Top 5 Data Breaches in 2014 Retrieved on 24 February from http://www.cnbc.com/id/102420088
CNBC Calls it the year of the hack
Counter Productive and Non-Collaborative Behavior
• Vulnerabilities Announced Before Patches Are Ready Google gave Microsoft 90 days to fix a flaw. MS asked Google. Google instead published code that could assist malicious hackers
• Sony, U.S. Agencies Fumbled After Cyberattack The Wall Street Journal
• Target Breach
• Home Depot Breach
The Internet Connecting The World Retrieved on 22 February, 2015 from
http://www.bing.com/images/search?q=internet%2c+images&id=58751FC350A8B8FBE9C151591F038FB792611E18&FORM=IQFRBA#view=detail&id=58751FC350A8B8FBE9C151591F038FB792611E18&selectedIndex=0
Can a creative mind defeat a criminal mind in Cyber Warfare?
• The answer depends on our position, our perspective and ultimately our
agenda
• Focus our attention on the process and the resources required
• Security professionals need assistance from experts in other fields, such
as psychology, sociology, law, and human resources
21st Century Challenges and Changes
• Internet complexity and interconnectedness
• Always On technology and culture
• Mobile technology challenges and shortcomings
• BYOx
• Communication – Not speaking the same language
• Arrogance – from executives and from techies
• Fear – No trust
• Silo mentality
21st Century Challenges and Changes
• Think out-of-the-box and come up with a solution not considered before
• Security professionals must out think and out maneuver cyber attackers
• Not “criminally inclined,” professionals vs. criminal minds
• Catch 22 - understand the criminal mind,
• Security professionals should not face alone
• Enlist the assistance of psychologists and sociologists
• Design incentives that would not produce counterproductive results
21st Century Challenges and Changes
• Zero-day attacks, Trojan horses, and persistent threats,
• Security environment moves faster than the computer environment
• Organizations face many threats, including internal and external
• A zero day attack leaves organizations with mere hours to respond
• Every day we are bombarded with countless stories of malware, virus, …
Scope Definition - Simplification
• How we keep the bad guys away from our information assets?
• How do we keep our information assets away from the bad guys?
Identify
Locate
Read the signs
Remove the noise
Careful of consequences
Scope Definition
• Who are the bad guys?
• Where are the bad guys?
• How can they attack us?
• Are our defenses adequate?
• Are we asking the right questions?
Scope Definition
• Although information and security professionals contribute tremendous
value, the field as a whole is not strongly based in theory and research.
(Weaver, R., Weaver, D, & Farwood, D., 2012)
• Security and information technology overlap in so many ways
• Behaviors and attitudes of those involved
• Attitude, or arrogance
Scope Definition
• The focus is on the individuals involved in computer and security
operations as well as the actors orchestrating and deploying the threats.
“Only by understanding an individual’s motivation’s that a better approach
can be created to identify, counter and preempt future threats.”
(Salguero, J., 2014).
The Other Part of the Question
• In War – Collateral damage
“Cyber warfare will almost certainly have very real consequences.” (Shimeall,
2001).
Everything is Interconnected
• “ As computer technology has become increasingly integrated into
modern military organizations, military planners have come to see it as
both a target and a weapon, exactly like other components and forces.”
(Shimeall, 2001).
• “Countries that are not as dependent on high technology, within their
military establishment consider such dependence a potential ‘Achilles
heel’ for their enemies.” (Shimeall, 2001).
Motivations From a Civilian Standpoint
• External/internal
• International/domestic
• Part of a nation state
• Part of an organized effort
• Students experimenting with their new found knowledge
• Part of commercial espionage
Motivations From a Military Standpoint Levels of Cyber War:
• Cyber war as an adjunct to military operations
• Limited cyber war
• Unrestricted cyber war
Motivations from a Civilian Standpoint
Types of Hackers (Actors)
• White Hat Hackers
• Black Hat Hackers
• Hacktivists
• State Sponsored Hackers
• Spy Hackers
• Cyber Terrorists
Organized criminal groups in the cyber space
“While many types of cyber crime require a high degree of organization and
specialization, there is insufficient empirical evidence to ascertain if cyber
crime is now dominated by organized crime groups and what form or
structure such groups may take. (Lusthaus, 2013).
“Digital technology has empowered individuals as never before. Teenagers
acting alone have succeeded in disabling air traffic control systems, shutting
down major e-retailers, and manipulating trades on the NASDAQ stock
exchange (US Securities and Exchange Commission, 2000).”
Examples of Cyber Crimes and Cyber Offenders
1. Ryan Cleary: DDoS on SOCA
2. Andrew Auernheimer: Apple iPad Snoop
3. Aaron Swartz: Content Downloader
4. Christopher Chaney: Celebrity Hackerazzi
5. Sam Yin: Gucci Hacker
6. Edward Pearson: Identity Theft
Examples of Groups Involved in Cyber Crime
1. LulzSec and Sony Hackers
2. Dreamboard
3. DrinkOrDie
4. DarkMarket
5. DNS Changer
6. Carberp
7. Unlimited Operation
8. Koobface
Psychological Motivating Factors
• Only when we understand the individual can we start to make
assumptions
• Make predictions as the criminal profilers do
• Uncover the methodology of the attacker
• Psychological factors that make up an individual’s personality
It is essential to understand the psychology of the attacker if effective
controls are to be developed and deployed.” (Wright, C.S. 2011).
The Manager’s Role
• Understand and to motivate the individual
• performance appraisal
• professional and personal plan
• A manager has a responsibility to his/her employees
• providing their team members with the right tools and training
Identifying the Personality Profiles of Team Members
• The Myers and Briggs personality inventory
• categorize people into 16 different personality types
• result from the interaction based on people preferences
• the behavior is actually quite orderly and consistent
“There are no right or wrong preferences. Reading is not better than
watching movies; each has its strengths and its problems. Most people have
the ability to do both, even if they don’t like one or the other. Personality
preferences, sometimes called psychological preference, are like many other
preferences.” (The Myers and Briggs Foundation, 2014).
Right Brain or Left Brain Dominance
• a left-brain dominant person prefers things to be in a logical order and
likes identifying details instead of concepts
• Analytical
• Right brain dominant people are considered artists, musicians, and
dreamers
• type of profession a person chooses and the types of decisions a person
makes
Incentives and Motivation
• what types of incentives work the best
• not everyone is motivated by money
• Mentoring and coaching are qualities of a good leader
• Good leadership motivates some people
• Respect and loyalty are earned and a leader is better at achieving both
Recommendations
• Cyber Security Risk Management
• Cyber Security Incident & Insider Threat Management
• Cyber Security Leadership Best Practices
• Formalize and Communicate Enterprise Security Organizational Policy
• Train, Mentor, Coach everyone in the organization about the potential
threats
• Security solution must have a holistic/enterprise wide approach to be
successful
• Scope Definition and Scope Management
• Relationships, Relationships, Relationships