Cyber Attack – Not a case of if, but when! Housing Technology 2016 Kevin Doran – Chief Technology Officer Tim Cowland – Principal Consultant.

Slides:



Advertisements
Similar presentations
Thank you to IT Training at Indiana University Computer Malware.
Advertisements

POSSIBLE THREATS TO DATA
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
7 Effective Habits when using the Internet Philip O’Kane 1.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
1 Telstra in Confidence Managing Security for our Mobile Technology.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
[Name / Title] [Date] Effective Threat Protection Strategies.
Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
BUSINESS B1 Information Security.
1.1 System Performance Security Module 1 Version 5.
Case Study: Department of Revenue Data Breach National Association of State Auditors, Comptrollers and Treasurers March 21, 2013.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
Financial Sector Cyber Attacks Malware Types & Remediation Best Practices
Friday, October 23, Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director.
Engineering and Management of Secure Computer Networks School of Engineering © Steve Woodhead 2009 Corporate Governance and Information Security (InfoSec)
©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.
MIS323 – Business Telecommunications Chapter 10 Security.
CYBER SECURITY & ITS IMPACT ON FINANCIAL STATEMENTS AUDITS BOB WAGNER TUESDAY, NOVEMBER FLORIDA SCHOOL FINANCE OFFICERS ASSOCIATION CONFERENCE.
1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.
Information Security January What is Information Security?  Information Security is about the physical security of our equipment and networks as.
Computer Security Mike Asoodeh & Ray Dejean Office of Technology Southeastern Louisiana University.
Centre of Expertise - Security Securing your business against cybercrime Or surely we do not have anything to worry about...do we?
Computer Security Sample security policy Dr Alexei Vernitski.
Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:
CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
October 28, 2015 Cyber Security Awareness Update.
Washington State Auditor’s Office Cybersecurity Preparing for the Inevitable Washington State Auditor’s Office Peg Bodin, CISA, Local IS Audit Manager.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
November 14, 2016 bit.ly/nercomp_defendingyourdata16
Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC
Technology and Business Continuity
Cybersecurity - What’s Next? June 2017
What Does GDPR mean for you
Cyber Crime What’s all the fuss about?
Data Compromises: A Tax Practitioners “Nightmare”
Year 10 ICT ECDL/ICDL IT Security.
Securing Information Systems
Jon Peppler, Menlo Security Channels
Teaching Computing to GCSE
Preparing for the cyber landscape of 2020
Cybersecurity Awareness
4 ways to stay safe online 1. Avoid viruses and phishing scams
Risk of the Internet At Home
David J. Carter, CISO Commonwealth Office of Technology
Ransomware and Data breaches in public libraries
Anatomy of a Large Scale Attack
Information Security – Sep 18
Threat Landscape Update
“Workplace Behaviour: Activating your greatest security asset”
Presentation transcript:

Cyber Attack – Not a case of if, but when! Housing Technology 2016 Kevin Doran – Chief Technology Officer Tim Cowland – Principal Consultant

The current landscape Why are you at risk? Why worry about Ransomware? How can it get to me? How does it work? What will be the impact? How can I recover? 12 Point Plan Agenda

The Current Landscape 86% of UK adults have used the internet in the past 3 months Continued growth of cyber attacks 90% of large and 74% of small organisations suffered a breach in % increase in incidents since 2014 Wider hacking community and resources Some organisations failing to keep pace with new threats Greater reliance on IT to deliver services Self service Internet of Things Social Media 480m leaked records reported in 2015 Increase in use of mobile devices to access web (57% - 61%) Estimated that approx. 30,000 web sites are hacked each day

Examples of Incidents Examples of reported incidents in the last 12 months: Anthem Insurance Unauthorised access of 80 million records Hackers accessed DOB, addresses, social security numbers, correspondence Ashley Madison Accessed and subsequently released s and physical addresses of 37m users Followed up with larger release of corporate s Attack designed to extort money V-tech Gained access to parent and child records in ‘Learning Lodge’ 4m parent accounts and 6m ‘kids profiles’ affected (1.2m ‘kid connect’) Threat of customers boycotting use after new T’s and C’s issued Lincolnshire County Council Ransomware attack

What Threats Are Out There? Trojan HorseWormRansomwareSpam Phishing Watering Hole DDoS AttackScareware Virus Spear Phishing RootkitSpyware

Why are you at risk? Random attacks will reach your staff Often poor staff practices i.e. password controls Potential of targeted ‘spear phishing’ attacks Are you the weakest link in the chain? Could be seen as an easier target Growing volume of information held by organisations Previously cyber risks related to mischief making, now greater risk of financial loss Can the quality of your defence keep pace with growing sophistication of attacks ConfidentialityAvailabilityIntegrity

Staff Practices Some questions to ask yourself How aware are your staff of security risks? Do you have a staff guide on what they should look out for? Do you deliver briefing sessions / training? Do you have a tested plan for how to respond to an incident? How effective are your password controls? Use of random characters – not names / dictionary words Increase minimum length Stop the use of sequential passwords Use memorable sentence Consider using a password locker to store and generate secure passwords Approx. 90% of user passwords can be cracked within 1 day Password1 StarWars Andrew1 Qwerty

Focus on Ransomware What is it? A specific type of Malware or malicious code Usually overt in nature, most often advises the victim of infection Designed to elicit a financial ‘ransom’ from the victim Highly evolutionary software adapting in terms of encryption and attack vectors Code is widely available to anyone with intent Only a module in the arsenal of possible malicious code stacks Many ransomware packages are secondary infections of other malware, for example Cryptoware is known to be downloaded by TrojanDownloader:Win 32/Onkods and Upatre

Common methods that are used to deploy Ransomware Unsolicited s, with attachments or web links Compromised web site Part of a wider compromise from other malicious software Increased awareness of anyone using IT systems, that threats and risks are real and the implications of these, is key to any ongoing security strategy. How can it get to me?

There are lots of considerations once an incident has occurred: Data loss or even theft Business downtime due to loss of data and during investigation How did the breach occur? Has it affected any B2B systems? Should we pay the ransom? Who is/should be aware of the breach? What could be the impact?

There are lots of considerations before or after an incident has occurred: Incident response process in place? Identify the threat, invoke appropriate analysis, plan for systems outage Potential infection may be waiting in multiple mail systems Consider Incident Response Retainer Data recovery could be lengthy and complex Not all data will be affected Subject to access rights, execution time and data types - selective scripted data restores may be needed Is restore media to hand, catalogued, will large volumes need to be mounted to allow small selected restores to take place Ensure there is no re-infection from restored data? How can I Recover?

12 Practical Steps to Reduce Risk 1.User education and awareness program 2.Enlist the help of independent security experts to validate your approach 3.Effective and web content filtering 4.Firewall review and response process 5.Intrusion prevention systems 6.Application firewalls 7.Limitation of access rights, behavioural analysis tools 8.Effective AV deployment 9.Patch Management policy and schedule 10.Compliance, governance 11.Effective, efficient and proven backup and recovery 12.Have an agreed response plan ready

Thank you! Kevin Doran – Tim Cowland – plc.co.uk