1. Kim Aarenstrup
CYBER RISK MANAGEMENT
Seen from a social network perspective

2. ”Hi guys, it’s Peter.
I’m stranded in New Orleans and I’m really in trouble. I cannot do anything... because
my wallet was stolen by pickpocket.
Can you help arrange payment of my hotel, until tomorrow when
I can get in touch with my bank?”
----
SMS: What happened Peter, are you okay …. Tavshed..
Turned out that Peters Facebook accout was compromised..

3. Nepalese Hackers Publish 10,000 Stolen Facebook
Accounts
TeamSwaStika posted the Facebook account data on Pastebin.
October 20, 2011
Share
A group from Nepal calling itself TeamSwaStika has posted 10,000 stolen Facebook accounts on Pastebin.
News
1.5M stolen Facebook IDs up for sale
By Robert McMillan
April 22, 2010 08:15 PM ET
13 Comments
IDG News Service - A hacker named Kirllos has a rare deal for anyone who wants to spam, steal or scam on
Facebook: an unprecedented number of user accounts offered at rock-bottom prices.
Researchers at VeriSign's iDefense group recently spotted Kirllos selling Facebook user names and passwords
in an underground hacker forum, but what really caught their attention was the volume of credentials he
had for sale: 1.5 million accounts.

4. Facebook Data Stolen
'Socialbots' steal 250GB of user data in Facebook invasion
by Steven Musil November 1, 2011 11:27 PM PDT
Researchers' illustration of how their "socialbots" attack social networks.
Programs designed to resemble humans infiltrated Facebook recently and made off with 250 gigabytes of personal
information belonging to thousands of the social network's users, researchers said in an academic paper released today.
The eight-week study was designed to evaluate how vulnerable online social networks are to large-scale infiltrations by
programs designed to mimic real users, researchers from the University of British Columbia Vancouver said in the paper
(PDF), titled "The Socialbot Network: When bots socialize for fame and money."

5. Soldier Spy Eyes a Jackpot: Facebook credentials are
the most stolen
21 September, 2011
Trend Micro Incorporated made known its investigation of a
cybercriminal, a Russian national in his 20s who has been targeting
users in the US and Asia.
The attacker goes by the name ‘Soldier’ in the criminal underground.
He has been successful in increasing his network of infected users and
has also been known to buy traffic from other cybercriminals. Besides
using malware to steal money from the compromised accounts, user
security credentials were also stolen.
During the investigation, Trend Micro discovered that the
cybercriminal uses various criminal toolkits including SpyEye and
ZeuS, as well as exploit kits such as those for driving blackhat SEO to
propagate his SpyEye/ZeuS binaries.
Trend Micro Senior Threat Researcher Loucif Kharouni, who has been
part of the team investigating Soldier said, “Using the SpyEye criminal
toolkit, money mules and an accomplice believed to reside in
Hollywood, USA, Soldier stole over $3.2 million US dollars in 6
months starting January 2011, which equates to approximately $533
thousand dollars per month, or $17 thousand dollars a day! He has
really hit the jackpot.”

6. "Let The Hacking Begin" Declares Person
Who Hacked Zuckerberg's Facebook
Fan Page
b

7. Facebook sees 600,000 compromised logins per day—0.06% of all logins
By Jon Brodkin | Published about a month ago
Facebook has released a statistic showing that fewer than one-tenth of one percent of
logins into the social network are compromised.
But since more than 1 billion Facebook logins occur each day, that could add up to
600,000 breaches every 24 hours.
Specifically, an infographic in an official Facebook post introducing new security tools
states that “Only .06 percent of over 1 billion logins per day are compromised.” Security
firm Sophos was intrigued enough by that statistic to post its own analysis.

8. http://www.youtube.com/watch?v=Q6crH8qmyZ8

9. Vi elsker Facebook, men…
sociale medier spreder spyware, virus, orme og trojanske heste som aldrig før.
Sidste år lavede XX Security en undersøgelse, der viste, at Facebook, Twitter og
YouTube udgør den største risiko indenfor angreb på personfølsomme
oplysninger via malware.
De tre sociale medier, der bærer størst malware risici:
Facebook: 71.6 %
Twitter: 51%
YouTube: 41.2 %
Eksperter estimerer, at der bliver frigivet malware på sociale
medier hvert 15. sekund med det formål at udnytte intetanende
brugere.

10. The mission of the
IBM X-Force® research and
development team is to:
 Research and evaluate threat and protection issues
 Deliver security protection for today’s security problems
 Develop new technology for tomorrow’s security challenges
 Educate the media and user communities

11. No. 1
of 2.00
0

15. (exploiting a.o. information
from social medias)

17. ADIGMESKIFT
PAR

18. De 5 mantra
1. Governance
2. Perimeter beskyttelse
3. Slutbruger udstyr
4. Sårbarhedsniveau
5. Incident respons

19. Governance
• Sikkerhedspolitikker
• Overordnet
• Sociale medier – filtre vs vejledning
• Medarbejder overvågning?
• Organisering – funktionsadskillelse
• Identiteter & roller i systemerne
• Kontrolmiljø / måleudstyr – ejerskab
• Rapportering
• Opfølgning – KPI styring

20. Firewalls
• Beskyttelse af infrastrukturen
• Hindrer direkte forbindelse
• Advarer mod angreb
• Afslører angriberen
• Kan ikke stå alene – er kun ”dør åben eller dør
lukket”..

21. Slutbruger udstyr
• Standardisering
• Beskyttelsessoftware (Anti-X)
– Antivirus
– Antispyware
– Antimalware
• Soft-firewall
• Intrusion detection / prevention

22. Sårbarhedsniveau
• Vigtigste komponent – også den sværeste
• Mål på sårbarheder månedligt
• Fjern alle højrisikosårbarheder (server og pc
vedligeholdelse!)
– Højrisikosårbarheder tillader overtagelse af
maskinen
• Mål på evnen/viljen til at fjerne sårbarheder
– Beløn dem der gør et effektivt stykke arbejde

23. Respons
• Sørg for at have intrusion detection /
prevention systemer installeret
• Udpeg en ansvarlig for at respondere på
incidents/angreb/infektioner
• Sørg for at have relevante kompetencer
tilstede (internt eller til at købe på timebasis)
• Etablér en incident repons proces eller plan

24. Verdens mest omfattende sikkerhedsprogram...

25. Verdens mest omfattende it forskning
- heriblandt 6 Nobelpris modtagere
9 Security 9 Security 133 20,000+ 4,000 7 Billion+
Operations Research Monitored Devices under MSS Clients Events
Centers Centers Countries Contract Worldwide Per Day

26. Kim Aarenstrup
kimaarenstrup@dk.ibm.com
Tlf. 5163 8387