1 / 24

The Changing Nature of Cyber Space

The Changing Nature of Cyber Space. Ryan W. Garvey. Overview. Smartphone’s Threats Protection Cyber threats Emerging Defense and mitigation Outlook Social media/networking Hacktivism.

mikkel
Download Presentation

The Changing Nature of Cyber Space

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Changing Nature of Cyber Space Ryan W. Garvey

  2. Overview Smartphone’s Threats Protection Cyber threats Emerging Defense and mitigation Outlook Social media/networking Hacktivism

  3. Architecture, technologies and capabilities of telecommunication networks and mobile phones have significantly changed • BlackBerry and iPhone and third generation (3G) mobile networks • Millions of people around the world can make calls from almost any place in the world • True mobility in accessing internet and information • “Anywhere, Anytime, any Device”

  4. Popular usage of mobile phones and smartphone’s Company’s e-mail service (e.g. via RIM Blackberry or MS Mobile Outlook) Company’s calendar service (e.g. via MS Mobile Outlook and Microsoft Exchange) Shared file systems (e.g. Microsoft SharePoint) Customer Relationship Management (CRM) and Enterprise Resource Planning (ERP) systems Applications dedicated to mobile phones Mobile Sales Force Automation (SFA) SMS alerts and notifications Company’s internal network via Virtual Private Network (VPN) connections.

  5. E-commerce and E-banking purposes User authentication via software tokens running on Smartphone’s Access to mobile banking applications to make money transfers Electronic transaction authentication Via one time passwords sent by bank to the users via SMSes Micropayments via SMS, USSD or interactive voice channel Premium content purchase (so called Premium SMS) Alerts and notifications Change of account balance, debit or credit card usage etc. Electronic signatures via online, native or SIM card applications Practical application of mobile phones and Smartphone's is almost endless

  6. Realities • Mobile malware is not a future threat but a current threat • First mobile phone malware seen over 10 years ago • In September 2009 • 100 known families • More than 500 modifications • In 2010 - today • Every month a new mobile malware was identified • March 2011 – 60 malicious apps found in Android Marketplace

  7. Possible crossover’s from PC to Mobile: • Redirect user’s web traffic through attacker’s proxy server or unauthorized access point • Attacker may remotely change mobile browser and network configuration, • Recording and sharing all web information sent from mobile device (e.g. all information from HTTP GET and POST) • Modifying web browser (e.g. Firefox for iPhone, or Opera Mini) • Replacing executable binaries on the phone, so all information sent to the Internet can be intercepted • Unauthorized remote use of phone’s personal area network capabilities (Bluetooth, Wi-Fi) • Remotely attack another user and penetrate networks that are in the range of Smartphone, creating mobile Botnets • Perform distributed denial of service attacks on any target via “regular” (e.g. Internet) or mobile (e.g. SMSes, MMSes etc.) communication channels

  8. Two Android examples • Tap Snake • In the Android Market Place • Tracks and monitors user’s location - GPS Spy • GPS data includes date and time of user’s location • Physical access required to enable GPS Spy feature • Movie Player • Not in Android Market Place • SMS Trojan • Poses as harmless media player application • Sends SMS messages to premium-rate numbers • Scam has only affected Android Smartphone users in Russia.

  9. Impacts • Loss of valuable data • Loss of Intellectual Property • Loss of productivity • Negative impact on profits or stock price • Brand damage • Lawsuits • Class actions

  10. Cyber Threats

  11. Types of Threats

  12. Even More Threats • Cybercrime, online fraud and the theft of confidential information • Bots, Botnets and “modular” malicious code • Web applications are increasingly become the focal point of attacks • “Man-in-the-Middle” attacks that circumvent multi-factor authentication

  13. Security Defense-in-Depth Links in the Security Chain: Management, Operational, and Technical Controls • Risk assessment • Security planning, policies, procedures • Configuration management and control • Contingency planning • Incident response planning • Security awareness and training • Security in acquisitions • Physical security • Personnel security • Security assessments and authorization • Access control mechanisms • Identification & authentication mechanisms (Biometrics, tokens, passwords) • Audit mechanisms • Encryption mechanisms • Boundary and network protection devices (Firewalls, guards, routers, gateways) • Intrusion protection/detection systems • Security configuration settings • Anti-viral, anti-spyware, anti-spam software • Smart cards • Continuous monitoring Adversaries attack the weakest link…where is yours?

  14. Hardware and Software Inventories • Inventories of authorized and unauthorized devices and software • Don’t allow personal preferences • Don’t let outside connect flash drives or other devices to your network • Use software such as DeviceLock • Do not download software from the Internet, do not use outside CDs, DVDs • Wireless device control

  15. Trust but Verify • Maintenance, monitoring, and analysis of security audit logs • Continuous vulnerability assessment and remediation • System of sanctions for improper behavior • Remote scanning from HQ • Intrusion detection systems

  16. Limit Access to Need • Controlled Use of Administrative Privileges • Should only be used for administrator duties • Use “RunAs” command whenever possible • Do not leave systems logged on • Controlled access based on need to know • Account monitoring and control

  17. Application Software Security • Be a good implementer • No need to reinvent the wheel • Patch quickly - organizations take twice as long to patch application vulnerabilities as they take to patch operating system vulnerabilities • Use automated updates when possible

  18. Malware Defenses • Firewalls: Block most hacker tools and network worms. • Antispyware: Blocks spyware, Trojans, network and email worms, spyware, but not viruses. • Antivirus: Blocks viruses and email worms. • Intrusion Prevention Software: Block viruses, worms and other malware by looking for the typical behavior of these attacks.

  19. Data Loss Prevention • Backups • Redundancy • Different schedules • Offsite backup • Secure Network Engineering • Penetration Tests and Red Team Exercises • Incident Response Capability • Data Recovery Capability

  20. Education of Users • Don’t download programs from the Internet • Do not use outside CDs, DVDs • Don’t attach outside devices • Don’t open unfamiliar e-mails, especially attachments • Don’t surf sites not needed for work • Scan all files before opening

  21. Quick and Easy Protective Strategies

  22. Security Program Minimums

  23. Outlook Social Networking Continued growth Continued threats Hacktivism Anonymous DoS Reputation & other attacks Increased focus on Corporations?

  24. Ryan W. Garvey Coordinator Information Security & Cyber Threats 571-345-7748 garveyrw@state.gov

More Related