11. See: „Nassim Nicholas Taleb:
The Black Swan‟
The trend:
number of „Black Swans‟ is growing
12. The 3 dangers of Cyberwar
Ideas and techniques from
cyberweapons can be re-purposed and
copied.
Companies become collateral victims
in the cyberwar between
superpowers.
Cybercriminals start using
weaponized exploits developed by or
for governments.
19. They all have something in common:
exploits
IT Staff: Biggest Nightmares
20. Against military grade weapons, you
want the best available defense
technologies.
Patch.
Defense?
Whitelist. Default
Deny.Exploit
prevention.
0-day
defense.Realtime
protection.
Cloud
protection.Perimeter
.
Green
zone.
Raise awareness.
Access
control.
Education.
Some say that money make the world go round.It’s a wellknown thing that cybercriminals are driven by money.Nation states however, are driven by something else.
The Aurora operation was the most notable event of 2009.Victims included Google, Adobe and ~30 other Fortune 500 companies.It was the first solid confirmation of the interest of nation state players into American economy.
Today it’s 30 of Jan and two weeks ago we’ve already announced a huge campaign.
Since 2009, we’ve got a number of ‘Black Swans’Black Swans refer to the extreme impact of certain kinds of rare and unpredictable events (outliers) and humans' tendency to find simplistic explanations for these events retrospectively. This theory has since become known as the black swan theory.Stuxnet is a black swan. Duqu is a black swan. Flame, Gauss,miniFlame, Shamoon are black swans.
Unlike traditional weapons, tools used in cyber-warfare are very easy to clone and reprogram by adversaries. Shamoon is a primary example.
According to reports, the strike on Saudi Aramco was done by a version of the Shamoon program. In the fall of 2011 U.S. Defense Secretary Leon Panetta addressed a group of business leaders here in New York City. Panetta said that “More than 30,000 computers that it infected were rendered useless, and had to be replaced,” - “imagine the impact an attack like this would have on your company.”
A successful cyber-attack launched on a country’s critical infrastructure can significantly impact any business, even if the consequences of the strike were collateral damage. Corporations could experience damages impacting all areas of the business including operations, financial processes, supply chain management, CRM outages, internet connectivity, telecommunications, and data loss. Examples of collateral damage to businesses: Failure to access online financial transactions including pending sales transactions, invoices, employee payroll or CRM systems Internet outages resulting in failure to access hosted services or cloud-based solutions, such as Amazon EC2. Delays in processing imports and/or exports of goods or services, supply chains, manufacturing shipments Data loss of confidential or proprietary information, or stored data being saved for compliance/regulations Telecom and ISP outages resulting in communication failures via the internet or phones that rely on VoIP or LAN-lines.
Chevron admitted they were hit with Stuxnet. By accident.The truth is that some other Fortune 500 companies were hit as well, including other world corporations.
Cybercriminals start using weaponized exploits developed by or for governments. Once an exploit is reported, it can be used by cybercriminals for nefarious purposes, especially businesses since program vulnerabilities are exceedingly high as the complexity of corporations’ IT infrastructure grows