Codemotion Rome 2015 - La User Experience si evolve guidata delle opportunità tecnologiche (Mobility, Active Spaces, Internet delle Cose, Wearable, ...). I nuovi servizi coinvolgono un sempre maggior numero di utenti e di Smart Objects. I volumi e la complessità degli scenari determinano una serie di nuove vulnerabilità che attirano l'interesse di un Cyber-crimine sempre più determinato e sofisticato. Riconoscere il rischo e sviluppare di conseguenza soluzioni "sicure" è il primo, fondamentale elemento per contribuire a mitigare il quadro complessivo della minaccia tecnologica.
5. CyberSec: evoluzione dello scenario di rischio
Evoluzione della minaccia
Evoluzione delle vulnerabilità…
Potenziali Impatti
NTT Global Threat Report
Because protecting his rights is fundamental
Because he represents the endemic vulnerability of the digital ecosystem
Because it is not in the condition to structure themselves an effective defense against threats
Because cybercriminals are aware of that, and create attacks in complex systems starting from its vulnerabilities
End-user autonomously enjoying services available on the Internet by means of several kind of devices belonging to him, and used for purposes tailored to his personal needs and in accordance to his own ethical rules
To Safeguard its rights is fundamental
THE END-USER ON THE INTERNET IS VULBERABLE BECAUSE HE ASSUMES RISKY BEHAVIOURS
Mobile end-users behaviour and technological tools are becoming increasingly unstructured.
It is difficult to place a typical end-user in a tidy context of security policies, as he is more and more aspiring to work in an environment free of constraints, whose perimeter is defined according to their personal ethics and to their individual needs
Given the wide availability of applications and services, the typical users of Smartphone and Tablet are either unaware or simply overwhelmed by the complexity and frequency of the actions required to maintain secure their endpoints
Knowing the individual, it is possible to exploit its weaknesses, even to violate the defenses of the contexts in which it has access
Doxxing
Acquisition of personal information intended to know in detail the aspects of the individual's life more reserved. Purpose: blackmail / identity theft / spare phishing
Ramsonware
Malware with target individual users or small businesses, which encrypts the data and stops the system with a subsequent claim for payment
Attacks targeted at small structures that hold personal data critical (eg. Health facilities). Objective: theft of data to enrich the ‘personal dossier'
«Stuxnet» attack to Iranian Nuclear centrals - 2010
Various hypotheses about how it was possible to bring the malware within the systems of control, not being connected to the Internet
Attack via Infected USB drive recklessly installed by an employee
“Indirect“ attack to a "trusted user" and subsequent propagation systems
In both scenarios, the "Trojan horse" is a third party targeted as more vulnerable than the main target
Attack to ThyssenKrupp steelworks- 2014
Origin of the attack: a "spear phishing“ attack: Built specifically to trick the recipient, reports personal information for substantiate the autenticity. Data probably spread by the victim on social networks!
«Stuxnet» attack to Iranian Nuclear centrals - 2010
Various hypotheses about how it was possible to bring the malware within the systems of control, not being connected to the Internet
Attack via Infected USB drive recklessly installed by an employee
“Indirect“ attack to a "trusted user" and subsequent propagation systems
In both scenarios, the "Trojan horse" is a third party targeted as more vulnerable than the main target
Attack to ThyssenKrupp steelworks- 2014
Origin of the attack: a "spear phishing“ attack: Built specifically to trick the recipient, reports personal information for substantiate the autenticity. Data probably spread by the victim on social networks!
«Stuxnet» attack to Iranian Nuclear centrals - 2010
Various hypotheses about how it was possible to bring the malware within the systems of control, not being connected to the Internet
Attack via Infected USB drive recklessly installed by an employee
“Indirect“ attack to a "trusted user" and subsequent propagation systems
In both scenarios, the "Trojan horse" is a third party targeted as more vulnerable than the main target
Attack to ThyssenKrupp steelworks- 2014
Origin of the attack: a "spear phishing“ attack: Built specifically to trick the recipient, reports personal information for substantiate the autenticity. Data probably spread by the victim on social networks!
«Stuxnet» attack to Iranian Nuclear centrals - 2010
Various hypotheses about how it was possible to bring the malware within the systems of control, not being connected to the Internet
Attack via Infected USB drive recklessly installed by an employee
“Indirect“ attack to a "trusted user" and subsequent propagation systems
In both scenarios, the "Trojan horse" is a third party targeted as more vulnerable than the main target
Attack to ThyssenKrupp steelworks- 2014
Origin of the attack: a "spear phishing“ attack: Built specifically to trick the recipient, reports personal information for substantiate the autenticity. Data probably spread by the victim on social networks!
«Stuxnet» attack to Iranian Nuclear centrals - 2010
Various hypotheses about how it was possible to bring the malware within the systems of control, not being connected to the Internet
Attack via Infected USB drive recklessly installed by an employee
“Indirect“ attack to a "trusted user" and subsequent propagation systems
In both scenarios, the "Trojan horse" is a third party targeted as more vulnerable than the main target
Attack to ThyssenKrupp steelworks- 2014
Origin of the attack: a "spear phishing“ attack: Built specifically to trick the recipient, reports personal information for substantiate the autenticity. Data probably spread by the victim on social networks!
Based on 4 parts
Devices APPs Security Monitoring
Early Warning and security awareness
End User brehavioral and Environmental Monitoring
Dynamic Adaptive Policy Enforcement
Alongside the strategic guidelines for the Security of the digital ecosystem * that focus the role and contribution of public and private institutions:
Improvement of technological and operational capability of all Stakeholders
Strengthening of defense capability of critical national infrastructure
Promoting cooperation between institutions and firms
Promotion and dissemination of the culture of safety among citizens Cybernetics
Strengthening the capacity to counter illegal activities online
Strengthening international cooperation
It must be pursued with more determination the protection of the personal sphere of the individual in Digital world
Not only "culture" of cybersecurity
Specific Tools and methods
Reconcile the rights and aspirations of the individual with the needs of protection of digital services which are strategic to the country system
«Stuxnet» attack to Iranian Nuclear centrals - 2010
Various hypotheses about how it was possible to bring the malware within the systems of control, not being connected to the Internet
Attack via Infected USB drive recklessly installed by an employee
“Indirect“ attack to a "trusted user" and subsequent propagation systems
In both scenarios, the "Trojan horse" is a third party targeted as more vulnerable than the main target
Attack to ThyssenKrupp steelworks- 2014
Origin of the attack: a "spear phishing“ attack: Built specifically to trick the recipient, reports personal information for substantiate the autenticity. Data probably spread by the victim on social networks!
«Stuxnet» attack to Iranian Nuclear centrals - 2010
Various hypotheses about how it was possible to bring the malware within the systems of control, not being connected to the Internet
Attack via Infected USB drive recklessly installed by an employee
“Indirect“ attack to a "trusted user" and subsequent propagation systems
In both scenarios, the "Trojan horse" is a third party targeted as more vulnerable than the main target
Attack to ThyssenKrupp steelworks- 2014
Origin of the attack: a "spear phishing“ attack: Built specifically to trick the recipient, reports personal information for substantiate the autenticity. Data probably spread by the victim on social networks!
«Stuxnet» attack to Iranian Nuclear centrals - 2010
Various hypotheses about how it was possible to bring the malware within the systems of control, not being connected to the Internet
Attack via Infected USB drive recklessly installed by an employee
“Indirect“ attack to a "trusted user" and subsequent propagation systems
In both scenarios, the "Trojan horse" is a third party targeted as more vulnerable than the main target
Attack to ThyssenKrupp steelworks- 2014
Origin of the attack: a "spear phishing“ attack: Built specifically to trick the recipient, reports personal information for substantiate the autenticity. Data probably spread by the victim on social networks!