Cyber threats and trends that you cannot afford to overlook in 2018. revised presentation from Clear and Present Danger - an Enterprsie Security event hosted by Netplus
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Clear and present danger: Cyber Threats and Trends 2017
1. CLEAR AND PRESENT DANGERCLEAR AND PRESENT DANGERCLEAR AND PRESENT DANGERCLEAR AND PRESENT DANGER
By: Morakinyo Animasaun
morakinyo@netplusng.com
NETPLUS LIMITED
By: Morakinyo Animasaun
morakinyo@netplusng.com
NETPLUS LIMITED
2. IntroductionIntroduction
•Clear and Present Danger is a concept of proximity,
likelihood and gravity of a dangerous event
•Clear and Present Danger is a test to determine
whether the “thing” or threat at hand would
produce an undesirable situation or consequenceproduce an undesirable situation or consequence
that your organisation would want to prevent.
•High-level overview of what to consider in the
battle against cyber criminals and foundation for
the solutions and technologies that can help you
win the battle.
3. Cyber Security RiskCyber Security Risk
• WHOSE RISK?
• In the past, cyber security risk was an IT
Risk.
– If it is still so, in your organisation, you– If it is still so, in your organisation, you
are living in the past
• CYBER SECURITY RISK is no longer just an IT
Risk
• CYBER SECURITY RISK is now a Business
Risk
4. Cyber Crime ISCyber Crime IS…………
• WARFARE
– Cyber criminals do not take any prisoners
– Everyone is a target, no one is safe: 62%
of businesses are being attacked at leastof businesses are being attacked at least
weekly, while 30% are attacked daily and
10% hourly or continuously.
– Data breach is still a common objective;
but growing trend of business disruption.
5. Cyber Crime ISCyber Crime IS…………
• BUSINESS
• ORGANISED - Cyber criminals, hackers and malware developers are no
longer hobbyists but now part of organised crime syndicates that invest
heavily in R&D (Lazarus Group, NCPH, Carbanak etc)
• BIG – Over $1billion was stolen from a bank using the Carbanak exploit.
More than $850 million in fraudulent SWIFT network transactions
from Bangladesh Central Bank, of which $80 million has still notfrom Bangladesh Central Bank, of which $80 million has still not
been recovered.
– According to widely accepted estimates, cybercrime costs the world
economy the sum of US $ 500 billion, only slightly less than the GDP
of Nigeria (521.8 billion dollars), the largest economy in Africa.
– Cybercrime estimated to cost the Nigerian economy between $
450m - $ 500m per annum.
• REWARDING - Ransomware attacks in 2016 fetched $1billion. Risk –
Reward ratio is very favourable. Risk is often low and reward high
6. Cyber criminals followCyber criminals follow::
• Money – Opportunity, Reward, ROI
• People/ Users – the more, the merrier
• Systems/Devices – the more generic, the
betterbetter
• Vulnerabilities – the weaker, the easier
• IT trends – leverage advancement in
technologies and take advantage of new
trends. Cyber crime has gone cloud,
mobile, blockchain and fintech.
9. The Threat EnvironmentThe Threat Environment
• Threat landscape is constantly evolving
• Perimeter is being redefined
• Attack surface is increasing
• Cyber criminals capabilities are improving• Cyber criminals capabilities are improving
• Cyber criminals are getting better access
to technology and resources
• Cyber Security teams are overwhelmed
and lagging behind
10. Current RealitiesCurrent Realities
• Volume – Over 340,000 new exploits are released in the wild daily.
• Speed – Agility, quickness of cyber criminals in taking advantage of
vulnerabilities, new developments, trends and technologies. Day 1
vulnerabilities more widespread than Day 0.
• Sophistication – Advanced, Complex e.g. polymorhpic malware
• Collaboration – Unholy alliances, Dark Web, Cloud, MaaS, AaaS, FaaS• Collaboration – Unholy alliances, Dark Web, Cloud, MaaS, AaaS, FaaS
• Innovation – Cyber criminals are investing part of their loot on R & D
• Severity – in losses and damages
• Customisation – Targetted attacks, customised malware, spear
phishing, increase in banking malwares
• Persistence – continuos attack on some businesses
• Anonymity – Obfuscation, Stealth, TOR, Cryptocurrency,
11. Rise of MobileRise of Mobile Malware andMalware and RansomwareRansomware
• Mobile financial threats written with the
intention of stealing money are among
the top 10 malware exploits.
• 638 million ransomware attacks in 2016.
In 2017, Kaspersky detected programs ofIn 2017, Kaspersky detected programs of
this sort in over 200 countries and
territories.
• Africa, with the rapid growth of its
mobile banking sector, is particularly
vulnerable to this sort of evolution.
12. What to expect in 2018?
ATM AttacksATM Attacks
Social EngineeringSocial EngineeringHighHigh--end mobileend mobile
malwaremalware
FraudFraud--asas--aa--ServiceServiceData BreachesData Breaches
13. What to expect in 2018?
• More, More, More and New.
– Sophisticated, complex attacks
– Targetted attacks
– Business disruption
– Data breaches
– Ransomware– Ransomware
– Social engineering
– Account takeover
– Cyber crime collaboration
– Cyber crime innovation
– Fraud-as-a-Service
– ATM attacks
• 2017 on a greater scale
16. • What is clear to the
EAGLE may not be
clear to the BAT
• What is clear to the
SnellenSnellen ChartChart
• What is clear to the
EAGLE during the day
may not be so clear
at NIGHT
19. The Hawk and the Mother HenThe Hawk and the Mother Hen
• Can your organisation recognise the
manoeuvres of cyber criminals before the
attempt is made?
• Every organisation needs to acquire or
develop ability to correctly interpretdevelop ability to correctly interpret
threat data and activity logs
• You need DETECTION, PREDICTIVE and
RESPONSE capabilities in order to survive
and avoid becoming a victim in the
current threat landscape.
20. Game of Chess or War Game?Game of Chess or War Game?
22. Is your InfoSec organisation comparable to
Who wins?Who wins?
Is your InfoSec organisation comparable to
the majority of chess players, a good chess
player or a grandmaster? Do you have the
ability to PREDICT your opponent’s next
move, DETECT an attack and RESPOND to
PREVENT disruptions or losses.
23. Winning Approach to Cyber SecurityWinning Approach to Cyber Security
•Stay a step ahead of cyber threats
•Multi-pronged, multi-layer security
•Adaptive Security
oPredictoPredict
oPrevent
oDetect
oRespond
•Collaborative
•Responsive
24. RecommendationsRecommendations
Gain visibility into your Infrastructure and the threat
environment you are operating in.
Leverage the combined power of human and machines
by using AI, ML and DL with the deep expertise of a
global research and analysis team. Kaspersky Lab has aglobal research and analysis team. Kaspersky Lab has a
unique approach called Hu-machine.
Train the eyes that are looking
Incident response – Incident Response Planning,
Incident response Drill, Incident Response Automation,
Incident Response review - delay can be costly
26. KasperskyKaspersky SolutionsSolutions
• EDR - Kaspesrky Endpoint Detection and
Response
• KATA - Kaspersky Anti-Targetted Attack
• SoC – Security Operations Centre• SoC – Security Operations Centre
• Encryption Security
• Security for Virtualisation
• Security for Storage
• Threat Intelligence
27. Other SolutionsOther Solutions
• Wombat interactive training modules for
Information Security Awareness programme
• Educating Users to Improve Awareness, Change
Behaviors, and Reduce risk to your organization
– help your employees understand security
threats andthreats and
– make the right decisions when face-to-face with
security threats
• Assess, Educate, Reinforce, Measure.
• The training modules can be used independently
and serve as the centerpiece of your Security
Awareness programme
28. Other SolutionsOther Solutions
• GigaSECURE
• GigaVUE
– help your organisations gain visibility and
insight into your infrastructure and securityinsight into your infrastructure and security
threats
29. ConclusionConclusion
• Let’s talk about your Cyber Security
challenges, needs etc.
• Contact Netplus - answers@netplusng.com
as your Information Security partner
• www.netplus.ng