SlideShare une entreprise Scribd logo

Cybersecurity Risk from User Perspective

A
AvinantaTarigan

Cybersecurity Risk from User Perspective

Technologie
1  sur  28
Télécharger pour lire hors ligne
CYBERSECURITY RISK FROM CONSUMER PERSPECTIVE LESSON LEARNED FROM THE COVID-19 PANDEMIC Avinanta Tarigan Research Center for Cryptography and System Security Gunadarma University
MY SELF • Education: • 1997 - Bachelor Degree in Computer Science – Gunadarma University • 2017 – PhD in Computer Science – Universitaet Bielefeld • Activities : • Lecturer in Computer Science department, Gunadarma University • Head of Research Center for Cryptography and System Security • AAMAI • Past work / research : • National roadmap for Security Incident Response Capabilities Development • First Certification Authority Systems (PKI) in Indonesia • Decentralized (Blockchain) Protocol Development and Decentralized Apps Development • Cryptographic Protocol development and formal verification • IT Audit & Penetration Testing
AGENDA Cyberspace during pandemic Cyber Threat Landscape Cybersecurity Concept Lesson Learned
INTERNET PENETRATION
INTERNET UTILIZATION IS INCREASED DURING PANDEMIC
CYBER ATTACK DURING PANDEMIC
WHAT ARE THE RISK Change Effect Risk Work From Home Personal mobile and computers allowed to access corporate networks Data breach (Key / Screen Logger, Direct attack by malware infected on user computer to corporate networks) Remote desktop compromise Cloud Utilization Important data are stored and exchanged in the cloud Data loss, data manipulation, data breach, malware infection Increased Vicon Utilization Important and confidential conversation or meeting are held and stored by third party unauthenticated users silently join the meeting Stolen recorded meeting from cloud Unauthorized access to user’s screen / desktop Vicon chat room can be used as code injection Digital Documents are used as legal document Users rely on integrity of documents Documents Forgery, Unauthorized modification Increased network demand More throughput is needed, increase bandwidth capacity Lack of Service Network is down
LATEST THREAT FOUND DURING PANDEMIC • Ransomware combines encryption with stolen data • Light loader malware attack on every device, payload is downloadable, difficult to detect • Covid-19 domain registration increase significantly - > Phising • Large scale attack to health related sites by APT (Advanced Persistence Threat) • 150.000 new m-apps on playstore deliberately loaded with malware • Malware bypass 2 Factor Authentication (2FA) • Online Skimming (CC) • Compromised cloud service caused data breach • Malware : • Cryptomining • Mobile Fraud AdWare • Banking trojan • Spyware (SMS, 2FA, CC) • High profile global vulnerabilities • Exim Mail Agent (CVE-2020-10149) • Draytek Vigor Command Injection vulnerability (CVE-2020-8515) • Microsoft Windows SMBGhost RCE Exploit (CVE- 2020-0796)
CYBER ATTACK LANDSCAPE Increased Cyber Attack During Pandemic Online Skimming Malware Web Apps Attack Scam Phising Social Engineering Data Breach Client side attack DDoS Source: BSSN
DIGITAL SIGNATURE Digital signature is used to protect authenticity and integrity of a document and promote non-repudiation • Authentication of signer • Sign, confirm, and send various insurance documents and legal disclosure • On-time quality services to their customer • According to UU ITE, documents signed with digital signatures are legally valid
Cyber Security Threats Controls Cyber Space Assets Vulnerabilities Apps, Libraries, OS, Protocol, People, Policy Attacker Insider / Outsider Exploit Techniques Buffer Overflow, Injection, XSS, Sniffing, Social Engineering, Malware, etc Aspects Authentication Integrity Confidentiality Non-Repudiation Availability INCIDENT Reported or Keep Secret Security Management Continues Security Man, Tools, Method Secure System Dev Awareness & Skill Cryptography Incident Handling Threat Intelligence Digital Forensic People Software & Services Internet / Infrastructure Convention Tangible & Intangible Physical & Logical Locally Stored On Cloud Stored Identify Protection Detection Respond Recovery ISO/IEC 27001 PCI/DSS, NIST Fr Security Audit ISO 19001:2011 ISO 27035 ISO 27037 Security is a process not a product Security is chain of trust, the strength is the weakest link use to exploit resulting in that break Open & Underground explore KAMI
KNOW WHERE YOU ARE (CS MATURITY LEVEL)
SOC & CSIRT • SOC ( Security Operation Center ) A Security Operations Center (SOC) is an organized and highly skilled team whose mission is to continuously monitor and improve an organization’s security posture while preventing, detecting, analyzing, and responding to cyber security incidents with the aid of both technology and well- defined processes and procedures. • CSIRT ( Computer Security Incident response Team ) is a group of IT professionals that provides an organization with services and support surrounding the prevention, management and coordination of potential cybersecurity related emergencies.
CYBER THREAT INTELLIGENCE • Cyber threat intelligence is information about threats and threat actors that helps mitigate harmful events in cyberspace[. Cyber threat intelligence sources include open source intelligence, social media intelligence, human Intelligence, technical intelligence or intelligence from the deep and dark web.
CSIRT / CERT COOPERATION National CSIRT Gov CSIRT Province CSIRT Gov Org CSIRT Ministry CSIRT Public CSIRT Sectoral CSIRT Fin CSIRT Bank A CSIRT X Insurace CSIRT Y Insurance CSIRT Fintech Z CIRT Transportation CSIRT Critical Infra CSIRT • Computer Security Incident Response Team • Prepare and Strengthening • Response to Incidents • Recovery • Investigation • Capability Building through Networking, Simulation, Cyber Exercise, Cyberdrill • Incident / Vulnerability / Threat sharing information • Sectoral CSIRT has advantage of application / environment homogenity • BSSN agenda to develop network of CSIRT and capability building
MODERN CYBER SECURITY : THREAT HUNTING Proactive Rather Than Reactive 1. Assumption is system compromised 2. Proactive to search for threat 3. Iterative work to search on undiscover vulnerability 4. To be curious on the new attack techniques 5. Alert from protection system is just a tools to help to monitor 6. Improving automatic detection
CYBERSECURITY SKILL GAP
THE CHANGE, RISK, AND SOLUTION Change Effect Risk Tech WFH Personal mobile and computers allowed to access corporate networks Data breach (Key / Screen Logger, Direct attack by malware infected on user computer to corporate networks) • User training awareness (simulation, random check, continues alert) • Latest AV and patches on users’ comp • Access from home are limited and treated differently Cloud Utilization Important data are stored and exchanged in the cloud Data loss, data manipulation, data breach, malware infection • Invest in cloud security • Real time prevention of threats with IaaS security • Deploy on containers an serverless apps Vicon Utilization Important and confidential conversation or meeting are held and stored by third party unauthenticated users silently join the meeting Stolen recorded meeting from cloud unauthorized remote access to user’s screen/desktop • Invest on Vicon infrastructure • DRM and other cryptography measures • Security audit and testing Digital Documents are used as legal document Users rely on integrity of documents Documents Forgery, Unauthorized modification • Digital Signature and Public Key Infrastructure • Crypto Token Increased network demand More throughput is needed, increase bandwidth capacity Lack of Service Network is down • Invest in network security (IPS, AV, Firewall) • All network protection and scalability keeping business continuity
1. Proaktif, bukan reaktif. Artinya prinsip ini fokus pada antisipasi dan pencegahan. 2. Mengutamakan privasi pengguna. Prinsip ini memetakan pada upaya untuk memberikan perlindungan privasi secara maksimum dengan memastikan bahwa data pribadi secara otomatis dilindungi dalam sistem IT atau praktik bisnis tertentu. 3. Perlindungan privasi diintegrasikan ke dalam desain. Kewajiban menanamkan perlindungan data pribadi pada desain teknologi secara holistik. 4. Memiliki fungsi maksimal. Prinsip ini menekankan pada penyediaan standar mitigasi risiko untuk sistem elektronik yang kewajibannya tidak semata-mata demi keamanan perusahaan, tapi juga demi privasi dari pemilik data pribadi. 5. Sistem keamanan yang total. Prinsip ini terwujud dengan memperkuat sistem keamanan dari mula hingga akhir. 6. Transparansi. Prinsip ini memastikan praktik bisnis maupun teknologi yang ada beroperasi sesuai aturan yang sudah disepakati dan diungkap ke publik. Penyedia jasa juga harus tunduk pada proses verifikasi yang dilakukan oleh pihak independen. 7. Menghormati privasi pengguna. Prinsip paling vital yang diwujudkan dengan memberikan peran aktif bagi pemilik data pribadi untuk mengelola data mereka PRINSIP PERLINDUNGAN DATA PRIBADI
CYBERLAW IN INDONESIA • UU No 11 Tahun 2008, UU No 19 Tahun 2016 : Informasi dan Transaksi Elektronik • Permen No 20 Tahun 2016 (Kominfo) Tentang Perlindungan Data Pribadi dalam Sistem Elektronik • PPeraturan Otoritas Jasa Keuangan (OJK) Nomor 77/POJK.01/2016 tentang Layanan Pinjam Meminjam Uang Berbasis Teknologi Informasi • Peraturan Badan BSSN • RUU Perlindungan Data Pribadi • RUU Kamsiber
MITIGATION STRATEGIES

Recommandé

Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on reviewMiltonBiswas8
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA PresentationMarc Crudgington, MBA
 
CYBER SECURITY.pptx
CYBER SECURITY.pptxCYBER SECURITY.pptx
CYBER SECURITY.pptxMalu704065
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityIndSightsResearchSG
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdfSuleiman55
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 

Recommandé

Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on reviewMiltonBiswas8
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA PresentationMarc Crudgington, MBA
 
CYBER SECURITY.pptx
CYBER SECURITY.pptxCYBER SECURITY.pptx
CYBER SECURITY.pptxMalu704065
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityIndSightsResearchSG
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdfSuleiman55
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityApplied Forensic Research Sciences
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityrahulbhardwaj312501
 
empowering your business with top-notch cybersecurity services.pdf
empowering your business with top-notch cybersecurity services.pdfempowering your business with top-notch cybersecurity services.pdf
empowering your business with top-notch cybersecurity services.pdfbasilmph
 
CYBER SECURITY.pptx
CYBER SECURITY.pptxCYBER SECURITY.pptx
CYBER SECURITY.pptxParthYadav89
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking SectorSamvel Gevorgyan
 
Cybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceCybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceNISIInstituut
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
weyai cybersecurity.pptx
weyai cybersecurity.pptxweyai cybersecurity.pptx
weyai cybersecurity.pptxWeyai1
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...Netpluz Asia Pte Ltd
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for businessDaniel Thomas
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
 
Cybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfCybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfRahimMakhani2
 
Cyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrZYMR, INC.
 
Zymr Cybersecurity
Zymr Cybersecurity Zymr Cybersecurity
Zymr Cybersecurity Zymr Cloud
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
cscnapd.ppt
cscnapd.pptcscnapd.ppt
cscnapd.pptKumarjitDutta7
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Cyber security for Developers
Cyber security for DevelopersCyber security for Developers
Cyber security for Developerstechtutorus
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloudUlf Mattsson
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 

Contenu connexe

Similaire à Cybersecurity Risk from User Perspective

Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
empowering your business with top-notch cybersecurity services.pdf
empowering your business with top-notch cybersecurity services.pdfempowering your business with top-notch cybersecurity services.pdf
empowering your business with top-notch cybersecurity services.pdfbasilmph
 
CYBER SECURITY.pptx
CYBER SECURITY.pptxCYBER SECURITY.pptx
CYBER SECURITY.pptxParthYadav89
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking SectorSamvel Gevorgyan
 
Cybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceCybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceNISIInstituut
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
weyai cybersecurity.pptx
weyai cybersecurity.pptxweyai cybersecurity.pptx
weyai cybersecurity.pptxWeyai1
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...Netpluz Asia Pte Ltd
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for businessDaniel Thomas
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Skycure
 
Cybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfCybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfRahimMakhani2
 
Cyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrZYMR, INC.
 
Zymr Cybersecurity
Zymr Cybersecurity Zymr Cybersecurity
Zymr Cybersecurity Zymr Cloud
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Cyber security for Developers
Cyber security for DevelopersCyber security for Developers
Cyber security for Developerstechtutorus
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloudUlf Mattsson
 

Similaire à Cybersecurity Risk from User Perspective (20)

Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
empowering your business with top-notch cybersecurity services.pdf
empowering your business with top-notch cybersecurity services.pdfempowering your business with top-notch cybersecurity services.pdf
empowering your business with top-notch cybersecurity services.pdf
 
CYBER SECURITY.pptx
CYBER SECURITY.pptxCYBER SECURITY.pptx
CYBER SECURITY.pptx
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
 
Cybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceCybersecurity and continuous intelligence
Cybersecurity and continuous intelligence
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
weyai cybersecurity.pptx
weyai cybersecurity.pptxweyai cybersecurity.pptx
weyai cybersecurity.pptx
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
 
Cybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdfCybersecurity In IoT Challenges And Effective Strategies.pdf
Cybersecurity In IoT Challenges And Effective Strategies.pdf
 
Cyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - Zymr
 
Zymr Cybersecurity
Zymr Cybersecurity Zymr Cybersecurity
Zymr Cybersecurity
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptx
 
cscnapd.ppt
cscnapd.pptcscnapd.ppt
cscnapd.ppt
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligence
 
Cyber security for Developers
Cyber security for DevelopersCyber security for Developers
Cyber security for Developers
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
 

Dernier

Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 

Dernier (20)

Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 

Cybersecurity Risk from User Perspective

  • 1. CYBERSECURITY RISK FROM CONSUMER PERSPECTIVE LESSON LEARNED FROM THE COVID-19 PANDEMIC Avinanta Tarigan Research Center for Cryptography and System Security Gunadarma University
  • 2. MY SELF • Education: • 1997 - Bachelor Degree in Computer Science – Gunadarma University • 2017 – PhD in Computer Science – Universitaet Bielefeld • Activities : • Lecturer in Computer Science department, Gunadarma University • Head of Research Center for Cryptography and System Security • AAMAI • Past work / research : • National roadmap for Security Incident Response Capabilities Development • First Certification Authority Systems (PKI) in Indonesia • Decentralized (Blockchain) Protocol Development and Decentralized Apps Development • Cryptographic Protocol development and formal verification • IT Audit & Penetration Testing
  • 5. INTERNET UTILIZATION IS INCREASED DURING PANDEMIC
  • 7. WHAT ARE THE RISK Change Effect Risk Work From Home Personal mobile and computers allowed to access corporate networks Data breach (Key / Screen Logger, Direct attack by malware infected on user computer to corporate networks) Remote desktop compromise Cloud Utilization Important data are stored and exchanged in the cloud Data loss, data manipulation, data breach, malware infection Increased Vicon Utilization Important and confidential conversation or meeting are held and stored by third party unauthenticated users silently join the meeting Stolen recorded meeting from cloud Unauthorized access to user’s screen / desktop Vicon chat room can be used as code injection Digital Documents are used as legal document Users rely on integrity of documents Documents Forgery, Unauthorized modification Increased network demand More throughput is needed, increase bandwidth capacity Lack of Service Network is down
  • 8.
  • 9. LATEST THREAT FOUND DURING PANDEMIC • Ransomware combines encryption with stolen data • Light loader malware attack on every device, payload is downloadable, difficult to detect • Covid-19 domain registration increase significantly - > Phising • Large scale attack to health related sites by APT (Advanced Persistence Threat) • 150.000 new m-apps on playstore deliberately loaded with malware • Malware bypass 2 Factor Authentication (2FA) • Online Skimming (CC) • Compromised cloud service caused data breach • Malware : • Cryptomining • Mobile Fraud AdWare • Banking trojan • Spyware (SMS, 2FA, CC) • High profile global vulnerabilities • Exim Mail Agent (CVE-2020-10149) • Draytek Vigor Command Injection vulnerability (CVE-2020-8515) • Microsoft Windows SMBGhost RCE Exploit (CVE- 2020-0796)
  • 10. CYBER ATTACK LANDSCAPE Increased Cyber Attack During Pandemic Online Skimming Malware Web Apps Attack Scam Phising Social Engineering Data Breach Client side attack DDoS Source: BSSN
  • 11.
  • 12.
  • 13.
  • 14. DIGITAL SIGNATURE Digital signature is used to protect authenticity and integrity of a document and promote non-repudiation • Authentication of signer • Sign, confirm, and send various insurance documents and legal disclosure • On-time quality services to their customer • According to UU ITE, documents signed with digital signatures are legally valid
  • 15. Cyber Security Threats Controls Cyber Space Assets Vulnerabilities Apps, Libraries, OS, Protocol, People, Policy Attacker Insider / Outsider Exploit Techniques Buffer Overflow, Injection, XSS, Sniffing, Social Engineering, Malware, etc Aspects Authentication Integrity Confidentiality Non-Repudiation Availability INCIDENT Reported or Keep Secret Security Management Continues Security Man, Tools, Method Secure System Dev Awareness & Skill Cryptography Incident Handling Threat Intelligence Digital Forensic People Software & Services Internet / Infrastructure Convention Tangible & Intangible Physical & Logical Locally Stored On Cloud Stored Identify Protection Detection Respond Recovery ISO/IEC 27001 PCI/DSS, NIST Fr Security Audit ISO 19001:2011 ISO 27035 ISO 27037 Security is a process not a product Security is chain of trust, the strength is the weakest link use to exploit resulting in that break Open & Underground explore KAMI
  • 16.
  • 17. KNOW WHERE YOU ARE (CS MATURITY LEVEL)
  • 18. SOC & CSIRT • SOC ( Security Operation Center ) A Security Operations Center (SOC) is an organized and highly skilled team whose mission is to continuously monitor and improve an organization’s security posture while preventing, detecting, analyzing, and responding to cyber security incidents with the aid of both technology and well- defined processes and procedures. • CSIRT ( Computer Security Incident response Team ) is a group of IT professionals that provides an organization with services and support surrounding the prevention, management and coordination of potential cybersecurity related emergencies.
  • 19. CYBER THREAT INTELLIGENCE • Cyber threat intelligence is information about threats and threat actors that helps mitigate harmful events in cyberspace[. Cyber threat intelligence sources include open source intelligence, social media intelligence, human Intelligence, technical intelligence or intelligence from the deep and dark web.
  • 20. CSIRT / CERT COOPERATION National CSIRT Gov CSIRT Province CSIRT Gov Org CSIRT Ministry CSIRT Public CSIRT Sectoral CSIRT Fin CSIRT Bank A CSIRT X Insurace CSIRT Y Insurance CSIRT Fintech Z CIRT Transportation CSIRT Critical Infra CSIRT • Computer Security Incident Response Team • Prepare and Strengthening • Response to Incidents • Recovery • Investigation • Capability Building through Networking, Simulation, Cyber Exercise, Cyberdrill • Incident / Vulnerability / Threat sharing information • Sectoral CSIRT has advantage of application / environment homogenity • BSSN agenda to develop network of CSIRT and capability building
  • 21. MODERN CYBER SECURITY : THREAT HUNTING Proactive Rather Than Reactive 1. Assumption is system compromised 2. Proactive to search for threat 3. Iterative work to search on undiscover vulnerability 4. To be curious on the new attack techniques 5. Alert from protection system is just a tools to help to monitor 6. Improving automatic detection
  • 23. THE CHANGE, RISK, AND SOLUTION Change Effect Risk Tech WFH Personal mobile and computers allowed to access corporate networks Data breach (Key / Screen Logger, Direct attack by malware infected on user computer to corporate networks) • User training awareness (simulation, random check, continues alert) • Latest AV and patches on users’ comp • Access from home are limited and treated differently Cloud Utilization Important data are stored and exchanged in the cloud Data loss, data manipulation, data breach, malware infection • Invest in cloud security • Real time prevention of threats with IaaS security • Deploy on containers an serverless apps Vicon Utilization Important and confidential conversation or meeting are held and stored by third party unauthenticated users silently join the meeting Stolen recorded meeting from cloud unauthorized remote access to user’s screen/desktop • Invest on Vicon infrastructure • DRM and other cryptography measures • Security audit and testing Digital Documents are used as legal document Users rely on integrity of documents Documents Forgery, Unauthorized modification • Digital Signature and Public Key Infrastructure • Crypto Token Increased network demand More throughput is needed, increase bandwidth capacity Lack of Service Network is down • Invest in network security (IPS, AV, Firewall) • All network protection and scalability keeping business continuity
  • 24.
  • 25.
  • 26. 1. Proaktif, bukan reaktif. Artinya prinsip ini fokus pada antisipasi dan pencegahan. 2. Mengutamakan privasi pengguna. Prinsip ini memetakan pada upaya untuk memberikan perlindungan privasi secara maksimum dengan memastikan bahwa data pribadi secara otomatis dilindungi dalam sistem IT atau praktik bisnis tertentu. 3. Perlindungan privasi diintegrasikan ke dalam desain. Kewajiban menanamkan perlindungan data pribadi pada desain teknologi secara holistik. 4. Memiliki fungsi maksimal. Prinsip ini menekankan pada penyediaan standar mitigasi risiko untuk sistem elektronik yang kewajibannya tidak semata-mata demi keamanan perusahaan, tapi juga demi privasi dari pemilik data pribadi. 5. Sistem keamanan yang total. Prinsip ini terwujud dengan memperkuat sistem keamanan dari mula hingga akhir. 6. Transparansi. Prinsip ini memastikan praktik bisnis maupun teknologi yang ada beroperasi sesuai aturan yang sudah disepakati dan diungkap ke publik. Penyedia jasa juga harus tunduk pada proses verifikasi yang dilakukan oleh pihak independen. 7. Menghormati privasi pengguna. Prinsip paling vital yang diwujudkan dengan memberikan peran aktif bagi pemilik data pribadi untuk mengelola data mereka PRINSIP PERLINDUNGAN DATA PRIBADI
  • 27. CYBERLAW IN INDONESIA • UU No 11 Tahun 2008, UU No 19 Tahun 2016 : Informasi dan Transaksi Elektronik • Permen No 20 Tahun 2016 (Kominfo) Tentang Perlindungan Data Pribadi dalam Sistem Elektronik • PPeraturan Otoritas Jasa Keuangan (OJK) Nomor 77/POJK.01/2016 tentang Layanan Pinjam Meminjam Uang Berbasis Teknologi Informasi • Peraturan Badan BSSN • RUU Perlindungan Data Pribadi • RUU Kamsiber