Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen...
Transcript of Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen...
![Page 1: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/1.jpg)
History repeats! Avoiding a Digital Pearl Harbor
Stephen McCombie PhD CISSP-ISSMP CFE
Senior Practice Manager, Advanced Cyber Defense Asia Pacific & Japan
![Page 2: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/2.jpg)
2 © Copyright 2015 EMC Corporation. All rights reserved.
![Page 3: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/3.jpg)
3 © Copyright 2015 EMC Corporation. All rights reserved.
Pearl Harbor Attack
![Page 4: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/4.jpg)
4 © Copyright 2015 EMC Corporation. All rights reserved.
The Warnings…
![Page 5: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/5.jpg)
5 © Copyright 2015 EMC Corporation. All rights reserved.
Technology
![Page 6: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/6.jpg)
6 © Copyright 2015 EMC Corporation. All rights reserved.
![Page 7: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/7.jpg)
7 © Copyright 2015 EMC Corporation. All rights reserved.
BULLSEYE!!! MALWARE onto Point of Sale
(P.O.S.) systems !!!
AND, Target officials not even aware of the breaches until
contacted by the US DoJ!
Hackers harvested >40 MILLION credit card details
and 70 MILLION customers’ phone
numbers, mail and email addresses.
![Page 8: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/8.jpg)
8 © Copyright 2015 EMC Corporation. All rights reserved.
The Malware Called a “RAM scraping” attack - Collection of
un-encrypted data as it passed through the infected POS machine’s memory.
AVAILABLE FOR SALE on black market for $1,800 - $2,300
Described by McAfee as as “absolutely unsophisticated and uninteresting.”
![Page 9: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/9.jpg)
9 © Copyright 2015 EMC Corporation. All rights reserved.
Target Data Exfiltration (Dell Secureworks)
![Page 10: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/10.jpg)
10 © Copyright 2015 EMC Corporation. All rights reserved.
Source: Bloomberg Business Weekly
![Page 11: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/11.jpg)
11 © Copyright 2015 EMC Corporation. All rights reserved.
Source: Bloomberg Business Weekly
![Page 12: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/12.jpg)
12 © Copyright 2015 EMC Corporation. All rights reserved.
Source: US Senate Committee
![Page 13: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/13.jpg)
13 © Copyright 2015 EMC Corporation. All rights reserved.
![Page 14: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/14.jpg)
14 © Copyright 2015 EMC Corporation. All rights reserved.
![Page 15: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/15.jpg)
15 © Copyright 2015 EMC Corporation. All rights reserved.
Stop History from Repeating……………. • KNOW THY ENEMY
• Investment needs to be STRATEGIC (not just tools)
• Importance of TRAINING - Rules & Regulations within integrated teams
• Formal Information Flow/RESPONSE Plans
• Use of INTELLIGENCE (internal/external)
• Gain VISIBILITY
• EXERCISE regularly
![Page 16: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/16.jpg)
16 © Copyright 2015 EMC Corporation. All rights reserved.
Group Discussion 1
What are the
Security Drivers,
Trends and Predictions
Impacting Australian FSI this year and
beyond?
![Page 17: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/17.jpg)
17 © Copyright 2015 EMC Corporation. All rights reserved.
Group Discussion 2
Detection, Analysis, Prevention and
Response Tactics
![Page 18: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/18.jpg)
18 © Copyright 2015 EMC Corporation. All rights reserved.
RSA Advanced Cyber Defence Services Portfolio
Readiness, Response & Resilience
Cyber & Counter Threat Intelligence
Vulnerability & Risk Management
Strategy & Roadmap
Incident Response
Security Operations Management
ASOC Design & Implementation
![Page 19: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/19.jpg)
19 © Copyright 2015 EMC Corporation. All rights reserved.
FREE WHITEPAPER AVAILABLE
![Page 20: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/20.jpg)
20 © Copyright 2015 EMC Corporation. All rights reserved.
Stephen McCombie Senior Manager,Asia Pacific & Japan Advanced Cyber Defense Practice
Mobile +61 408 206836 | Email [email protected]
General information enquiries: [email protected] Interested in what RSA is saying – Follow RSA on Twitter:@rsaAPJ | LinkedIn with RSA Security APJ
RSA Contact (ACD Assessments/ General Information)
![Page 21: Avoiding a Digital Pearl Harbor - FST · History repeats! Avoiding a Digital Pearl Harbor Stephen McCombie PhD CISSP-ISSMP CFE Senior Practice Manager, Advanced Cyber Defense Asia](https://reader033.fdocuments.net/reader033/viewer/2022042312/5edb2eddd96bc859bd1d6960/html5/thumbnails/21.jpg)
EMC, RSA, the EMC logo and the RSA logo are trademarks of EMC Corporation in the U.S. and other countries.