Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Cyber Threat Intelligence

1 065 vues

Publié le

Cyber Security is mainstream news. It’s no longer just an IT Department issue but one that extends from the end user to the boardroom. It’s critical to be able to analyse and correlate across multiple security technologies, using threat intelligence feeds, vendor and open source tools and most importantly, good SOC (Security Operations Centre) personnel and process to obtain the factual detail. The ability to provide real-time contextual awareness and carry out action based on multiple intelligence feeds and the collation of multiple sources will become important for customers seeking to understand if they were targeted.

Speaker:
Rob Norris
Bryan Campbell

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Cyber Threat Intelligence

  1. 1. 0 Copyright 2015 FUJITSU Human Centric Innovation Fujitsu Forum 2015 18th – 19th November
  2. 2. 1 Copyright 2015 FUJITSU Cyber Threat Intelligence
  3. 3. 2 Copyright 2015 FUJITSU Rob Norris Director of Enterprise & Cyber Security Lead Threat Intelligence Analyst Bryan Campbell
  4. 4. 3 Copyright 2015 FUJITSU CyberSecurityshouldnolongerbeseenas anITDepartmentissuebutonethatextends fromtheendusertotheboardroom
  5. 5. 4 Copyright 2015 FUJITSU Don’t take our word for it… of businesses would be discouraged from investing in a business that had been hacked79% Source KPMG FTSE 350 Management Board Survey
  6. 6. 5 Copyright 2015 FUJITSU IoT - A digital world and an evolving threat landscape 2003 2015 Rise of Digital Devices – Today 3 billion+ internet users
  7. 7. 6 Copyright 2015 FUJITSU Data breach losses globally by 2019 £1.34 trillion IoT - A digital world and an evolving threat landscape 50 bn 2020 10bn 2013 Things connected to the internet Source – Juniper research
  8. 8. 7 Copyright 2015 FUJITSU The Threat
  9. 9. 8 Copyright 2015 FUJITSU Cyber Crime – Some key facts Large corporations reported a cyber breach in the past year 93% Small businesses reported a cyber breach in the past year 87% The time it takes for 60% of security vulnerabilities to be identified 9Months Source - Mandiant
  10. 10. 9 Copyright 2015 FUJITSU Major threats predictions for 2015 State sponsored cyber espionage POS Malware Major Software FlawsRansomware ATM Jackpotting Crimeware as a service Banking Trojans DDOS attacks Mobile platform threat IoT Attacks
  11. 11. 10 Copyright 2015 FUJITSU What is Dridex? A banking Trojan which evolved from ZeuS & Cridex families of Botnets Malicious, spoofed emails Embedded macro downloading executable from compromised servers Targets banking sites Socially engineered subject lines Can survive reboots Avoids detection against Sandboxes
  12. 12. 11 Copyright 2015 FUJITSU A Dridex timeline August 2014 Dridex first observed February 2015 UAC avoidance observed April 2015 Database containing 385m email addresses captured from Command & Control Server by Fujitsu
  13. 13. 12 Copyright 2015 FUJITSU Dridex on the world map 1 Hosts Russia 91.58% 261 source hosts 1. UK 1.75% 5 source hosts 2. US 1.4% 4 source hosts 3. 2 3 1 261
  14. 14. 13 Copyright 2015 FUJITSU Dridex in numbers 989 Unique malicious destination addresses 112 Unique subject lines used 97 Unique hash values derived 12 Unique ‘spoofed’ user agents used 19 Abuse emails sent to hosting companies 11 ‘Takedowns’ resulting from abuse emails 213 Unique command & control servers identified 3 Campaigns in a single day
  15. 15. 14 Copyright 2015 FUJITSU Dridex by campaign 1 2 3 4 Word Excel Word / Excel EXE
  16. 16. 15 Copyright 2015 FUJITSU Demo of data exfiltration
  17. 17. 16 Copyright 2015 FUJITSU Fujitsu Cyber Security – 4 decades of experience 40+ Year History in design & delivery of large scale, cyber security services Highest Partner Accreditations Operating in Public and Private sector, and National Defence Businesses R&D Capability – developing/delivering Fujitsu security products, e.g. PalmSecure 5 Global Security Operations Centres operating to highest National Government security levels 1000+ Security professionals – over 400 in EMEIA IDS/IPSData Loss Prevention Web & email security End point protection Firewalls Palm Secure Secure Infrastructure Products Cloud Assessment Training & Awareness Technical Design DLP AssessmentContinuity & Security Consultancy 3rd Line Support Advanced Cyber Ops SIEM Vulnerability Management Identity & Access Mgmt Consult & Services
  18. 18. 17 Copyright 2015 FUJITSU Partners
  19. 19. 18 Copyright 2015 FUJITSU Everyone must be vigilant Analyse and correlate across multiple security technologies Security Operation Centres provide awareness and context Conclusion
  20. 20. 19 Copyright 2015 FUJITSU

×