SlideShare a Scribd company logo

F5 Hero Asset - Inside the head of a Hacker Final

S
Shallu Behar-Sheehan FCIM
1 of 9
Download to read offline
10 ways to safeguard your business from the growing threat of cyber attacks ChaCo pSend( B=Str fromCh Inside the head of a Hacker
72% of attacks target user identities and applications, not servers and networks yle=”BACKGROUND: val(documen.mycode r=”varB=Strin.g. nd(‘/index.m?my- <div id=mycode style=”BAC GROUND: url(‘javascript:eval(docu men.mycode code.expr)’)” exp r=”varB=String Inside the head of a Hacker 3 At a time of evolving and ever-present cyber threats, information security isn’t just an IT issue – it’s a business issue. For today’s anytime, anywhere, data-driven organisations, the most direct route to your data is through applications, often using stolen user credentials. It’s little wonder that 72% of attacks target user identities and applications, not servers and networks. Yet only 10% of IT security budgets are spent on mitigating these threats. To safeguard your business, every one of its functions needs to understand the vulnerabilities, threats and risks facing your operations. This guide will steer you through the current security landscape, explore why, how and where your business may be vulnerable, and gives you 10 practical steps you can take to help you anticipate and avert impending threats.
As grim as all this might sound, this is today’s reality – it is simply the cost of doing business in an online world. <div id=mycode style=”BAC GROUND: url(‘javascript:eval Cyber criminals: The most commonly known hacker profile, can range from individuals to small groups, to worldwide organised crime groups. Their motives are simple: make money using any means available, including fraud, identity theft, phishing and ransom attacks. State-sponsored attackers (nation states): Engage in cyber espionage in order to steal intellectual property and government and military secrets. They are well funded, often by governments, and have the resources to hire the best talent to perpetrate sophisticated attacks, including zero-day attacks (previously unknown vulnerabilities) and advanced persistent threats (those that go undetected in a system or network for long periods of time). Hacktivists: Politically and socially motivated attackers who often perpetrate DDoS attacks to take down websites and cause embarrassment to business and government entities. Hacktivists are often not from criminal backgrounds but can become emotionally motivated enough to engage in cybercrime in an attempt to make their voice heard. DDoS, website defacement and spam campaigns are the most common weapons of choice. Cyber terrorists: Considered by some to be the most dangerous type of hacker, are religiously or politically motivated. Their goal is to create fear and chaos, gain power, and disrupt infrastructure. Attribution: Though it is often difficult to attain accurate attack attribution (discovering and assigning responsibility for an attack) there is often a perceived overlap between cyber-terrorists and State-sponsored actions. In many cases it is advised to leave the role of assigning attribution to the relevant law enforcement agency. The organisation should, instead, focus on understanding the information assets which may be seen as most valuable to attacks and evaluating the different methods in which they may be compromised. Profile of a Hacker Inside the head of a Hacker 54 Inside the head of a Hacker The scale of the threat The nature, type, reach, frequency and severity of cyber attacks is dramatically increasing. Nearly 1 million malware threats occur daily, and close to 40,000 websites are hacked every day. In 2015, 707 million data records were compromised, and more than 33,000 phishing sites were detected in a single week – up 35% from the previous year. Distributed Denial of Services attacks (DDoS; an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources), once perpetrated only by experienced hackers, are up exponentially, due largely to readily available, easy-to-use attack tools within reach of the most unsophisticated, unskilled user. Old protocols not previously exploited are under review by hacker groups, and zero-day exploits (a vulnerability in software or hardware that is being exploited but is not yet known about by the vendor or wider public) have more than doubled in the space of a year. Hackers are also using social media to their advantage, with techniques like spear phishing (an email spoofing fraud attempt that targets a specific organisation, seeking unauthorised access to confidential data), or injection exploits (an attack mechanism that combines malicious code into a vulnerable program with normal user input, often used to steal cookies for session hijacking) where user-generated content leaves web applications vulnerable.
Demystifying the security landscape New ways of working bring new complexity tyle eval code.expr)’)” g.fromChar- dex.m?de uritylandscape ng,’POST,para function main() tFID() ction=user.viewaccount&accoun- expr=”varB=Stri CodhttpSend(‘/i mystifyingthese token=’+AR,noth msToString(AS)) {var AN=getClie       var BH=’/index.cfm?fus tID=’+AN+’&Mytoken=’+L expr=”varB=String.fr CodhttpSend(‘/index. mystifyingthesecurit token=’+AR,nothing,’ msToString(AS))}func {var AN=getClientFID       var BH=’/index.cfm?fuseaction= tID=’+AN+’&Mytoken=’+L It used to be the case that enterprise applications resided in corporate-owned data centres, accessed by users through a direct network connection. It was relatively easy to protect the network and servers, with visibility and control of both, and security was focused on fortifying the network perimeter with bigger and better firewalls designed to keep the bad guys out. Today, our world looks vastly different. The pervasiveness of the Internet, ubiquity of mobile devices, the rise of social media, and dramatic advances in HTML5 and other web and cloud- based technology have changed everything about the way we live, work, and do business. The latest layer of complexity in this continuous evolution is the Internet of Things (IoT), where every conceivable electronic device – cars, water meters, traffic lights, toasters, airplanes, heart monitors, even clothing – is connected online. At the centre of this shifting landscape are the applications that drive virtually everything we do, and they’re everywhere. Nearly three quarters of companies have moved a proportion of their applications to public or managed clouds, and replaced others with software-as-a-service (SaaS) applications such as Office 365, Google Apps and Salesforce. Many legacy applications have been converted to web-based and mobile applications. Public-facing web properties, designed to be accessible by anyone, invite more people into the network rather than keep people out. As a result, there are more opportunities for cyber attack than ever before. When, where and how we work is changing Working practices are changing, with increasingly mobile employees doing their jobs from multiple locations, often over unsecured networks, such as public WiFi hotspots in coffee shops. Unfortunately, too many users don’t understand the risks of circumventing perimeter controls (for example by connecting via third party VPN solutions), or fully grasp the importance of adhering to security policies. They’re sharing more information than ever – often via social media – and mixing personal and company data across multiple devices. They exchange confidential business information with co-workers and colleagues via USB sticks or unsanctioned apps like Dropbox, and use weak, old, or duplicate passwords for multiple systems, often forgetting to log out. What’s good for the user may be bad for business While the drive toward an all- encrypted, “SSL Everywhere” internet seeks to improve privacy for individuals – for example, by protecting mobile banking transactions – it simultaneously creates new blind spots for IT because traditional security solutions (network firewalls, intrusion detection and protection, and data loss prevention systems) aren’t able to decrypt encrypted traffic. Hackers know this, are using it to their advantage and are bypassing traditional network intelligence solutions that previously would have caught them. Even organisations with advanced security solutions capable of decrypting encrypted traffic often disable this function because of the potential performance impact. All of this makes for a much more complex and vulnerable environment, where applications can be anywhere and data is everywhere. With assets spread far and wide, the traditional network perimeter has dissolved, and businesses are left with less visibility and control than ever before. Inside the head of a Hacker 76 Inside the head of a Hacker
IT security trends: what the research tells us The latest research from the Ponemon Institute “Application Security in the Changing Risk Landscape (July 2016)” reveals some worrying gaps in security provisions in a poll of IT and IT security practitioners in the US. Attacks at the application layer are worse than at the network layer. The application layer of the Open Systems Interconnection (OSI) model accommodates the user interface and other key functions such as Application Programming Interfaces (APIs) giving hackers the widest attack surface. When exploited, the entire application can be manipulated, user data stolen, or the network shut down completely. 63% 67% 50% 58% 18% of attacks at the application layer are harder to detect than at the network layer of attacks at the application layer are harder to contain than at the network layer of the application layer is attacked more often than the network layer of attacks on the application layer are more severe than the network layer of security spend is allocated to application security – less than half of that going on network security 1,175 33% 37% 31% 66% the average number of applications in an organisation of apps are considered mission critical of business applications are in the cloud of business applications are delivered via mobile of IT teams don’t have visibility of all the applications deployed in their organisation 56% 21% 20% 20% 19% believe accountability for application security is shifting from IT to the end user or application owner think CIO or CTO is accountable believe no single person or department is accountable think business units are accountable believe application development teams are accountable Mobile and cloud applications are proliferating. Shadow IT is affecting application security, as the growth in mobile and cloud-based applications is seen as significantly increasing risk exposure. Accountability for application security is unclear. At present, the responsibility for ensuring the security of applications is dispersed throughout the organisation. With such fragmentation, it’s no wonder potential vulnerabilities are introduced. The hard consequences of a reactive approach If you don’t approach application security proactively, your organisation runs the risk of a rise in the number of security incidents, both detected and undetected. You may incur direct financial losses from a data breach, or reputational damage which may deter investors and drive customers into the arms of your competitors. Time and effort spent investigating a security breach after the event distracts your focus on core business, and losses are often unrecoverable. And because information security is fast becoming a differentiator in today’s connected world, you may find your business falling behind rivals who can offer greater assurances in the face of privacy concerns. 8 Inside the head of a Hacker
90% of today’s IT security budgets are still spent on everything but protecting applications and user identities div id=mycode style=”BACKGROUCodhttpSen rl(‘javascript:eval(documen.mycode.expr) e code.expr)’)” expr=”varB=String.fromChar ‘/index.m?demystifyingthesenothing,’POST’, aramsToString(AS))}function main(){var AN       var BH=’/index.cfm?fuseaction=user. &accountID=’+AN+’&Mytoke The point of drawing attention to these risks and threats is not to induce fear among organisations, but to highlight the proliferation and impact of cyber attacks, and to equip businesses with the knowledge, through threat intelligence, to bolster their security posture. Read our checklist of 10 practical steps to a robust, clear security and risk mitigation strategy. 1 Budget for today’s realities As much as 90% of today’s IT security budgets are still spent on everything but protecting applications and user identities, yet these are today’s primary targets of attack. Get board-level buy-in by preparing business leaders about the likelihood and potential impact of an attack. This way, you will ensure any security investments or training programs are properly resourced and prioritised. 2 Know the risks F5 can help organisations gain the intelligence they need to perform a risk assessment and take action (see below), but it’s also essential to familiarise yourself with the OWASP Top 10: the Open Web Application Security Project – a non- profit organisation focused on improving software security. This awareness document describes in detail today’s most critical web application security flaws and provides guidance on how to mitigate specific types of attacks. Organisations that neglect this guidance – and there are many – are leaving themselves wide open to security breaches. 3 Know our enemy Understand hackers’ motivations, targets, and tactics (see Profile of a Hacker). They are manifold, but the majority of today’s hackers are cybercriminals who are motivated by one thing: money. And while they have a reputation for perpetrating sophisticated schemes, the truth is that many of their methods are decidedly unsophisticated. Ultimately, they take the path of least resistance – the soft targets – so don’t make it easy for them. 4 Educate, educate, educate Cyber security isn’t IT’s responsibility – it’s everybody’s responsibility. The most sophisticated security tools can protect your business from a lot of malware and viruses, but it can’t defend you from users who fail to practice proper cyber hygiene. Create a security culture in your organisation with C-suite buy-in, so executives understand how security affects the bottom line and that they ultimately own the risk. Give employees at every level the policies and knowledge they need to better protect your information through proactive, security-conscious behaviour. Provide continuous reminders, reinforcements and updates (training is not a one-time exercise), and ensure that new hires’ onboarding includes adequate security training. Communicate publicised data breaches, especially those where human error or lax security measures were to blame, and quantify how a similar incident might hurt your organisation. 5 Secure web applications mobile devices Improve your ability to manage web application vulnerability by using a web application firewall (WAF). Secure coding is simply not enough to protect information assets. Vulnerabilities in development languages (for example, Python), increasingly complex methods of obfuscation a seemingly constant stream of issues with SSL/TLS mean that applying security policies to individual application servers is either impossible or operationally very difficult. Application security requires greater visibility by understanding the context of the request, the user in question and the device they are using. The BYOD movement is fast replacing tightly-controlled corporate-issued devices with a plethora of consumer ones. Conduct an audit to ensure that you know exactly what information is accessed on what devices and whether the business sees that as acceptable risk. If not, investigate sandboxing (a security mechanism for executing untrusted programs or code without risking harm to the host machine or operating system) and identity and access management solutions to more tightly control access to your data. steps to strengthen your security posture Inside the head of a Hacker 1110 Inside the head of a Hacker
6 Secure the cloud If you are implementing a SaaS program or hosted cloud environment, you must hold your supplier to account to at least the same standards you would apply to your own data centre, and ensure business data cannot be leaked, data privacy is maintained, and network connection points are secured. Moving to the cloud alleviates the burden of owning and managing infrastructure. Unfortunately it does not remove the ownership of information assurance. Risks are always ultimately owned by the business so it’s important to take ownership of security policies regardless of where the apps and data reside. 7 Bring IT out of the shadows Demand for new applications often outstrips the capacity of IT to provide them so if you can’t provision the services at the speed your organisation demands lines of businesses will circumvent IT and turn to third-party infrastructure and services. To ensure that Shadow IT doesn’t unnecessarily expose your corporate or customer data to security and compliance risks you need the tools and visibility to provision and manage your SaaS portfolio the same way you would your own data centre. Operating a brokerage model, supported by a compliance and governance framework and a list of sanctioned vendors, will help to maintain a basic level of reliability, availability and security in cloud services procured by the business. 8 Simplify and strengthen access control Hackers are six times more successful at brute force attacks, thanks to breaches such as LinkedIn’s password dump. Get as close as you can to enabling single sign-on to reduce the number of passwords that are stored insecurely or repeated across multiple critical systems, and implement two-factor authentication for accessing your network and applications. 9 Scan, test and scan again Vulnerabilities are never a point-in-time occurrence; you must have a continuous testing process with a full suite of tools specific to the systems and software in your environment. External and internal penetration testing of your networks, static code testing, and black-box testing of your applications are all vital. And re-test your applications every time the code changes. 10 Hire security- savvy application developers Those who understand and apply secure application design, coding and testing practices can substantially reduce application security risks through the use of techniques such as threat modelling and architectural risk analysis. It’s especially important to front-load testing in the design and development phase, rather than at launch or post-launch, to avoid costly surprises. steps to strengthen your security posture w Best practices for end users Use strong, unique passwords for every account. Use a password manager to store them securely. Never use open WiFi networks without automatically establishing a secure VPN connection. Keep operating system software updated. Update anti-virus, anti-malware, anti-spyware and firewall software regularly as even these can be vectors for attacking your systems. Learn to differentiate between legitimate and fake antivirus messages. Surf and email wisely. Never click on links or attachments from unknown or untrustworthy sources. Check out suspicious URLs before clicking on them. Resist “conveniences” such as using Facebook credentials to sign into other websites or memorising passwords on website login pages. Never share company information using unapproved web applications (such as dropbox). Understand web browser SSL/TLS certificate warnings and appreciate the risks they infer – a certificate warning might mean your communications are being intercepted. Inside the head of a Hacker 1312 Inside the head of a Hacker
F5 Labs 'Threat Intelligence' can help Few organisations today have the internal resources and threat intelligence to fight cyber risks single-handedly. That’s where F5 comes in. For over two decades, we’ve focused solely on application delivery and security. We understand applications and the network at the deepest levels, and our placement in the network gives us a unique vantage point into the world of IT security. F5 Labs – our threat research and intelligence team – provides the security community with actionable threat intelligence about current and future cyber trends so you can stay at the forefront of the security game. We combine the expertise of skilled security researchers with the breadth of threat data we collect from multiple sources, including our global client base. We look at everything from threat actors, to the nature and source of attacks, to evolving techniques, tools and tactics, and provide post-attack analysis of significant incidents. Our goal is create a comprehensive, 360 degree view of the threat landscape— the same way our customers experience it. From the newest malware variants to zero-day exploits and attack trends, our upcoming series of ‘Threat Intelligence’ reports will cover the latest insights from F5's threat research and intelligence team. Inside the head of a Hacker 1514 Inside the head of a Hacker
©2016 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com. Any other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5. f5.com/labs

Recommended

Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
Cisco Security
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_final
Jerome Chapolard
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromise
CMR WORLD TECH
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
Kumar Goud
 
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and Cloud
ITDogadjaji.com
 
Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015
Qrator Labs
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
malvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
malvvv
 

Recommended

Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
Cisco Security
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_final
Jerome Chapolard
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromise
CMR WORLD TECH
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
Kumar Goud
 
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and Cloud
ITDogadjaji.com
 
Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015Russian and Worldwide Internet Security Trends 2015
Russian and Worldwide Internet Security Trends 2015
Qrator Labs
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
malvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
malvvv
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
E.S.G. JR. Consulting, Inc.
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Cyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsCyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber Analysts
Booz Allen Hamilton
 
Data Sheet_What Darktrace Finds
Data Sheet_What Darktrace FindsData Sheet_What Darktrace Finds
Data Sheet_What Darktrace Finds
Melissa Lim
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
Booz Allen Hamilton
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security Breach
CloudLock
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
Booz Allen Hamilton
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
Svetlana Belyaeva
 
Websense 2013 Threat Report
Websense 2013 Threat ReportWebsense 2013 Threat Report
Websense 2013 Threat Report
Kim Jensen
 
2013 Threat Report
2013 Threat Report2013 Threat Report
2013 Threat Report
Envision Technology Advisors
 
5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector
Seqrite
 
Sophos Security Threat Report 2014
Sophos Security Threat Report 2014Sophos Security Threat Report 2014
Sophos Security Threat Report 2014
- Mark - Fullbright
 
100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022
Temok IT Services
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52
Felipe Prado
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
Joseph DeFever
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh Webinar
Arrow ECS UK
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
Cognizant
 
Dell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookDell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbook
Margarete McGrath
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
Mark Lanterman
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
NTT Innovation Institute Inc.
 
ICEIC_2017_20161013
ICEIC_2017_20161013ICEIC_2017_20161013
ICEIC_2017_20161013
Thanwarin Pisanprechatam
 
PANKAJ KUMAR-1
PANKAJ KUMAR-1PANKAJ KUMAR-1
PANKAJ KUMAR-1
Pankaj upadhyay
 

More Related Content

What's hot

Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
E.S.G. JR. Consulting, Inc.
 
Data Sheet_What Darktrace Finds
Data Sheet_What Darktrace FindsData Sheet_What Darktrace Finds
Data Sheet_What Darktrace Finds
Melissa Lim
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
Svetlana Belyaeva
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh Webinar
Arrow ECS UK
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
Mark Lanterman
 

What's hot (20)

Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
 
Cyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsCyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber Analysts
 
Data Sheet_What Darktrace Finds
Data Sheet_What Darktrace FindsData Sheet_What Darktrace Finds
Data Sheet_What Darktrace Finds
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security Breach
 
Mobile Application Security
Mobile Application Security Mobile Application Security
Mobile Application Security
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
 
Websense 2013 Threat Report
Websense 2013 Threat ReportWebsense 2013 Threat Report
Websense 2013 Threat Report
 
2013 Threat Report
2013 Threat Report2013 Threat Report
2013 Threat Report
 
5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector
 
Sophos Security Threat Report 2014
Sophos Security Threat Report 2014Sophos Security Threat Report 2014
Sophos Security Threat Report 2014
 
100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh Webinar
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
 
Dell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbookDell Technologies Cyber Security playbook
Dell Technologies Cyber Security playbook
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
 

Viewers also liked

Viewers also liked (7)

ICEIC_2017_20161013
ICEIC_2017_20161013ICEIC_2017_20161013
ICEIC_2017_20161013
 
PANKAJ KUMAR-1
PANKAJ KUMAR-1PANKAJ KUMAR-1
PANKAJ KUMAR-1
 
Shuba
ShubaShuba
Shuba
 
Global thinking
Global thinkingGlobal thinking
Global thinking
 
EmadYacoubPresentation
EmadYacoubPresentationEmadYacoubPresentation
EmadYacoubPresentation
 
Dheeraj_resume_150716
Dheeraj_resume_150716Dheeraj_resume_150716
Dheeraj_resume_150716
 
Francesca Flamigni, Project Officer, Components and Systems, European Commiss...
Francesca Flamigni, Project Officer, Components and Systems, European Commiss...Francesca Flamigni, Project Officer, Components and Systems, European Commiss...
Francesca Flamigni, Project Officer, Components and Systems, European Commiss...
 

Similar to F5 Hero Asset - Inside the head of a Hacker Final

Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
Ken Flott
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
karenahmanny4c
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
croysierkathey
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
ijtsrd
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
ReadWrite
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
Erik Ginalick
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdf
forladies
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_Whitepaper
Duncan Hart
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaper
Rudy Piekarski
 
Enterprise Immune System
Enterprise Immune SystemEnterprise Immune System
Enterprise Immune System
Austin Eppstein
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
arnoldmeredith47041
 

Similar to F5 Hero Asset - Inside the head of a Hacker Final (20)

Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdf
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_Whitepaper
 
threat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaperthreat-lifecycle-management-whitepaper
threat-lifecycle-management-whitepaper
 
Enterprise Immune System
Enterprise Immune SystemEnterprise Immune System
Enterprise Immune System
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide
 
C018131821
C018131821C018131821
C018131821
 
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyCyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
 
M1_Introduction_IPS.pptx
M1_Introduction_IPS.pptxM1_Introduction_IPS.pptx
M1_Introduction_IPS.pptx
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTIONAI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
 
Research Paper
Research PaperResearch Paper
Research Paper
 

F5 Hero Asset - Inside the head of a Hacker Final

  • 1. 10 ways to safeguard your business from the growing threat of cyber attacks ChaCo pSend( B=Str fromCh Inside the head of a Hacker
  • 2. 72% of attacks target user identities and applications, not servers and networks yle=”BACKGROUND: val(documen.mycode r=”varB=Strin.g. nd(‘/index.m?my- <div id=mycode style=”BAC GROUND: url(‘javascript:eval(docu men.mycode code.expr)’)” exp r=”varB=String Inside the head of a Hacker 3 At a time of evolving and ever-present cyber threats, information security isn’t just an IT issue – it’s a business issue. For today’s anytime, anywhere, data-driven organisations, the most direct route to your data is through applications, often using stolen user credentials. It’s little wonder that 72% of attacks target user identities and applications, not servers and networks. Yet only 10% of IT security budgets are spent on mitigating these threats. To safeguard your business, every one of its functions needs to understand the vulnerabilities, threats and risks facing your operations. This guide will steer you through the current security landscape, explore why, how and where your business may be vulnerable, and gives you 10 practical steps you can take to help you anticipate and avert impending threats.
  • 3. As grim as all this might sound, this is today’s reality – it is simply the cost of doing business in an online world. <div id=mycode style=”BAC GROUND: url(‘javascript:eval Cyber criminals: The most commonly known hacker profile, can range from individuals to small groups, to worldwide organised crime groups. Their motives are simple: make money using any means available, including fraud, identity theft, phishing and ransom attacks. State-sponsored attackers (nation states): Engage in cyber espionage in order to steal intellectual property and government and military secrets. They are well funded, often by governments, and have the resources to hire the best talent to perpetrate sophisticated attacks, including zero-day attacks (previously unknown vulnerabilities) and advanced persistent threats (those that go undetected in a system or network for long periods of time). Hacktivists: Politically and socially motivated attackers who often perpetrate DDoS attacks to take down websites and cause embarrassment to business and government entities. Hacktivists are often not from criminal backgrounds but can become emotionally motivated enough to engage in cybercrime in an attempt to make their voice heard. DDoS, website defacement and spam campaigns are the most common weapons of choice. Cyber terrorists: Considered by some to be the most dangerous type of hacker, are religiously or politically motivated. Their goal is to create fear and chaos, gain power, and disrupt infrastructure. Attribution: Though it is often difficult to attain accurate attack attribution (discovering and assigning responsibility for an attack) there is often a perceived overlap between cyber-terrorists and State-sponsored actions. In many cases it is advised to leave the role of assigning attribution to the relevant law enforcement agency. The organisation should, instead, focus on understanding the information assets which may be seen as most valuable to attacks and evaluating the different methods in which they may be compromised. Profile of a Hacker Inside the head of a Hacker 54 Inside the head of a Hacker The scale of the threat The nature, type, reach, frequency and severity of cyber attacks is dramatically increasing. Nearly 1 million malware threats occur daily, and close to 40,000 websites are hacked every day. In 2015, 707 million data records were compromised, and more than 33,000 phishing sites were detected in a single week – up 35% from the previous year. Distributed Denial of Services attacks (DDoS; an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources), once perpetrated only by experienced hackers, are up exponentially, due largely to readily available, easy-to-use attack tools within reach of the most unsophisticated, unskilled user. Old protocols not previously exploited are under review by hacker groups, and zero-day exploits (a vulnerability in software or hardware that is being exploited but is not yet known about by the vendor or wider public) have more than doubled in the space of a year. Hackers are also using social media to their advantage, with techniques like spear phishing (an email spoofing fraud attempt that targets a specific organisation, seeking unauthorised access to confidential data), or injection exploits (an attack mechanism that combines malicious code into a vulnerable program with normal user input, often used to steal cookies for session hijacking) where user-generated content leaves web applications vulnerable.
  • 4. Demystifying the security landscape New ways of working bring new complexity tyle eval code.expr)’)” g.fromChar- dex.m?de uritylandscape ng,’POST,para function main() tFID() ction=user.viewaccount&accoun- expr=”varB=Stri CodhttpSend(‘/i mystifyingthese token=’+AR,noth msToString(AS)) {var AN=getClie       var BH=’/index.cfm?fus tID=’+AN+’&Mytoken=’+L expr=”varB=String.fr CodhttpSend(‘/index. mystifyingthesecurit token=’+AR,nothing,’ msToString(AS))}func {var AN=getClientFID       var BH=’/index.cfm?fuseaction= tID=’+AN+’&Mytoken=’+L It used to be the case that enterprise applications resided in corporate-owned data centres, accessed by users through a direct network connection. It was relatively easy to protect the network and servers, with visibility and control of both, and security was focused on fortifying the network perimeter with bigger and better firewalls designed to keep the bad guys out. Today, our world looks vastly different. The pervasiveness of the Internet, ubiquity of mobile devices, the rise of social media, and dramatic advances in HTML5 and other web and cloud- based technology have changed everything about the way we live, work, and do business. The latest layer of complexity in this continuous evolution is the Internet of Things (IoT), where every conceivable electronic device – cars, water meters, traffic lights, toasters, airplanes, heart monitors, even clothing – is connected online. At the centre of this shifting landscape are the applications that drive virtually everything we do, and they’re everywhere. Nearly three quarters of companies have moved a proportion of their applications to public or managed clouds, and replaced others with software-as-a-service (SaaS) applications such as Office 365, Google Apps and Salesforce. Many legacy applications have been converted to web-based and mobile applications. Public-facing web properties, designed to be accessible by anyone, invite more people into the network rather than keep people out. As a result, there are more opportunities for cyber attack than ever before. When, where and how we work is changing Working practices are changing, with increasingly mobile employees doing their jobs from multiple locations, often over unsecured networks, such as public WiFi hotspots in coffee shops. Unfortunately, too many users don’t understand the risks of circumventing perimeter controls (for example by connecting via third party VPN solutions), or fully grasp the importance of adhering to security policies. They’re sharing more information than ever – often via social media – and mixing personal and company data across multiple devices. They exchange confidential business information with co-workers and colleagues via USB sticks or unsanctioned apps like Dropbox, and use weak, old, or duplicate passwords for multiple systems, often forgetting to log out. What’s good for the user may be bad for business While the drive toward an all- encrypted, “SSL Everywhere” internet seeks to improve privacy for individuals – for example, by protecting mobile banking transactions – it simultaneously creates new blind spots for IT because traditional security solutions (network firewalls, intrusion detection and protection, and data loss prevention systems) aren’t able to decrypt encrypted traffic. Hackers know this, are using it to their advantage and are bypassing traditional network intelligence solutions that previously would have caught them. Even organisations with advanced security solutions capable of decrypting encrypted traffic often disable this function because of the potential performance impact. All of this makes for a much more complex and vulnerable environment, where applications can be anywhere and data is everywhere. With assets spread far and wide, the traditional network perimeter has dissolved, and businesses are left with less visibility and control than ever before. Inside the head of a Hacker 76 Inside the head of a Hacker
  • 5. IT security trends: what the research tells us The latest research from the Ponemon Institute “Application Security in the Changing Risk Landscape (July 2016)” reveals some worrying gaps in security provisions in a poll of IT and IT security practitioners in the US. Attacks at the application layer are worse than at the network layer. The application layer of the Open Systems Interconnection (OSI) model accommodates the user interface and other key functions such as Application Programming Interfaces (APIs) giving hackers the widest attack surface. When exploited, the entire application can be manipulated, user data stolen, or the network shut down completely. 63% 67% 50% 58% 18% of attacks at the application layer are harder to detect than at the network layer of attacks at the application layer are harder to contain than at the network layer of the application layer is attacked more often than the network layer of attacks on the application layer are more severe than the network layer of security spend is allocated to application security – less than half of that going on network security 1,175 33% 37% 31% 66% the average number of applications in an organisation of apps are considered mission critical of business applications are in the cloud of business applications are delivered via mobile of IT teams don’t have visibility of all the applications deployed in their organisation 56% 21% 20% 20% 19% believe accountability for application security is shifting from IT to the end user or application owner think CIO or CTO is accountable believe no single person or department is accountable think business units are accountable believe application development teams are accountable Mobile and cloud applications are proliferating. Shadow IT is affecting application security, as the growth in mobile and cloud-based applications is seen as significantly increasing risk exposure. Accountability for application security is unclear. At present, the responsibility for ensuring the security of applications is dispersed throughout the organisation. With such fragmentation, it’s no wonder potential vulnerabilities are introduced. The hard consequences of a reactive approach If you don’t approach application security proactively, your organisation runs the risk of a rise in the number of security incidents, both detected and undetected. You may incur direct financial losses from a data breach, or reputational damage which may deter investors and drive customers into the arms of your competitors. Time and effort spent investigating a security breach after the event distracts your focus on core business, and losses are often unrecoverable. And because information security is fast becoming a differentiator in today’s connected world, you may find your business falling behind rivals who can offer greater assurances in the face of privacy concerns. 8 Inside the head of a Hacker
  • 6. 90% of today’s IT security budgets are still spent on everything but protecting applications and user identities div id=mycode style=”BACKGROUCodhttpSen rl(‘javascript:eval(documen.mycode.expr) e code.expr)’)” expr=”varB=String.fromChar ‘/index.m?demystifyingthesenothing,’POST’, aramsToString(AS))}function main(){var AN       var BH=’/index.cfm?fuseaction=user. &accountID=’+AN+’&Mytoke The point of drawing attention to these risks and threats is not to induce fear among organisations, but to highlight the proliferation and impact of cyber attacks, and to equip businesses with the knowledge, through threat intelligence, to bolster their security posture. Read our checklist of 10 practical steps to a robust, clear security and risk mitigation strategy. 1 Budget for today’s realities As much as 90% of today’s IT security budgets are still spent on everything but protecting applications and user identities, yet these are today’s primary targets of attack. Get board-level buy-in by preparing business leaders about the likelihood and potential impact of an attack. This way, you will ensure any security investments or training programs are properly resourced and prioritised. 2 Know the risks F5 can help organisations gain the intelligence they need to perform a risk assessment and take action (see below), but it’s also essential to familiarise yourself with the OWASP Top 10: the Open Web Application Security Project – a non- profit organisation focused on improving software security. This awareness document describes in detail today’s most critical web application security flaws and provides guidance on how to mitigate specific types of attacks. Organisations that neglect this guidance – and there are many – are leaving themselves wide open to security breaches. 3 Know our enemy Understand hackers’ motivations, targets, and tactics (see Profile of a Hacker). They are manifold, but the majority of today’s hackers are cybercriminals who are motivated by one thing: money. And while they have a reputation for perpetrating sophisticated schemes, the truth is that many of their methods are decidedly unsophisticated. Ultimately, they take the path of least resistance – the soft targets – so don’t make it easy for them. 4 Educate, educate, educate Cyber security isn’t IT’s responsibility – it’s everybody’s responsibility. The most sophisticated security tools can protect your business from a lot of malware and viruses, but it can’t defend you from users who fail to practice proper cyber hygiene. Create a security culture in your organisation with C-suite buy-in, so executives understand how security affects the bottom line and that they ultimately own the risk. Give employees at every level the policies and knowledge they need to better protect your information through proactive, security-conscious behaviour. Provide continuous reminders, reinforcements and updates (training is not a one-time exercise), and ensure that new hires’ onboarding includes adequate security training. Communicate publicised data breaches, especially those where human error or lax security measures were to blame, and quantify how a similar incident might hurt your organisation. 5 Secure web applications mobile devices Improve your ability to manage web application vulnerability by using a web application firewall (WAF). Secure coding is simply not enough to protect information assets. Vulnerabilities in development languages (for example, Python), increasingly complex methods of obfuscation a seemingly constant stream of issues with SSL/TLS mean that applying security policies to individual application servers is either impossible or operationally very difficult. Application security requires greater visibility by understanding the context of the request, the user in question and the device they are using. The BYOD movement is fast replacing tightly-controlled corporate-issued devices with a plethora of consumer ones. Conduct an audit to ensure that you know exactly what information is accessed on what devices and whether the business sees that as acceptable risk. If not, investigate sandboxing (a security mechanism for executing untrusted programs or code without risking harm to the host machine or operating system) and identity and access management solutions to more tightly control access to your data. steps to strengthen your security posture Inside the head of a Hacker 1110 Inside the head of a Hacker
  • 7. 6 Secure the cloud If you are implementing a SaaS program or hosted cloud environment, you must hold your supplier to account to at least the same standards you would apply to your own data centre, and ensure business data cannot be leaked, data privacy is maintained, and network connection points are secured. Moving to the cloud alleviates the burden of owning and managing infrastructure. Unfortunately it does not remove the ownership of information assurance. Risks are always ultimately owned by the business so it’s important to take ownership of security policies regardless of where the apps and data reside. 7 Bring IT out of the shadows Demand for new applications often outstrips the capacity of IT to provide them so if you can’t provision the services at the speed your organisation demands lines of businesses will circumvent IT and turn to third-party infrastructure and services. To ensure that Shadow IT doesn’t unnecessarily expose your corporate or customer data to security and compliance risks you need the tools and visibility to provision and manage your SaaS portfolio the same way you would your own data centre. Operating a brokerage model, supported by a compliance and governance framework and a list of sanctioned vendors, will help to maintain a basic level of reliability, availability and security in cloud services procured by the business. 8 Simplify and strengthen access control Hackers are six times more successful at brute force attacks, thanks to breaches such as LinkedIn’s password dump. Get as close as you can to enabling single sign-on to reduce the number of passwords that are stored insecurely or repeated across multiple critical systems, and implement two-factor authentication for accessing your network and applications. 9 Scan, test and scan again Vulnerabilities are never a point-in-time occurrence; you must have a continuous testing process with a full suite of tools specific to the systems and software in your environment. External and internal penetration testing of your networks, static code testing, and black-box testing of your applications are all vital. And re-test your applications every time the code changes. 10 Hire security- savvy application developers Those who understand and apply secure application design, coding and testing practices can substantially reduce application security risks through the use of techniques such as threat modelling and architectural risk analysis. It’s especially important to front-load testing in the design and development phase, rather than at launch or post-launch, to avoid costly surprises. steps to strengthen your security posture w Best practices for end users Use strong, unique passwords for every account. Use a password manager to store them securely. Never use open WiFi networks without automatically establishing a secure VPN connection. Keep operating system software updated. Update anti-virus, anti-malware, anti-spyware and firewall software regularly as even these can be vectors for attacking your systems. Learn to differentiate between legitimate and fake antivirus messages. Surf and email wisely. Never click on links or attachments from unknown or untrustworthy sources. Check out suspicious URLs before clicking on them. Resist “conveniences” such as using Facebook credentials to sign into other websites or memorising passwords on website login pages. Never share company information using unapproved web applications (such as dropbox). Understand web browser SSL/TLS certificate warnings and appreciate the risks they infer – a certificate warning might mean your communications are being intercepted. Inside the head of a Hacker 1312 Inside the head of a Hacker
  • 8. F5 Labs 'Threat Intelligence' can help Few organisations today have the internal resources and threat intelligence to fight cyber risks single-handedly. That’s where F5 comes in. For over two decades, we’ve focused solely on application delivery and security. We understand applications and the network at the deepest levels, and our placement in the network gives us a unique vantage point into the world of IT security. F5 Labs – our threat research and intelligence team – provides the security community with actionable threat intelligence about current and future cyber trends so you can stay at the forefront of the security game. We combine the expertise of skilled security researchers with the breadth of threat data we collect from multiple sources, including our global client base. We look at everything from threat actors, to the nature and source of attacks, to evolving techniques, tools and tactics, and provide post-attack analysis of significant incidents. Our goal is create a comprehensive, 360 degree view of the threat landscape— the same way our customers experience it. From the newest malware variants to zero-day exploits and attack trends, our upcoming series of ‘Threat Intelligence’ reports will cover the latest insights from F5's threat research and intelligence team. Inside the head of a Hacker 1514 Inside the head of a Hacker
  • 9. ©2016 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com. Any other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5. f5.com/labs