Upload
hoangtruc
View
213
Download
0
Embed Size (px)
Citation preview
The Trojan Horse: Phishing and Ransomware Attacks
DAVID S. LIPKUSKESTENBERG S IEGAL L IPKUS LLP
BARRISTERS & SOLICITORS65 GRANBY STREET, TORONTO, ONTARIO, M5B 1H8
WWW.KSLLAW.COM
TEL: 416-342-1103 FAX: 416-597-6567
Agenda
1) Ke y Te rm s
2) C a se Stud y
3) Pre ve ntio n
4) NO W WHAT? ? ? !!!? ? ?
$445 Billion Year cost to the global economy
7% in 2 yearsNumber of business reporting $1 million loss
The risks are REALBut MANAGEABLE
Key Terms
Key Terms
Key Terms
Key Terms
Social Engineering
Key Terms - Phishing
Spear Phishing
Key Terms
Information Sec urity
Critic a l Infrastruc ture
Intellec tual Property
TECH 101SOME PRACTICAL BASICS
CREATING A PHISHING ATTACK
• A phishing campaign can be launched in as little as fifteen minutes
• Cursory research using Google, LinkedIn, or your company’s website can provide an attacker with enough information to sound convincing to users
• In this example, Google Forms was used to easily create a fillable survey users could be targeted with
CREATING A PHISHING ATTACK
• Although a Gmail account was used here, easily obtained software tools allow large numbers of users to be targeted
• Sophisticated attackers will send less easily detected emails and embed tracking images or even code in their phishing emails
Friday, May 12, 2017
In 1 Day 230,000 infec ted
c o m p ute rs a c ro ss 150 c o untrie s.
Estim a te d Ec o no m ic Lo sse s:
$4 BillionTo p 4 C o untrie s Affe c te d :• Russia
• Ukra ine • Ind ia
• Ta iwa n
Affected Organizations• Andhra Pradesh Police, India• Aristotle University of Thessaloniki,
Greece• Automobile Dacia, Romania• Cambrian College, Canada• Chinese public security bureau• CJ CGV• Dalian Maritime University• Deutsche Bahn• Dharmais Hospital, Indonesia• Faculty Hospital, Nitra, Slovakia• FedEx• Garena Blade and Soul• Guilin University Of Aerospace
Technology• Guilin University Of Electronic
Technology• Harapan Kita Hospital[disambiguation
needed], Indonesia• Hezhou University• Hitachi
• Honda• Instituto Nacional de Salud, Colombia• Lakeridge Health• LAKS• LATAM Airlines Group• MegaFon• Ministry of Internal Affairs of the Russian
Federation• Ministry of Foreign Affairs (Romania)• National Health Service (England)• NHS Scotland• Nissan Motor Manufacturing UK• O2, Germany• Petrobrás• PetroChina• Portugal Telecom• Q-Park• Renault• Russian Railways• Sandvik• São Paulo Court of Justice
• Saudi Telecom Company• Sberbank• Shandong University• State Governments of India• Government of Gujarat• Government of Kerala• Government of Maharashtra• Government of West Bengal• Suzhou Vehicle Administration• Sun Yat-sen University, China• Telefónica• Telenor Hungary, Hungary• Telkom (South Africa)• Timrå Municipality, Sweden• Universitas Jember, Indonesia• University of Milano-Bicocca, Italy• University of Montreal, Canada• Vivo, Brazil
How it worked:
Generally: Will trick you into clicking an e-mail/link/attachment which will then infect your operating system.
WannaCry: In this case, a vulnerability in an operating system.
The question is not “IF” but
“WHEN”
HAVE YOU HAD YOUR
CYBER HEALTH CHECK?
Cyber Health Check
1. Prevention
2. Education & Training
3. Information Sharing
PreventionAN OUNCE OF PREVENTION IS WORTH A POUND OF CURE – BENJAMIN FRANKLIN
#1. REGULARLY BACKUP AND STORE DATA OUTSIDE OF YOUR BUSINESS NETWORK.
Prevention
#2. EDUCATION & TRAINING
Prevention
#2. EDUCATION & TRAININGPrevention
Insider threats are the most common entry point
for cyber criminals
[60%]
#2. EDUCATION & TRAININGPreventionThe “Human Factor”
- People can be the best resource and the weakest link
#3. SOFTWAREPrevention
Virtual Private Network (VPN)
• Originally designed to allow users to securely access a private network across the Internet or other public network
• Often used in a similar manner to proxies, with two key differences:• The connection between the VPN server and the user is encrypted
• VPNs can handle all types of traffic, whereas proxies generally only deal with web traffic (HTTP)
• VPNs used in this manner are generally paid services, allowing users to pick from a variety of locations they wish to appear to be coming from
VPN Demonstration
Information SharingAN EFFECTIVE STRATEGY
- Business are hesitant to share information.
Information Sharing
Sharing information among key players is essential to combating cybercrime.
Information Sharing
CCTX
(Canadian Cyber Threat Exchange)
Information Sharing
• Not-for-profit• Share information about vulnerabilities and
cyber threats among governments, businesses and research institutions.
• Provide analysis of information security issues
• Point of contact for cyber information sharing organizations in other countries.
NOW WHAT???!!!???
• C & D• Registrars/ISPs• Mail Servers
• IT department• Third Parties
http://www.antifraudcentre-centreantifraude.ca/index-eng.htm
The Trojan Horse: Phishing and Ransomware Attacks
DAVID S. LIPKUSKESTENBERG S IEGAL L IPKUS LLP
BARRISTERS & SOLICITORS65 GRANBY STREET, TORONTO, ONTARIO, M5B 1H8
WWW.KSLLAW.COM
TEL: 416-342-1103 FAX: 416-597-6567