Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Threats Scenarios and Defense Model Principles ASSOCHAM Cyber Security Conference April 2011 Presented by Dr. Nimrod Kozlovski, Chairman,

Published byConstance Imogen Robinson Modified over 9 years ago

Similar presentations

Presentation on theme: "Cyber Threats Scenarios and Defense Model Principles ASSOCHAM Cyber Security Conference April 2011 Presented by Dr. Nimrod Kozlovski, Chairman,"— Presentation transcript:

1 Cyber Threats Scenarios and Defense Model Principles ASSOCHAM Cyber Security Conference April 2011 Presented by Dr. Nimrod Kozlovski, Chairman, Nimrod@altalsec.com, +972 544 336056 ©All Right Reserved to Altal Security Ltd., 2011.

2 Estonia dDoSEstonia Brazil Critical InfrastructureBrazil Georgia dDoSGeorgia Iran StuxnetIran China GhostnetChina China DNS RedirectionChina Greece InterceptionGreece ©All Right Reserved to Altal Security Ltd., 2011. 2005200720082009 2010 2011 NSDQInterceptionNSDQInterception COMODO Certification Theft COMODO AustraliaHackingAustraliaHacking Korea GPS manipulation Korea RSA Algorithm Theaft RSA

3 ©All Right Reserved to Altal Security Ltd., 2011. Hardware Hiding Code Embed/ Manipulation Destruction Monitoring Mapping and analysis Traffic redirection Re-transmission on existing infrastructure Communication Re-transmission via RF Voice Interception Future control Focused Blockings Data Interception Purpose Threat Computer and Storage Theft Personal computer intrusion Remote network intrusion Data Mining Data Mining Network Social Engineering Copy by Internals External impersonation Unintentional Data Leakage Action Not necessarily immediate effect Impersonation of legit activity in all layers Not necessarily Identifiable destruction

4 Closed-Garden Networks (Military, Gov) Critical Infrastructure (Power, Nuclear) ©All Right Reserved to Altal Security Ltd., 2011. Industrial Open Infrastructure (Water, Transportation, Telecom) InterconnectivityInterconnectivity ComplexityComplexity OpennessOpenness

5 ©All Right Reserved to Altal Security Ltd., 2011.

6 Requires National Involvement National Level Threat Analysis SynchronizationSynchronization Technology Development Efficient Enforcement

7 Traditional passive protection (Enterprise-Based) ©All Right Reserved to Altal Security Ltd., 2011. Security Structure does not dramatically change (but upgraded) Network security Structure and security standards are known Does not consider up-to-date attack scenarios Technologies are not tailored to be compatible with new threat model PerimeterPerimeter Trusted User Protected Asset Known (standard) Infrastructure National Interest not in focus IT oriented security technologies

8 IntegrativePro-ActiveShared Inter-sector information sharing (Private-Public sharing model) Distributed sensors system (connecting the ‘dots’) Shared monitoring and analytics of incidents Traps/ Honey-pots Initiate attacks to identify reaction Research vulnerabilities of Target systems Hiding capabilities in target systems Integrated cross- sectors analysis Integrated incentive structure for defense One coordinating entity for all sectors Central incident response ”brain” Monitor patterns/Profiles ©All Right Reserved to Altal Security Ltd., 2011.

9 IntegrativePro-ActiveShared ©All Right Reserved to Altal Security Ltd., 2011. Development Telecom Security Compliance Management Telco Firmware Integrity Electronic Seamless Segregation Massive Traffic Anomaly detection

10 Altal Israel ____________________________________________________ Dr. Nimrod Kozlovski Chairman nimrod@altalsec.com +972 544336056 Netanel (Nati) Davidi, CEO nati@altalsec.com +972 525406775 Altal India ____________________________________________________ Dr. D.K. Ghosh, Board Member dkg@altalsec.com +981 1264849 Avi Gutgold, Country Manager avi@altalsec.com +919 953780090

Download ppt "Cyber Threats Scenarios and Defense Model Principles ASSOCHAM Cyber Security Conference April 2011 Presented by Dr. Nimrod Kozlovski, Chairman,"

Similar presentations

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.

1 ASEAN Regional Forum Meeting 28 – 30 April 2010 Bandar Seri Begawan, Brunei CERT-Ins Initiative on International Information Security Dr A S Kamble Director.
Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2010 Qwest. All Rights Reserved. Government Services TIC from an Industry.

Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2010 Qwest. All Rights Reserved. Government Services TIC from an Industry.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Cyber and Maritime Infrastructure

Cyber and Maritime Infrastructure
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.

WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
Preparing for a Cyber Attack By Jeffrey Carr CEO and Founder, GreyLogic.us Author, Inside Cyber Warfare (O'Reilly Media, 2009) O'Reilly Gov 2.0 Webcast.

Preparing for a Cyber Attack By Jeffrey Carr CEO and Founder, GreyLogic.us Author, "Inside Cyber Warfare" (O'Reilly Media, 2009) O'Reilly Gov 2.0 Webcast.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
CS691 Robin Kimzey Cell Phone Security a little computer in your pocket an easy target for malcontents.

CS691 Robin Kimzey Cell Phone Security a little computer in your pocket an easy target for malcontents.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.

Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.
לוחמת סייבר – איום הסייבר המדינתי

לוחמת סייבר – איום הסייבר המדינתי

Similar presentations

Ads by Google