Finding

N e e d l e s in

N e e d l e S t a c k sorFuture aspects of Cyber Security

Peter Cochrane cochrane.org.uk

ca-global.biz

COCHRANE a s s o c i a t e s

Thursday, 21 November 13

C y b e r S e c u r i t y

- Attacks are growing and are increasingly sophisticated- We need to up our game & become more anticipatory

There

are no

simple

or sing

ular s

olutio

ns

Thursday, 21 November 13

Finding the

B e n t N e e d l e s or

N e e d l e s a b o u t t o b e n dThe good majority

The evil minority

The potentially evil

Thursday, 21 November 13

C y b e r I N S e c u r i t yWhat we know for sure - There is always a threat

- The threat never sleeps- The threat evolves rapidly

People are by far the biggest risk factor

The perceived threat ⧣ the actual threat

The biggest threat is always on the inside

Security people are never their own customer

The best defenders have been the best attackers

Cracking systems is far more fun than defending them

The biggest threat is in the direction you are not looking

Resources are generally deployed inversely proportional to actual riskThursday, 21 November 13

Breaking intomost companies and institutionsreally isn’t all that difficult!

Thursday, 21 November 13

Thebiggestthreatsare

inside

the

FireWall

Rogue:Equipment NetworksChipsCodePortsPeople

Lax:PeopleVisitorsSecurityOperations

Thursday, 21 November 13

No single solutioncan deal with all forms of attack....

Thursday, 21 November 13

Fire Walls andmalware protection are certainly not enough...

Thursday, 21 November 13

Reproduced Courtesy of Akamai 2013

C y b e r A t t a c k sMajor Country Nodes

Thursday, 21 November 13

Reproduced Courtesy of Akamai 2013

C y b e r A t t a c k sMajor Tra f f i c Po r t s

Thursday, 21 November 13

Financial 34.4%

Payment Services 32.1%

Gaming 14.7%

ISP 9.5%

Other 6.78%

Social Nets 6.0%Retail 5.12%

Auctions 2.07%Government 1.0%

Classifieds 0.3%

P r i m a r y C y b e r T a r g e t s Q4 2012

Thursday, 21 November 13

Data Courtesy of Detica 2011

2004 2005 2006 2007 2008 2009 2009 2011 2012

200

150

100

50

0

$Bn

17Bn 21Bn

100Bn

>200Bn

C y b e r C r i m e > > C Y B E R - S E C U R I T YNot clear which side is spending more on software

The cost of cyber crime

Cyber Defence

expenditure

Thursday, 21 November 13

C y b e r S e c u r i t yImprovements for free ?

What will we benefit from if we don nothing ?

Thursday, 21 November 13

A multi-device, multi-screen,mobile world, of rapidly

renewed and replaced devices,new and updated apps

With built-in security features

automatically updated

Connectingon the

move via wifi, 3G, 4G, LTE,

BlueTooth AnyNetAny

where

BYOD = Fewer corporate constrains and greater variabilitiesBMOB = Be My Own Boss - shorter assignment periods

Increasinglytransientpeople &machinebehaviour

Thursday, 21 November 13

Many networksto attack not just one

3,4,5G,LTE, WiFiWiFi WiMaxBlueTooth ++

Thursday, 21 November 13

Many OS typesto attack not just one

Thursday, 21 November 13

Many applicationsto attack not just one

Thursday, 21 November 13

InterfaceBoardsChips

ConfigFirmware

Huge devicevariance

Thursday, 21 November 13

CircuitryLayout

AntennasAnalogue

DesignFacilities

Huge hardwareand circuitvariance

Thursday, 21 November 13

On Grid

On & Off Grid

Off Grid

Far more variable human and device connection

behaviours

Thursday, 21 November 13

A fast spreading realisation that this really isn’t good enough!

Thursday, 21 November 13

is sufficient

No One

security

technique

The concatenation of multiple low cost methods rapidly

delivers a very high level of protection

HabitsPersonal

LocationsNetworks BiometricsKnowledge++++++++

Thursday, 21 November 13

S O M E T H I N G S Unique to you a loneWhat you:

arewereknowdrove

work onwearownuseeatdo+

Who you: work with

live withmanagementordislike

+++

Why you:like

dislikeprefer

thoughtimaginedmigratedassumed

helpedfailedwon

++

How you:talk

type stand

appearwritewalk

++

Thursday, 21 November 13

But whatabout the cloud ?

Thursday, 21 November 13

çF U T U R E N E T W O R K I N GThe Internet wil l not Scalefunctionally or economically

9Bn People and >> 50Bn Things on line

2013 2025

But Clouds/Cloud working will !

<5Bn People on (and off) line

Thursday, 21 November 13

Thursday, 21 November 13

Data courtesy of Cisco.

R E C E N T H E A D L I N E

Thursday, 21 November 13

Mobile networksbut a minor

player !

Thursday, 21 November 13

ç

More degrees of freedom to exploit that make it all inherently more secure than anything we have seen before

C y b e r S e c u r i t yClouds change everything

Thursday, 21 November 13

Axiom..

1,000,000s

of Clouds

and not 1Thursday, 21 November 13

And they come in many forms

- Corporate- Government- Private- Personal- Long term- Sporadic

- Visible- Invisible- Dynamic- Fixed- Mobile- Wireless- Wired

- Open- Closed- Secure- Insecure- Regular- Unknown- Unquantified- Experimental

Thursday, 21 November 13

ç

Diverse routing and increasingly hidden and disguised data storage in depth

C y b e r S e c u r i t yHidden by multi-hop depth

InvisibleC l o u d

Corporate/Private/Government

C l o u d

P u b l i c/ O p e nC l o u d

InvisibleC l o u d

InvisibleC l o u d

InvisibleC l o u d

Corporate/Private/Government

C l o u d

Thursday, 21 November 13

ç

Every Cloud demands a key and all routings are hidden - data parsed/coded

C y b e r S e c u r i t yIn Cloud Gating/Encryption

Thursday, 21 November 13

T h e B i g g e s t R i s k

Service providers do not guarantee your data!

Thursday, 21 November 13

we need SCAlable

networkSolut ions

Thursday, 21 November 13

This isn’t tenable...

Thursday, 21 November 13

This is...

Thursday, 21 November 13

Smart car...Smart gas...Smart net...

Thursday, 21 November 13

C l o u d s c o n n e c t dynamically, driven by need, location, work, groups and associations...

Thursday, 21 November 13

T H E S e c u r i t y P r o b l e mEven deeper protection required

Thursday, 21 November 13

DETECTIONBUILT INTO

EVERY ELEMENT

OF A DEVICE

Thursday, 21 November 13

On Server

On Device

In Network

In Individual Apps

In Hardware

Thursday, 21 November 13

H o n e y p o t , a n d m a l w a r e t r a p s , distributed across the cloud spectrum

Thursday, 21 November 13

Data decimation and distribution with individual encryption

Thursday, 21 November 13

Dynamic Addressing

url hopping

Thursday, 21 November 13

Ghost Cloud

Ghost Device

Have an alias, be invisible, don’t be what you appear, be there but absent...

Thursday, 21 November 13

Distributed Attacks demand aDistributed Defence

Dynamic Attackers necessitateDynamic Defenders

We can act a lone or we can uniteand a c t toge the r

Thursday, 21 November 13

M O R E C Y B E R - B E N E F I T S Going for free in the default future

Thursday, 21 November 13

Fewer full time people

and less predictablecorporate/network/device/

behavior

Thursday, 21 November 13

People job and location Half Lifegetting shorter

Thursday, 21 November 13

Data Half Lifegetting shorter

and shorter

Mean Time to Destruction

unknown!

Thursday, 21 November 13

The Ace in theHole

Global CooperationDevice, App, Network

Thursday, 21 November 13

Finding Those NeedlesThe sociology and habits of

ApplicationsNetworksMachinesSoftwareMalware

PeopleBugs

++

Thursday, 21 November 13

T H E E N D G A M E

We all own multiple

clouds

Things cooperateinter and extra community to

defeat attacks

AI systems monitoractivities and identify trends to thenanticipate andfend off allattacks

Auto-immune response systems emerge aspart of the overallevolving behaviours

Thursday, 21 November 13

The Art of War by Sun Tzu, 600 BC

“Speed is the essence of war. Take advantage of the enemy's unpreparedness ; t rave l by unexpected routes and strike him where he has taken no precautions”

Thursday, 21 November 13

Thank You

cochrane.org.ukca-global.org

COCHRANE a s s o c i a t e s

Thursday, 21 November 13