Presentation is loading. Please wait.

Presentation is loading. Please wait.

Recent Cyber Security Events and Future Research Directions

Published byIrma Freeman Modified over 6 years ago

Similar presentations

Presentation on theme: "Recent Cyber Security Events and Future Research Directions"— Presentation transcript:

1 Recent Cyber Security Events and Future Research Directions
Robert Mitchell

2 Agenda Where I Work Recent Cyber Security Events
Future Research Directions

3 Where I Work

4 Recent Cyber Security Events
Ukraine Power Grid Attack United States Democratic National Committee Hack Banner Health Privacy Spill Dyn Domain Name System Distributed Denial of Service San Francisco Municipal Transportation Agency Ransom

5 Ukraine Power Grid Attack
December 2015 Computer network attack (CNA) State sponsored 230,000 customers lose power for up to 6 hours Supervisory Control and Data Acquisition (SCADA) target BlackEnergy and KillDisk Cyber warfare units are the new little green men Malware recycling disrupts attribution

6 United States Democratic National Committee Hack
Two campaigns began in Summer 2015 and April 2016 Computer network exploitation (CNE) State sponsored Interfered with the election of the leader of 319M people Sea Daddy, X Agent and X-Tunnel Sometimes state sponsored actors make mistakes

7 Banner Health Privacy Spill
June 2016 Computer network exploitation (CNE) Criminal Privacy of 3.7M customers compromised Payment data and protected health information spilled Flat networks are weak Know your risk ($37M)

8 Dyn Domain Name System Distributed Denial of Service
October 2016 Computer network attack (CNA) Ideologue or weapons test Counter-attribution effort Many high profile servers had no DNS for 6 hours Mirai Fan-in concept Bots could have accessed private data

9 San Francisco Municipal Transportation Agency Ransom
November 2016 Computer network attack (CNA) Criminal $1,591,782 loss = 707,459 free rides × $2.25 average fare HDDCryptor Fan-out concept Ransomware Muni restored from backup instead of paying

10 Future Research Directions
Adjacent Disciplines Topics Ransomware Internet of Things Intrusion Tolerance Attribution Methods Real Data Sets Empiricism Canonical, Complete and Orthogonal Metrics Human Subject Research

11 Adjacent Disciplines All research areas are adjacent
Security is everyone’s business Don’t become famous for the wrong reason Serial servers This institution is leading the way

12 Topics

13 Topics: Ransomware Challenges Opportunities Victims are paying
Fast, strong encryption Intuitive solution Opportunities Optimize restores Prevent encryption Attribution Related topics Cloud computing Dynamic platform techniques

14 Topics: Internet of Things
Challenges Can be repurposed Life-critical Things Limited resources Oligoculture Patch rollout Forgotten hosts Privacy Opportunities Purpose-built devices are easy to profile Purpose-built devices are easy to lock down Physical access can enhance authentication

15 Topics: Intrusion Tolerance
Challenges Optics Increases friction for legitimate users Existing work is mostly intrusion response Opportunities Related topics Cyber zone defense Moving target defense Disrupt unseen attacks Establish resilience as a metric

16 Topics: Attribution Challenges Opportunities CNA adversaries
Network-based indicators Attackers can tidy up Antagonists can change techniques Recycling programs Opportunities CNE adversaries Host-based evidence Snap artifacts before attackers pick them up Extract features from artifacts and tradecraft Reduce asymmetry

17 Methods

18 Methods: Begin with Real Data
Challenges Some institutions won’t share Publicly-traded companies Governments Professional attackers won’t play Opportunities Some institutions will share National laboratories Universities Pen testers will play

19 Methods: Empiricism Challenges Opportunities Derive models
Instrument simulations Carry out experiments Opportunities Statistical analysis Compare related studies Visualize relationships

20 Methods: Canonical Metrics
Challenges Measure the attacker Measure the defender Achieve consensus Opportunities Support practitioners Meta-analysis

21 Methods: Human Subject Research

22 Methods: Human Subject Research
Challenges Institutional review boards Humans are hard to measure Interdisciplinary research is hard Opportunities Bypass Whac-A-Mole External validation and generalizability Linkography Detect cyber rangers who “live off the land”

23 Outro Where I Work Recent Cyber Security Events
Future Research Directions

24 Recent Cyber Security Events and Future Research Directions
Robert Mitchell

Download ppt "Recent Cyber Security Events and Future Research Directions"

Similar presentations

Travelers CyberRisk for Insurance Companies

Travelers CyberRisk for Insurance Companies
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.

N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.
Norman Endpoint Protection Advanced security made easy.

Norman Endpoint Protection Advanced security made easy.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Outline  Company Profile  Services Provided  Assets  System Schema  Risk Categories  Technical Risks and Mitigation  Summary.

Outline  Company Profile  Services Provided  Assets  System Schema  Risk Categories  Technical Risks and Mitigation  Summary.
Storage Security and Management: Security Framework

Storage Security and Management: Security Framework
Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.

Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #33 Information Warfare November 19, 2007.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #33 Information Warfare November 19, 2007.
Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.

Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.

Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.
Information Security What is Information Security?

Information Security What is Information Security?

Similar presentations

Ads by Google