slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Ataques Cibernéticos ao Setor Financeiro PowerPoint Presentation
Download Presentation
Ataques Cibernéticos ao Setor Financeiro

Loading in 2 Seconds...

play fullscreen
1 / 23

Ataques Cibernéticos ao Setor Financeiro - PowerPoint PPT Presentation


  • 149 Views
  • Uploaded on

Ataques Cibernéticos ao Setor Financeiro. 15 de Maio de 2013. Marco Souza. The Cyber Threat Landscape. Number of connected devices be more numerous than computers at least 5 to 1, growing geometrically. An Overview. The number of mobile subscriptions will

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

Ataques Cibernéticos ao Setor Financeiro


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Ataques Cibernéticos ao Setor Financeiro

15 de Maio de 2013

Marco Souza

the cyber threat landscape
The Cyber Threat Landscape

Number of connected devices be more numerous than computers at least 5 to 1, growing geometrically.

An Overview

The number of mobile subscriptions will

Soon overtake the world’s population

slide3

Cyber Threat Landscape

Actors

Organized Crime

  • Motivation: Make Money
  • Methods: Very mature underground economy supporting every facet of cyber criminal activity

Hactivists

  • Motivation: Seek Publicity to their Geopolitical agenda
  • Methods: Disruption and Defacement

Cyber Terrorism

  • Motivation: Instill fear to have targets comply with demands or ideology
  • Methods: Currently using Cyber to “Enable” their programs (Recruit, Incite, Train, Plan & Finance). But there is growing concern they can easily acquire “Disruptive” and possibly “Destructive” capabilities.

State-Affiliated

  • Motivation: Political and Technological advantage to improve self interests
  • Methods: Advanced operations to target specific individuals to gain a foothold into target’s infrastructure. Once a foothold is established, adversary is very patient to perform reconnaissance and methodically plan their attack. Often leaving back doors to re-establish access to the target in case their primary means is identified and mitigated.
slide4

Cyber Threat Landscape

Profiling threat actors

HACTIVISTS/TERRORISM

Source: Verizon The 2013 Data Breach Investigations Report - http://www.verizonenterprise.com/DBIR/2013/

slide5

Cyber Threat Landscape

Actor and Variety Categories

Threat actor categories

Variety of external actor

Source: Verizon The 2013 Data Breach Investigations Report - http://www.verizonenterprise.com/DBIR/2013/

slide6

Organized Crime

Sophisticated Attacks

  • Recent attacks show increased knowledge and understanding of the technology, infrastructure and systems of their victims
  • The amount of knowledge the attacker can obtain on their victim is increasing at lightning speed making these threats more severe each day
  • Bad Actors are going after customers, suppliers, and third parties in addition to direct attacks

Current Threat Levels

•FS-ISAC maintained its advisory level at HIGH

•Symantec maintained its threat level at ELEVATED

•iDefense maintained its threat meter at ELEVATED

state affiliated
State-Affiliated

China

Motivation: Intellectual Theft

Google

Nortel Communications

New York Times, Washington Post

Iran

Motivation

Defacement

Disruption

Destruction

Shamoon

Saudi Aramco

United States

Motivation

Disruption

Destruction

Stuxnet

Flame

Cyberwar

slide8

State-Affiliated

Growth of Offensive Cyber Program Trends

  • Newly created Cyber Command establishes 3 teams who could carry out offensive cyberattacks on foreign nations if the United States were hit with a major attack on its own networks given expressed terrorist interest in cyber
  • First time the Obama administration has publicly admitted to developing such weapons for use in wartime
  • James R. Clapper Jr warned Congress that a major cyberattack on the United States could cripple the country’s infrastructure and economy
  • Clapper suggested that such attacks now pose the most dangerous immediate threat to the United States, even more pressing than an attack by global terrorist networks.

Source: New York Times

slide9

State-Affiliated

Growth of Offensive Cyber Program Trends

Sources:

http://www.nytimes.com/us-accuses-chinas-military-in-cyberattacks

Mandiant: http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf

cyber terrorism
Cyber Terrorism

Hacktivists/Terrorism

  • Exhibiting ‘Enabling’ capabilities
  • In 2012, moving from ‘Disruptive’ to ‘Destructive’ capabilities
slide11
Anonymous

Global anonymous participants

Target: Government and Multinational corporations

Al Qassam Cyber Fighters

Iran

Target: US Banks

LulzSec

Several core members identified

Target: CIA, Sony, Nintendo

Hacktivists/Terrorism

Cyber Terrorism

slide12

Hacktivists/Terrorism

Operation Ababil Update

  • The Al-Qassam Cyber Fighters have sustained its attacks on financial institutions, including retail banks and credit card, investment, and insurance providers
    • Additional targeting of technology service providers associated with the financial industry
    • Attack code also focused on Verisign
  • Multiple previously unobserved scripts and targeting have occurred
    • Continuing observations of the botnet emphasized alternation and updating of DDoS tools
  • Postings continue related to the “Innocence of Muslims” trailer

Source: iSIGHTPartners 8

slide13

Hacktivists/Terrorism

Operation Ababil Update

  • Since early September 2012, the Financial Service sector has been the target of an escalating series of DDoS Attacks.
    • Attacks “ended” on January 22, 2013, however after a brief hiatus, began again on March 5, 2013
  • From Dec 11, 2012 to Jan 10, 2013
    • 140 ‘distributed denial-of-service’ attacks against banks
    • 34 banks victimized – up to 23 in one day
slide14

Organized Crime - Hacktivists/Terrorism

DDoS Attack on Spamhaus with Broad – Financial Impact

  • •The latest DDOS attacks are much more powerful because the bots are data center servers which contain more processing power and have access to greater data center size bandwidth.
    • –Normal DDoS attacks observed in 2012 averaged around 10-50 Gbps and today‟s attacks are starting to average closer to the range of 300 Gbps.
  • •Ordinary internet users are starting to see more of an impact as they may go through the same data centers and infrastructure that are being attacked in more sophisticated campaigns, whom ultimately that have direct effects on ISP‟s and Internet Exchanges.
    • –The Spamhaus campaign caused direct congestion to the London, Amsterdam, Frankfurt, and Hong Kong Internet Exchanges.
data breach atm skimmers
Data Breach – ATM Skimmers

Organized Crime

  • Biggest payouts are Data Breaches
    • Heartland Payment Systems– Processes 100 millioncard transactions per month for 175,000 merchants
slide17

Cyber Threat

Data Breach Regulations

New Zealand

Office of the Privacy Commissioner’s Privacy Breach Guidance Material

Mexico

Federal Law for Protection of Personal Data in Possession of Individuals and It's Implementing Regulations

Ireland

The Data Protection Act 1988 (the “1988 Act”), as modified by the Data Protection (Amendment) Act 2003 (the “2003 Act”)

Personal Data Security Breach Code of Practice (Guidance)

Bahamas

"The Central Bank of The Bahamas NoticeRe: Reporting of Material Events and Incidents of Fraud"

Australia

"BANKING ACT 1959 - SECT 62A (1B)"

Ukraine

Law of Ukraine “On Personal Data Protection”

Uruguay

Decree No. 414/009

Austria

Federal Act concerning the Protection of Personal Data (DSG 2000)

Belgium

Circular CBFA 2009 17_ April 7 2009

Indonesia

"Bank Indonesia Regulation Number : 9/15/PBI/2007 Regarding the Risk Management Implementation for the use of Information Technology by Commercial Banks"

Israel

Proper Conduct of Banking Business Information Technology Management

Norway

Regulation on the processing of personal data (Personal Data Regulations)

Canada

Personal Information Protection and Electronic Documents Act (PIPEDA); Alberta Personal Information Protection Act; British Columbia Personal Information Protection Act; Quebec- Act Respecting the Protection of Personal Information in the Private Sector

Citi Canada Policy - Breach Notification.pdf

United States

Gramm-Leach-Bliley Act (GLBA) - Section 501(b) and the Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice (12 CFR Parts 568 and 570)

United Kingdom

• Notification of Data Security Breaches to the Information Commissioner’s Office

Vietnam

No: 01/2011/TT-NHNN Regulation on the prudence and confidentially of the Informatics Technology System in Banking Activity

Hong Kong

Office of the Privacy Commissioner for Personal Data, Hong Kong ,Guidance on Data Breach Handling and the Giving of Breach Notifications (June 2010).

Malaysia

"Bank Negara Malaysia, Guidelines on Management of IT Environment (GPIS 1)"

Japan

"Guidelines for Personal Information Protection in the Financial Business (the “Financial Guidelines”) "

Guatemala

"Oficio No. 119-2008 OficioEnviado a Bancos, Sociedadesfinancieras, AlmacenerGenerales de Deposito, Entidades Off Shore, EmpresasEspecializadas en serviciosFinancieros Y casas de BolsaOffice Memorandum No. 119-2008 Submitted to Banks, Finance companies, General Almacener Storage, Offshore Entities, companies specializing in financial services and brokerage firms"

Slovakia

"Act No. 428/2002 Coll. On Protection of Personal Data, as amended by the Act No 602/2003 Coll., Act No 576/2004 Coll. And the Act No. 90/2005"

Taiwan

Personal Information Protection Act (the "Act"), amended May 10, 2010, Article 12**

China

"PBOC Notice on Further Strengthening the Reporting of Critical Event for Financial Institutions (Shanghaiyinfa(2011) No.40) Issued on Feb 23, 2011

Jordan

Instructions of internal control systems no (35/2007) issued by the central bank of Jordan pursuant to the stipulations of article (45/a) of the central bank’s law and article (99/b) of the banking law

Luxembourg

Circular CSSF 11/504

Sweden

Finansinspektionen's (The Swedish Financial and Supervisory Authority) General Guidelines regarding Reporting of Events of Material Significance;

Korea

PERSONAL_INFORMATION_PROTECTION_ACT (2).pdf

Germany

Federal Data Protection Act (BDSG)

slide18

Marco Civil

Direitos e Deveresna Internet

O Marco Civil da Internet é um projeto de Lei que visa estabelecer princípios, garantias, direitos e deveres para o uso da Internet no Brasil, , garantindo os direitos fundamentais previstos na Constituição com medidas para preservar a liberdade de expressão e a privacidade.

Atualmente, ele tramita na Câmara dos Deputados sob o número PL 5403/2001 (Era PL 2126/2011).

  • Polêmicas:
  • Tratamento dos pacotes e conteúdos na transmissão.
  • Guarda de logs facultativo
  • Responsabilidade dos provedores em relação ao conteúdo de terceiros.
slide19

Crimes Eletrônicos e a Nova Lei

InvasãoFísica e Eletrônica

x

slide20

Crimes Eletrônicos e a Nova Lei

Lei 12.737/12 – Lei Carolina Dieckmann

Art. 154-A. Invadir dispositivo informático alheio, conectado ou não à rede de computadores, mediante violação indevida de mecanismo de segurança e com o fim de obter, adulterar ou destruir dados ou informações sem autorização expressa ou tácita do titular do dispositivo ou instalar vulnerabilidades para obter vantagem ilícita:

Pena - detenção, de 3 (três) meses a 1 (um) ano, e multa.

  • Crime de Invasão
  • Criação e Disseminação de Código Malicioso
  • Invasão + Prejuízo (Aumenta a penaem 1/3)
  • Obtenção Indevida e Controle Remoto
  • Divulgação de Dados ou Informações
  • InterrupçãoouPerturbação
  • Falsificação de Cartão de Crédito ou Débito
slide21

Ciberataques

Alguns Números

  • O Brasil perde quase R$ 16 bilhões por ano com ciberataques, média de prejuízo por usuário de R$ 562.
  • No mundo o prejuízo chega a US$ 110 bilhões por ano, com média de US$ 200 por usuário.
  • No Mundo 556 milhões de pessoas sofreram com algum tipo de crime cibernético. No Brasil, são 28,3 milhões as vítimas.
  • Os ataques são cada vez mais direcionados ao mundo móvel e às redes sociais
    • 32% dos brasileiros já foram vítimas de uma infecção móvel ou através de redes sociais.
    • 44% dos usuários brasileiros já receberam uma mensagem de texto em seu celular oriunda de desconhecidos e pedindo que clicassem num link ou discassem para um número
    • 23% dos usuários de redes sociais no país já tiveram seus perfis invadidos, e outros 12% já foram contaminados com malware via phishingenviados via redes sociais.
  • 42% dos usuários adultos on-line no país (40% no mundo) simplesmente não sabem que um vírus pode atuar de forma bem discreta no computador

Fonte: Norton/Symantec

slide22

Ciberataques

Organização e colaboração

The mission of the FS-ISAC, in collaboration with the U.S. Department of Treasury and the Financial Services Sector Coordinating Council , is to enhance the ability of the financial services sector to prepare for and respond to cyber and physical threats, vulnerabilities and incidents, and to serve as the primary communications channel for the sector.

APWG is the global industry, law enforcement, and government coalition focused on unifying the global response to cyber crime through development of data resources, data standards and model response systems and protocols for private and public sectors.

The Anti-Phishing Working Group (APWG) and National Cyber Security Alliance (NCSA) led the development of the STOP. THINK. CONNECT. campaign. The U.S. Department of Homeland Security provides the Federal Government's leadership for the STOP. THINK. CONNECT. campaign.

slide23

Ataques Cibernéticos ao Setor Financeiro

OBRIGADO

masouza.jr@uol.com.br