ADDRESSING CYBER THREATS IN ���THE BANKING SECTOR

by      Lt Col Sazali Sukardi (Retired)

Vice President Strategic Research

CyberSecurity Malaysia

7TH  Annual  Series  BankTechAsia  ‘15      17  March  2015  

2

CYBERSECURITY MALAYSIA’S MANDATE

The  Cabinet  Mee=ng  on  28  September  2005,  through  the  Joint  Cabinet  Notes  between  Ministry  of  Finance  (MOF)  and  Ministry  of  Science,  Technology  and  Innova=on  (MOSTI)  No.  H609/2005  agreed  to  create  the  

 

Na=onal  ICT  Security  and  Emergency  Response  Centre  (NISER),  currently  known  as  CyberSecurity  Malaysia  as  a  Na=onal  Body  to  monitor  the  

Na=onal  e-­‐Security  aspect      

separated  from  MIMOS  as  an  agency  and  established  as  a  Company  Limited-­‐by-­‐Guarantee  under  the  supervision  of  MOSTI  

The  Ministerial  Func=ons  Act  1969  and  The  Order  of  Federal  Government  Ministers  2013      

Provide  specialized  services  in  cyber  security  and  con=nuously  iden=fy  areas  that  may  be  detrimental  to  public  and  na=onal  security  

Arahan No.24 Dasar dan Mekanisme Pengurusan Krisis Siber Negara - Majlis Keselamatan Negara: CyberSecurity Malaysia merupakan agensi pakar dalam memberi sokongan dan bantuan teknikal serta menyediakan perkhidmatan latihan dalam pengurusan krisis siber Negara.

Technology Is Double-Edged Weapon

3

Mobile  Devices  

Big  Data  

Internet  of    Things  

Trends  of  Compu=ng  

•  unregulated: no country rules and owns Internet •  convenient services: Internet offers numerous services & connectivity •  less risk: no fear of making mistakes & getting caught •  asymmetric force: weapon for the weak

Why cyber space is attractive

5

 “Cyber  crime  costs  the  global  economy  about  $445  billion  every  year,  with  the  damage  to  business  from  the  the7  of  intellectual  property  exceeding  the  $160  billion  loss  to  individuals  from  hacking………”  

-­‐  The  Center  for  Strategic  and  Interna@onal  Studies,  U.S.A  2014  

“The  growing  menace  of  cybercrime  is  impac@ng  the  global  economy  significantly  with  es@mated  annual  losses  of  up  to  USD  575  billion..”  

-­‐    McAfee  2014  

COST OF CYBER CRIMES

6

Cyber Crimes and Underground Economy

“The modern thief can steal more with a computer than with a gun….” “Computers at Risk,” National Research Council, 1991

Cyber crimes targeting economic sectors are on the rise replacing

traditional crimes - Symantec 2010 State of Enterprise Security Survey

7

Number  and  severity  of  cyber-­‐crimes  conAnues  to  grow,  it's  important  to  understand:    •  the  steps  cyber-­‐criminals  take  to  aGack  our  network  •   the  types  of  malware  they  use,  and  the  tools  we  need  to  stop  

them.      The  basic  steps  of  a  cyber  aGack  include    •  reconnaissance  (finding  vulnerabiliAes);  •  intrusion  (actual  penetraAon  of  the  network);  •  malware  inserAon  (secretly  leaving  code  behind);  and  •  cleanup  (covering  tracks).  

CYBER ATTACKS - How Much We How How They Happen

Cyber  Incidents  Referred  to  CyberSecurity  Malaysia  from  1997  –  2014  

 Number  of  cyber  security  incidents  referred  to  CyberSecurity  Malaysia  (excluding  spams)  

Cyber  Security  Incidents  In  Malaysia  

8

Incident/  Month   2013  

2014    

Jan   Feb   Mar   Apr   May   June   July     Aug   Sept   Oct   Nov   Dec  

Fraud   4,485   250   264   280   399   401   519   406   372   435   366   377   408  

Malicious  Codes   1,751   251   78   101   55   47   48   29   14   22   13   16   42  

Intrusion   2,770   109   76   216   70   15   28   43   47   104   105   178   134  

Cyber  Harassment   512   57   41   45   44   46   48   52   44   53   36   50   34  

Spam   950   40   23   32   36   61   55   385   530   548   671   735   534  

Intrusion  AGempt   76   3   11   24   157   63   75   21   241   649   12   19   27  

Content  Related   54   5   2   2   1   4   2   4   6   3   3   0   3  

Denial  of  Service   19   1   2   3   2   4   1   3   1   6   3   0   3  

VulnerabiliAes  Report   19   1   1   4   9   4   1   0   3   2   7   1   1  

Total   10,636  717   498   707   773   645   777   943   1,258   1,822   1,216   1,376   1,186  

11,918  

CYBER SECURITY INCIDENTS IN MALAYSIA

10

ADVANCED  PERSISTENT  THREAT  -­‐  Trend  od  Cyber  AGack  on  Banking  and  Financial  Sector  

11

DISTTRIBUTION  OF  PHISHING  ATTACKS  2014  

Source:  KARSPESKY  LAB  REPORT  Financial  Cyber  Threats  in  2014    

12

Source:  KARSPESKY  LAB  REPORT  Financial  Cyber  Threats  in  2014    

13

Source:  KARSPESKY  LAB  REPORT  Financial  Cyber  Threats  in  2014    

14

Source:  KARSPESKY  LAB  REPORT  Financial  Cyber  Threats  in  2014    

MALWARE GIVES THE ATTACKER THE KEY TO FINANCIAL NETWORKS

During  cyber  aGacks  on  South  Korea  in  2013,  the  loss  combined  damage  was  $800m.    

MALWARE GIVES THE ATTACKER THE KEY TO FINANCIAL NETWORKS

18

Cyber Security Concerns - Ransomware

“In  the  beginning  of  2014  Svpeng  Ransomware  was  detected    -­‐  the  malware  aGempted  to  block  the  user’s  phone  and  display  a  message  demanding  payment  of  a  US$500  ‘fee’  for  alleged  criminal  acAvity.”    

19

20

21

22

INTERNET OF THINGS (IoT)

Interconnec=on  of  uniquely  iden=fiable  devices,  systems,  and  services  into  Internet  Infrastructure    “There  will  be  nearly  26  billion  devices  on  the  Internet  of  Things  by  2020”        –  Gartner    “More  than  30  billion  devices  will  be  wirelessly  connected  to  the  Internet  of  Things  (Internet  of  Everything)  by  2020”      -­‐  ABI  Research,    

24

•  Mobile  users  now  overtake  PC  users  •  More  than  50%  mobile  user  doesn’t  enable  lock  screen  protecAon  •   About  70  million  gadget  lost/stolen  per  year  •   Only  about  57%  mobile  users  worry  about  losing  data  •  Only  about  43%  mobile  users  worry  about  losing  the  device  itself  •   About  81%  mobile  users  use  their  device  for  business  use  •   About  48%  of  mobile  user  use  unsecured  public  WiFi  network      

MOBILE COMPUTING - Risks of the trends’ combination

MOBILE MALWARE

25

7  billion  Internet-­‐connected  devices  by  end  of  2014  are  exposed  to  mobile  malware  

26

EMERGING CYBER ATTACKS ON MOBILE DEVICES

PayPal Survey:

73% of Malaysian adults shopped online at least once a month. Doing so with mobile devices such as smartphones or tables is becoming the preferred way.

27

FUNDAMENTALS  OF    INFORMATION    

SECURITY  

Integrity  

Availability    

THE FUNDAMENTALS OF INFORMATION SECURITY

Confiden=ality  

29  

Cyber  espionage  for  economic  interests    Economic  espionage  will  be  a  major  concern  as  naFon-­‐states  use  cyber  the7  of  data  to  gain  economic  advantage  in  mulFnaFonal  deals”  

- PC World Business Center

 Cyber  espionage    targe=ng  cri=cal  sectors    “Evidence  suggests  that  governments  and  government-­‐allied  groups  are  now    using  the  Internet  for  espionage  and  cyber-­‐aIacks  on  the  criFcal  naFonal    infrastructure  (financial  markets,  uFlity  providers,  air  traffic  control)  of  other  countries”  

- McAfee Virtual Criminology

Copyright  ©  2011  CyberSecurity  Malaysia  

 CYBER  ESPIONAGE  

 NATIONAL  CYBER  SECURITY  

POLICY    

POLICY  Formula=ng  &  Coordina=ng  Policy  NATIONAL  SECURITY  COUNCIL  

LAW  ENFORCEMENT  AGENCIES  &  REGULATORS  

Preven=ng  &  Comba=ng  Terrorism    through  Law  Enforcement  

§       ROYAL  MALAYSIAN  POLICE  §     BANK  NEGARA  MALAYSIA  

§         MALAYSIAN  COMMUNICATION  &  MULTIMEDIA  COMMISSION  

TECHNICAL  SUPPORT  Providing  Technical  Supports  &  

Services      CYBERSECURITY  MALAYSIA  

Strengthening Cyber Security Eco System

§  Government Agencies §  Critical Information Infrastructure §  Internet Service Providers §  Industry §  Academia §  Cyber Security Professionals §  Public

31

Internet Banking Task Force

32