1. Top 10 RISKS 2013Top 10 RISKS 2013

2. 2
Cyber crime is the fastest growingCyber crime is the fastest growing
crime on the planetcrime on the planet
ACCORDING TO …ACCORDING TO …

3. WHY?WHY?
1. Hard to detect1. Hard to detect
2. Hard to prevent2. Hard to prevent

4. WHY?WHY?
““That’s where the money is”.That’s where the money is”.

5. Why?Why?
The average bank robbery yields around…
£1,000£1,000

6. While…While…
The average cyber crime yields around…
£500,000£500,000

7. CHATUPLINE#103CHATUPLINE#103
As of December 2012, there were over 5 million web
pages offering some sort of free down-loadable hacking
software

8. AULDLANG SYNEAULDLANG SYNE
• 42% increase in targeted attacks in 2012.
• 31% of all targeted attacks aimed at businesses with less than 250 employees.
• 1 waterhole attack infected 500 organizations in a single day.
• 14 zero-day vulnerabilities.
• 32% of all mobile threats steal information.
• 1 threat infected 600,000 Macs in 2012.
• Spam volume continued to decrease, with 69% of all email being spam.
• The number of phishing sites spoofing social networking sites increased 125%.
• Web-based attacks increased 30%.
• 5,291 new vulnerabilities discovered in 2012, 415 on mobile O/S.
Symantec Global Intelligence Report 2012

9. ““To a man with a hammer, everything looks like a nail”.To a man with a hammer, everything looks like a nail”.

10. WHATIS YOURWHATIS YOUR
DEFINITION OFADEFINITION OFA
THREAT?THREAT?

11. TOP10 RISKS 2013TOP10 RISKS 2013
1.1.
2.2.
3.3.
4.4.
5.5.
6.6.
7.7.
8.8.
9.9.
10.10.

12. 10 DATA RANSOMATTACKS10 DATA RANSOMATTACKS
• Originated with Russian Organised Crime
• Now popular with Asian, Latin American & African
hackers
• Starts with a DDoS, drop database servers to default, take
admin access rights, encrypt data, send email ransom , 48
hours to Paypal
• Medical and financial records popular targets
• Malware version rapidly on the rise

13. 9 IPADDRESSEDEQUIPMENT9 IPADDRESSEDEQUIPMENT
• Copiers
• Faxes
• Scanners
• Telephones
• UPS
• Air Conditioning
• Fire alarms
• PABX
• Coffee machines

14. 8 MODEMATTACKS8 MODEMATTACKS
• “Phreaking” still works!
• Every server has a modem port!
• 23% of all external attacks are
traced back to previously
unidentified modems
• For every 1000 lines = average of
50 undetected/unprotected
modems/ports

15. © 2009 Orthus Ltd 15
MODEMS…MODEMS…
1. Bandwidth Manager
2. Exterior Router
3. Bastion Host (Firewall)
4. Interior Router
5. Network Switch
6. Application Servers
7. Network Storage
8. PBX
9. Voicemail
10.Modem Bank
11.RAS Server
12.Authentication Server
13.UPS
14.Air Conditioning
15.Building Access Control
System

16. 7 SOCIALENGINEERING7 SOCIALENGINEERING
Accessing a system through a user
1. Identify the target
2. Conduct your research
3. Develop a rapport & trust
4. Exploit the trust for information
5. Use information to access the system.

17. 6 MALWAREATTACKS6 MALWAREATTACKS
• Can retrieve whatever they are
programmed to find such as:
files, folders, address books, log
on IDs, passwords…
• Can execute whatever functions
it’s programmed to execute:
connections, downloads, off/on,
find folder: encrypt, copy, delete,
save as….
• Only limited to the creativity of
the writer

18. .exe.exe
DELIVEREDAS:DELIVEREDAS:
.exe.exe.exe.exe.exe.exe

19. SPYWARESPYWARE
• Key stroke loggers
• Browser trackers
• Mouse trackers
• eMail address book grabbers
• Password grabbers
• Session hijackers
• OS/application scouts
• Stealth installs
• Desktop hijacks

20. 5 WEBAPPLICATION ATTACKS5 WEBAPPLICATION ATTACKS
Attacks that enable
access to the LAN:
– SQL injection
– Cross site scripting
– Session hi-jacking

21. • Malware
• Stealth installs
• Data interception
• Direct attack
• Call hi-jacking
• VPN hi-jacking
• Session hi-jacking
• Device hi-jacking
4 MOBILEDEVICEATTACKS4 MOBILEDEVICEATTACKS

22. 3 IPTHEFTATTACKS3 IPTHEFTATTACKS
• Government attacks
– China
– France
– Israel
– Singapore
• Commercial attacks
• Insider attacks

23. CRITICAL INFRASTRUCTURECRITICAL INFRASTRUCTURE

24. IPTHEFTIPTHEFT

25. 2 DATA BASEATTACKS2 DATA BASEATTACKS
•AKA: “The Mother Load”
•One stop shopping for your
all your identity theft needs
•These are the big money
hacks…

26. CHATUPLINE#18CHATUPLINE#18
In one week, the average person living in Britain has
3,254 pieces of personal information stored about him
or her in databases.*
*Evening Standard Survey August 2008

27. CHATUPLINE#27CHATUPLINE#27
The average UK citizen is in over 750 databases.*
*UK Information Commissioner's' Report: “What Price Privacy?” 2009

28. HOWMUCH?HOWMUCH?
• Name, address, DOB = £.50
• 16 digit credit card number = £.50
• + Expiry date + £1.00
• + Security code £1.00

29. NUMBER1: YOUNUMBER1: YOU
The overwhelming majority of security
incidents are originated by “insiders”
• IP Theft, Financial Fraud, Procurement
Fraud, Insider Trading, Misuse….
• Unauthorised applications
• Unauthorised output devices
• Unauthorised connections
• Unauthorised behaviour
• Removable media

30. CHATUPLINE#24CHATUPLINE#24
“7 out of 10 persons arrested for cyber crime are
employees of the company prosecuting them”
Federal Bureau of Investigation 2008Federal Bureau of Investigation 2008

31. TOP5 TARGETSTOP5 TARGETS
1. Sales
2. Finance
3. R&D
4. IT
5. C Level

32. TOP 10 RISKS 2013TOP 10 RISKS 2013
1.1. YouYou
2.2. Database TheftDatabase Theft
3.3. IP TheftIP Theft
4.4. Mobile DevicesMobile Devices
5.5. Web ApplicationsWeb Applications
6.6. MalwareMalware
7.7. Social EngineeringSocial Engineering
8.8. ModemsModems
9.9. IP Addressed EquipmentIP Addressed Equipment
10.10. Data RansomData Ransom

33. 26 DoverStreet26 DoverStreet
LondonLondon
United KingdomUnited Kingdom
W1S 4LYW1S 4LY
+44 (0)20 3586 1025+44 (0)20 3586 1025
www.riskfactory.comwww.riskfactory.com
A DIFFERENTPERSPECTIVEA DIFFERENTPERSPECTIVE