SlideShare a Scribd company logo

Malware is Called Malicious for a Reason: The Risks of Weaponizing Code

Download as PPTX, PDF
Stephen Cobb
Stephen Cobb

Slideshare friendly version of presentation delivered at 6th Annual Conference on Cyber Conflict, NATO Cooperative Cyber Defence Centre of Excellence, Tallinn, Estonia (there are no builds in the slides, use the other version if you want to download .pptx).

InternetTechnology
1 of 28
A. Lee S. Cobb CyCon 2014 Malware is Called Malicious for a Reason: The Risks of Weaponizing Code 6th Annual Conference on Cyber Conflict Proceedings NATO Cooperative Cyber Defence Centre of Excellence Tallinn, Estonia (clearer text, without slide builds)
A. Lee S. Cobb CyCon 2014 Authors • Andrew Lee • CEO, ESET North America • Former Chief Research Officer • MSc Computer Security (2010) • Stephen Cobb • Senior Security Researcher, ESET • CISSP (1996) • MSc Security & Criminology (2016, hopefully) ESET: Founded in Bratislava, Slovakia, 1992 Makes IT security products, like NOD32 AV
A. Lee S. Cobb CyCon 2014 Some history… • Stephen Cobb Complete Book of PC & LAN Security (1991) • Employee #5 at antivirus software testing company ICSA Labs (1995) • Adjunct Prof. Masters in IA, Norwich University (2002-2008) • First anti-spam router, acquired by Symantec (2004)
A. Lee S. Cobb CyCon 2014 Perspective and key points •A view from the front lines •The appeal of “good viruses” and “righteous malware” •Historical objections •Key risks of using malware for offense or active defense •Ideas for further research?
A. Lee S. Cobb CyCon 2014 Plague infected bodies and Tallin city wall
A. Lee S. Cobb CyCon 2014 The short version •Hurling infected bodies over city walls in 1710? • Bad idea •Deploying malicious code in 2014 • Bad idea •“Malware = biological weapons of cyber conflict” •White worms are mythical creatures
A. Lee S. Cobb CyCon 2014 Defining malware •Software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an IS [Information System] •National Information Assurance (IA) Glossary •The definition of record for CIA/NSA/DoD/etc.
A. Lee S. Cobb CyCon 2014 Malware and the Tallinn Rules 43: Indiscriminate Means and Methods 48: Weapons Review 49: Indiscriminate Attacks 50: Clearly Separated Distinct Military Objectives 51: Proportionality
A. Lee S. Cobb CyCon 2014 Deploying malware •Virus, worm, Trojan •Email attachment •Website drive-by •Removable media •Chipping hardware •Updating firmware •Planting code
A. Lee S. Cobb CyCon 2014 Malicious Code in the Software Life Cycle 1. Acquisition 2. Requirements 3. Design 4. Construction 5. Testing 6. Installation (delivery, distribution, installation) 7. Maintenance (operation, maintenance, and disposal) Guidance for Addressing Malicious Code Risk, NSA, 2007
A. Lee S. Cobb CyCon 2014 What is “righteous malware” •It’s in the eye of the beholder • Software or firmware deployed with intent to advance a just cause by performing an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an IS [Information System] •Examples? • Stuxnet, Shamoon, DarkComet RAT, Blackshades
A. Lee S. Cobb CyCon 2014 > 50,000 implants
A. Lee S. Cobb CyCon 2014 The “good” virus •A fascination as old as computing •Self-replicating code that performs beneficial functions (e.g. patching or backup) •Some virus writers persisted despite outbreaks of ‘benign’ code •Are ‘Good’ Computer Viruses Still a Bad Idea? • Vesselin Bontchev, Virus-L and comp.virus, EICAR ’94
A. Lee S. Cobb CyCon 2014 12 reasons why “good viruses” are a bad idea TECHNICAL REASONS Lack of Control Spread cannot be controlled, unpredictable results Recognition Difficulty Hard to allow good viruses while denying bad Resource Wasting Unintended consequences (typified by the Morris Worm) Bug Containment Difficulty of fixing bugs in code once released Compatibility Problems May not run when needed, or cause damage when run Effectiveness Risks of self-replicating code over conventional alternatives ETHICAL AND LEGAL REASONS Unauthorized Data Modification Unauthorized system access or data changes illegal or immoral Copyright and Ownership Problems Could impair support or violate copyright of regular programs Possible Misuse Code could be used by persons will malicious intent Responsibility Sets a bad example for persons with inferior skills, morals PSYCHOLOGICAL REASONS Trust Problems Potential to undermine user trust in systems Negative Common Meaning Anything called a virus is doomed to be deemed bad V. Bontchev, “Are ‘Good’ Computer Viruses Still a Bad Idea?” EICAR’94
A. Lee S. Cobb CyCon 2014 12 risks inherent in malware deployment TECHNICAL REASONS Lack of Control Spread cannot be controlled, unpredictable results Recognition Difficulty Hard to allow good viruses while denying bad Resource Wasting Unintended consequences (typified by the Morris Worm) Bug Containment Difficulty of fixing bugs in code once released Compatibility Problems May not run when needed, or cause damage when run Effectiveness Risks of self-replicating code over conventional alternatives ETHICAL AND LEGAL REASONS Unauthorized Data Modification Unauthorized system access or data changes illegal or immoral Copyright and Ownership Problems Could impair support or violate copyright of regular programs Possible Misuse Code could be used by persons will malicious intent Responsibility Sets a bad example for persons with inferior skills, morals PSYCHOLOGICAL REASONS Trust Problems Potential to undermine user trust in systems Negative Common Meaning Anything called a virus is doomed to be deemed bad V. Bontchev, “Are ‘Good’ Computer Viruses Still a Bad Idea?” EICAR’94
A. Lee S. Cobb CyCon 2014 All risks must be addressed, but focus on 4 TECHNICAL REASONS Lack of Control Spread cannot be controlled, unpredictable results Recognition Difficulty Hard to allow good viruses while denying bad Resource Wasting Unintended consequences (typified by the Morris Worm) Bug Containment Difficulty of fixing bugs in code once released Compatibility Problems May not run when needed, or cause damage when run Effectiveness Risks of self-replicating code over conventional alternatives ETHICAL AND LEGAL REASONS Unauthorized Data Modification Unauthorized system access or data changes illegal or immoral Copyright and Ownership Problems Could impair support or violate copyright of regular programs Possible Misuse Code could be used by persons will malicious intent Responsibility Sets a bad example for persons with inferior skills, morals PSYCHOLOGICAL REASONS Trust Problems Potential to undermine user trust in systems Negative Common Meaning Anything called a virus is doomed to be deemed bad
A. Lee S. Cobb CyCon 2014 All risks must be addressed, but focus on 4 1. Recognition Difficulty 2. Compatibility Problems & Effectiveness 3. Possible Misuse 4. Trust Problems
A. Lee S. Cobb CyCon 2014 1. Recognition Difficulty •Hard to allow good viruses while denying bad •No self-respecting antivirus company is going to give your righteous malware a free pass
A. Lee S. Cobb CyCon 2014 Bear in mind the AV community is global •Major AV vendors encompass many countries • ESET Slovakia AVG Czech Republic • McAfee USA Kaspersky Russia • Symantec USA Trend Micro Japan, • Avira Germany Avast! Czech Republic •Active in many more (e.g. ESET operates in 180) •“Your cyber defense is only as good as your relationship with industry.” – Dr. Jamie Shea
A. Lee S. Cobb CyCon 2014 2. Compatibility and Effectiveness •May not run when needed, or may cause damage when run •Huge potential for unintended consequences •Reduce risk with detailed intel on the target? •Raises issue of Effectiveness: • Does the effort to get enough intel to execute safely exceed the effort of a less risky path to same end?
A. Lee S. Cobb CyCon 2014 3. Possible Misuse •Could be re-used by persons with malicious intent •Yes, your own code could be used against you •The key ingredient for making malware is brains •Brains are very mobile, no country has a lock •"The most valuable cyber weapon you can possess? The talented individual.“ – Jarno Limnéll
A. Lee S. Cobb CyCon 2014 4. Trust Problems •Potential to undermine user trust in systems •60% now less trusting of technology companies • e.g. Internet service providers, software companies •Very real risk of economic damage Harris Poll on behalf of ESET, February 4-6, 2014, 2,034 U.S. adults ages 18 and older
A. Lee S. Cobb CyCon 2014 Companies and consumers impacted • Cloud providers • Banks • Companies like Cisco • Online retailers • Healthcare providers • Governments NASDAQ CSCO
A. Lee S. Cobb CyCon 2014 85% of Americans are aware of NSA revelations, 47% of them have changed their online behavior Harris Poll on behalf of ESET, February 4-6, 2014, 2,034 U.S. adults ages 18 and older
A. Lee S. Cobb CyCon 2014 Righteous malware deployment checklist: Control Can you control the actions of the code in all environments it may infect? Detection Can the code complete its mission before detection? Attribution Can you guarantee the code is deniable or claimable, as needed? Legality Will the code be illegal in any jurisdictions in which it is deployed? Morality Will deployment of the code violate any treaties, codes, and other international norms? Misuse Can the code, or its techniques, strategies or design principles be copied by adversaries, competing interests, or criminals? Erosion of Trust Have you considered harmful effects that deployment of the code, including knowledge of the deployment, could have on trust placed in your government and institutions including trade and commerce?
A. Lee S. Cobb CyCon 2014 Further research? •Mathematical model of malware risks • Enumerate variables • Calculate compound probabilities •Comprehensive survey of malware researchers • Update the “Good virus bad idea” paper
A. Lee S. Cobb CyCon 2014 Summary: deploying malware •Comes with many risks that are known and well- documented •Carries serious potential to undermine the very societies it is intended to defend
A. Lee S. Cobb CyCon 2014 Thank you! •Stephen.Cobb@ESET.com •Twitter @zcobb •www.SlideShare.net/zcobb •www.LinkedIn/in/StephenCobb •www.WeLiveSecurity.com

Recommended

Malware and the risks of weaponizing code
Malware and the risks of weaponizing codeMalware and the risks of weaponizing code
Malware and the risks of weaponizing codeStephen Cobb
 
The Intersection Between Open Source and Cybersecurity
The Intersection Between Open Source and CybersecurityThe Intersection Between Open Source and Cybersecurity
The Intersection Between Open Source and CybersecurityBlack Duck by Synopsys
 
Allianz Global CISO october-2015-draft
Allianz Global CISO october-2015-draftAllianz Global CISO october-2015-draft
Allianz Global CISO october-2015-draftEoin Keary
 
IT system security principles practices
IT system security principles practicesIT system security principles practices
IT system security principles practicesgufranresearcher
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...DevOps Indonesia
 
Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021Adam Shostack
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons Computer Learning Centers / 5PE
 

Recommended

Malware and the risks of weaponizing code
Malware and the risks of weaponizing codeMalware and the risks of weaponizing code
Malware and the risks of weaponizing codeStephen Cobb
 
The Intersection Between Open Source and Cybersecurity
The Intersection Between Open Source and CybersecurityThe Intersection Between Open Source and Cybersecurity
The Intersection Between Open Source and CybersecurityBlack Duck by Synopsys
 
Allianz Global CISO october-2015-draft
Allianz Global CISO october-2015-draftAllianz Global CISO october-2015-draft
Allianz Global CISO october-2015-draftEoin Keary
 
IT system security principles practices
IT system security principles practicesIT system security principles practices
IT system security principles practicesgufranresearcher
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...DevOps Indonesia
 
Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021Adam Shostack
 
New Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons SCYBER Presentation
New Horizons SCYBER PresentationNew Horizons Computer Learning Centers / 5PE
 
Amy DeMartine - 7 Habits of Rugged DevOps
Amy DeMartine - 7 Habits of Rugged DevOpsAmy DeMartine - 7 Habits of Rugged DevOps
Amy DeMartine - 7 Habits of Rugged DevOpsSeniorStoryteller
 
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Core Security
 
Managing Next Generation Threats to Cyber Security
Managing Next Generation Threats to Cyber SecurityManaging Next Generation Threats to Cyber Security
Managing Next Generation Threats to Cyber SecurityPriyanka Aash
 
Skillful scalefull fullstack security in a state of constant flux
Skillful scalefull fullstack security in a state of constant fluxSkillful scalefull fullstack security in a state of constant flux
Skillful scalefull fullstack security in a state of constant fluxEoin Keary
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeCore Security
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
The DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersThe DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersDevOps.com
 
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSilver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSeniorStoryteller
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Core Security
 
Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?ThinAir
 
Keeping Secrets on the Internet of Things - Mobile Web Application Security
Keeping Secrets on the Internet of Things - Mobile Web Application SecurityKeeping Secrets on the Internet of Things - Mobile Web Application Security
Keeping Secrets on the Internet of Things - Mobile Web Application SecurityKelly Robertson
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communicationscentralohioissa
 
Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?ThinAir
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attackerbugcrowd
 
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...EC-Council
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended CutMike Spaulding
 
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityThreat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityCore Security
 
Security and DevOps Overview
Security and DevOps OverviewSecurity and DevOps Overview
Security and DevOps OverviewAdrian Sanabria
 
Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)eNetSPI
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionStephen Cobb
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business ContinuityStephen Cobb
 

More Related Content

What's hot

Amy DeMartine - 7 Habits of Rugged DevOps
Amy DeMartine - 7 Habits of Rugged DevOpsAmy DeMartine - 7 Habits of Rugged DevOps
Amy DeMartine - 7 Habits of Rugged DevOpsSeniorStoryteller
 
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Core Security
 
Managing Next Generation Threats to Cyber Security
Managing Next Generation Threats to Cyber SecurityManaging Next Generation Threats to Cyber Security
Managing Next Generation Threats to Cyber SecurityPriyanka Aash
 
Skillful scalefull fullstack security in a state of constant flux
Skillful scalefull fullstack security in a state of constant fluxSkillful scalefull fullstack security in a state of constant flux
Skillful scalefull fullstack security in a state of constant fluxEoin Keary
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeCore Security
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
The DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersThe DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersDevOps.com
 
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSilver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSeniorStoryteller
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Core Security
 
Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?ThinAir
 
Keeping Secrets on the Internet of Things - Mobile Web Application Security
Keeping Secrets on the Internet of Things - Mobile Web Application SecurityKeeping Secrets on the Internet of Things - Mobile Web Application Security
Keeping Secrets on the Internet of Things - Mobile Web Application SecurityKelly Robertson
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communicationscentralohioissa
 
Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?ThinAir
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attackerbugcrowd
 
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...EC-Council
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended CutMike Spaulding
 
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityThreat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityCore Security
 
Security and DevOps Overview
Security and DevOps OverviewSecurity and DevOps Overview
Security and DevOps OverviewAdrian Sanabria
 
Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)eNetSPI
 

What's hot (20)

Amy DeMartine - 7 Habits of Rugged DevOps
Amy DeMartine - 7 Habits of Rugged DevOpsAmy DeMartine - 7 Habits of Rugged DevOps
Amy DeMartine - 7 Habits of Rugged DevOps
 
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
 
Managing Next Generation Threats to Cyber Security
Managing Next Generation Threats to Cyber SecurityManaging Next Generation Threats to Cyber Security
Managing Next Generation Threats to Cyber Security
 
Skillful scalefull fullstack security in a state of constant flux
Skillful scalefull fullstack security in a state of constant fluxSkillful scalefull fullstack security in a state of constant flux
Skillful scalefull fullstack security in a state of constant flux
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
The DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersThe DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
The DevSecOps Showdown: How to Bridge the Gap Between Security and Developers
 
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSilver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security Solutions
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
 
Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?
 
Keeping Secrets on the Internet of Things - Mobile Web Application Security
Keeping Secrets on the Internet of Things - Mobile Web Application SecurityKeeping Secrets on the Internet of Things - Mobile Web Application Security
Keeping Secrets on the Internet of Things - Mobile Web Application Security
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communications
 
Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attacker
 
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
Thwarting the Insider Threat: Developing a Robust “Defense in Depth” Data Los...
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended Cut
 
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityThreat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
 
Security and DevOps Overview
Security and DevOps OverviewSecurity and DevOps Overview
Security and DevOps Overview
 
Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)e
 

Viewers also liked

The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionStephen Cobb
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business ContinuityStephen Cobb
 
HIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessHIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessStephen Cobb
 
Global threat landscape
Global threat landscapeGlobal threat landscape
Global threat landscapeJynette Reed
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataStephen Cobb
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecuritylfh663
 
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Stephen Cobb
 
The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?Stephen Cobb
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
Enjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsEnjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsStephen Cobb
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technicalStephen Cobb
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-securityStephen Cobb
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesStephen Cobb
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistMatthew Rosenquist
 
Skills For Career In Security
Skills For Career In SecuritySkills For Career In Security
Skills For Career In SecurityPrasanna V
 
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonNavigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonChristopher Clark
 
Cyber Security Career Advice
Cyber Security Career AdviceCyber Security Career Advice
Cyber Security Career AdviceDonald E. Hester
 
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...ESET
 

Viewers also liked (20)

The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 edition
 
Getting Started with Business Continuity
Getting Started with Business ContinuityGetting Started with Business Continuity
Getting Started with Business Continuity
 
HIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessHIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good Business
 
Global threat landscape
Global threat landscapeGlobal threat landscape
Global threat landscape
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient Data
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
 
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
 
The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
 
Enjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsEnjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber Criminals
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technical
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and Resources
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
 
Skills For Career In Security
Skills For Career In SecuritySkills For Career In Security
Skills For Career In Security
 
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew FearsonNavigating Your Career in Cyber Security - Steve Santini & Drew Fearson
Navigating Your Career in Cyber Security - Steve Santini & Drew Fearson
 
Cyber Security Career Advice
Cyber Security Career AdviceCyber Security Career Advice
Cyber Security Career Advice
 
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
 
2016 Trends in Security
2016 Trends in Security 2016 Trends in Security
2016 Trends in Security
 

Similar to Malware is Called Malicious for a Reason: The Risks of Weaponizing Code

Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetuppbink
 
Top Application Security Trends of 2012
Top Application Security Trends of 2012Top Application Security Trends of 2012
Top Application Security Trends of 2012DaveEdwards12
 
Open Source Security for Newbies - Best Practices
Open Source Security for Newbies - Best PracticesOpen Source Security for Newbies - Best Practices
Open Source Security for Newbies - Best PracticesBlack Duck by Synopsys
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityAnne Oikarinen
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...lior mazor
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliveryTim Mackey
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliveryBlack Duck by Synopsys
 
20th Anniversary - OWASP Top 10 2021.pptx
20th Anniversary - OWASP Top 10 2021.pptx20th Anniversary - OWASP Top 10 2021.pptx
20th Anniversary - OWASP Top 10 2021.pptxDedy Hariyadi
 
Beyond the Scan: The Value Proposition of Vulnerability Assessment
Beyond the Scan: The Value Proposition of Vulnerability AssessmentBeyond the Scan: The Value Proposition of Vulnerability Assessment
Beyond the Scan: The Value Proposition of Vulnerability AssessmentDamon Small
 
Java application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerJava application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerSteve Poole
 
Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security Black Duck by Synopsys
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Microsoft power point closing presentation-greenberg
Microsoft power point closing presentation-greenbergMicrosoft power point closing presentation-greenberg
Microsoft power point closing presentation-greenbergISSA LA
 
Continuous security: Bringing agility to the secure development lifecycle
Continuous security: Bringing agility to the secure development lifecycleContinuous security: Bringing agility to the secure development lifecycle
Continuous security: Bringing agility to the secure development lifecycleRogue Wave Software
 
Defcon 23 - damon small - beyond the scan
Defcon 23 - damon small - beyond the scanDefcon 23 - damon small - beyond the scan
Defcon 23 - damon small - beyond the scanFelipe Prado
 

Similar to Malware is Called Malicious for a Reason: The Risks of Weaponizing Code (20)

Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
 
Top Application Security Trends of 2012
Top Application Security Trends of 2012Top Application Security Trends of 2012
Top Application Security Trends of 2012
 
Open Source Security for Newbies - Best Practices
Open Source Security for Newbies - Best PracticesOpen Source Security for Newbies - Best Practices
Open Source Security for Newbies - Best Practices
 
Secure Coding and Threat Modeling
Secure Coding and Threat ModelingSecure Coding and Threat Modeling
Secure Coding and Threat Modeling
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous delivery
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous delivery
 
20th Anniversary - OWASP Top 10 2021.pptx
20th Anniversary - OWASP Top 10 2021.pptx20th Anniversary - OWASP Top 10 2021.pptx
20th Anniversary - OWASP Top 10 2021.pptx
 
Beyond the Scan: The Value Proposition of Vulnerability Assessment
Beyond the Scan: The Value Proposition of Vulnerability AssessmentBeyond the Scan: The Value Proposition of Vulnerability Assessment
Beyond the Scan: The Value Proposition of Vulnerability Assessment
 
Java application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developerJava application security the hard way - a workshop for the serious developer
Java application security the hard way - a workshop for the serious developer
 
NTXISSACSC2 - Software Assurance (SwA) by John Whited
NTXISSACSC2 - Software Assurance (SwA) by John WhitedNTXISSACSC2 - Software Assurance (SwA) by John Whited
NTXISSACSC2 - Software Assurance (SwA) by John Whited
 
Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security Myths and Misperceptions of Open Source Security
Myths and Misperceptions of Open Source Security
 
Declaration of malWARe
Declaration of malWAReDeclaration of malWARe
Declaration of malWARe
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
Microsoft power point closing presentation-greenberg
Microsoft power point closing presentation-greenbergMicrosoft power point closing presentation-greenberg
Microsoft power point closing presentation-greenberg
 
Primer for Information Security Programs
Primer for Information Security ProgramsPrimer for Information Security Programs
Primer for Information Security Programs
 
Continuous security: Bringing agility to the secure development lifecycle
Continuous security: Bringing agility to the secure development lifecycleContinuous security: Bringing agility to the secure development lifecycle
Continuous security: Bringing agility to the secure development lifecycle
 
Defcon 23 - damon small - beyond the scan
Defcon 23 - damon small - beyond the scanDefcon 23 - damon small - beyond the scan
Defcon 23 - damon small - beyond the scan
 

More from Stephen Cobb

Cybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptxCybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptxStephen Cobb
 
Cybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and CommunicationCybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and CommunicationStephen Cobb
 
What Makes a Good CISO
What Makes a Good CISOWhat Makes a Good CISO
What Makes a Good CISOStephen Cobb
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with securityStephen Cobb
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
Endpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategyEndpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategyStephen Cobb
 
Cyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrowCyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrowStephen Cobb
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 

More from Stephen Cobb (11)

Cybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptxCybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptx
 
Cybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and CommunicationCybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and Communication
 
What Makes a Good CISO
What Makes a Good CISOWhat Makes a Good CISO
What Makes a Good CISO
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with security
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and Response
 
Endpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategyEndpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategy
 
Cyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrowCyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrow
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 

Recently uploaded

『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxBipin Adhikari
 

Recently uploaded (20)

『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptx
 

Malware is Called Malicious for a Reason: The Risks of Weaponizing Code

  • 1. A. Lee S. Cobb CyCon 2014 Malware is Called Malicious for a Reason: The Risks of Weaponizing Code 6th Annual Conference on Cyber Conflict Proceedings NATO Cooperative Cyber Defence Centre of Excellence Tallinn, Estonia (clearer text, without slide builds)
  • 2. A. Lee S. Cobb CyCon 2014 Authors • Andrew Lee • CEO, ESET North America • Former Chief Research Officer • MSc Computer Security (2010) • Stephen Cobb • Senior Security Researcher, ESET • CISSP (1996) • MSc Security & Criminology (2016, hopefully) ESET: Founded in Bratislava, Slovakia, 1992 Makes IT security products, like NOD32 AV
  • 3. A. Lee S. Cobb CyCon 2014 Some history… • Stephen Cobb Complete Book of PC & LAN Security (1991) • Employee #5 at antivirus software testing company ICSA Labs (1995) • Adjunct Prof. Masters in IA, Norwich University (2002-2008) • First anti-spam router, acquired by Symantec (2004)
  • 4. A. Lee S. Cobb CyCon 2014 Perspective and key points •A view from the front lines •The appeal of “good viruses” and “righteous malware” •Historical objections •Key risks of using malware for offense or active defense •Ideas for further research?
  • 5. A. Lee S. Cobb CyCon 2014 Plague infected bodies and Tallin city wall
  • 6. A. Lee S. Cobb CyCon 2014 The short version •Hurling infected bodies over city walls in 1710? • Bad idea •Deploying malicious code in 2014 • Bad idea •“Malware = biological weapons of cyber conflict” •White worms are mythical creatures
  • 7. A. Lee S. Cobb CyCon 2014 Defining malware •Software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an IS [Information System] •National Information Assurance (IA) Glossary •The definition of record for CIA/NSA/DoD/etc.
  • 8. A. Lee S. Cobb CyCon 2014 Malware and the Tallinn Rules 43: Indiscriminate Means and Methods 48: Weapons Review 49: Indiscriminate Attacks 50: Clearly Separated Distinct Military Objectives 51: Proportionality
  • 9. A. Lee S. Cobb CyCon 2014 Deploying malware •Virus, worm, Trojan •Email attachment •Website drive-by •Removable media •Chipping hardware •Updating firmware •Planting code
  • 10. A. Lee S. Cobb CyCon 2014 Malicious Code in the Software Life Cycle 1. Acquisition 2. Requirements 3. Design 4. Construction 5. Testing 6. Installation (delivery, distribution, installation) 7. Maintenance (operation, maintenance, and disposal) Guidance for Addressing Malicious Code Risk, NSA, 2007
  • 11. A. Lee S. Cobb CyCon 2014 What is “righteous malware” •It’s in the eye of the beholder • Software or firmware deployed with intent to advance a just cause by performing an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an IS [Information System] •Examples? • Stuxnet, Shamoon, DarkComet RAT, Blackshades
  • 12. A. Lee S. Cobb CyCon 2014 > 50,000 implants
  • 13. A. Lee S. Cobb CyCon 2014 The “good” virus •A fascination as old as computing •Self-replicating code that performs beneficial functions (e.g. patching or backup) •Some virus writers persisted despite outbreaks of ‘benign’ code •Are ‘Good’ Computer Viruses Still a Bad Idea? • Vesselin Bontchev, Virus-L and comp.virus, EICAR ’94
  • 14. A. Lee S. Cobb CyCon 2014 12 reasons why “good viruses” are a bad idea TECHNICAL REASONS Lack of Control Spread cannot be controlled, unpredictable results Recognition Difficulty Hard to allow good viruses while denying bad Resource Wasting Unintended consequences (typified by the Morris Worm) Bug Containment Difficulty of fixing bugs in code once released Compatibility Problems May not run when needed, or cause damage when run Effectiveness Risks of self-replicating code over conventional alternatives ETHICAL AND LEGAL REASONS Unauthorized Data Modification Unauthorized system access or data changes illegal or immoral Copyright and Ownership Problems Could impair support or violate copyright of regular programs Possible Misuse Code could be used by persons will malicious intent Responsibility Sets a bad example for persons with inferior skills, morals PSYCHOLOGICAL REASONS Trust Problems Potential to undermine user trust in systems Negative Common Meaning Anything called a virus is doomed to be deemed bad V. Bontchev, “Are ‘Good’ Computer Viruses Still a Bad Idea?” EICAR’94
  • 15. A. Lee S. Cobb CyCon 2014 12 risks inherent in malware deployment TECHNICAL REASONS Lack of Control Spread cannot be controlled, unpredictable results Recognition Difficulty Hard to allow good viruses while denying bad Resource Wasting Unintended consequences (typified by the Morris Worm) Bug Containment Difficulty of fixing bugs in code once released Compatibility Problems May not run when needed, or cause damage when run Effectiveness Risks of self-replicating code over conventional alternatives ETHICAL AND LEGAL REASONS Unauthorized Data Modification Unauthorized system access or data changes illegal or immoral Copyright and Ownership Problems Could impair support or violate copyright of regular programs Possible Misuse Code could be used by persons will malicious intent Responsibility Sets a bad example for persons with inferior skills, morals PSYCHOLOGICAL REASONS Trust Problems Potential to undermine user trust in systems Negative Common Meaning Anything called a virus is doomed to be deemed bad V. Bontchev, “Are ‘Good’ Computer Viruses Still a Bad Idea?” EICAR’94
  • 16. A. Lee S. Cobb CyCon 2014 All risks must be addressed, but focus on 4 TECHNICAL REASONS Lack of Control Spread cannot be controlled, unpredictable results Recognition Difficulty Hard to allow good viruses while denying bad Resource Wasting Unintended consequences (typified by the Morris Worm) Bug Containment Difficulty of fixing bugs in code once released Compatibility Problems May not run when needed, or cause damage when run Effectiveness Risks of self-replicating code over conventional alternatives ETHICAL AND LEGAL REASONS Unauthorized Data Modification Unauthorized system access or data changes illegal or immoral Copyright and Ownership Problems Could impair support or violate copyright of regular programs Possible Misuse Code could be used by persons will malicious intent Responsibility Sets a bad example for persons with inferior skills, morals PSYCHOLOGICAL REASONS Trust Problems Potential to undermine user trust in systems Negative Common Meaning Anything called a virus is doomed to be deemed bad
  • 17. A. Lee S. Cobb CyCon 2014 All risks must be addressed, but focus on 4 1. Recognition Difficulty 2. Compatibility Problems & Effectiveness 3. Possible Misuse 4. Trust Problems
  • 18. A. Lee S. Cobb CyCon 2014 1. Recognition Difficulty •Hard to allow good viruses while denying bad •No self-respecting antivirus company is going to give your righteous malware a free pass
  • 19. A. Lee S. Cobb CyCon 2014 Bear in mind the AV community is global •Major AV vendors encompass many countries • ESET Slovakia AVG Czech Republic • McAfee USA Kaspersky Russia • Symantec USA Trend Micro Japan, • Avira Germany Avast! Czech Republic •Active in many more (e.g. ESET operates in 180) •“Your cyber defense is only as good as your relationship with industry.” – Dr. Jamie Shea
  • 20. A. Lee S. Cobb CyCon 2014 2. Compatibility and Effectiveness •May not run when needed, or may cause damage when run •Huge potential for unintended consequences •Reduce risk with detailed intel on the target? •Raises issue of Effectiveness: • Does the effort to get enough intel to execute safely exceed the effort of a less risky path to same end?
  • 21. A. Lee S. Cobb CyCon 2014 3. Possible Misuse •Could be re-used by persons with malicious intent •Yes, your own code could be used against you •The key ingredient for making malware is brains •Brains are very mobile, no country has a lock •"The most valuable cyber weapon you can possess? The talented individual.“ – Jarno Limnéll
  • 22. A. Lee S. Cobb CyCon 2014 4. Trust Problems •Potential to undermine user trust in systems •60% now less trusting of technology companies • e.g. Internet service providers, software companies •Very real risk of economic damage Harris Poll on behalf of ESET, February 4-6, 2014, 2,034 U.S. adults ages 18 and older
  • 23. A. Lee S. Cobb CyCon 2014 Companies and consumers impacted • Cloud providers • Banks • Companies like Cisco • Online retailers • Healthcare providers • Governments NASDAQ CSCO
  • 24. A. Lee S. Cobb CyCon 2014 85% of Americans are aware of NSA revelations, 47% of them have changed their online behavior Harris Poll on behalf of ESET, February 4-6, 2014, 2,034 U.S. adults ages 18 and older
  • 25. A. Lee S. Cobb CyCon 2014 Righteous malware deployment checklist: Control Can you control the actions of the code in all environments it may infect? Detection Can the code complete its mission before detection? Attribution Can you guarantee the code is deniable or claimable, as needed? Legality Will the code be illegal in any jurisdictions in which it is deployed? Morality Will deployment of the code violate any treaties, codes, and other international norms? Misuse Can the code, or its techniques, strategies or design principles be copied by adversaries, competing interests, or criminals? Erosion of Trust Have you considered harmful effects that deployment of the code, including knowledge of the deployment, could have on trust placed in your government and institutions including trade and commerce?
  • 26. A. Lee S. Cobb CyCon 2014 Further research? •Mathematical model of malware risks • Enumerate variables • Calculate compound probabilities •Comprehensive survey of malware researchers • Update the “Good virus bad idea” paper
  • 27. A. Lee S. Cobb CyCon 2014 Summary: deploying malware •Comes with many risks that are known and well- documented •Carries serious potential to undermine the very societies it is intended to defend
  • 28. A. Lee S. Cobb CyCon 2014 Thank you! •Stephen.Cobb@ESET.com •Twitter @zcobb •www.SlideShare.net/zcobb •www.LinkedIn/in/StephenCobb •www.WeLiveSecurity.com

Editor's Notes

  1. Industry perspective 1,000s of people around the world go to work every day to fight against malicious code and repair the damage done by malware.
  2. If not at Reval > a biological warfare attack at siege of Caffa, 1346 by which the Black Death is widely believed to have reached Europe from the Crimea: “Tartars, stunned and stupefied by the immensity of the disaster brought about by the disease…ordered corpses to be placed in catapults1 and lobbed into the city in the hope that the intolerable stench would kill everyone inside.2 What seemed like mountains of dead were thrown into the city, and the Christians could not hide or flee or escape from them, http://wwwnc.cdc.gov/eid/article/8/9/01-0536_article.htm
  3. If not at Reval > a biological warfare attack at siege of Caffa, 1346 by which the Black Death is widely believed to have reached Europe from the Crimea: “Tartars, stunned and stupefied by the immensity of the disaster brought about by the disease…ordered corpses to be placed in catapults1 and lobbed into the city in the hope that the intolerable stench would kill everyone inside.2 What seemed like mountains of dead were thrown into the city, and the Christians could not hide or flee or escape from them, http://wwwnc.cdc.gov/eid/article/8/9/01-0536_article.htm
  4. Clealry NSA sees threats at all levels. Ironically this is their advice on protection, but also a good guide for those who want to protect against NSA malware. But wait, surely code used to protect our interests is good and RIGHTEOUS
  5. John von Neumann article on the "Theory of self-reproducing automata" 1949. EICAR = European Institute for Computer Antivirus Research
  6. ALSO RISKS
  7. FBI example German example
  8. ESET
  9. Internet Worm onwards Stuxnet outside of Iran -- Conficker just keeps going – support calls about “weird” effects are legion
  10. From papers