2. Who are Cyscon?
• Founded 2001 by Thorsten Kraft
• Cyber Security Consulting
• Founding Member of Botfrei and ACDC Project.
• Official Partner of BSI - German Federal Office for Information Security
• 2010 - Conficker Takedown
• 2013 - Check & Secure - Private User Initiative
3. Working Relationships
cyscon works with a variety of partners in the IT Security world.
These include:
• Internet Service Providers, including Vodafone and 1&1
Telecom
• Banks, such as Deutsche Bank and Postbank
• Law enforcement, including FBI and Europol
• NGOs, including Stop.Think.Connect - Funded by the
Department of Homeland Security
6. Honeypots and Spam Traps
• 3.5 Million Spam Emails Per Day
• Honeypots installed on real systems by our
customers
• 40,000 New Malicious URLs Each Day
7. Web Crawling
• Systems Continually Crawling the Web
• 16 Different Settings - Chilled to Paranoia
• Analysing Behaviour and AV Detection
8. The Data Toilet
• Gathering Data since 2006
• Enriching Data with Meta Data
• More than 20,000 Sensors
• More than 50 Partners
• WHOIS, SSH HOSTKEY, DNS details, etc.
19. Malware Detection
• Identification of infected customers
• More than 40 Trojan Families - 4000 events per
second.
• JSON Format - Easy to implement and process
• Can be combined with sales of Malware
Deletion Product.
20. Malicious Traffic Mitigation
• Access to C-SIRT Database and Cyber Threat
Detection Cloud
• Database fed by Worldwide sensors of Malicious
Traffic
• Eliminates Cyber Attacks against banking
platforms.
21. Brand Protection
• Fully automated takedown service
• Detection, Blocking, Blacklisting
• Normal process time, 2 hours
• Excellent contacts to ISPs for quick takedowns
23. Two Sides of the Story
• How much can experts do without end users?
• GameOver Zeus Takedown - Pointless?
• “Slipping through the net”
24. The Cyber Vaccination
• Appears as analysis system from AV industry.
• Protection against MITB attacks and identity theft.
• Works on 10 different browsers.
• Free to use - One time installation.
• Attack interception - Malicious code cannot be
executed.
• “Panic Switch” when intruder is detected.
25.
26. HitmanPro: A Second
Opinion Scanner
• Behavioural analysis - not signature based.
• 10MB file, can boot from USB.
• Complement to existing AV programs
• 30 Day free trial for emergency cases.
27.
28.
29. Case Study:
Cyber Alliance of
Switzerland
Cyber Alliance of
Switzerland
How can the “Check & Secure” Technology be
Implemented by Banks?
30. Concept and Goals
• Making Switzerland into the “Cleanest Internet
Country in the World
• Identification and Help for Infected End Users
• Support for the deletion of malware and securing of
end user systems with Check & Secure and End
User Products.
31. Realisation
• Banking Partners: Credit Suisse, Raffeisen,
Postfinance and UBS.
• Internet Service Partners: Swisscom, Sunrise, UPC
• Creation of a shared Malware database.
• Planned Launch 1.8.2014.
32. Thank you for Listening
• tgeorge@cyscon.de
• +491733853804