eng 1605230057

1. для 16.05.23
2. Profiling hackers
3. #profile
4. "CC is clearly a management problem".
5. We can make a probability statement about an unknown offender by the word he use(behaviour).
6. That's how hackers can be catched(by their digital trace. For example, messages, calls).
7. To open the door, it is enough to convince the person with the key to do it.
8.  
9. "Humans are the weakest link in the cyber security chain"
10. More than 90% of cyber crimes caused by human error.
11. "Amateurs hack systems, professionals hack people" (C) Bruce Scheiner.
12. Category of hackers: "Black hat".
13. It consists of 90% male, 81% is under 30y.o., well educated).
14.  
15. "Black hat" motives:
16. - thrill-seeking
17. - financial gain
18. - espionage
19. - ego
20. - challenge to beat the system
21.  
22. Hacking methods:
23. 1) Misdirection
24. *A trick with egg*
25. "They hack you while telling you that you have been hacked"
26. - Phishing mails, short messages
27. - They don't give you time to think
28. 2) Sympathy principle
29. *history about a girl with flash drive*
30. Many criminals may look like an character of a film.
31. Beautiful appearance doesn't look suspicious.
32. 3) Authority principle
33. *Doctor's Best TV commercial*
34. We are used to trust an authoritative sources.
35. So we can be deceived this way.
36. Hackers use authority names and brands to gain people's trust.
37. For example, delivery companies.
38. "Hackers play with human emotions like a piano."
39.  
40. Ways to protect yourself from hacking:
41.  
42. Companies wrongly think: "It won't hit us", "I don't care", "We are not interesting enough."
43. But "There is only two kinds of companies: company that has ben attacked and that will be attacked."
44. The key to preventing CS attacks is awareness of hacking ways to prevent cybercrime.
45.  
46.  
47.  
48. What hacker's biggest fear?
49. The biggest fear of hackers is being hacked.
50. There are 2 groups of hackers:
51. 1) Crackers(motivated by personal gain, thrill-seeking)
52. 2) Hackers who finds a novel way of doing something
53.  
54. Things needed to became a hacker:
55. - Programming language knowledge
56. - Programming skills
57.  
58. The most dangerous hacking is when physical systems are affected.
59. For example, factory mechanisms could spill liquid metal on humans.
60. TJ Maxx, the data of 45*10^9 bill cards was stolen.(the biggest fin.fraud)
61. "Get off the Internet"
62.  
63.  
64.  
65.  
66. Inside the Mind of a Hacker.
67. Hackers are manupulative, deceitful, exploilative, cynical.
68. They can be devided into 3 groups:
69. 1) White hat - ethical hackers
70. 2) Gray hat - "hacktivists", hack for ideological, political reason
71. 3) Black hat - crackers, motivated by thrill-seeking personal gain.
72.  
73. Motives:
74. 1) White hatters—the good guys—tend to be narcissists
75. 2) Gray hatters oppose authority
76. 3) Black hatters are thrill-seeking
77.  
78. The researchers surveyed 439 college sophomores and juniors to determine their personality traits.
79. They developed a set of scales to determine the three hat categories,
80. as well as a scale to measure each person’s perception of the probability of being caught for violating privacy laws.
81.  
82. Criminal activity gives a choice of consequences and opportunities.
83.  
84. The ways to reduce secutiry breaches by organizations:
85. 1) Multifactor authentification(to prevent unathorized access)
86. 2) Use personality traits to evaluate employees
87.  
88.  
89.  
90.  
91.  
92. We have to reconsider the way we do cybersecurity.
93. Companies needs to shift toward a more reliable approach(Cyber Immunity)
94. Security Network Statistics show that Every 3rd user in META was affected by threats in January-September 2022.
95.  
96. There was company's Cyber Security Weekend(Meta - Middle East, Turkey, Africa).
97. The main topic for discussion was: emerging technologies: IOT, critical industrial, smart cities.
98. All this should be protected from a cybercriminal.
99. The participants also discussed various topics and threats, shared predictions for the next year.
100.  
101. To provide Cyber Imunnity means to make a system that is designed to be difficult to hack.
102.  
103. The largest cyberepidemials occur every 6-7 years.
104. Predictions for 2023:
105. - There will be a mixed physical and cyber intrusions, employing drons.
106. - Malware will more silent and wide spread: extremely hard to spot.
107. - Attacks will affect government sector and key industries.
108. - Mail servers will still be priority targets.
109. - APT(Advanced Persistent Threat) will use satellite technologies
110. (For example, Viasat is a provider of high-speed satellite broadband services and secure networking systems)
111. - There will still be data leaks
112.  
113.  
114.  
115.  
116.  
117.  
118.  
119.  
120.  
121.  
122. What is cyber immunity?
123. Due to the specificies of marketing requirements, IOT devices have to be as cheap as possible.
124. IoT already includes > 12*10^9 devices.
125. Among them not only personal devices, but also industrial, medical, etc.
126. Thus IoT became so vulneerable. It is a problem for companies that want to implement IoT.
127. (more than 57% of organizations are at risk)
128.  
129.  
130. "Everything that can be hacked, will be hacked."
131. To provide Cyber Imunnity means to make a system that is designed to be difficult to hack.
132. So Kaspersky shift the paradigm and concentrate an effort on building systems architecture with Cyber Immunity.
133.  
134. Four principles of Cyber Immunity:
135. 1) Isolation. Virus shouldn't spread between parts.
136. 2) Interaction control. There should be a special action checker.
137. 3) Minimalism. Develop systems smart, not complicated.
138. 4) Security development process. The process should be controlled.
139. Things that should be protected from cyber attacks:
140. - Smart devices
141. - Smart city systems
142. - IoT
143. - Critical infrastructue
144.  
145. Kaspersky Cyber Immune Products:
146. - IoT gateway
147. - thin client(virtual desktop infrostruction)
148. The fewer operations are performed on the client side, the safer the system is.
149.  
150.  
151.  
152.  
153.  
154.  
155.  
156. From CyberSecurity to CyberImmunity.
157. 342000 malware samples is catched every day.
158. Mirai botnet is still alive.
159. Malvare is moving to IoT world.
160. "If the camera is infected, the virus will stay there forever".
161. No updates is a reason for the hack.
162. New cyberworld will be based on the Cyber Immunity.
163.  
164. The cost of attack is always greater than the cost of the damage caused.
165.  
166. System architecture:
167. 1) Standart(old version): It looks like a "house of cards". There is no requarements.
168. 2) New one Micro-lernel Architecture. Applications are little independent parts.
169. There security layer is located between OS and App layers.
170. Every model is under strict control.
171.  
172.  
173.  
174.  
175.  
176.  
177.  
178.  
179.  
180.  
181.  
182.  
183.  
184.  
185.  
186.  
187.  
188.  
189.  
190.  
191.  
192.  
193.  
194.  
195.  
196.  
197.  
198.  
199.  
200.  
201.  
202.  
203.  
204.  
205.  
206.  
207.  
208.  
209.  
210.  
211.  
212.  
213.  
214.  
215.  
216.  
217.  
218.  
219.  
220.  
221.  
222.  
223.  
224.  
225.  
226.  
227.  
228.  
229.  
230.  
231.  
232.  
233.  
234.  
235.  
236.  
237.  
238.  
239.  
240.  
241. для 16.05.23
242. Profiling hackers
243. #profile
244. "Everything we do, we show something of who we are"
245. Hackers always leave digital traces(messages, calls), and personal tracesAnalysis of language is a key element in profiling.
246. Any door is only secure as the person who is holding the key.
247. "Humans are the weaked link in the cyber security chain"
248. > 90% of cyber crimes caused by human error.
249. "Amateurs hack systems, professionals hack people" - Bruce Scheiner.
250. "Black hat" (90% male, 81% is under 30y.o., well educated).
251. Motives:
252. - financial gain
253. - espionage
254. - thrill-seeking(fun)
255. - ego
256. -challenge to beat the system.
257.  
258. #methods
259. 1) Misdirection(trick with egg)
260. They hack you while telling you that you have been hackerd(eliminate your critical thinking).
261. - Phishing mails, short messages
262. - Urgent do now without thinking
263. 2) Sympathy principle(girl with flash drive)
264. Our tendency to trust and to like people(silk road)
265. Many crimes: and spies are veery successful because they don't look like criminals, they unsuspiciout
266. 3) Authority principle
267. We are much more influencable when we consider someone an authority. (Doctor's Best TV commercial)
268. Hackers use authority symbols, logos, brands(FBI, Bank of America) to gain people's trust.
269. Hackers play with human emotions like a piano.
270.  
271. #defence
272. Team "It won't hit us", "I don't care",
273. "We are not interesting enough.
274. There is only two kinds of companies: company that has ben attacked and that will be attacked.
275. The key to defence CS attacks is awareness to prevent cybercrime.
276.  
277.  
278.  
279.  
280. What hacker's biggest fear?
281. Hackers:
282. 1) crackers
283. 2) someone whi finds a novel way of doing something
284. - How to become a hacker?(learn scripting language, develop your skils)
285. - The most dangerous kind of hacker?(that tampers with control system for devices, like elevator)
286. - The biggest fear? (Getting hacked)
287. - The biggest financial fraud?(TJ Maxx, 45 bill cards)
288. - How to avoid an attack? (Get off the Internet)
289.  
290.  
291.  
292.  
293. Inside the Mind of a Hacker.
294. Hackers: manupulative, deceitful, exploilative, cynical.
295. 1) White hat - ethical hackers
296. 2) Gray hat - "hacktivists", hack for ideological reason
297. 3) Black hat - crackers, motivated by personal gain.
298. Motives:
299. 1) Good guys - narcissists
300. 2) Oppose authority
301. 3) Thrill-seeking
302.  
303. The researchers developed
304. - scales to determine 3 categories:
305. - scale to measure perception of the probability of being caught
306.  
307. Criminal activity gives a choice of consequences and opportunities.
308.  
309. How can organizations reduce secutiry breaches:
310. 1) Multifactor authentification(to prevent unathorized access)
311. 2) Use personality traits to evaluate employees
312.  
313.  
314.  
315.  
316.  
317. We have to reconsider the way we do cybersecurity.
318.  
319. Security leaders need to collaborate and rethink the way we do cybersecurity. (company's Cyber Security Weekend - Meta, Jordan).
320. Meta - Middle East, Turkey, Africa.
321.  
322. Special focus: emerging technologies(robotics, IOT, critical industrial - specific threats),
323. They should be addressed thought a secure(Cyber Immunity)
324.  
325. 1) Expands discussed various topics and threats, shared thread predictions for next year.
326.  
327. Cyber Immune products with innate protection.
328. Thread statistics:
329. - Every 3rd user in META was affected by thread 01.09.22
330. - Qatar 39.8%, Bahrain 36.5%, Saudi Arabia 33.3%, UAE 32.9%, Kuwait 32.5%, Egypt 28%, Jordan 28%(online)
331. APT - Advanced Persistent Thread.
332. In 2028 has been increased in the number of sophisticated attacks(Metador targeting telecommunication).
333.  
334.  
335. 2023 predictions:
336. The largest cyber epidemics occur every 6-7 years(Last WannyCry ransomware - word, next in 2023)
337.  
338. Current global tensions greatly increase the chance that Shadow Brokers - style hack-and-leak could take place.
339. - Major shift will be reflected in new types of attack(mixing phhysical and cyber intrusions, employing drons)
340. - Malware - the most wide spread, extremely hard to spot.
341. - Destructive attacks:
342.  * affecting both government sector and key industries
343.  * look like pseudo-ransomware
344. - mail servers become priority targets(store key intellesence)
345. - APT use satellite technologies(Viasat is a provider of high-speed satellite broadband services and secure networking systems)
346. - Hack and leak(hybrid conflit)
347.  
348.  
349.  
350.  
351.  
352.  
353.  
354.  
355.  
356.  
357. What is cyber immunity?
358. Because of specificity of the IOT sphere, products is made as cheap as possible.
359. Cybersecurity risks are the biggest concern for 57% of organizations that are planning to implement IOT.
360.  
361. Antivirus can't have algorithms against all types of attacks. New sophisticated attack appears every day.
362.  
363. Everything that can be hacked, will be hacked.
364.  
365. Therefore, Kaspersky experts concentrate an efford not only on eliminating all known vulnerabilities.
366. They shift the paradigm and concentrate an effort on building systems architecture, so that the use of vulnerabilities becomes very difficult.
367. Attack is just not cost-effective.
368. Four principles of Cyber Immunity:
369. 1) Isolation(one model is infected, others - no)
370. 2) Interaction control(every interaction is checked)
371. 3) Minimalism(as small code as possible)
372. 4) Security development process(life cycle)
373. Design -> development -> testing -> requarements
374.  
375. What could be cyber immune?
376. - IOT
377. - Industrial devices
378. - Smart city systems
379. - Mobile devices
380.  
381. Cyber Immune Products:
382. - IoT gateway
383. - thin client(virtual desktop infrostruction)
384. (The fewer operations are performed on the client side, the safer the system is.)
385.  
386.  
387.  
388. From CyberSecurity to CyberImmunity.
389. 342000 malware samples is catched per day.
390. Mirai botnet is still alive.
391.  
392. Reasons of being infected:
393. - no antivirus
394. - no updates
395.  
396. IoT: house(smart TV, fire alarm systems)
397. city(transport, street lights, cell tower)
398. office(pc)
399.  
400. Kill antivirus -> security revolution
401. Cost of attack > cost of damage(Immunity)
402.  
403. System architecture:
404. 1) Standart(old version): there is no requarements. It looks like a "house of cards".
405. 2) New one Micro-lernel Architecture. Applications cur in little independent pieces.
406. Every model under strict control.
407. There security layer is located between OS and App layers.
408.  
409.  
410.  
411.  
412.