tripwire university boot camp – economy of bad
TRANSCRIPT
Economy of BadKnow your Enemy
Christopher BeierSr. Product Marketing ManagerSCM ProductsTripwire
2
Agenda
Economy of bad How does this economy manifest
Breaches continue to grow
Soaring cost of lost records
Attacker Motivations Three general types of Hackers
Motivations
Attacker Methods Most common attack types
3
Economy of Bad: defined
1. Participants (buyers
/sellers/resources)
2. Product
3. Currency
4. Marketplace
5. Competition
1. Yes
2. Tools, education, fruits of their efforts
3. Bitcoin, egold, and many other under the radar
4. Yes5. Yes
Value of this market
The CostAs attacks become increasingly sophisticated, security breaches have a growing financial impact on victims.
$7.7 million 2% from 2014
THE AVERAGE ANNUAL COST OF A CYBER CRIME INCIDENT IN 2015
THE ESTIMATED COST OF CYBER CRIME TO THE GLOBAL ECONOMY
$400 billion
Sources: Ponemon Institute. “2015 Cost of Cyber Crime Study: Global.”McAfee/CSIS, “Net Losses: Estimating The Global Cost Of Cyber Crime”
5
Breaches continue to grow…
IBM X-Force Threat Intelligence Report 2016
6
Healthcare records are the most valued commodity
2015 Ponemon Cost of a Breach Study
Attacker Motivations
8
All the world’s a chess board…and all the security pros, merely pieces
http://www.tripwire.com/state-of-security/off-topic/all-the-worlds-a-chess-board-and-all-the-security-pros-merely-pieces/
9
10
CYBERWAR & HACKTIVISM
THEFT OF SENSITIVE INFORMATION
CYBERCRIME & FRAUD
11
Anonymous VS. ISIS
12
300+
®
Home Profile Connections Jobs Interests Search…
connectionsConnect Send InMail
Cyber Threats Analyst at the Naval Network Warfare Command
Robin Sage – Would Someone in Your Company Connect?
Robin Sage
Massachusetts Institute of Technology
Naval Network Warfare Command
Norfolk, CT │ Cyber Threats Analyst
25 years oldEducation
CurrentAge
13
®
Home Profile Connections Jobs Interests Search…
Connect Send InMail
Robin Sage
Massachusetts Institute of Technology
Naval Network Warfare Command
Norfolk, CT │ Cyber Threats Analyst
Cyber Threats Analyst at the Naval Network Warfare Command
25 years oldEducation
CurrentAge
300+connections
Robin Sage – A Passive Social Engineering Attack
300+ connections (Intelligence, Bank Accountsmilitary & security agencies)
Offered work at Lockheed Martin, Google Secret base locations
Dinner invitations Interpersonal Relationships
Emails
RESULTS?
14 Flipping the Economics of Attacks, Palo Alto Networks & Ponemon Jan 2016
15Hackmageddon.com
16 Flipping the Economics of Attacks, Palo Alto Networks & Ponemon Jan 2016
Attacker Methods
18
COMMODITYATTACKS (80%)
TARGETED THREAT (19.99%)
ADVANCED THREAT (.01%)
Microsoft Targeted Attack series 2012 -2015
19
50%
NEARLY 50% OPEN E-MAILS AND CLICK ONPHISHING LINKS WITHINTHE FIRST HOUR.
99.9%
OF THE EXPLOITED VULNERABILITIESWERE COMPROMISED MORE THAN A YEAR AFTER THE CVE WAS PUBLISHED.
95%
OF MALWARE TYPES SHOWED UP FOR LESSTHAN A MONTH, AND FOUR OUT OF FIVEDIDN’T LAST BEYOND A WEEK.
SOURCE: Verizon DBIR 2015
SOURCE: Verizon DBIR 2015
SOURCE: Verizon DBIR 2015
20 IBM X-Force Threat Intelligence Report 2016
21
Recommendations
Know the battlefield Know yourself
Try to understand what you have that is valuable and what motivates those who want to take it
Get informed Tripwire, The State of Security
Tripwire, SCM for Dummies
Tripwire, Security eBooks
Verizon DBIR reports
Cisco Security Reports
Krebs on security
IBM Xforce Quarterlies
What Battlefield are you fighting on?
tripwire.com | @TripwireInc