Contenu connexe Similaire à Cyber security assocham (20) Cyber security assocham1. Cyber Threats Scenarios
and Defense Model Principles
ASSOCHAM Cyber Security Conference
April 2011
Presented by Dr. Nimrod Kozlovski, Chairman, Nimrod@altalsec.com, +972 544 336056
©All Right Reserved to Altal Security Ltd., 2011.
2. Brazil Iran COMODO
Greece Georgia Australia
Critical Stuxnet
Certification
Interception dDoS Hacking
Infrastructure Theft
Korea
GPS
manipulation
Estonia China China RSA
NSDQ
DNS Algorithm
dDoS Ghostnet Redirection
Interception
Theaft
©All Right Reserved to Altal Security Ltd., 2011.
3. Impersonation of legit Not necessarily Not necessarily
activity in all layers immediate effect Identifiable destruction
Action
Personal
computer
Remote
network
Purpose
intrusion intrusion
Monitoring Threat
Computer Mapping and Destruction
and Storage
Data analysis
Mining
Theft Code Embed/ Voice Interception
Manipulation Traffic redirection
Network
Data Interception
Unintentional
Social
Re-transmission on
Data Leakage existing
Engineering
infrastructure Future control
Communication Focused Blockings
External Copy by
impersonation Internals
Re-transmission via
Hardware Hiding RF
©All Right Reserved to Altal Security Ltd., 2011.
4. Closed-Garden Networks Critical Infrastructure
(Military, Gov) (Power, Nuclear)
Industrial Open Infrastructure
(Water, Transportation, Telecom)
Interconnectivity
Complexity
Openness
©All Right Reserved to Altal Security Ltd., 2011.
6. National Level Technology Efficient
Synchronization
Threat Analysis Development Enforcement
Requires National Involvement
7. Traditional passive protection (Enterprise-Based)
Network security Structure and security Does not consider up-to-date attack
standards are known scenarios
National Interest not in
Trusted User
focus
IT oriented security
Protected Asset
technologies
Known (standard)
Perimeter
Infrastructure
Security Structure does not dramatically Technologies are not tailored to be
change (but upgraded) compatible with new threat model
©All Right Reserved to Altal Security Ltd., 2011.
8. Shared Pro-Active Integrative
Inter-sector information Traps/ Honey-pots Integrated cross- sectors
sharing (Private-Public analysis
Initiate attacks to identify
sharing model)
reaction One coordinating entity
Distributed sensors Research vulnerabilities of for all sectors
system (connecting the Target systems
Integrated incentive
‘dots’) Hiding capabilities in structure for defense
target systems
Shared monitoring and Central incident
analytics of incidents Monitor patterns/Profiles response ”brain”
©All Right Reserved to Altal Security Ltd., 2011.
9. Shared Pro-Active Integrative
Development
Telecom Security Electronic Seamless Massive Traffic Telco Firmware
Compliance Management Segregation Anomaly detection Integrity
©All Right Reserved to Altal Security Ltd., 2011.