The Evolution of Cyber Threats and Cyber Threat Intelligence

14
The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC 22 March 2013

Transcript of The Evolution of Cyber Threats and Cyber Threat Intelligence

Page 1: The Evolution of Cyber Threats and Cyber Threat Intelligence

The Evolution of Cyber Threats and

Cyber Threat Intelligence

Greg Rattray CEO, Delta Risk LLC

22 March 2013

Page 2: The Evolution of Cyber Threats and Cyber Threat Intelligence

2

Today’s Talk

Walk though History

What Does it Mean?

Page 3: The Evolution of Cyber Threats and Cyber Threat Intelligence

3

Before the Dawn

Intercept

Orange Book

Espionage as a Constant

Cold War Know Adversaries Signals Intelligence

Cyber Threat Intelligence

Phreaking

Technology

Public Switched Telephone Network

Little in Private Sector

Page 4: The Evolution of Cyber Threats and Cyber Threat Intelligence

4

Light on the Horizon

Info War

Hunting Hackers

Speculation on National Security Impact

First Gulf War

Morris Worm

Computers at Risk

President’s Commission on Critical Infrastructure Protection Networked

Reliance Growing

Web

Technology

Cyber Threat Intelligence

Page 5: The Evolution of Cyber Threats and Cyber Threat Intelligence

5

Early Wake Up Calls

2000 E-Commerce Attacks

Solar Sunrise

EP-3 and Patriotic Hacking

JTF-CND and others

Moonlight Maze

Rise of E-commerce

Cyber Threat Intelligence

Technology

Slammer Nimda

Code Red

Attribution Difficult Rise of CERTs

Page 6: The Evolution of Cyber Threats and Cyber Threat Intelligence

6

The Dark Times 9/11

Afghanistan

Internet Underground

GWOT

Botnets

Byzantine Hades

Global Crossing

Exposures of Espionage

Supply Chain Risks

Little on Adversary Capabilities

\

Iraq

Internet Bubble Bursts Reliance Still Grows

Cyber Threat Intelligence

Page 7: The Evolution of Cyber Threats and Cyber Threat Intelligence

7

A Rude Awakening Advanced Persistent Threats

Ghost Net

Estonia Georgia

Night Dragon Control Systems on Internet

Rise of Private Teams – CERTs; Providers and Collaboratives

Korea

Technology

Cyber Threat Intelligence Start Real Focus

RBN Attribution Progress

Page 8: The Evolution of Cyber Threats and Cyber Threat Intelligence

8

Rising Fear

STUXNET

Shamoon

Flame

DDoS vs. Banks Mobility

Cloud Social Media

APT 1

Dire Estimates; Need Method

Technology

Cyber Threat Intelligence

Info Sharing

Page 9: The Evolution of Cyber Threats and Cyber Threat Intelligence

Improving Enterprise Defense

9

Castle Walls Eroded Enemy Inside Gates

Must Manage Risk > Know Your Attacker

Channel the Attacks

“If you know the enemy and know yourself you need not fear the results of a hundred battles”

Page 10: The Evolution of Cyber Threats and Cyber Threat Intelligence

10

What’s Going Well

• Tactical Knowledge and Attribution

• Information Sharing

• Private Sector Intelligence

• Push to Automation & Professionalization

Page 11: The Evolution of Cyber Threats and Cyber Threat Intelligence

11

What’s Missing

• Analysis of Operational Risk • Understanding Strategic Impact

• Estimative Analysis

Page 12: The Evolution of Cyber Threats and Cyber Threat Intelligence

12

What are the Challenges? •

Avoiding Militarization of Cyberspace

Cyber Risk Management

Growing Full Spectrum Geeks

Page 13: The Evolution of Cyber Threats and Cyber Threat Intelligence

13

What Might Happen

Guerilla Conflict

Eradication of Disease

Waveform Attack

Page 14: The Evolution of Cyber Threats and Cyber Threat Intelligence

14

Parting Shots

Technology Drives Risks Take a Global Perspective

Collaboration

Learning


Defeating Cyber Threats

Defeating Cyber Threats

Cyber Threats

Cyber Threats

Cyber Security in International Law · Threat Types: Threats to cyber security involve threats concerning information modifi-cation or misuse, information destruction, unauthorized

Cyber Security in International Law · Threat Types: Threats to cyber security involve threats concerning information modifi-cation or misuse, information destruction, unauthorized

BUILDING AN ADAPTIVE CYBER STRATEGY · domain, current US cyber strategy has not proven effective. This paper dissects the cyber threat landscape and how advanced threats operate

BUILDING AN ADAPTIVE CYBER STRATEGY · domain, current US cyber strategy has not proven effective. This paper dissects the cyber threat landscape and how advanced threats operate

DEPARTMENT OF D S€¦ · aspects of the cyber threat; these include external threat actors, insider threats, supply chain vulnerabilities, and threats to DoD‘s operational ability.

DEPARTMENT OF D S€¦ · aspects of the cyber threat; these include external threat actors, insider threats, supply chain vulnerabilities, and threats to DoD‘s operational ability.

National Cyber Security Strategy · Cyber Threat Monitoring System which will aid to better respond, monitor and coordinate cyber threats at national level by operating on a 24/7

National Cyber Security Strategy · Cyber Threat Monitoring System which will aid to better respond, monitor and coordinate cyber threats at national level by operating on a 24/7

DEALING WITH TODAY’S ASYMMETRIC THREAT Cyber Threats · 01-03-2011  · against cyber threats.”1 Recently, the administration released its international strategy for cyberspace,

DEALING WITH TODAY’S ASYMMETRIC THREAT Cyber Threats · 01-03-2011  · against cyber threats.”1 Recently, the administration released its international strategy for cyberspace,

CYBER THREAT HUNTING - Industry-Era · Cyber threat hunting is one of the best approaches to investigate potential compromises, detect advanced threats, and improve cyber defenses.

CYBER THREAT HUNTING - Industry-Era · Cyber threat hunting is one of the best approaches to investigate potential compromises, detect advanced threats, and improve cyber defenses.

STOPPING CYBER THREATS YOUR FIELD GUIDE ... - Infosec …€¦ · STOPPING CYBER THREATS YOUR FIELD GUIDE TO THREAT HUNTING YOUR FIELD GUIDE TO THREAT HUNTING STOPPING CYBER THREATS

STOPPING CYBER THREATS YOUR FIELD GUIDE ... - Infosec …€¦ · STOPPING CYBER THREATS YOUR FIELD GUIDE TO THREAT HUNTING YOUR FIELD GUIDE TO THREAT HUNTING STOPPING CYBER THREATS

CYBER THREAT INTELLIGENCE - Microsoft...Cyber threat intelligence supports the following cyber security ... Optiv’s Cyber Threat Intelligence Workshop was developed to advise and

CYBER THREAT INTELLIGENCE - Microsoft...Cyber threat intelligence supports the following cyber security ... Optiv’s Cyber Threat Intelligence Workshop was developed to advise and

Threat digest: Emerging cyber threats in the manufacturing ...

Threat digest: Emerging cyber threats in the manufacturing ...

Cyber, Physical or Insider Threat? - ASIS Europe 2018 · Cyber, Physical or Insider Threat? ... navigating a complex risk landscape? physical threat cyber threat insider threat ...

Cyber, Physical or Insider Threat? - ASIS Europe 2018 · Cyber, Physical or Insider Threat? ... navigating a complex risk landscape? physical threat cyber threat insider threat ...

Understanding Cyber Threats & Cyber Security

Understanding Cyber Threats & Cyber Security

Advanced Cyber Illness Treatmant - IT klinika...Advanced Threat Protec0on Block, isolate and remove the advanced persistent threats Advanced Threat Protec0on Minimize environmental

Advanced Cyber Illness Treatmant - IT klinika...Advanced Threat Protec0on Block, isolate and remove the advanced persistent threats Advanced Threat Protec0on Minimize environmental

The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

The Evolution of Cyber Threats and Cyber Threat Intelligence · The Evolution of Cyber Threats and Cyber Threat Intelligence Greg Rattray CEO, Delta Risk LLC . 22 March 2013 . 2 .

How workplace satisfaction affects insider threat ...€¦ · detecting potentially malicious insider cyber threats and enabling the visualization of threats as they occur. A cyber

How workplace satisfaction affects insider threat ...€¦ · detecting potentially malicious insider cyber threats and enabling the visualization of threats as they occur. A cyber

Optimal Machine Learning Algorithms for Cyber Threat …uksim.info/uksim2018/CD/p32.pdf · naif.otaibi.19@aramco.com Abstract — With the exponential hike in cyber threats, organizations

Optimal Machine Learning Algorithms for Cyber Threat …uksim.info/uksim2018/CD/p32.pdf · [email protected] Abstract — With the exponential hike in cyber threats, organizations

Transforming the U.S. Cyber Threat Partnerships...DRAFT/NIAC Pre-Decisional 2 authorities to achieve cyber mitigations in the private sector and counter extraordinary cyber threats,

Transforming the U.S. Cyber Threat Partnerships...DRAFT/NIAC Pre-Decisional 2 authorities to achieve cyber mitigations in the private sector and counter extraordinary cyber threats,

The cyber threat against Denmark Assessment...1 The cyber threat against Denmark This assessment describes the cyber threats facing Danish public authorities and private companies.

The cyber threat against Denmark Assessment...1 The cyber threat against Denmark This assessment describes the cyber threats facing Danish public authorities and private companies.

Threat Visibility for Cyber Hunters - Kite Distribution · WHITE PAPER Threat Visibility for Cyber Hunters 3 Introduction The challenge of hunting bad actors, insider threats, and

Threat Visibility for Cyber Hunters - Kite Distribution · WHITE PAPER Threat Visibility for Cyber Hunters 3 Introduction The challenge of hunting bad actors, insider threats, and