SlideShare a Scribd company logo

Cyber security threats for 2017

Ramiro Cid
Ramiro Cid

The current presentation is based on different Cyber Security Threats for 2017 published in Internet. All threats are explained at a high level but at the end of this presentation all references URL are present if you want to investigate deeply any threat.

Technology
1 of 30
Download to read offline
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Ramiro Cid | @ramirocid Cyber Security Threats for 2017
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid 2 Index 1. Main Cyber Security Threats during 2017 Slide 5 2. Ransomware Attacks Slide 9 3. Vulnerability exploits on Windows cool down as other platforms heat up Slide 10 4. Hardware and firmware threats an increasing target for sophisticated  attackers Slide 11 5. “Drone Hacking” places threats in the sky Slide 12 6. Mobile threats to include ransomware, RATs, compromised app markets Slide 13 7. IoT malware opens a backdoor into the home Slide 14 8. IoT and DDoS Hacks Slide 15 9. Machine learning accelerates social engineering attacks Slide 16 10. The explosion in fake ads and purchased “likes” erodes trust Slide 17 11. Escalation of ad wars boosts malware delivery Slide 18 12. Hactivists expose privacy issues Slide 19
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid 3 Index 13. Law enforcement takedown operations put a dent in cybercrime Slide 20 14. Typosquatting Slide 21 15. Threat intelligence sharing makes great strides Slide 22 16. Cyber espionage: industry and law enforcement Slide 23 17. Smart Medical Devices and Electronic Medical Records (EMRs) Slide 24 18. Critical Infrastructure cyber attacks Slide 25 19. Cloud computing providers infection Slide 26 20. Connected Cars Slide 27 21. Sources used to expand knowledge Slide 28
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid During 2017 we will suffer a more dangerous Cyber Security storm
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid The current presentation is based on different Cyber Security Threats for 2017 published in Internet as ‘The Next Tier ‐ 8 Security  Predictions for 2017’ of Trend Micro, ‘4 Cyber Security Threats for 2017’ of University of San Diego and ‘5 Cyber Security Threats to  be Aware of in 2017’ of ZoneAlarm and other Cyber Security threats predictions reports. At the end of this presentation all references URL are present if you want to investigate deeply any threat. 1. Main Cyber Security Threats during 2017
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid During 2017 we will suffer ‘old’ threats like ransomware, cyber espionage and ‘hacktivist’ exposing privacy  issues but in addition to known them, our threats list will upgrade so much adding new concepts like  machine learning accelerates social engineering attacks or cloud computing providers infection. The list is a very long, so a big effort (time, money, people) is needed to mitigate all these risks. In the next slide we will see the complete list of main threats during 2017… 1. Main Cyber Security Threats during 2017
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Ransomware Attacks Vulnerability exploits on Windows cool down as other platforms heat up Hardware and firmware threats an increasing target for sophisticated attackers ‘Dronejacking’ places threats in the sky Mobile threats to include ransomware, RATs, compromised app markets IoT malware opens a backdoor into the home IoT and DDoS Hacks Machine learning accelerates social engineering attacks The explosion in fake ads and purchased “likes” erodes trust Escalation of ad wars boosts malware delivery Hacktivists expose privacy issues Law enforcement takedown operations put a dent in cybercrime 1. Main Cyber Security Threats during 2017
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Typosquatting Threat intelligence sharing makes great strides Cyber espionage: industry and law enforcement Smart Medical Devices and Electronic Medical Records (EMRs) Critical Infrastructure cyber attacks Cloud computing providers infection Connected Cars 1. Main Cyber Security Threats during 2017
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Ransomware will be the primary threat, continuing being a very significant threat until the second half of 2017 all over the globe,  but they have only been getting more sophisticated and troublesome over time. Hackers can gain access to your computer encrypt  your files and demand a payment in return for your files back. Ransomware‐as‐a‐service, custom ransomware for sale in dark markets, and creative derivatives from open‐source ransomware  code will keep the security industry busy through the first half of the year How to stay safe?  Be sure to back up your files with a high‐quality back‐up solution to protect your personal information. This is a great precaution to  ensure that your files are safe and accessible to you – for free – no matter what happens. Exercise extreme caution when opening up email attachments or clicking on links sent from emails. Use a VPN to have a secured connection if you’re ever using public wifi and be sure to install antivirus and firewall software and ensure it’s updated. 2. Ransomware Attacks
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Exploiting client‐side software vulnerabilities has become significantly more difficult in recent years, thereby increasing the  development cost of generic and reliable exploits. To successfully penetrate the latest operating systems (for example, a fully patched Microsoft Edge browser running on the 64‐bit  Windows 10 operating system), attackers must often combine several high‐quality vulnerabilities with advanced exploitation  techniques. 3. Vulnerability exploits on Windows cool down as other platforms heat up
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Software, including operating systems and applications, implicitly rely on hardware to operate correctly. Hardware vulnerabilities can  undermine the operation and security of the entire software stack. Exploiting a hardware vulnerability can compromise an entire  system and does not require an exploit of the software stack. Further, systems whose hardware is successfully attacked can be difficult to patch without replacing vulnerable hardware. Finally, none of the systems’ software‐based security mechanisms and  protections can be relied upon because they assume the hardware has not been compromised. How to stay safe?  There are mitigating factors, though. Hardware is less exposed to attacks than software stacks, and attacking hardware almost always  involves exploiting some sort of hardware logic vulnerability rather than the many software vulnerabilities commonly found in software stacks. Hardware’s reduced attack surface raises the complexity of attacks. As a result, we see very few vulnerabilities in  hardware and incidents in which hardware is either targeted or successfully exploited by attackers. Similarly, common malware almost never targets hardware. 4. Hardware and firmware threats an increasing target for sophisticated attackers
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Drones continue to become more and more mainstream. What started as a fun toy for kids and a slightly expensive hobby for  enthusiasts has really taken off, if you’ll forgive the pun.  Drones are well on the way to becoming a major tool for shippers, law enforcement agencies, photographers, farmers, the news  media, and more. It is hard to deny that drones have become a lot more valuable to many types of businesses and government  agencies.  Recently, we saw an example of a drone outfitted with a full hacking suite that would allow it to land on the roof of a home, business, or critical infrastructure facility and attempt to hack into the local wireless network. 5. “Drone Hacking” places threats in the sky
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid In 2017, we expect that mobile ransomware will continue to grow but the focus of mobile malware authors will change. Because  mobile devices are usually backed up to the cloud, the success of direct ransom payments to unlock devices is often limited.  Because of that, mobile malware authors will combine mobile device locks with other forms of attack such as credential theft. For  example, we have observed this year how families such as Android/Svpeng, identified by the security industry as mobile  ransomware, are now mutating to target banking credentials, looking to steal money from victims’ accounts.  Specialist believe in 2017 banking Trojans will reappear and they will come from ransomware authors. This malware will combine  mobile device locks and other ransomware features with traditional man‐in‐the‐middle attacks to steal primary and secondary  authentication factors, allowing attackers to access banks accounts and credit cards. Malicious applications. The applications that allow to buy keep your banking data and are susceptible to be hacked. Video game. Many of them allow online billing and payment and are possible targets for hackers to intercept the user's bank details. 6. Mobile threats to include ransomware, RATs, compromised app markets
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Consumer electronics continues to grow at a rapid pace. One area in particular is the consumer element of the Internet of Things,  which is expected to hit roughly 1.8 billion devices by 2019. Known colloquially as “smart home” or “connected home,” this market  includes a number of well established brands and products, as well as a huge field of smaller companies looking to reak into the  scene. Internet abduction of things (cars, refrigerators, televisions,...). A ransomware virus can block, for example, a security camera and  hackers can request a rescue to unlock it. 7. IoT malware opens a backdoor into the home
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid As more devices are becoming internet enabled and accessible, the security measures meant to protect these devices aren’t  keeping up. The Internet of Things is meant to bring household devices together to communicate with us and each other. By  default, these devices are open and available to the internet and are protected with default passwords. Hackers are increasing their  attention to new ways of leveraging IoT devices for malicious purposes. These devices bring a vulnerability to the network they are  connected to, making it easy for hackers to take advantage of them. IoT devices are utilized for Distributed Denial of Service (DDoS) to flood a targeted website by an overwhelming amount of requests from millions of connected machines. Smart devices use open public ports so that they can be accessible away from home. Hackers  establish a large database of these open ports to form a botnet, a large amount of exploitable ports they can infect with malware.  Then, these devices are used to transmit small amounts of data to aid in a DDoS attack. 8. IoT and DDoS Hacks
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid With an ever‐increasing footprint in education, business, and research, the availability of machine learning toolkits, documentation,  and tutorials has exploded in recent years.  In as little as an hour, an individual can be training complex models on large datasets on a distributed architecture. In 2016, we have  seen enthusiasts and professional data scientists teach machines how to write.  Shakespearean sonnets, compose music, paint like Picasso, and defeat professional Go player Lee Sedol. The learning period has  become shorter, and accessibility for everyone, including cybercriminals, has never been better.  Security is an arms race, and cybercriminals are fine‐tuning their methods with the help of machine learning. 9. Machine learning accelerates social engineering attacks
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Every Internet user is bombarded with information for making decisions: what to click, what to read, and where to spend.  These choices fuel a multibillion dollar online economy and, with that much money on the line, unscrupulous actors are constantly  looking for ways to take advantage of others.  Reputation is key for many decision makers to feel confident about their choices; this is the trust that some people seek to exploit. 10. The explosion in fake ads and purchased “likes” erodes trust
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Security researchers spend a lot of time in dangerous Internet territory, filled with cracked websites and drive‐by malware  downloads. To navigate this territory in relative safety, we use security add‐ons for browsers that disable active content, read raw site content  code, fetch bits piecemeal using different servers, and use virtual machines that get reloaded to avoid local computer infections.  These precautions can turn “browsing the Internet” into a much more difficult process. 11. Escalation of ad wars boosts malware delivery
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Over the years, the amount of data collected about users has increased exponentially.  This aggregated data has helped us improve our health, get where we want to go faster when we search, find long‐lost friends,  have a better performing home electronics system, and even stay protected while we go online. 12. Hacktivists expose privacy issues
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Some notable recent successes of law enforcement and its allies taking down malicious sites or actors.  What is a takedown operation? It is a series of coordinated actions in which law enforcement agencies, together with other parties  (usually security vendors), shut down a cybercriminal operation. In the best case, it includes arrests, but in all cases the takedown  disrupts or seizes the infrastructure used by cybercriminals.  A takedown operation is the result of many months, or in some cases years of investigations. 13. Law enforcement takedown operations put a dent in cybercrime
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Nearing the end of 2016, a lot of fake news articles making their way around Internet, inspiring a new way for hackers to distribute  malware and attempt to steal your information.  Cyber criminals are now making fake websites that are intended to look exactly like the real one, by securing URLs that have a slight  type from their legitimate counterparts.  After you type in the URL, the website is designed to look exactly like the original, so you wouldn’t even think you made an error  inputting the web address. They do this in the hopes that you would input your credentials, believing that you’re providing this information to a site that you can  trust. In some cases, these websites distribute malware while also being a phishing scam, hoping to steal your personal and financial  information. 14. Typosquatting
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Sharing threat intelligence shifts the balance of power away from the adversaries and back to us, the defenders.  It disrupts the lifecycle of an attack and proves more costly to the bad actors as they shift their resources and techniques onto new  tactics. If sharing threat intelligence is so valuable, then why isn’t there more cooperation? Historically, there have been three key barriers to sharing threat intelligence: 1) Unintentionally sharing private customer information. 2) Losing a competitive advantage. 3) Public awareness that an organization has been attacked. 15. Threat intelligence sharing makes great strides
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Normally the targeted entities are in the government sector or, in some cases, individuals or members of a political party. The modus operandi for these cases starts with the actors setting up a host domain infrastructure that will serve either as a control  server or deliver a payload. Next is the spear‐phishing attack, in which the target receives weaponized email. From there, attackers use an arsenal of tools, ranging from credential editors, pass-the-hash attacks, or custom scripts. In most cases, a backdoor remote access Trojan maintains a foothold in the network. Less skilled actor groups use commercial off-the-shelf RATs such as PlugX and modify the basic settings to serve their campaigns. 16. Cyber espionage: industry and law enforcement
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid The healthcare industry is going through a major evolution as patient medical records go online and medical professionals realize  the benefits of advancements in smart medical devices.  However, as the healthcare industry adapts to its digital revolution, there are a number of concerns around privacy, safety and  cyber security threats. Health Gadgets. According to ESET(*), 39% of healthcare companies do not know how to protect themselves. This situation allows hackers to obtain confidential data about patients. (*) ASET is an IT security company headquartered in Bratislava, Slovakia founded in 1992  17. Smart Medical Devices and Electronic Medical Records (EMRs)
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Critical infrastructures. Public administration, financial system, power plants and nuclear industry have little protection systems and  are clear objectives of hackers. What is the actual status of Critical Infrastructure? ‐> Growing and growing. “New” concepts like Smart Cities are more and more real and increase the big size and scope of Critical Infrastructure (which is too big without adding it) if we think as we mentioned before on electricity generation, transmission and distribution, gas production, water supply, telecommunication, heating, financial services, public health, etc. 18. Critical Infrastructure cyber attacks
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Infecting a cloud computing provider with a virus affects all clients who have their data there, which are potential victims of hackers  so a big scope and impact on this type of attacks.  Enterprises are no longer sitting on their hands, wondering if they should risk migrating applications and data to the cloud. They're  doing it but security remains a serious concern. The shared, on‐demand nature of cloud computing introduces the possibility of new security breaches that can erase any gains made  by the switch to cloud technology. Cloud services by nature enable users to bypass organization‐wide security policies and set up their own accounts in the service of  shadow IT projects. New controls must be put in place. 19. Cloud computing providers infection
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid There's a "massive future security problem just around the corner," and it can't be fixed by trying to bolt on security during the  implementation phase. Complexity was called "the worst enemy of security" as a connected car could have "approximately 100 million lines of code,"  compared to 8 million for an F‐35 fighter jet. There has been a dramatic increase in Electronic Computing Units, with some high‐end  vehicles currently having about 100 ECUs. There has also been a rise in the diversity of in‐vehicle systems which provide both luxury  and critical features. This complexity has been exposed to wireless networks through the development of wireless communication  interfaces. These interfaces are a double‐edged sword by connecting the vehicle to the Internet of Things, they have led to  dramatically extended functionality, but they have opened up the traditionally closed vehicular system, making vehicles a more  accessible and more attractive target to adversaries. Connectivity was called a "double‐edged sword" since adding cars to the Internet of Things will continue to make vehicles "a more  accessible and more attractive target to adversaries“. Content. Theft of personal information, leading to identity theft, is an attractive goal for cyber‐criminals. Personal data is increasingly  available in car networks as the cars themselves are more sophisticated, and smartphones and other devices are connected to them. 20. Connected Cars
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid  2017 Security Predictions – The Threats Are Real | Secplicity URL: https://www.secplicity.org/2016/12/19/2017‐security‐predictions‐threats‐real/  Experts predict 2017's biggest cybersecurity threats | Dan Patterson (TechRepublic) URL: http://www.techrepublic.com/article/experts‐predict‐2017s‐biggest‐cybersecurity‐threats/  4 Cyber Security Threats for 2017 | University of San Diego URL: https://onlinedegrees.sandiego.edu/4‐cyber‐security‐threats‐2017/  5 Cyber Security Threats to be Aware of in 2017 | ZoneAlarm URL: http://www.zonealarm.com/blog/2016/12/cyber‐security‐threats‐2017/  Report examines the massive future cybersecurity problem of connected cars | NETWORKWORLD URL: http://www.networkworld.com/article/3031092/security/report‐examines‐the‐massive‐future‐cybersecurity‐problem‐of‐connected‐cars.html 21. Sources used to expand knowledge
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid  Cyber Security in the Connected Vehicle Report 2016 | TU‐Automotive URL: http://www.tu‐auto.com/cybersecurity‐report/  The Next Tier ‐ 8 Security Predictions for 2017 | Trend Micro URL: http://www.trendmicro.com/vinfo/us/security/research‐and‐analysis/predictions/2017  2017 Cybersecurity Predictions: New Norms Expected in Threat Landscape | Ryan Olson (Palo Alto Networks) URL: http://researchcenter.paloaltonetworks.com/2016/11/2017‐cybersecurity‐predictions‐new‐norms‐expected‐threat‐landscape/  2017 Threats Predictions | McAfee Labs  URL: http://www.mcafee.com/us/resources/reports/rp‐threats‐predictions‐2017.pdf  The dirty dozen: 12 cloud security threats| Fahmida Y. Rashid (InfoWorld) URL: http://www.infoworld.com/article/3041078/security/the‐dirty‐dozen‐12‐cloud‐security‐threats.html 21. Sources used to expand knowledge
ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Questions? Many thanks ! Ramiro Cid CISM, CGEIT, ISO 27001 LA, ISO 22301 LA, ITIL ramiro@ramirocid.com @ramirocid http://www.linkedin.com/in/ramirocid http://ramirocid.com http://es.slideshare.net/ramirocid http://www.youtube.com/user/cidramiro

Recommended

Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeMuhammad Osama Khalid
 
Cyber Security 03
Cyber Security 03Cyber Security 03
Cyber Security 03Home
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeHarendra Singh
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindSaurabh Kheni
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 

Recommended

Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeMuhammad Osama Khalid
 
Cyber Security 03
Cyber Security 03Cyber Security 03
Cyber Security 03Home
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeHarendra Singh
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindSaurabh Kheni
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
Cyber security
Cyber security Cyber security
Cyber security Sachith Lekamge
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingGanesh Vadulekar
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
Cybercrime
CybercrimeCybercrime
CybercrimeVansh Verma
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeMuhammad Irfan
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber securityAvani Patel
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentationRajat Jain
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
Cyber threats
Cyber threatsCyber threats
Cyber threatskelsports
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Cyber Security Presentation
Cyber Security PresentationCyber Security Presentation
Cyber Security PresentationHaniyaMaha
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & securitypinkutinku26
 
Hacking
HackingHacking
HackingSitwat Rao
 
Cybercrime the emerging threat
Cybercrime the emerging threatCybercrime the emerging threat
Cybercrime the emerging threatANKUR BAROT
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Cyber security
Cyber securityCyber security
Cyber securityShivaani srinivas iyer
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeyazad dumasia
 
Cyber security
Cyber securityCyber security
Cyber securitySiblu28
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

More Related Content

What's hot

Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber securityAvani Patel
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentationRajat Jain
 
Cyber threats
Cyber threatsCyber threats
Cyber threatskelsports
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Cyber Security Presentation
Cyber Security PresentationCyber Security Presentation
Cyber Security PresentationHaniyaMaha
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & securitypinkutinku26
 
Cybercrime the emerging threat
Cybercrime the emerging threatCybercrime the emerging threat
Cybercrime the emerging threatANKUR BAROT
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 

What's hot (20)

Cyber security
Cyber security Cyber security
Cyber security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber security
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentation
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber threats
Cyber threatsCyber threats
Cyber threats
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
Cyber Security Presentation
Cyber Security PresentationCyber Security Presentation
Cyber Security Presentation
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
 
Hacking
HackingHacking
Hacking
 
Cybercrime the emerging threat
Cybercrime the emerging threatCybercrime the emerging threat
Cybercrime the emerging threat
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 

Viewers also liked

Cyber security
Cyber securityCyber security
Cyber securitySiblu28
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 ChallengesLeandro Bennaton
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentationBijay Bhandari
 

Viewers also liked (7)

Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 
Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptx
 
אבטחת מידע לעובדים בארגון
אבטחת מידע לעובדים בארגוןאבטחת מידע לעובדים בארגון
אבטחת מידע לעובדים בארגון
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 

Similar to Cyber security threats for 2017

Qrator Labs annual report 2017
Qrator Labs annual report 2017Qrator Labs annual report 2017
Qrator Labs annual report 2017Qrator Labs
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018malvvv
 
Cybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connectionCybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connectionESET Middle East
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Reportcheinyeanlim
 
Security News Bytes March 2020
Security News Bytes March 2020Security News Bytes March 2020
Security News Bytes March 2020Hiren Sadhwani
 
Ransomware Review 2017
Ransomware Review 2017Ransomware Review 2017
Ransomware Review 2017Dryden Geary
 
Panda labs annual report 2012
Panda labs annual report 2012Panda labs annual report 2012
Panda labs annual report 2012Itex Solutions
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldInfinigate Group
 
Malware detection techniques for mobile devices
Malware detection techniques for mobile devicesMalware detection techniques for mobile devices
Malware detection techniques for mobile devicesijmnct
 
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESMALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESijmnct
 
Internet security threat report 2013
Internet security threat report 2013Internet security threat report 2013
Internet security threat report 2013Karim Shaikh
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
 
M86 security predictions 2011
M86 security predictions 2011M86 security predictions 2011
M86 security predictions 2011subramanian K
 

Similar to Cyber security threats for 2017 (20)

Qrator Labs annual report 2017
Qrator Labs annual report 2017Qrator Labs annual report 2017
Qrator Labs annual report 2017
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-history
 
Threat report 2015_v1
Threat report 2015_v1Threat report 2015_v1
Threat report 2015_v1
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018
 
Cybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connectionCybersecurity Trends 2018: The costs of connection
Cybersecurity Trends 2018: The costs of connection
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Report
 
News Bytes
News BytesNews Bytes
News Bytes
 
Security News Bytes March 2020
Security News Bytes March 2020Security News Bytes March 2020
Security News Bytes March 2020
 
Ransomware Review 2017
Ransomware Review 2017Ransomware Review 2017
Ransomware Review 2017
 
Panda labs annual report 2012
Panda labs annual report 2012Panda labs annual report 2012
Panda labs annual report 2012
 
Panda labs annual-report-2012
Panda labs annual-report-2012Panda labs annual-report-2012
Panda labs annual-report-2012
 
B istr main-report_v18_2012_21291018.en-us
B istr main-report_v18_2012_21291018.en-usB istr main-report_v18_2012_21291018.en-us
B istr main-report_v18_2012_21291018.en-us
 
BLURRING BOUNDARIES
BLURRING BOUNDARIESBLURRING BOUNDARIES
BLURRING BOUNDARIES
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
 
Malware detection techniques for mobile devices
Malware detection techniques for mobile devicesMalware detection techniques for mobile devices
Malware detection techniques for mobile devices
 
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESMALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
 
Internet security threat report 2013
Internet security threat report 2013Internet security threat report 2013
Internet security threat report 2013
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
 
M86 security predictions 2011
M86 security predictions 2011M86 security predictions 2011
M86 security predictions 2011
 

More from Ramiro Cid

Seminario sobre ciberseguridad
Seminario sobre ciberseguridadSeminario sobre ciberseguridad
Seminario sobre ciberseguridadRamiro Cid
 
Captación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagenCaptación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagenRamiro Cid
 
Passwords for sale
Passwords for salePasswords for sale
Passwords for saleRamiro Cid
 
¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?Ramiro Cid
 
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?Ramiro Cid
 
Lean Six Sigma methodology
Lean Six Sigma methodologyLean Six Sigma methodology
Lean Six Sigma methodologyRamiro Cid
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500Ramiro Cid
 
Cyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk AggregationCyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk AggregationRamiro Cid
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection RegulationRamiro Cid
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Thinking on risk analysis
Thinking on risk analysisThinking on risk analysis
Thinking on risk analysisRamiro Cid
 
Drones and their use on critical infrastructure
Drones and their use on critical infrastructureDrones and their use on critical infrastructure
Drones and their use on critical infrastructureRamiro Cid
 
Internet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacyInternet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacyRamiro Cid
 
Space computing
Space computingSpace computing
Space computingRamiro Cid
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...Ramiro Cid
 
Internet of things
Internet of thingsInternet of things
Internet of thingsRamiro Cid
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Risk optimization management inside it governance
Risk optimization management inside it governanceRisk optimization management inside it governance
Risk optimization management inside it governanceRamiro Cid
 

More from Ramiro Cid (20)

Seminario sobre ciberseguridad
Seminario sobre ciberseguridadSeminario sobre ciberseguridad
Seminario sobre ciberseguridad
 
Captación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagenCaptación y registro de comunicaciones orales y de imagen
Captación y registro de comunicaciones orales y de imagen
 
Passwords for sale
Passwords for salePasswords for sale
Passwords for sale
 
¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?¿Cuáles son los peligros a los que se enfrenta su sistema informático?
¿Cuáles son los peligros a los que se enfrenta su sistema informático?
 
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
Cloud Computing, IoT, BYOD Ha muerto el perímetro corporativo. ¿y ahora qué?
 
Lean Six Sigma methodology
Lean Six Sigma methodologyLean Six Sigma methodology
Lean Six Sigma methodology
 
IT Governance & ISO 38500
IT Governance & ISO 38500IT Governance & ISO 38500
IT Governance & ISO 38500
 
Cyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk AggregationCyber Security Resilience & Risk Aggregation
Cyber Security Resilience & Risk Aggregation
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection Regulation
 
Payment fraud
Payment fraudPayment fraud
Payment fraud
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacks
 
Thinking on risk analysis
Thinking on risk analysisThinking on risk analysis
Thinking on risk analysis
 
Drones and their use on critical infrastructure
Drones and their use on critical infrastructureDrones and their use on critical infrastructure
Drones and their use on critical infrastructure
 
Internet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacyInternet of things, big data & mobility vs privacy
Internet of things, big data & mobility vs privacy
 
Space computing
Space computingSpace computing
Space computing
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Risk optimization management inside it governance
Risk optimization management inside it governanceRisk optimization management inside it governance
Risk optimization management inside it governance
 

Recently uploaded

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 

Recently uploaded (20)

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 

Cyber security threats for 2017

  • 1. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Ramiro Cid | @ramirocid Cyber Security Threats for 2017
  • 2. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid 2 Index 1. Main Cyber Security Threats during 2017 Slide 5 2. Ransomware Attacks Slide 9 3. Vulnerability exploits on Windows cool down as other platforms heat up Slide 10 4. Hardware and firmware threats an increasing target for sophisticated  attackers Slide 11 5. “Drone Hacking” places threats in the sky Slide 12 6. Mobile threats to include ransomware, RATs, compromised app markets Slide 13 7. IoT malware opens a backdoor into the home Slide 14 8. IoT and DDoS Hacks Slide 15 9. Machine learning accelerates social engineering attacks Slide 16 10. The explosion in fake ads and purchased “likes” erodes trust Slide 17 11. Escalation of ad wars boosts malware delivery Slide 18 12. Hactivists expose privacy issues Slide 19
  • 3. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid 3 Index 13. Law enforcement takedown operations put a dent in cybercrime Slide 20 14. Typosquatting Slide 21 15. Threat intelligence sharing makes great strides Slide 22 16. Cyber espionage: industry and law enforcement Slide 23 17. Smart Medical Devices and Electronic Medical Records (EMRs) Slide 24 18. Critical Infrastructure cyber attacks Slide 25 19. Cloud computing providers infection Slide 26 20. Connected Cars Slide 27 21. Sources used to expand knowledge Slide 28
  • 4. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid During 2017 we will suffer a more dangerous Cyber Security storm
  • 5. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid The current presentation is based on different Cyber Security Threats for 2017 published in Internet as ‘The Next Tier ‐ 8 Security  Predictions for 2017’ of Trend Micro, ‘4 Cyber Security Threats for 2017’ of University of San Diego and ‘5 Cyber Security Threats to  be Aware of in 2017’ of ZoneAlarm and other Cyber Security threats predictions reports. At the end of this presentation all references URL are present if you want to investigate deeply any threat. 1. Main Cyber Security Threats during 2017
  • 6. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid During 2017 we will suffer ‘old’ threats like ransomware, cyber espionage and ‘hacktivist’ exposing privacy  issues but in addition to known them, our threats list will upgrade so much adding new concepts like  machine learning accelerates social engineering attacks or cloud computing providers infection. The list is a very long, so a big effort (time, money, people) is needed to mitigate all these risks. In the next slide we will see the complete list of main threats during 2017… 1. Main Cyber Security Threats during 2017
  • 7. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Ransomware Attacks Vulnerability exploits on Windows cool down as other platforms heat up Hardware and firmware threats an increasing target for sophisticated attackers ‘Dronejacking’ places threats in the sky Mobile threats to include ransomware, RATs, compromised app markets IoT malware opens a backdoor into the home IoT and DDoS Hacks Machine learning accelerates social engineering attacks The explosion in fake ads and purchased “likes” erodes trust Escalation of ad wars boosts malware delivery Hacktivists expose privacy issues Law enforcement takedown operations put a dent in cybercrime 1. Main Cyber Security Threats during 2017
  • 8. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Typosquatting Threat intelligence sharing makes great strides Cyber espionage: industry and law enforcement Smart Medical Devices and Electronic Medical Records (EMRs) Critical Infrastructure cyber attacks Cloud computing providers infection Connected Cars 1. Main Cyber Security Threats during 2017
  • 9. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Ransomware will be the primary threat, continuing being a very significant threat until the second half of 2017 all over the globe,  but they have only been getting more sophisticated and troublesome over time. Hackers can gain access to your computer encrypt  your files and demand a payment in return for your files back. Ransomware‐as‐a‐service, custom ransomware for sale in dark markets, and creative derivatives from open‐source ransomware  code will keep the security industry busy through the first half of the year How to stay safe?  Be sure to back up your files with a high‐quality back‐up solution to protect your personal information. This is a great precaution to  ensure that your files are safe and accessible to you – for free – no matter what happens. Exercise extreme caution when opening up email attachments or clicking on links sent from emails. Use a VPN to have a secured connection if you’re ever using public wifi and be sure to install antivirus and firewall software and ensure it’s updated. 2. Ransomware Attacks
  • 10. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Exploiting client‐side software vulnerabilities has become significantly more difficult in recent years, thereby increasing the  development cost of generic and reliable exploits. To successfully penetrate the latest operating systems (for example, a fully patched Microsoft Edge browser running on the 64‐bit  Windows 10 operating system), attackers must often combine several high‐quality vulnerabilities with advanced exploitation  techniques. 3. Vulnerability exploits on Windows cool down as other platforms heat up
  • 11. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Software, including operating systems and applications, implicitly rely on hardware to operate correctly. Hardware vulnerabilities can  undermine the operation and security of the entire software stack. Exploiting a hardware vulnerability can compromise an entire  system and does not require an exploit of the software stack. Further, systems whose hardware is successfully attacked can be difficult to patch without replacing vulnerable hardware. Finally, none of the systems’ software‐based security mechanisms and  protections can be relied upon because they assume the hardware has not been compromised. How to stay safe?  There are mitigating factors, though. Hardware is less exposed to attacks than software stacks, and attacking hardware almost always  involves exploiting some sort of hardware logic vulnerability rather than the many software vulnerabilities commonly found in software stacks. Hardware’s reduced attack surface raises the complexity of attacks. As a result, we see very few vulnerabilities in  hardware and incidents in which hardware is either targeted or successfully exploited by attackers. Similarly, common malware almost never targets hardware. 4. Hardware and firmware threats an increasing target for sophisticated attackers
  • 12. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Drones continue to become more and more mainstream. What started as a fun toy for kids and a slightly expensive hobby for  enthusiasts has really taken off, if you’ll forgive the pun.  Drones are well on the way to becoming a major tool for shippers, law enforcement agencies, photographers, farmers, the news  media, and more. It is hard to deny that drones have become a lot more valuable to many types of businesses and government  agencies.  Recently, we saw an example of a drone outfitted with a full hacking suite that would allow it to land on the roof of a home, business, or critical infrastructure facility and attempt to hack into the local wireless network. 5. “Drone Hacking” places threats in the sky
  • 13. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid In 2017, we expect that mobile ransomware will continue to grow but the focus of mobile malware authors will change. Because  mobile devices are usually backed up to the cloud, the success of direct ransom payments to unlock devices is often limited.  Because of that, mobile malware authors will combine mobile device locks with other forms of attack such as credential theft. For  example, we have observed this year how families such as Android/Svpeng, identified by the security industry as mobile  ransomware, are now mutating to target banking credentials, looking to steal money from victims’ accounts.  Specialist believe in 2017 banking Trojans will reappear and they will come from ransomware authors. This malware will combine  mobile device locks and other ransomware features with traditional man‐in‐the‐middle attacks to steal primary and secondary  authentication factors, allowing attackers to access banks accounts and credit cards. Malicious applications. The applications that allow to buy keep your banking data and are susceptible to be hacked. Video game. Many of them allow online billing and payment and are possible targets for hackers to intercept the user's bank details. 6. Mobile threats to include ransomware, RATs, compromised app markets
  • 14. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Consumer electronics continues to grow at a rapid pace. One area in particular is the consumer element of the Internet of Things,  which is expected to hit roughly 1.8 billion devices by 2019. Known colloquially as “smart home” or “connected home,” this market  includes a number of well established brands and products, as well as a huge field of smaller companies looking to reak into the  scene. Internet abduction of things (cars, refrigerators, televisions,...). A ransomware virus can block, for example, a security camera and  hackers can request a rescue to unlock it. 7. IoT malware opens a backdoor into the home
  • 15. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid As more devices are becoming internet enabled and accessible, the security measures meant to protect these devices aren’t  keeping up. The Internet of Things is meant to bring household devices together to communicate with us and each other. By  default, these devices are open and available to the internet and are protected with default passwords. Hackers are increasing their  attention to new ways of leveraging IoT devices for malicious purposes. These devices bring a vulnerability to the network they are  connected to, making it easy for hackers to take advantage of them. IoT devices are utilized for Distributed Denial of Service (DDoS) to flood a targeted website by an overwhelming amount of requests from millions of connected machines. Smart devices use open public ports so that they can be accessible away from home. Hackers  establish a large database of these open ports to form a botnet, a large amount of exploitable ports they can infect with malware.  Then, these devices are used to transmit small amounts of data to aid in a DDoS attack. 8. IoT and DDoS Hacks
  • 16. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid With an ever‐increasing footprint in education, business, and research, the availability of machine learning toolkits, documentation,  and tutorials has exploded in recent years.  In as little as an hour, an individual can be training complex models on large datasets on a distributed architecture. In 2016, we have  seen enthusiasts and professional data scientists teach machines how to write.  Shakespearean sonnets, compose music, paint like Picasso, and defeat professional Go player Lee Sedol. The learning period has  become shorter, and accessibility for everyone, including cybercriminals, has never been better.  Security is an arms race, and cybercriminals are fine‐tuning their methods with the help of machine learning. 9. Machine learning accelerates social engineering attacks
  • 17. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Every Internet user is bombarded with information for making decisions: what to click, what to read, and where to spend.  These choices fuel a multibillion dollar online economy and, with that much money on the line, unscrupulous actors are constantly  looking for ways to take advantage of others.  Reputation is key for many decision makers to feel confident about their choices; this is the trust that some people seek to exploit. 10. The explosion in fake ads and purchased “likes” erodes trust
  • 18. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Security researchers spend a lot of time in dangerous Internet territory, filled with cracked websites and drive‐by malware  downloads. To navigate this territory in relative safety, we use security add‐ons for browsers that disable active content, read raw site content  code, fetch bits piecemeal using different servers, and use virtual machines that get reloaded to avoid local computer infections.  These precautions can turn “browsing the Internet” into a much more difficult process. 11. Escalation of ad wars boosts malware delivery
  • 19. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Over the years, the amount of data collected about users has increased exponentially.  This aggregated data has helped us improve our health, get where we want to go faster when we search, find long‐lost friends,  have a better performing home electronics system, and even stay protected while we go online. 12. Hacktivists expose privacy issues
  • 20. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Some notable recent successes of law enforcement and its allies taking down malicious sites or actors.  What is a takedown operation? It is a series of coordinated actions in which law enforcement agencies, together with other parties  (usually security vendors), shut down a cybercriminal operation. In the best case, it includes arrests, but in all cases the takedown  disrupts or seizes the infrastructure used by cybercriminals.  A takedown operation is the result of many months, or in some cases years of investigations. 13. Law enforcement takedown operations put a dent in cybercrime
  • 21. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Nearing the end of 2016, a lot of fake news articles making their way around Internet, inspiring a new way for hackers to distribute  malware and attempt to steal your information.  Cyber criminals are now making fake websites that are intended to look exactly like the real one, by securing URLs that have a slight  type from their legitimate counterparts.  After you type in the URL, the website is designed to look exactly like the original, so you wouldn’t even think you made an error  inputting the web address. They do this in the hopes that you would input your credentials, believing that you’re providing this information to a site that you can  trust. In some cases, these websites distribute malware while also being a phishing scam, hoping to steal your personal and financial  information. 14. Typosquatting
  • 22. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Sharing threat intelligence shifts the balance of power away from the adversaries and back to us, the defenders.  It disrupts the lifecycle of an attack and proves more costly to the bad actors as they shift their resources and techniques onto new  tactics. If sharing threat intelligence is so valuable, then why isn’t there more cooperation? Historically, there have been three key barriers to sharing threat intelligence: 1) Unintentionally sharing private customer information. 2) Losing a competitive advantage. 3) Public awareness that an organization has been attacked. 15. Threat intelligence sharing makes great strides
  • 23. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Normally the targeted entities are in the government sector or, in some cases, individuals or members of a political party. The modus operandi for these cases starts with the actors setting up a host domain infrastructure that will serve either as a control  server or deliver a payload. Next is the spear‐phishing attack, in which the target receives weaponized email. From there, attackers use an arsenal of tools, ranging from credential editors, pass-the-hash attacks, or custom scripts. In most cases, a backdoor remote access Trojan maintains a foothold in the network. Less skilled actor groups use commercial off-the-shelf RATs such as PlugX and modify the basic settings to serve their campaigns. 16. Cyber espionage: industry and law enforcement
  • 24. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid The healthcare industry is going through a major evolution as patient medical records go online and medical professionals realize  the benefits of advancements in smart medical devices.  However, as the healthcare industry adapts to its digital revolution, there are a number of concerns around privacy, safety and  cyber security threats. Health Gadgets. According to ESET(*), 39% of healthcare companies do not know how to protect themselves. This situation allows hackers to obtain confidential data about patients. (*) ASET is an IT security company headquartered in Bratislava, Slovakia founded in 1992  17. Smart Medical Devices and Electronic Medical Records (EMRs)
  • 25. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Critical infrastructures. Public administration, financial system, power plants and nuclear industry have little protection systems and  are clear objectives of hackers. What is the actual status of Critical Infrastructure? ‐> Growing and growing. “New” concepts like Smart Cities are more and more real and increase the big size and scope of Critical Infrastructure (which is too big without adding it) if we think as we mentioned before on electricity generation, transmission and distribution, gas production, water supply, telecommunication, heating, financial services, public health, etc. 18. Critical Infrastructure cyber attacks
  • 26. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Infecting a cloud computing provider with a virus affects all clients who have their data there, which are potential victims of hackers  so a big scope and impact on this type of attacks.  Enterprises are no longer sitting on their hands, wondering if they should risk migrating applications and data to the cloud. They're  doing it but security remains a serious concern. The shared, on‐demand nature of cloud computing introduces the possibility of new security breaches that can erase any gains made  by the switch to cloud technology. Cloud services by nature enable users to bypass organization‐wide security policies and set up their own accounts in the service of  shadow IT projects. New controls must be put in place. 19. Cloud computing providers infection
  • 27. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid There's a "massive future security problem just around the corner," and it can't be fixed by trying to bolt on security during the  implementation phase. Complexity was called "the worst enemy of security" as a connected car could have "approximately 100 million lines of code,"  compared to 8 million for an F‐35 fighter jet. There has been a dramatic increase in Electronic Computing Units, with some high‐end  vehicles currently having about 100 ECUs. There has also been a rise in the diversity of in‐vehicle systems which provide both luxury  and critical features. This complexity has been exposed to wireless networks through the development of wireless communication  interfaces. These interfaces are a double‐edged sword by connecting the vehicle to the Internet of Things, they have led to  dramatically extended functionality, but they have opened up the traditionally closed vehicular system, making vehicles a more  accessible and more attractive target to adversaries. Connectivity was called a "double‐edged sword" since adding cars to the Internet of Things will continue to make vehicles "a more  accessible and more attractive target to adversaries“. Content. Theft of personal information, leading to identity theft, is an attractive goal for cyber‐criminals. Personal data is increasingly  available in car networks as the cars themselves are more sophisticated, and smartphones and other devices are connected to them. 20. Connected Cars
  • 28. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid  2017 Security Predictions – The Threats Are Real | Secplicity URL: https://www.secplicity.org/2016/12/19/2017‐security‐predictions‐threats‐real/  Experts predict 2017's biggest cybersecurity threats | Dan Patterson (TechRepublic) URL: http://www.techrepublic.com/article/experts‐predict‐2017s‐biggest‐cybersecurity‐threats/  4 Cyber Security Threats for 2017 | University of San Diego URL: https://onlinedegrees.sandiego.edu/4‐cyber‐security‐threats‐2017/  5 Cyber Security Threats to be Aware of in 2017 | ZoneAlarm URL: http://www.zonealarm.com/blog/2016/12/cyber‐security‐threats‐2017/  Report examines the massive future cybersecurity problem of connected cars | NETWORKWORLD URL: http://www.networkworld.com/article/3031092/security/report‐examines‐the‐massive‐future‐cybersecurity‐problem‐of‐connected‐cars.html 21. Sources used to expand knowledge
  • 29. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid  Cyber Security in the Connected Vehicle Report 2016 | TU‐Automotive URL: http://www.tu‐auto.com/cybersecurity‐report/  The Next Tier ‐ 8 Security Predictions for 2017 | Trend Micro URL: http://www.trendmicro.com/vinfo/us/security/research‐and‐analysis/predictions/2017  2017 Cybersecurity Predictions: New Norms Expected in Threat Landscape | Ryan Olson (Palo Alto Networks) URL: http://researchcenter.paloaltonetworks.com/2016/11/2017‐cybersecurity‐predictions‐new‐norms‐expected‐threat‐landscape/  2017 Threats Predictions | McAfee Labs  URL: http://www.mcafee.com/us/resources/reports/rp‐threats‐predictions‐2017.pdf  The dirty dozen: 12 cloud security threats| Fahmida Y. Rashid (InfoWorld) URL: http://www.infoworld.com/article/3041078/security/the‐dirty‐dozen‐12‐cloud‐security‐threats.html 21. Sources used to expand knowledge
  • 30. ramirocid.com ramiro@ramirocid.com Twitter: @ramirocid Questions? Many thanks ! Ramiro Cid CISM, CGEIT, ISO 27001 LA, ISO 22301 LA, ITIL ramiro@ramirocid.com @ramirocid http://www.linkedin.com/in/ramirocid http://ramirocid.com http://es.slideshare.net/ramirocid http://www.youtube.com/user/cidramiro