how secure are you? information system audit and control association may 2008 meeting presented by...
TRANSCRIPT
How Secure are YOU?
Information System Audit and Control AssociationMay 2008 Meeting
Presented byPresented by
Brian FindleyCounterintelligence Cyber TE
Honeywell FM&T
May 2008 BEF
• How many of you?– Have a Computer at Home– Travel with a Laptop– High Speed Internet at Home– Have wireless networks at Home– Connect to wireless networks on Travel– Connect to the Internet in Hotels– Children with game consoles connected to
the Internet or use any of the above
How Secure are YOU?
May 2008 BEF
• New Headlines– TJX losing 2.4 million records– Two charged for allegedly stealing trade secrets– Pfizer investigates data lost– Stolen Johns Hopkins Hospital computer holds patient data– Gap stolen laptop loses information on 800,000 present and past
employees– Monster.com users target of phishing and ransom schemes– 3com agrees to a buy-in by Huawei worth 2.2 billion– Mass web attacks confounds Law Enforcement and Researchers
Then you may not be as secure as you think!
May 2008 BEF
WHO/WHERE is the Threat
Information obtained from www.sans.org
May 2008 BEF
• Request for Information– Unsolicited inquiries – Direct or Indirect
• Acquisition of Technology– Attempts to gain access to sensitive technologies
• Solicitation of Marketing Services– Foreign individuals with technical backgrounds offering
services
• Targeting of US personal abroad– Requesting access sensitive facilities or personal information
• Targeting at Conventions– Provides access to all of the above
What is the Threat.
May 2008 BEF
• Exploitation of Relationships– Partnership through joint ventures and research
• Suspicious Internet Activity– Exploitation of computing resources
• Other– Luggage searches– Unauthorized access to portable computing devices– Extensive questioning
What is the Threat.
May 2008 BEF
• Let’s see what could potential happen to anyone of us.
• Killing_with_Keyboards KCP.pps
How Secure Are You?
May 2008 BEF
How will it happen.
0
2000
4000
6000
8000
10000
12000
May August November
Phishing
Data complied from Anti-Phishing (www.antiphishing.org)
May 2008 BEF
How will it happen.
May 2008 BEF
How will it happen.
May 2008 BEF
Any Username or Password is accepted here.
Any Username or Password is accepted here.
How will it happen.
May 2008 BEF
How will it happen.
May 2008 BEF
How will it happen.
May 2008 BEF
• Let’s see what could potentially happen to anyone of us.• Without a trace.doc• TTN_October_'06 10-17-06.doc
How Secure Are YOU?
May 2008 BEF
When will it happen
• You tell me.• Here are my thoughts:
– Globalization of business
– Use of front companies
– Enhancing the efficiency of command, control, communication, and intelligence will be a priority
– The shift to government sponsorship
– Increase in the number of incidents
– Increase in suspicious internet activity – just one
• Your guess is as good as mine, however, I will say sooner that later.
May 2008 BEF