Top 5 Security Threats for 2012
Aarij M Khan Director of Product Marketing HP Enterprise Security
2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice 1
�AGENDA
A Quick Recap of
2011
Major Security Trends
Security Threats for 2012
How To
Stay Secure
�201 The Year In Review 1
Number Of Breaches : 414 Records Compromised : Over 22 Million Lack Of Knowledge About Breaches
Cause Unspecified : 5 out of 10 Exposed Records Unknown : 6 out of 10
* Identity Theft Resource Center
�1. Advanced Persistent Threat
�Advanced Persistent Threats Have a Pattern
Acquire target, sneak in, hop around Get privileged access to critical assets
(Impact takes time)
(Perimeter doesnt help)
Conduct the espionage at length
(Early detection matters)
EMC/RSA SecurID
Epsilon
SK Communications
�What happened in the RSA breach?
5:00 AM 8:30 AM 8:31 AM
Finance person receives a junk email
Opens to see 2012 Recruitment plan with .xls file
Rat program installed utilizing Adobe Flash vulnerability
NEXT DAY / 12:01AM
8:32 AM
NMAP scan of network to collect sensitive information
Poison Ivy malware is initiated
OVER THE NEXT 10 DAYS
11TH DAY / 12:05 AM
12TH DAY
Collect data over a period of time
Split file, encrypt, ftp to good.mincesur.com
RSA is in the headlines
�2. BYOD Mobile Devices
�Mobile Computers A New Frontier
March 201 - BlackBerry 1 Security Breach
RIMM says Turn Off JavaScript
New Mobile Malware
Android Breaches
May Allow data access Jun Google removes 10 apps Dec Record calls, send SMS Dec Access device location
�Popular and Open Deadly Combination
�3. Cloud Environments
�Cloud Services Adoption
�Cloud Services Attacked
Amazon Cloud EC2 Breach
50% users affected by breach Malware spreading across EC2 Financial Malware on EC2
�4. Cyber Warfare
�Politically Motivated Hacker Groups
Anonymous
WikiLeaks Hacks Irish Opposition Website Hacks Church Webcast Hacks NATO Website Hacks Texas Police Chiefs Association Servers Hacks Syrian Ministry Of Defense Website Hacks database of Military Supply Company Hacks bart.gov and steals thousands of passwords
�Previous CyberAttacks
Aug 2011
: Shady RAT attacks IOC, UN and several governments : International Monetary Fund attacked, data stolen : Google China Aurora breach, Data and IP stolen
June 2011 Jan 2010
March 2009 2008
: GhostNet downloads classified documents from government and private servers in over 100 countries : Middle Eastern US Military Facility infiltrated, digital beachhead may have been established in classified Pentagon networks : South Ossetia War Russian, Georgian and Azerbaijan targeted : Estonia comes under cyber attack
2008
April 2007
�5. Corporate Espionage and Insider Threat
�Enabler Consumerization Of IT
More Data Is Stored Digitally
Paper Based Systems Out-of-Date Electronic Processes
Insider Definition Changes
Includes contractors, remotes
Easier To Profit
Organized Crime Growing Black Market
* datalossdb.com
�Insider Information Theft At The Top
Material Information = High Value
Gaining unfair advantage Looking for personal gain
Sources of Risk
Intellectual property theft Financial and Identity data Medical and Personal Health records Point of Sale at retail locations Email addresses
�New Requirements Intelligent Monitoring and Integrated Security
�Cyber crime is increasing
Threat and risks are expanding in frequency and intensity
�And traditional security solutions are falling short!
Technology
Application Scanning Firewall IPS SIEM Anti-X Web
Information
End Point Applications Network Scanners Compliance User IT Operations
Traditional Solutions
Bolted On Architecture-Specific Lacking Automation Limited Context
Bolted On Architecture-Specific Lacking Automation Limited Context
Multiple Technologies
Lots of Information
No Intelligence
�HP has the on ly s ecu r it y in t elligen ce plat for m that gives clients the insight to pr oact iv ely m an age their specific enterprise threats and r is k s .
�HP Security Intelligence Platform
Security Intelligence Platform
Information
Establish complete Visibility across all applications and systems Analyze vulnerabilities in applications and operations to understand risk Respond adaptively to build defenses against the exploitation of vulnerabilities Measure security effectiveness and risk across people, process, and technology to improve over time
Operations
Applications
Security Services
�HP ESP Security Solutions
Universal Log Management Regulatory Compliance Proactive Network Security Insider Threat Intelligence
Advanced Threat Intelligence
Privacy Breach Intelligence
Date Leakage Monitoring
Application Security
�THANK YOU
25
