SlideShare a Scribd company logo

Cybercrime and Cyber Threats - CBLA - Eric Vanderburg

Download as PPTX, PDF
Eric Vanderburg
Eric Vanderburg

Cybercrime and cyber threats: A glimpse of cybersecurity's opponent. Presented by Eric Vanderburg and the CBLA on October 25, 2017.

Technology
1 of 28
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Cybercrime and cyber threats A glimpse of cybersecurity’s opponent ERIC VANDERBURG VICE PRESIDENT, CYBERSECURITY Cleveland Business Leaders Association October 25, 2017
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. About Us TCDI founded in 1988 Microsoft Certified Partner since 2003 Services include: ◦ Digital forensics ◦ Cybersecurity ◦ eDiscovery Minority owned enterprise
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Over 40 certifications Published author Licensed private investigator Expert witness and thought leader 18 years in cybersecurity Specializations include: Risk management Governance and compliance Security strategy ERIC VANDERBURG VICE PRESIDENT, CYBERSECURITY
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Cyber threats and the criminals behind them Techniques Growth Factors Organization Regions
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Techniques
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Tier1: Entry-level techniques ◦Advance-Fee Fraud ◦Stranded Traveler Fraud ◦Romance Fraud ◦Ransomware
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Tier 2: Moderate techniques ◦Business Email Compromise ◦ Emails masquerading as an email from an executive ◦Tax Fraud ◦ Fake tax returns ◦ False IRS demands ◦Botherding ◦ Deploying and managing bots
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Tier 3: Advanced techniques ◦Advanced Persistent Threats ◦ Lengthy undetected access ◦ Long-term strategy ◦ Slowly acquire access to elements of the attack plan. ◦Advanced Ransomware Threats ◦ Removes backups over a long period ◦ Destroys vital data when backups no longer exist. ◦ Victims have no choice but to pay
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Growth Factors
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Human Resources ◦Tech-savvy unemployment or underemployment ◦ Over 200 million currently unemployed* ◦ Prototypical case: Russian tech industry in the 1990s ◦ Similar cases in many other countries since then ◦New college graduates with limited career prospects ◦ College graduates are more likely to turn to cybercrime in developing countries. *United Nations International Labour Organization (ILO) 2017 Study
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Anonymity Tor Bulletproof Hosting Services Encrypted communications Crypto currency and mixing services Decentralized messaging
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Enabling Technologies ◦Botnets ◦RaaS ◦Keyloggers ◦Crypters ◦Email extractors ◦Social engineering toolkits
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Deep Web Markets Credentials PII Tool kits Lease services
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Organization
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Lower barriers to entry Easy access to powerful tools Bitcoin makes complex money laundering schemes unnecessary Tools and techniques to maintain anonymity are prevalent The market is large enough that competition is not a big issue
©2017 Technology Concepts & Design, Inc. All Rights Reserved. Organized Crime Born out of existing organized crime units Function like corporations Access to vast resources Local connections and robust money laundering capabilities Effectively combine cybercrime with traditional crime
©2017 Technology Concepts & Design, Inc. All Rights Reserved. Disorganized Crime Small, agile groups Members may operate as independent contractors Some form from real life relationships May excel at specific types of attacks or scams Mentor new recruits
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Tactical roles Hackers • perform attacks • exploit network vulnerabilities • Exploit weaknesses in systems and apps Fraudsters • Phish • Execute con games to defraud victims Distributors • Spread ransomware, malware, and bots
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Support roles Programmers • Write malicious code • Develop exploits Operations • Maintain criminal systems and communication protocols • Store data • Host code Traders • List stolen items and goods on black markets • Purchase goods and services • Maintain relationships with upstream and downstream providers Recruiters • Identify and evaluate potential criminals • Recruit money mules
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Leadership ◦Direct cybercrime groups ◦Ensure that members are compensated ◦Ensure necessary resources are available ◦Maintain order ◦Sanction members who do not obey the rules ◦Make hiring decisions ◦Terminate team members
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Regions
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Incident response phases Russia China Eastern Europe West Africa United States
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Russia ◦Unspoken partnership between cybercrime syndicates and the Russian security services cy-ops ◦Russian hackers must not target Russian businesses or government entities ◦Many consider Russian hackers the most sophisticated in the world ◦Many groups developed after the fall of the Soviet Union ◦Mature underground markets and resources
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. China ◦Cybercrime falls into a legal grey area with many believing it is ok ◦Motivations to acquire intellectual property ◦Many money laundering and significant amount of bank fraud ◦Theft of online gaming accounts is the second largest target
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Eastern Europe ◦Frequently team up with groups outside the EU to complicate law enforcement efforts ◦Many underground marketplaces for stolen goods and hacking tools ◦Robust malware development ◦Popular attacks include bitcoin theft and theft of personal information for sale on the black market
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. West Africa ◦Many small groups or individuals who know each other in real life or grew up together ◦Popular career path for those with AIDS who have limited life expectancy ◦Predominantly use phishing based scams ◦Authorities rarely respond to cybercrime reports
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. United States ◦Highly skilled attackers performing long-term attacks or developing malicious code ◦US residents are often recruited as money mules to launder money from attacks on US companies and citizens ◦Easy access to underground markets
© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Questions? @evanderburg 216-664-1100

Recommended

Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?PECB
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 

Recommended

Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?
Ethical Hacking vs Penetration Testing vs Cybersecurity: Know the Difference?PECB
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationWilliam McBorrough
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...PECB
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyFidelis Cybersecurity
 
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceShah Sheikh
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...Judith Beckhard Cardoso
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - CybersecurityAbhilashYadav14
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportCamilo do Carmo Pinto
 
You can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainYou can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainFidelis Cybersecurity
 
Cyber security
Cyber securityCyber security
Cyber securityVaibhav Jain
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsForcepoint LLC
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedIBM Security
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryWilliam McBorrough
 
Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011) Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011) PwC France
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessOmar Khawaja
 
An Inside-Out Approach to Security in Financial Services
An Inside-Out Approach to Security in Financial ServicesAn Inside-Out Approach to Security in Financial Services
An Inside-Out Approach to Security in Financial ServicesForcepoint LLC
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Mukesh Chinta
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017R-Style Lab
 

More Related Content

What's hot

MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationWilliam McBorrough
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...PECB
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyFidelis Cybersecurity
 
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceShah Sheikh
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...Judith Beckhard Cardoso
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - CybersecurityAbhilashYadav14
 
You can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainYou can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainFidelis Cybersecurity
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsForcepoint LLC
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedIBM Security
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryWilliam McBorrough
 
Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011) Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011) PwC France
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessOmar Khawaja
 
An Inside-Out Approach to Security in Financial Services
An Inside-Out Approach to Security in Financial ServicesAn Inside-Out Approach to Security in Financial Services
An Inside-Out Approach to Security in Financial ServicesForcepoint LLC
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Mukesh Chinta
 

What's hot (20)

MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
 
Critical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You BuyCritical Capabilities for MDR Services - What to Know Before You Buy
Critical Capabilities for MDR Services - What to Know Before You Buy
 
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?
 
A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...A holistic approach to risk management 20210210 w acfe france & cyber rea...
A holistic approach to risk management 20210210 w acfe france & cyber rea...
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - Cybersecurity
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReport
 
You can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chainYou can't detect what you can't see illuminating the entire kill chain
You can't detect what you can't see illuminating the entire kill chain
 
Cyber security
Cyber securityCyber security
Cyber security
 
Addressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider ThreatsAddressing Future Risks and Legal Challenges of Insider Threats
Addressing Future Risks and Legal Challenges of Insider Threats
 
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
Symantec Webinar Part 3 of 6 How to Tackle Data Protection Risk in Time for G...
 
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR ReadinessSymantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
Symantec Webinar Part 1 of 6 The Four Stages of GDPR Readiness
 
The CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the UnexpectedThe CISO in 2020: Prepare for the Unexpected
The CISO in 2020: Prepare for the Unexpected
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial Industry
 
Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011) Etude sur le marché de la cyber sécurité (2011)
Etude sur le marché de la cyber sécurité (2011)
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
Smarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with LessSmarter Security - A Practical Guide to Doing More with Less
Smarter Security - A Practical Guide to Doing More with Less
 
An Inside-Out Approach to Security in Financial Services
An Inside-Out Approach to Security in Financial ServicesAn Inside-Out Approach to Security in Financial Services
An Inside-Out Approach to Security in Financial Services
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3
 

Similar to Cybercrime and Cyber Threats - CBLA - Eric Vanderburg

Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017R-Style Lab
 
Threats that Matter - Murray State University 2017
Threats that Matter - Murray State University 2017Threats that Matter - Murray State University 2017
Threats that Matter - Murray State University 2017chrissanders88
 
Should i study cyber security
Should i study cyber securityShould i study cyber security
Should i study cyber securityVishal Singh
 
A world of connected object Designed to Serve Us
A world of connected object Designed to Serve UsA world of connected object Designed to Serve Us
A world of connected object Designed to Serve UsPhilip Andreae
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020CBIZ, Inc.
 
Making Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramMaking Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramCA Technologies
 
Protecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsProtecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsZeshan Sattar
 
Connected Car: Putting Digital Identity Behind the Wheel
Connected Car: Putting Digital Identity Behind the WheelConnected Car: Putting Digital Identity Behind the Wheel
Connected Car: Putting Digital Identity Behind the WheelForgeRock
 
What are the top Cybersecurity priorities for state and local governments in ...
What are the top Cybersecurity priorities for state and local governments in ...What are the top Cybersecurity priorities for state and local governments in ...
What are the top Cybersecurity priorities for state and local governments in ...PECB
 
Cisco Connect 2018 Singapore - Changing the Security Equation
Cisco Connect 2018 Singapore - Changing the Security EquationCisco Connect 2018 Singapore - Changing the Security Equation
Cisco Connect 2018 Singapore - Changing the Security EquationNetworkCollaborators
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
#Blockchain - ISG Digital Business Summit 2017 - AP Manders
#Blockchain - ISG Digital Business Summit 2017 - AP Manders#Blockchain - ISG Digital Business Summit 2017 - AP Manders
#Blockchain - ISG Digital Business Summit 2017 - AP MandersAlex Manders
 
Cloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard SlideCloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard Slideacinfotec
 
David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18Pro Mrkt
 
Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017PaladionNetworks01
 
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...NetworkCollaborators
 

Similar to Cybercrime and Cyber Threats - CBLA - Eric Vanderburg (20)

Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017
 
Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...
 
Cyber security
Cyber securityCyber security
Cyber security
 
Threats that Matter - Murray State University 2017
Threats that Matter - Murray State University 2017Threats that Matter - Murray State University 2017
Threats that Matter - Murray State University 2017
 
Should i study cyber security
Should i study cyber securityShould i study cyber security
Should i study cyber security
 
A world of connected object Designed to Serve Us
A world of connected object Designed to Serve UsA world of connected object Designed to Serve Us
A world of connected object Designed to Serve Us
 
Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020Commercial Real Estate - Cyber Risk 2020
Commercial Real Estate - Cyber Risk 2020
 
Making Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramMaking Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security Program
 
Protecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil ThingsProtecting your Organisation from the Internet of Evil Things
Protecting your Organisation from the Internet of Evil Things
 
Connected Car: Putting Digital Identity Behind the Wheel
Connected Car: Putting Digital Identity Behind the WheelConnected Car: Putting Digital Identity Behind the Wheel
Connected Car: Putting Digital Identity Behind the Wheel
 
What are the top Cybersecurity priorities for state and local governments in ...
What are the top Cybersecurity priorities for state and local governments in ...What are the top Cybersecurity priorities for state and local governments in ...
What are the top Cybersecurity priorities for state and local governments in ...
 
Cisco Connect 2018 Singapore - Changing the Security Equation
Cisco Connect 2018 Singapore - Changing the Security EquationCisco Connect 2018 Singapore - Changing the Security Equation
Cisco Connect 2018 Singapore - Changing the Security Equation
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Australian Payments Network - Digital Identity
Australian Payments Network - Digital Identity Australian Payments Network - Digital Identity
Australian Payments Network - Digital Identity
 
#Blockchain - ISG Digital Business Summit 2017 - AP Manders
#Blockchain - ISG Digital Business Summit 2017 - AP Manders#Blockchain - ISG Digital Business Summit 2017 - AP Manders
#Blockchain - ISG Digital Business Summit 2017 - AP Manders
 
Cloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard SlideCloud Security & Privacy Standard Slide
Cloud Security & Privacy Standard Slide
 
David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18David Tweedale - The Evolving Threat Landscape #midscybersecurity18
David Tweedale - The Evolving Threat Landscape #midscybersecurity18
 
Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017Strategies to Combat New, Innovative Cyber Threats - 2017
Strategies to Combat New, Innovative Cyber Threats - 2017
 
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
 

More from Eric Vanderburg

Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology managementEric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technologyEric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challengesEric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: RoboticsEric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercisesEric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgEric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgEric Vanderburg
 
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...Eric Vanderburg
 
Untangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security AwarenessUntangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security AwarenessEric Vanderburg
 
Physical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric VanderburgPhysical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric VanderburgEric Vanderburg
 
Security Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOVSecurity Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOVEric Vanderburg
 
A Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric VanderburgA Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric VanderburgEric Vanderburg
 
Server Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOVServer Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOVEric Vanderburg
 

More from Eric Vanderburg (20)

Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
Preventing Fraud from Top to Bottom - Vanderburg, Gaddamanugu - Information S...
 
Untangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security AwarenessUntangled Conference - November 8, 2014 - Security Awareness
Untangled Conference - November 8, 2014 - Security Awareness
 
Physical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric VanderburgPhysical security primer - JURINNOV - Eric Vanderburg
Physical security primer - JURINNOV - Eric Vanderburg
 
Security Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOVSecurity Governance Primer - Eric Vanderburg - JURINNOV
Security Governance Primer - Eric Vanderburg - JURINNOV
 
A Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric VanderburgA Guide to Secure Remote Access - Eric Vanderburg
A Guide to Secure Remote Access - Eric Vanderburg
 
Server Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOVServer Hardening Primer - Eric Vanderburg - JURINNOV
Server Hardening Primer - Eric Vanderburg - JURINNOV
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 

Recently uploaded (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 

Cybercrime and Cyber Threats - CBLA - Eric Vanderburg

  • 1. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Cybercrime and cyber threats A glimpse of cybersecurity’s opponent ERIC VANDERBURG VICE PRESIDENT, CYBERSECURITY Cleveland Business Leaders Association October 25, 2017
  • 2. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. About Us TCDI founded in 1988 Microsoft Certified Partner since 2003 Services include: ◦ Digital forensics ◦ Cybersecurity ◦ eDiscovery Minority owned enterprise
  • 3. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Over 40 certifications Published author Licensed private investigator Expert witness and thought leader 18 years in cybersecurity Specializations include: Risk management Governance and compliance Security strategy ERIC VANDERBURG VICE PRESIDENT, CYBERSECURITY
  • 4. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Cyber threats and the criminals behind them Techniques Growth Factors Organization Regions
  • 5. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Techniques
  • 6. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Tier1: Entry-level techniques ◦Advance-Fee Fraud ◦Stranded Traveler Fraud ◦Romance Fraud ◦Ransomware
  • 7. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Tier 2: Moderate techniques ◦Business Email Compromise ◦ Emails masquerading as an email from an executive ◦Tax Fraud ◦ Fake tax returns ◦ False IRS demands ◦Botherding ◦ Deploying and managing bots
  • 8. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Tier 3: Advanced techniques ◦Advanced Persistent Threats ◦ Lengthy undetected access ◦ Long-term strategy ◦ Slowly acquire access to elements of the attack plan. ◦Advanced Ransomware Threats ◦ Removes backups over a long period ◦ Destroys vital data when backups no longer exist. ◦ Victims have no choice but to pay
  • 9. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Growth Factors
  • 10. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Human Resources ◦Tech-savvy unemployment or underemployment ◦ Over 200 million currently unemployed* ◦ Prototypical case: Russian tech industry in the 1990s ◦ Similar cases in many other countries since then ◦New college graduates with limited career prospects ◦ College graduates are more likely to turn to cybercrime in developing countries. *United Nations International Labour Organization (ILO) 2017 Study
  • 11. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Anonymity Tor Bulletproof Hosting Services Encrypted communications Crypto currency and mixing services Decentralized messaging
  • 12. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Enabling Technologies ◦Botnets ◦RaaS ◦Keyloggers ◦Crypters ◦Email extractors ◦Social engineering toolkits
  • 13. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Deep Web Markets Credentials PII Tool kits Lease services
  • 14. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Organization
  • 15. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Lower barriers to entry Easy access to powerful tools Bitcoin makes complex money laundering schemes unnecessary Tools and techniques to maintain anonymity are prevalent The market is large enough that competition is not a big issue
  • 16. ©2017 Technology Concepts & Design, Inc. All Rights Reserved. Organized Crime Born out of existing organized crime units Function like corporations Access to vast resources Local connections and robust money laundering capabilities Effectively combine cybercrime with traditional crime
  • 17. ©2017 Technology Concepts & Design, Inc. All Rights Reserved. Disorganized Crime Small, agile groups Members may operate as independent contractors Some form from real life relationships May excel at specific types of attacks or scams Mentor new recruits
  • 18. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Tactical roles Hackers • perform attacks • exploit network vulnerabilities • Exploit weaknesses in systems and apps Fraudsters • Phish • Execute con games to defraud victims Distributors • Spread ransomware, malware, and bots
  • 19. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Support roles Programmers • Write malicious code • Develop exploits Operations • Maintain criminal systems and communication protocols • Store data • Host code Traders • List stolen items and goods on black markets • Purchase goods and services • Maintain relationships with upstream and downstream providers Recruiters • Identify and evaluate potential criminals • Recruit money mules
  • 20. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Leadership ◦Direct cybercrime groups ◦Ensure that members are compensated ◦Ensure necessary resources are available ◦Maintain order ◦Sanction members who do not obey the rules ◦Make hiring decisions ◦Terminate team members
  • 21. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Regions
  • 22. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Incident response phases Russia China Eastern Europe West Africa United States
  • 23. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Russia ◦Unspoken partnership between cybercrime syndicates and the Russian security services cy-ops ◦Russian hackers must not target Russian businesses or government entities ◦Many consider Russian hackers the most sophisticated in the world ◦Many groups developed after the fall of the Soviet Union ◦Mature underground markets and resources
  • 24. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. China ◦Cybercrime falls into a legal grey area with many believing it is ok ◦Motivations to acquire intellectual property ◦Many money laundering and significant amount of bank fraud ◦Theft of online gaming accounts is the second largest target
  • 25. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Eastern Europe ◦Frequently team up with groups outside the EU to complicate law enforcement efforts ◦Many underground marketplaces for stolen goods and hacking tools ◦Robust malware development ◦Popular attacks include bitcoin theft and theft of personal information for sale on the black market
  • 26. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. West Africa ◦Many small groups or individuals who know each other in real life or grew up together ◦Popular career path for those with AIDS who have limited life expectancy ◦Predominantly use phishing based scams ◦Authorities rarely respond to cybercrime reports
  • 27. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. United States ◦Highly skilled attackers performing long-term attacks or developing malicious code ◦US residents are often recruited as money mules to launder money from attacks on US companies and citizens ◦Easy access to underground markets
  • 28. © 2017 Technology Concepts & Design, Inc. All Rights Reserved. Questions? @evanderburg 216-664-1100