Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.

Published byAldous Scott Modified over 8 years ago

Similar presentations

Presentation on theme: "Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security."— Presentation transcript:

1 Cyber Security – The Changing Landscape Erick Weber eweber@dpw.lacounty.gov Department of Public Works Khaled Tawfik ktawfik@dpw.lacounty.gov Cyber Security Landscape Threat Actors Motives Tools & Techniques Information Security Evolution Defending Against Today’s Threats

2 Changing Landscape THENNOW So what has changed over the past 30 years?

3 Threat Actors  Script Kiddies  Insiders  Competitors  Hacktivists  Organized Crime  State Sponsors

4 Threat Actors  Script Kiddies  Insiders  Competitors  Hacktivists  Organized Crime  State Sponsors

5 Threat Actors  Script Kiddies  Insiders  Competitors  Hacktivists  Organized Crime  State Sponsors

6 Threat Actors  Script Kiddies  Insiders  Competitors  Hacktivists  Organized Crime  State Sponsors

7 Threat Actors  Script Kiddies  Insiders  Competitors  Hacktivists  Organized Crime  State Sponsors

8 Threat Actors  Script Kiddies  Insiders  Competitors  Hacktivists  Organized Crime  State Sponsors

9 Motives  Prestige  Financial / Competitive  Political  Ideological  Military Who are the Actors?  Script Kiddies  Hacktivists

10 Motives  Prestige  Financial / Competitive  Political  Ideological  Military Who are the Actors?  Insiders  Competitors  Organized Crime

11 Motives  Prestige  Financial / Competitive  Political  Ideological  Military Who are the Actors?  Hacktivists  State Sponsors

12 Motives  Prestige  Financial / Competitive  Political  Ideological  Military Who are the Actors?  Hacktivists  Insiders

13 Motives  Prestige  Financial / Competitive  Political  Ideological  Military Who are the Actors?  State Sponsors

14 Tools

15 Network Scanners  Nmap  Nessus Password Crackers  THC Hydra  John the Ripper Network Sniffers  Wireshark  Aircrack App/DB Scanners  ZAP  W3af  WebReaver  Arachni  SQL Map Linux Distros  Kali  BackTrack Exploit Frameworks  Metasploit  BeEF  Cain & Abel Browser Proxies  Burp  Fiddler

16 Tools Malware  Virus – Requires user interaction to spread  Worms – Does not require user interaction  Trojans – Disguised as legit program  Spyware – Tracks activities / Steals Info  Rootkits – Hide from security software  Exploit Kits – Toolkit to automate exploitation  Ransomware – Encrypts files / holds for ransom

17 Techniques Attack Techniques  Social Engineering  Password (brute force/cracking/default)  Traffic Sniffing / Man-in-the-Middle  Distributed Denial of Service (DDoS)  Web App (SQL Injection, Cross-Site Scripting)  Watering Holes  Phishing / Spear Phishing  Advanced Persistent Threats (APTs)  Evasion/Obfuscation

18 Default Password Attack

19

20 Phishing Attack

21

22 Spear Phishing Attack

23 Security Function Evolution IT Administrator Network Security Engineer IT Auditor Chief Info Security Officer Penetration Tester IT Forensics Engineer App Security Engineer Security Awareness Officer Board of Supervisors

24 Defending Against Today’s Threats Program Governance Risk Assessment Security Controls Vulnerability & Patch Mgmt. SDLC Awareness & Training Monitoring & Response DRP / BCP

25 How to Protect Yourself Apply security patches (O/S and apps) Install & update Anti-Virus software Web Site Protection ( OpenDNS / McAfee Site Advisor ) Use two-factor authentication for logins Don’t use the same passwords for all sites Don’t click on web links or attachments in emails

26 Department of Public Works www.dpw.lacounty.gov Erick Weber eweber@dpw.lacounty.gov Khaled Tawfik ktawfik@dpw.lacounty.gov

Download ppt "Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security."

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.

Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
TARGETED ATTACKS AND THE SMALL BUSINESS Stephen Ferrero Consultant, Xantrion.

TARGETED ATTACKS AND THE SMALL BUSINESS Stephen Ferrero Consultant, Xantrion.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy

Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
By Joshua T. I. Towers. 13.3 $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.

By Joshua T. I. Towers $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA 92697 USA

How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA USA
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Our Digital World Second Edition

Our Digital World Second Edition

Similar presentations

Ads by Google