Upload
rui-miguel-feio
View
79
Download
0
Embed Size (px)
Citation preview
Rui Miguel FeioSharing knowledge with the world
RUI MIGUEL FEIO
• Workingwithcomputerssince9yearsold,backin1984• WorkedforCitibank, IBM,Xerox• WorkedwithmanyBlueChipcompaniesaroundtheworld• Specialises inCyberSecurity• Experienceindifferentsystems(Mainframe,Linux,Windows,Unix,…)• WorkswithRSMPartnersasaSeniorTechnicalLead• Giveslecturesandpresentationsallovertheworld
Key facts:
Rui Miguel FeioSharing knowledge with the world
The ”online world” is worth trillions of British Pounds and it’s being
targeted by the criminal world.
But How Safe is It?Almost every
business requires an online presence
today
Online Presence
20%
30%
25%
40%
30%
Contact people / institutions
Customers
Online Education
Social Media
Collaboration
E-commerce
Institutions
Increase Revenue
Security
Business Goals
World Wide Markets
New Ideas
Internet Search
YOUR BUSINESS ONLINE
Rui Miguel FeioSharing knowledge with the world
VALUE OF ONLINE BUSINESS
*https://www.emarketer.com/Article/Worldwide-Retail-Ecommerce-Sales-Will-Reach-1915-Trillion-This-Year/1014369
Rui Miguel FeioSharing knowledge with the world
01HACKERS
Thetermhackerisusedinpopularmediatodescribesomeonewhoattemptstobreakintocomputersystems.Typically,thiskindofhackerwouldbeaproficientprogrammerorengineerwithsufficienttechnicalknowledgetounderstandtheweakpointsinasecuritysystem.
02CRIMINAL ORGS
Criminalactivitiescarriedoutbycriminalorganisations bymeansofcomputersortheInternet.
03HACKTIVISTS
Hacktivistisapersonwhogainsunauthorised accesstocomputerfilesornetworksinordertofurthersocialorpoliticalends.
04NATION STATES
TheNationStateactorhasa'Licence toHack'.Theyworkforagovernmenttodisruptorcompromisetargetgovernments,organisations orindividualstogainaccesstovaluabledataorintelligence,andcancreateincidentsthathaveinternationalsignificance.
05CYBER TERRORISTSAcyber-terroristisacriminalwhousescomputertechnologyandtheInternet,especiallytocausefearanddisruption.Somecyber-terroristsspreadcomputerviruses,andothersthreatenpeople,organisations andnationselectronically.
‘ACTORS’ OF THE ONLINE THREATS
Rui Miguel FeioSharing knowledge with the world
CYBER CRIME
• 80%of Hackerswork with or arepart of an organised crimegroup *
• Traditional criminalorganiSations have ‘opened’cybercrimedivisions:
• CosaNostra(ItalianMafia)• JapaneseYakuza• ChineseTriads• RussianMafia• Nigerianmobs• Mexicancartels
• They have a“businessoriented”mentality (Cybercrime Inc.)*2014study bytheRandCorporation
Rui Miguel FeioSharing knowledge with the world
TYPICAL BUSINESS ORGANISATION
CEO
CFO
Management
SalesPeople
CIO
Management
Researchers Developers Engineers QATesters TechSupport
HRDirector CMO
Management
Distributors Affiliates
Rui Miguel FeioSharing knowledge with the world
“CYBERCRIME INC.” ORGANISATION
CEO(Boss)
CFO(Underboss)
Management(Lieutenant)
MoneyMules(Soldiers&Associates)
CIO(Underboss)
Management(Lieutenant)
Researchers(Soldiers)
Developers(Soldiers)
Engineers(Soldiers)
QATesters(Soldiers)
TechSupport(Soldiers)
HRDirector(Underboss)
CMO(Underboss)
Management(Lieutenant)
Distributors(Soldiers)
Affiliates(Associates)
Rui Miguel FeioSharing knowledge with the world
Innovative Marketing Inc. (aka IMI)
• FoundedbySamJainandDanielSundin (HQinUkraine)
• Developedscarewareroguesecurityprograms (WinFixer eWinAntiVirus)
• Officesin4continentswithhundredsofemployees
• SupportcentresinOhio,ArgentinaandIndia
• Marketedproductsundermorethan1,000differentbrandsandin9languages
• From2002to2008IMIgeneratedhundredsofmillionsofdollarsinprofit.
*https://www.wired.com/2011/09/mf_scareware/
Rui Miguel FeioSharing knowledge with the world
Innovative Marketing Inc. (aka IMI)
Photograph taken in 2003
BJORN DANIEL SUNDINWire Fraud; Conspiracy to Commit Computer Fraud; Computer Fraud
DESCRIPTIONAlias: David Sundin
Date(s) of Birth Used: August 7, 1978 Place of Birth: Sweden
Hair: Red Eyes: Hazel
Height: 5'10" Weight: 136 pounds
Sex: Male Race: White
Occupation: Internet Entrepreneur Nationality: Swedish
Languages: English, Swedish NCIC: W10511664
REWARDThe FBI is o6ering a reward of up to $20,000 for information leading to the arrest and conviction of Bjorn Daniel Sundin.
REMARKSSundin has ties to Sweden and the Ukraine.
CAUTIONBjorn Daniel Sundin, along with his co-conspirator, Shaileshkumar P. Jain, is wanted for his alleged involvement in an international cybercrimescheme that caused internet users in more than 60 countries to purchase more than one million bogus software products, resulting inconsumer loss of more than $100 million. It is alleged that from December 2006 to October 2008, through fake advertisements placed onlegitimate companies’ websites, Sundin and his accomplices deceived internet users into believing that their computers were infected with“malware” or had other critical errors in order to encourage them to purchase “scareware” software products that had limited or no ability toremedy the purported defects.
Sundin and his co-conspirators allegedly deceived victims, through browser hijacking, multiple fraudulent scans and false error messages,into purchasing full paid versions of software products o>ered by their company, Innovative Marketing, Inc. The proceeds of these credit cardsales were allegedly deposited into bank accounts controlled by the defendant and others around the world, and were then transferred tobank accounts located in Europe. When customers complained that their purchases were actually fraudulent software, call centerrepresentatives were allegedly instructed to lie or provide refunds in order to prevent fraud reports to law enforcement or credit companies.
On May 26, 2010, Sundin was indicted in Chicago, Illinois, by a federal grand jury for the United States District Court, Northern District ofIllinois. He was indicted for wire fraud, conspiracy to commit computer fraud and computer fraud. That same day, a federal warrant wasissued for Sundin’s arrest.If you have any information concerning this person, please contact your local FBI o7ce or the nearest American Embassy orConsulate.
Rui Miguel FeioSharing knowledge with the world
Carbanak Group (aka Anunak)
• “Found”earlyin2015byKasperskyLab
• UsedanAdvancedPersistentThreat(APT)campaigntargetingfinancialinstitutions
• Estimated$1BillionUSdollarshavebeenstoleninanattackagainst100banksandprivatecustomers
• TargetedprimarilyRussia,UnitedStates,Germany,ChinaandUkraine
• RumoursofbeingassociatedwithacomputersecuritycompanyinRussia:
• https://krebsonsecurity.com/2016/07/carbanak-gang-tied-to-russian-security-firm/
https://www.symantec.com/connect/blogs/carbanak-multi-million-dollar-cybercrime-gang-focuses-banks-rather-their-customers
Rui Miguel FeioSharing knowledge with the world
COST OF CYBER CRIME IN THE UK
https://www.getsafeonline.org/news/fraud-cybercrime-cost-uk-nearly-11bn-in-past-year/
Rui Miguel FeioSharing knowledge with the world
ONLINE SECURITY THREATS
Risks
Virus
X-SiteScripting
Spoofing
Denial-of-Service attack is a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users.
Malicious Software is a computer program designed to infiltrate and damage computers without the users consent. It’s the general term covering all the different types of threats to your computer such as viruses, spyware, worms, trojans, rootkits and so on.
Virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes.
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and confidential data, often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.
Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts into a legitimate website or web application.
Spoofing is the act of falsifying the origin of an internet communication in order to mislead the recipient. It's widely used to create bogus emails or web pages in order to steal money, passwords or banking credentials.
Rui Miguel FeioSharing knowledge with the world
THE DARK WEB
DarkWebAccessible only through special browsers like TOR, that are designed for anonymity.
Website addresses are not in clear text (e.g. http://3g2upl4pq6kufc4m.onion)
You can get access to drugs, weapons, illegal information, hacking tools, hackers, criminals, credit cards details, private confidential data, login credentials, etc.
InternetThe visible internet that we see when we browse. E.g. Google, Facebook, BBC, company websites, etc.
Rui Miguel FeioSharing knowledge with the world
AVAILABLE TOOLS
TRAINING AND TUTORIALS BOOKS AND ARTICLES
Rui Miguel FeioSharing knowledge with the world
INTERESTING FACTS
• Approximately 3.2billion people usethe internet
• 30.000websitesarehacked every day
• Approximately 204million emailsaresent every minuteand 70%of them arespam
• The majority of internettraffic is not generated by humans,but by bots andmalware.According toarecent study conducted by Incapsula,61.5%or nearly two-thirds of all the websitetraffic is caused by Internetbots
*https://fossbytes.com/10-interesting-facts-internet-really-need-know/
Rui Miguel FeioSharing knowledge with the world
THE VALUE OF DATA
• Howmuchdoyouvalueyourprivacy?
• Howaboutyourfriendsandfamily’sprivacy?
• Whatdoyouthinkcouldhappenifyourdatawasmisused?
• Haveyoueversearchedorvisitedanonlinewebsitethatyouwouldratherliketokeepita‘secret’?
• Criminalorganisationsandhackersaimtoaccessprivateandconfidentialdata
• Butlegitimatecompaniesarealsotargetingforprivatedata…
Rui Miguel FeioSharing knowledge with the world
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
DATA BREACHES ARE FREQUENT
Rui Miguel FeioSharing knowledge with the world
Thedatabreachcostperrecordisinaverageof$154(USD)worldwide.IntheUK,theaveragecostperrecordisof$159(USD)/£128(GBP).
$154COST PER RECORD
ThemosttargetedsectorbyattackerswastheHealthcare,followedbyEducation,Financial,Services,LifeScience,Retail,Communications,Industrial,EnergyandTechnology.
HEALTHTARGETED SECTOR
Theglobalaveragenumberofbreachedrecordswas23,834.IntheUK,theaveragenumberwasof22,759breachedrecords.
23,834RECORDS BREACHED
Globally,maliciousorcriminalattacksaccountedfor48%oftherootcauseofthedatabreach,followedby27%forsystemglitchand25%forhumanerror.IntheUKthesenumberswere51%,24%,and25%respectively.
48%ROOT CAUSE
2016 RESEARCH
* Benchmark research sponsored by IBM Independently conducted by Ponemon Institute LLC June 2016
Rui Miguel FeioSharing knowledge with the world
VALUE OF DATA TO HACKERS
• Allowsforidentitytheft
• Blackmail:• Financialgaining• Accesstoprivatedata• Accesstosystems
• Accesstoprivilegedinformationthatcouldleadtocompromiseoraccessthedataofanotherpersonorentity
• Sellingofthedatatothirdparties(includinglegitimatecompanies)
Rui Miguel FeioSharing knowledge with the world
VALUE OF DATA TO COMPANIES
• HaveyoueverwonderedwhyFacebookorGoogleareworthbillionsofUSdollars?
• AstudypublishedbytheWallStreetJournalonFacebook:
• Eachlong-termuserisworth$80.95• Eachfriendshipisworth$0.62• Yourprofilepageisworth$1,800• Abusinesspageandassociatedadrevenuesareworth$3.1million
• Googleintheotherhand:
• Processesaround24Petabytesofdataeachday• Produces”onlineprofiles”ofitsusers• Thedataisthenstoredandsoldforpublicity
Rui Miguel FeioSharing knowledge with the world
EVERYONE WANTS DATA
• DatabrokercompanyAcxiomCorporation:
• Hasmorethan23,000servers
• Theseserverscollect,collateandanalysemorethan50trillionuniquedatatransactionsperyear
• 96%ofAmericanhouseholdsareinitsdatabases
• Hasmorethan700millionuserprofilesfromaroundtheworld
• Eachprofilehasmorethan1,500specifictraits
• Onequotestated‘Thisistheageofthestalkereconomy’…
Rui Miguel FeioSharing knowledge with the world
THE IMPORTANCE OF AN EMAIL
https://www.wired.com/2016/12/yahoo-hack-billion-users/
• AccordingtoYahoothedataincluded:• Names• Emailaddresses• Contacts• DateofBirthdetails• Hashedpasswords• Amixofquestionsandanswersencryptedandnot
encrypted
• Also,accordingtoYahoo,thedatadidnotinclude:• Unencryptedpasswords• Creditcarddetails• Bankaccountdetails
• ArewetotrustwhatYahoosays?...
Rui Miguel FeioSharing knowledge with the world
THE IMPORTANCE OF AN EMAIL
http://www.fraud-magazine.com/article.aspx?id=4294987206
Rui Miguel FeioSharing knowledge with the world
SYSTEM Z – IBM’S MAINFRAME
• There’sthisideathatthemainframeisanoldandobsoletetechnology
• IBMkeepsreleasingnewmainframeseveryfewyears.Recentlytheyhavereleasedthez13thatcostIBMmorethanUS$1billioninR&D
• Whousesthemainframe?
• 96ofthe100largestbanksintheworld• 23ofthe25largestretailcompaniesintheUS• 9ofthe10largestinsurancecompaniesintheworld• Governmentagencies• Military• Universities
Rui Miguel FeioSharing knowledge with the world
MAINFRAME – THE CROWN JEWELS
• Themainframeprocessesandstoreslargesvolumesofdata
• It’sconsideredthemostsecureplatformintheworldthatcannotbehacked
• Assuch,itdoesnotrequirebiginvestmentsinsecurity…
• Unfortunately,it’snotquiteso.Thetruthis:
• Themainframeisaplatformthatishighlysecurablebutnotsecuredbydefault.Investmentandresourcesarerequiredtosecureit
Rui Miguel FeioSharing knowledge with the world
INTERNET OF THINGS
IoT
Manufacturers of the IoTdevies are under pressure to release new gadgets with new functionalities to an ever more demanding customer. However, security is not greatly taken in consideration which creates security risks to individuals, organisations and governments.
Security RiskThere are currently 6.4 billion IoTdevices connected to the internet. It’s estimated that by 2020, there will be 20 to 50 billion IoTdevices connected to the internet.
Internet of Things
Rui Miguel FeioSharing knowledge with the world
MOBILITY
• Mobile devices are moving targets• Most mobile devices are easy to hack
and compromise• Mobile devices may contain private
and business data• Hackers ‘love’ mobile devices• If compromised, they can become entry
points to your home or business IT network
The Downside
• Being able to access data and do business wherever you are is a major advantage and a requirement in the modern world.
Mobility is Good
• Old devices• Operating system not up-to-date• Apps can leak and collect personal
data• Connected to ‘dubious’ free WiFi spots• Devices not protected with access
credentials
Risks and Threats
Rui Miguel FeioSharing knowledge with the world
CYBERSECURITY MUST BE A PRIORITY AND TAKEN
SERIOUSLY
Rui Miguel FeioSharing knowledge with the world
SOLUTION
• Morelegislationandregulationisrequired.Forexample:GeneralDataProtectionRegulation(GDPR).
• https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
• Investmentisamust!
• Hireexperient andqualifiedstaff• Trainingandeducation• ReviewtheITsystems,processesandprocedures• Regularlyimplement:
• Penetrationtests• Securityaudits• Vulnerabilityscanning• Dataclassification• Recertification
Rui Miguel FeioSharing knowledge with the world
BUT WE ALSO NEED• Companies,governmentsandindividualsneedtochangetheirmindset
andattitudeinregardstosecurityrisksandthreats:
• It’simportanttokeepthesystemsupdated• Questiontheoriginofdocuments,links,emails,etc• Beawareandmindfulofthedatatheyshareonline• Defaultuserids/passwords• Securitymustbealwaysinyourmind!
• Securityisnotonlyatwork• ThinkabouttheIoT devices• Don’tforgetsecurityathome
• Remember:• Freecanbeveryexpensive!• Blindtrustcanbefatal!
Rui Miguel FeioSharing knowledge with the world
BE PROACTIVEBE AWAREBE MINDFUL
THREE Bs TO BE SECUREDThesearethe3Bs tohelpyoubesecuredinthecyberworld.Bemindfulofwhatyoudo;alwaysquestionifyou
shouldclickonalink,onanoption,ifyoushouldopenadocument,thesourceofthedocumentoremail.Beawareofthesecurityrisks;keepinformed,askquestions.Don’tputyourselfandyourbusinessatrisk.Beproactive.Don’twaituntilyoursystemsarecompromised.Keepthemup-to-datewiththelatestversionsoftheoperatingsystem,
andsoftware.Applythesecurityfixes.Haveafirewallandananti-virusandkeepthemupdated.Askforprofessional,experiencedhelp.Inthelongrunthiscansaveyoualotofmoney!!
WHAT TO DO
Rui Miguel FeioSharing knowledge with the world
CONTACTS
�
[email protected]+44(0)7570911459+351962211564
www.RuiFeio.com
tf g
lEMAIL + CONTACTS SOCIAL MEDIA (for the latest news on Cybersecurity)
twitter.com/rfeio
facebook.com/RuiMiguelFeio
linkedin.com/in/rfeio
google.com/+RuiMiguelFeio