Date post: | 31-Mar-2015 |
Category: |
Documents |
Upload: | tariq-palfrey |
View: | 216 times |
Download: | 2 times |
Mechelen - 06/02/2014Telenet Security Day
CYBER scrapingsputting our 2 cents in ..
Christian Van HeurckCERT.be coordinator
CERT.be team
2Mechelen - 06/02/2014 CERT.beTelenet Security Day
goals
• the cyber threat is real• also in .be• everybody is a target• we all are losing the battle• this costs €• lack of awareness at all
levels• be prepared• act now!
2
3Mechelen - 06/02/2014 CERT.beTelenet Security Day
3
the cyber threat is real
4Mechelen - 06/02/2014 CERT.beTelenet Security Day
types of cyber threats - historical
4
cyber security cyber crime
others
5Mechelen - 06/02/2014 CERT.beTelenet Security Day
types of cyber threats – anno 2014
5
6Mechelen - 06/02/2014 CERT.beTelenet Security Day
6
almost all cyber security issues lead to cyber crime
espionage included
reality 2013
7Mechelen - 06/02/2014 CERT.beTelenet Security Day
7
the cyber threat is
also real in .be
8Mechelen - 06/02/2014 CERT.beTelenet Security Day
CERT.be anthology
• Belgacom• DDoS on the rise • open DNS resolvers abused
for amplification attacks• ntp servers abused• phishing & spearphishing• identity theft• mobile targeted• every (with an) OS targeted
8
9Mechelen - 06/02/2014 CERT.beTelenet Security Day
CERT.be anthology
• hacktivism• blackmail (Rex Mundi)• botnet drones• botnet C&C• hacked servers abused for
attacks and malware distribution
• waterhole attacks• top level DNS compromise• ransomware
9
10
Mechelen - 06/02/2014 CERT.beTelenet Security Day
CERT.be anthology
• mass compromise of vulnerable websites
• Diginotar• abuse of forged and/or stolen
certificates• Bit9, RSA, Microsoft, Twitter,
Facebook, Apple, Google, Adobe, ..
• IXP targeted• hosters under daily attacks
10
11
Mechelen - 06/02/2014 CERT.beTelenet Security Day
CERT.be anthology
• citizens targeted• big companies targeted• intermediate companies
targeted• SME’s targeted• Port of Antwerp• Critical Infrastructure• GOV targeted• Banks targeted• NMBS
11
12
Mechelen - 06/02/2014 CERT.beTelenet Security Day
12
EU legislation
Privacycommission
BIPT-IBPT
and there’s more happening ..
13
Mechelen - 06/02/2014 CERT.beTelenet Security Day
13
all the old school stuff is still out there too
and one more thing ..
14
Mechelen - 06/02/2014 CERT.beTelenet Security Day
14
everybody is a target
15
Mechelen - 06/02/2014 CERT.beTelenet Security Day
15
time for some numbers
16
Mechelen - 06/02/2014 CERT.beTelenet Security Day
16
# Reports & Incidents / Year
2010 2011 2012 20130
1000
2000
3000
4000
5000
6000
7000
8000
Reports/YearIncidents/Year
17
Mechelen - 06/02/2014 CERT.beTelenet Security Day
17
# Reports & Incidents / Month
2010 2011 2012 Q1-Q3 2013
00
100
200
300
400
500
600
Reports/MonthIncidents/Month
18
Mechelen - 06/02/2014 CERT.beTelenet Security Day
types of incidents in 2013
18
19
Mechelen - 06/02/2014 CERT.beTelenet Security Day
19
# Zombies
500.000 in 2013
20
Mechelen - 06/02/2014 CERT.beTelenet Security Day
20
21
Mechelen - 06/02/2014 CERT.beTelenet Security Day
21
we are losing this battle
22
Mechelen - 06/02/2014 CERT.beTelenet Security Day
22
this costs €
23
Mechelen - 06/02/2014 CERT.beTelenet Security Day
23
WT .. ????
24
Mechelen - 06/02/2014 CERT.beTelenet Security Day
24
lack of awareness at all levels
25
Mechelen - 06/02/2014 CERT.beTelenet Security Day
25
this is how we perceive it
Image courtesy of tropical.pete – Flickr.com
26
Mechelen - 06/02/2014 CERT.beTelenet Security Day
26
this is how we perceive it
Image courtesy of tropical.pete – Flickr.com
27
Mechelen - 06/02/2014 CERT.beTelenet Security Day
27
acknowledgethe cyber threat
28
Mechelen - 06/02/2014 CERT.beTelenet Security Day
28
= create awareness
29
Mechelen - 06/02/2014 CERT.beTelenet Security Day
29
then act efficiently
30
Mechelen - 06/02/2014 CERT.beTelenet Security Day
30
NOW!
31
Mechelen - 06/02/2014 CERT.beTelenet Security Day
31
please …
Mechelen - 06/02/2014 34
35
Mechelen - 06/02/2014 CERT.beTelenet Security Day
brochure & 1-pager
35
36
Mechelen - 06/02/2014 CERT.beTelenet Security Day
download links
brochure:https://www.cert.be/pro/files/Brochure_FRA.pdfhttps://www.cert.be/pro/files/Brochure_NDL.pdfhttps://www.cert.be/pro/files/Brochure_ENG.pdf
1-pager:https://www.cert.be/pro/files/Onepager_FRA.pdfhttps://www.cert.be/pro/files/Onepager_NDL.pdfhttps://www.cert.be/pro/files/Onepager_ENG.pdf
36