloads may involve installation of software on a compromised system • Goal is to make money off the exploit • Differences • Cryptojacking makes it easier for a bad actor to turn an exploit into money. No need to find and sell stolen data. Could mine servers or clients of affected services (Download vs Drive-by) • Cryptojacking is a safer for bad actors as some currencies, such as Monero, can provide anonymity • Depending on environment and attack, it may be harder to detect cryptojacking without proper controls in place.

  7. Traditional Cyber Attacks vs Cryptojacking Cryptojacking Attacks Traditional Attacks

  8. The Good and Bad News Good News: Due to cyber incidents trending towards cryptojacking attacks, attackers are less interested in sensitive data, which needs to be found and sold, and are more focused on using your hardware resources. This type of behavior leads to reduced chances of customer data compromise, brand damage control, or expensive legal situations. • Bad News: Even though cryptojacking attacks may not often result in situations where a company may be fined for data loss, these type of attacks can potentially cost companies as much as or more than a traditional attack. • Hardware usage translated to $$ amount (wear and tear) • Affect services on compromised hardware • Cloud environment: Scalable and charge for usage

  9. Impact to Innovations in Technology Cloud Services Smartphone Ecosystems Internet of Things Personal Assistant Devices (Amazon, Google)

  10. Cryptojacking Impact to Cloud Services

  11. Cloud Services – Dynamic Scaling

  12. Cloud Services – Dynamic Scaling

  13. Cloud Services – Dynamic Scaling

  14. Cryptojacking Impact to Cloud Services

  15. Cryptojacking Impact to Cloud Services

  16. Cryptojacking Impact to Cloud Services

  17. Cryptojacking Impact to Cloud Services

  18. Cryptojacking Impact to Cloud Services

  19. Cryptojacking Impact to Cloud Services

  20. Cryptojacking Impact to Cloud Services http://www.eweek.com/security/crypto-mining-malware-rising-fast-hackers-increasingly-targeting-cloud

  21. Cryptojacking Smart Phones https://blog.trendmicro.com/trendlabs-security-intelligence/monero-mining-hiddenminer-android-malware-can-potentially-cause-device-failure/

  22. Cryptojacking Smart Phones http://www.infosecisland.com/blogview/25130-Crypto-Mining-Malware-Attacks-on-iPhones-Up-400-Report.html

  23. Cryptojacking Impact to Smart Phones Thank you for mining Cryptocurrency on my behalf!

  24. Potential Effects of Smartphone Cryptojacking Source: www.statista.com 67.3% of U.S. Citizens Have A Smartphone In 2018, it is estimated the total number of smartphone users will grow to more than 230 million users in the U.S. alone What happens if .5% of U.S. smartphone users were infected with cryptojacking malware: $460k/month USD

  25. Cryptojacking Internet of Things (IoT) https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-mining-malware-targeting-iot-being-offered-in-the-underground/

  26. Cryptojacking Personal Devices https://www.2-spyware.com/android-crypto-mining-malware-is-targeting-amazon-devices#ref-3!

  27. Why Should You Care? Symantec Threat Intelligence report stated cryptojacking attacks increased by 8500% in 2017, and according to many sources, it has overtaken Ransomware as the preferred form of cyber attack due to its low barrier of entry and ability to easily turn a profit. With cryptocurrency’s growth in popularity in 2017 and the ability to offer anonymity with some coins, its use in cyber attacks continues to increase.

  28. What Can you Do – Cloud Services • Patch/Vulnerability Management • The code needs to be introduced into the environment some way • Monitor for Zero Day vulnerabilities in your environment • Performance Management and Monitoring • Allows detection of abnormal resource usage, which may be indicative of a cryptojacking attack • CPU, Memory, New Processes • Behavior Analysis • Monitoring for abnormal behavior or actions on a system such as suspicious downloads, installations, system commands or processes can help detect potential cryptojacking attacks • Increase in traffic to particular sites • Network Segmentation and Security Controls • Proper network and security controls can reduce the likelihood of successful exploitation and help limit the number of compromised systems in the event of a successful attack

  29. What Can You Do – Smart Phones • Deploy Whitelisting MDM Solution to Monitor Installed Applications • Only allow applications specifically reviewed and evaluated for business purposes only • Perform Website Monitoring/Blocking on Mobile Devices • Block access to malicious, unknown, and unauthorized business related websites • Implement Mobile Device Threat Detection • Have company devices monitored for malicious code/activity • Monitor for high CPU usage on mobile devices

  30. What Can You Do – IoT/Personal Assistant Devices • Network Segmentation and Security Controls • Segment IoT devices away from the production network • Monitor for increased in network activity from IoT networks • Whitelist Required Sites/Destinations Only • Conduct an assessment of the sites/destinations required to be accessed by the device • Only allow the known good/expected sites • Third-party skills servers for Alexa should be only approved by individual basis • Physically Secure Device If Possible • Do not allow non-permitted users to conduct unauthorized actions on the device

  31. Thank you!

More Related