ECI: Anatomy of a Cyber Investigation Who Are the Actors Title 1 Who is Doing it? 70% of breaches involved External agents 48% of breaches involved Internal agents 11% of breaches involved Partner agents
Any breach can involve multiple individuals E.g. An employee of a subcontractors steals Credit Card numbers and delivers the Credit Card Numbers to an external 3rd party Title 2 Who is Doing it? External Agents (70% breaches, 98% of lost data) 24% Organized Criminal Group
21% Unaffiliated Person(s) 3%External Systems or Sites 5%Others (Former Employee, Partner, Competitor, Customer) 45% Unknown Title 3 Who is Doing it? Internal Agents (48% of Breaches, 3% of records) Demographics (90% Deliberate )
51% 12% Regular Employees / end user Finance / Accounting 12% System Admin 7%Upper management 8%Other ( Help desk, Software Dev, Auditor) 9%
Unknown Title 4 Who is Doing it? Partner Agent (11% of Breaches, 1% of records) 3rd party hijack Partner, Deliberate act of Partner Organization that outsource their IT management and support also outsource a
great deal of trust to these partners. poor governance, lax security, and too much trust is often the rule Verizon Data Breach Investigation Report (p. 19) Title 5 How Are They Doing it? Title
6 How did insiders do it? Inter-connected factors and events 48% of breaches included Misuse of privilege 40% of breaches were by Hackers 38% of breaches used of Malware 28% of breaches used Social Engineering 15% of breaches were Physical attacks A single attack can may combine multiple vulnerabilities. Title
7 How did Outsiders do it? Hackers methods Web Applications 54% Remote Access 34% Backdoors 23% Network file sharing 4% Others (physical access, Wireless Network, unk) Title
8 Top 5 Methods of Attack Webpage Access Un / Improperly Secured Access Trusted network connections Trojans / Malware / Spyware Employee Malfeasance Title 9
Top 5 Methods of Attack Web Pages Unsecured web pages access SQL Injection Improperly designed website Oops - errors Title
10 Top 5 Methods of Attack Un / Improperly Secured Access Abandoned / Unguarded computers. Computers with too many connections Brute Force Backdoors Title 11
Top 5 Methods of Attack Trusted network connections Sub contractor / Sister company or agency Title 12 Top 5 Methods of Attack Trojans / Malware / Spyware E-mail of a Trojan Social Engineering
Telephone Contact Email Contact Internet contact (Chat, IM, etc) Customized Malware (Largest attacks) Back doors Title 13 Top 5 Methods of Attack Employee Malfeasance
Abuse of system access Use of un-approved hardware / device Rogue networks Improperly handled data Title 14 Timelines facts How long To Compromise Data Most took days to months
31% took only Minutes Time to Discovery Most took weeks or months 5% took minutes Time to Containment Most took days to weeks *some even months Title 15 Some thoughts 98% came from servers (duh) 85% an not very difficult
61% Discovered by a 3rd party 86% had evidence in log files about attack Title 16
46) (Loan) John borrows 1500 and wishes to pay it back with equal annual payments at the end of each of the next ten years. If i = 17% determine the size of annual payment (Mortgage) Jacinta takes out 50,000...
UNSWide Timetabling An Overview for Academic Staff Objective To provide staff with an understanding of the background and context for University-wide timetabling Provide staff with an understanding of how the changes may impact them and their academic unit To provide...
Portal: offers a personalized, single point of access through a Web browser to critical business information located inside and outside an organization. These portals are also known as enterprise portals, information portals, and enterprise information portals.
Auditory imagery is the language of sound- auditory images trigger our experiences with sound. Olfactory, gustatory, and tactile imagery refers to smell, taste, and touch- in addition to sight and sound, you will find images from the other senses.
A Digital Project… Society for Florida Archivists (5/2012) Nemmers and Sullivan. The project is temporary but may lead to ongoing activities. A project has a definite beginning and an ending date. It is temporary; the project ends once the objectives...
The Children's Commissioner for England, Anne Longfield OBE, visited County Durham in September 2017 and presented the Children and Families Partnership with a Gold Award in recognition of its outstanding work during the 2016 Takeover Challenge.
Ready to download the document? Go ahead and hit continue!