Lancope's 2015 Security Predictions Webinar

© 2014 Lancope, Inc. All rights reserved.

2015 Security Predictions

TK Keanini, CTO

Lancope, Inc.


• Intro

• 2014 Retrospective

• 2015 Security Predictions

• Q&A

Agenda


• Brief history• Born and raised in Hawaii

• Musician and moved to California

• Video Games with Broderbund Software

• Cisco Systems

• Morgan Stanley Online

• nCircle CTO

• Lancope CTO

Hello My Name is TK

© 2014 Lancope, Inc. All rights reserved. © 2014 Lancope, Inc. All rights reserved.

Did we get it right or wrong?

2014 Retrospective


• It’s about time!

• More have learned the hard way that telemetry needs to be in place prior to the incident

• Cross-departmental functionality is required

• Incidents in the end are emotional and change human behavior

• Incident response is part of the overall business continuity plan

Incident Response finally becomes a business process


• https://twofactorauth.org/• List of websites and whether or not they support 2FA

• Also see the list of 2FA providers and the platforms they support

• Add your own favorite site by submitting a pull request on the GitHub repo

• FIDO Alliance (Microsoft, Google, ARM, Paypal and Lenovo)• Universal Authentication Framework (UAF)

• Universal 2nd Factor (U2F) based on public-key crypto

• Sharing patents and killing single-factor authentication!

Increase in 2-factor authentication

https://twofactorauth.org/


• The Perimeter is Dead!?• The static perimeter is dead!

• Long live the dynamic perimeter!

• Too early on this one.

• This will happen in 2015 for sure.

SDN and the adaptive perimeter


IoT, 3D Printers, Tracking

2014 Challenges


• Internet of Things• No longer a MSFT target environment

• ShodanHQ.com

• Weaknesses in Automobiles, Home Appliances

• 3D Printing• Custom heart valves that are saving lives

• Printing keys for high security locks

• Disruptive economics for safe cracking

• Tracking Devices• Hardware was still lagging

• Software, features everywhere

Challenges in 2014


What the heck?

2014 Surprises


• Heartbleed• ~500k found on Shodan at the time of disclosure

• Shellshock• ~4k found this past Sept. on Shodan

• POODLE

2014 Security Surprises


Inferences from the data

2015 Security Predictions


• Endpoints and humans participate in the early phases of the attack• Exploitation versus Participation

• Requirements• Cryptocurrency

• TOR

• Psychology of being involved at this stage of the crime

Muleware Madness


• Honan attack (as described in Wired)• One site’s secrets are others’ public information

• Voicemail, call-forwarding, attack the weakest system

• Ultimately, companies need to be firm on their recovery policy• The customer cannot be right all the time

Re-Authentication Weaknesses


• Ransomware is profitable• Denying access to data

• Grew by over 500% in 2014

• Healthcare is an attractive target

• Individuals and companies can defeat this with the proper backups

• The yearly subscription to cloud backup is less than the ransom!

Ransomware Expansion


• Extortionware• Much more targeted

• Unlike ransomware, data has been exfiltrated and analyzed• Unless terms are met, data will be

disclosed broadly or to specific target

Targeted Extortionware


• The world continues to become more connected!• Customers are more connected

• Businesses are more connected

• Devices and applications are more connected

• Bad actors are more connected

• Much of what is already happening will just expand• Ransomware will expand

• Authentication abuse will expand

• Hacktivism and Nation State threats will expand

• They will get in and you will have a security incident

• Raise the cost of threat actor operations

Conclusion


MAHALO! (Thank you)

TK Keanini,

Chief Technology Officer

[email protected]

Follow me on twitter @tkeanini

mailto:[email protected]