fsdff

для 16.05.23
Profiling hackers
#profile
Everything we do, we show something of who we are"
Hackers always leave digital traces(messages, calls), and personal tracesAnalysis of language is a key element in profiling.
Any door is only secure as the person who is holding the key.
"Humans are the weaked link in the cyber security chain"
> 90% of cyber crimes caused by human error.
"Amateurs hack systems, professionals hack people" - Bruce Scheiner.
"Black hat" (90% male, 81% is under 30y.o., well educated).
Motives:
- financial gain
- espionage
- thrill-seeking(fun)
- ego
-challenge to beat the system.

#methods
1) Misdirection(trick with egg)
They hack you while telling you that you have been hackerd(eliminate your critical thinking).
- Phishing mails, short messages
- Urgent do now without thinking
2) Sympathy principle(girl with flash drive)
Our tendency to trust and to like people(silk road)
Many crimes: and spies are veery successful because they don't look like criminals, they unsuspiciout
3) Authority principle
We are much more influencable when we consider someone an authority. (Doctor's Best TV commercial)
Hackers use authority symbols, logos, brands(FBI, Bank of America) to gain people's trust.
Hackers play with human emotions like a piano.

#defence
Team "It won't hit us", "I don't care",
"We are not interesting enough.
There is only two kinds of companies: company that has ben attacked and that will be attacked.
The key to defence CS attacks is awareness to prevent cybercrime.


What hacker's biggest fear?
Hackers:
1) crackers
2) someone whi finds a novel way of doing something
- How to become a hacker?(learn scripting language, develop your skils)
- The most dangerous kind of hacker?(that tampers with control system for devices, like elevator)
- The biggest fear? (Getting hacked)
- The biggest financial fraud?(TJ Maxx, 45 bill cards)
- How to avoid an attack? (Get off the Internet)


Inside the Mind of a Hacker.
Hackers: manupulative, deceitful, exploilative, cynical.
1) White hat - ethical hackers
2) Gray hat - "hacktivists", hack for ideological reason
3) Black hat - crackers, motivated by personal gain.
Motives:
1) Good guys - narcissists
2) Oppose authority
3) Thrill-seeking

The researchers developed
- scales to determine 3 categories:
- scale to measure perception of the probability of being caught

Criminal activity gives a choice of consequences and opportunities.

How can organizations reduce secutiry breaches:
1) Multifactor authentification(to prevent unathorized access)
2) Use personality traits to evaluate employees


We have to reconsider the way we do cybersecurity.

Security leaders need to collaborate and rethink the way we do cybersecurity. (company's Cyber Security Weekend - Meta, Jordan).
Meta - Middle East, Turkey, Africa.

Special focus: emerging technologies(robotics, IOT, critical industrial - specific threats),
They should be addressed thought a secure(Cyber Immunity)

1) Expands discussed various topics and threats, shared thread predictions for next year.

Cyber Immune products with innate protection.
Thread statistics:
- Every 3rd user in META was affected by thread 01.09.22
- Qatar 39.8%, Bahrain 36.5%, Saudi Arabia 33.3%, UAE 32.9%, Kuwait 32.5%, Egypt 28%, Jordan 28%(online)
APT - Advanced Persistent Thread.
In 2028 has been increased in the number of sophisticated attacks(Metador targeting telecommunication).


2023 predictions:
The largest cyber epidemics occur every 6-7 years(Last WannyCry ransomware - word, next in 2023)

Current global tensions greatly increase the chance that Shadow Brokers - style hack-and-leak could take place.
- Major shift will be reflected in new types of attack(mixing phhysical and cyber intrusions, employing drons)
- Malware - the most wide spread, extremely hard to spot.
- Destructive attacks:
  * affecting both government sector and key industries
  * look like pseudo-ransomware
- mail servers become priority targets(store key intellesence)
- APT use satellite technologies(Viasat is a provider of high-speed satellite broadband services and secure networking systems)
- Hack and leak(hybrid conflit)


What is cyber immunity?
Because of specificity of the IOT sphere, products is made as cheap as possible.
Cybersecurity risks are the biggest concern for 57% of organizations that are planning to implement IOT.

Antivirus can't have algorithms against all types of attacks. New sophisticated attack appears every day.

Everything that can be hacked, will be hacked.

Therefore, Kaspersky experts concentrate an efford not only on eliminating all known vulnerabilities.
They shift the paradigm and concentrate an effort on building systems architecture, so that the use of vulnerabilities becomes very difficult.
Attack is just not cost-effective.
Four principles of Cyber Immunity:
1) Isolation(one model is infected, others - no)
2) Interaction control(every interaction is checked)
3) Minimalism(as small code as possible)
4) Security development process(life cycle)
Design -> development -> testing -> requarements

What could be cyber immune?
- IOT
- Industrial devices
- Smart city systems
- Mobile devices

Cyber Immune Products:
- IoT gateway
- thin client(virtual desktop infrostruction)
(The fewer operations are performed on the client side, the safer the system is.)


From CyberSecurity to CyberImmunity.
342000 malware samples is catched per day.
Mirai botnet is still alive.

Reasons of being infected:
- no antivirus
- no updates

IoT: house(smart TV, fire alarm systems)
city(transport, street lights, cell tower)
office(pc)

Kill antivirus -> security revolution
Cost of attack > cost of damage(Immunity)

System architecture:
1) Standart(old version): there is no requarements. It looks like a "house of cards".
2) New one Micro-lernel Architecture. Applications cur in little independent pieces.
Every model under strict control.
There security layer is located between OS and App layers.