Date post: | 13-Jul-2015 |
Category: |
Technology |
Upload: | lancope-inc |
View: | 208 times |
Download: | 2 times |
© 2014 Lancope, Inc. All rights reserved.
2015 Security Predictions
TK Keanini, CTO
Lancope, Inc.
© 2014 Lancope, Inc. All rights reserved.
• Intro
• 2014 Retrospective
• 2015 Security Predictions
• Q&A
Agenda
© 2014 Lancope, Inc. All rights reserved.
• Brief history• Born and raised in Hawaii
• Musician and moved to California
• Video Games with Broderbund Software
• Cisco Systems
• Morgan Stanley Online
• nCircle CTO
• Lancope CTO
Hello My Name is TK
© 2014 Lancope, Inc. All rights reserved. © 2014 Lancope, Inc. All rights reserved.
Did we get it right or wrong?
2014 Retrospective
© 2014 Lancope, Inc. All rights reserved.
• It’s about time!
• More have learned the hard way that telemetry needs to be in place prior to the incident
• Cross-departmental functionality is required
• Incidents in the end are emotional and change human behavior
• Incident response is part of the overall business continuity plan
Incident Response finally becomes a business process
© 2014 Lancope, Inc. All rights reserved.
• https://twofactorauth.org/• List of websites and whether or not they support 2FA
• Also see the list of 2FA providers and the platforms they support
• Add your own favorite site by submitting a pull request on the GitHub repo
• FIDO Alliance (Microsoft, Google, ARM, Paypal and Lenovo)• Universal Authentication Framework (UAF)
• Universal 2nd Factor (U2F) based on public-key crypto
• Sharing patents and killing single-factor authentication!
Increase in 2-factor authentication
© 2014 Lancope, Inc. All rights reserved.
• The Perimeter is Dead!?• The static perimeter is dead!
• Long live the dynamic perimeter!
• Too early on this one.
• This will happen in 2015 for sure.
SDN and the adaptive perimeter
© 2014 Lancope, Inc. All rights reserved. © 2014 Lancope, Inc. All rights reserved.
IoT, 3D Printers, Tracking
2014 Challenges
© 2014 Lancope, Inc. All rights reserved.
• Internet of Things• No longer a MSFT target environment
• ShodanHQ.com
• Weaknesses in Automobiles, Home Appliances
• 3D Printing• Custom heart valves that are saving lives
• Printing keys for high security locks
• Disruptive economics for safe cracking
• Tracking Devices• Hardware was still lagging
• Software, features everywhere
Challenges in 2014
© 2014 Lancope, Inc. All rights reserved. © 2014 Lancope, Inc. All rights reserved.
What the heck?
2014 Surprises
© 2014 Lancope, Inc. All rights reserved.
• Heartbleed• ~500k found on Shodan at the time of disclosure
• Shellshock• ~4k found this past Sept. on Shodan
• POODLE
2014 Security Surprises
© 2014 Lancope, Inc. All rights reserved. © 2014 Lancope, Inc. All rights reserved.
Inferences from the data
2015 Security Predictions
© 2014 Lancope, Inc. All rights reserved.
• Endpoints and humans participate in the early phases of the attack• Exploitation versus Participation
• Requirements• Cryptocurrency
• TOR
• Psychology of being involved at this stage of the crime
Muleware Madness
© 2014 Lancope, Inc. All rights reserved.
• Honan attack (as described in Wired)• One site’s secrets are others’ public information
• Voicemail, call-forwarding, attack the weakest system
• Ultimately, companies need to be firm on their recovery policy• The customer cannot be right all the time
Re-Authentication Weaknesses
© 2014 Lancope, Inc. All rights reserved.
• Ransomware is profitable• Denying access to data
• Grew by over 500% in 2014
• Healthcare is an attractive target
• Individuals and companies can defeat this with the proper backups
• The yearly subscription to cloud backup is less than the ransom!
Ransomware Expansion
© 2014 Lancope, Inc. All rights reserved.
• Extortionware• Much more targeted
• Unlike ransomware, data has been exfiltrated and analyzed• Unless terms are met, data will be
disclosed broadly or to specific target
Targeted Extortionware
© 2014 Lancope, Inc. All rights reserved.
• The world continues to become more connected!• Customers are more connected
• Businesses are more connected
• Devices and applications are more connected
• Bad actors are more connected
• Much of what is already happening will just expand• Ransomware will expand
• Authentication abuse will expand
• Hacktivism and Nation State threats will expand
• They will get in and you will have a security incident
• Raise the cost of threat actor operations
Conclusion
© 2014 Lancope, Inc. All rights reserved. © 2014 Lancope, Inc. All rights reserved.
MAHALO! (Thank you)
TK Keanini,
Chief Technology Officer
Follow me on twitter @tkeanini