cyber breach
play

CYBER BREACH Preventing Bodily Injury and Property Damage - PowerPoint PPT Presentation

Mar 18, 2023 •48 likes •508 views

CYBER BREACH Preventing Bodily Injury and Property Damage info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 1 THE WORLD WE KNOW TODAY info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 2

  1. CYBER BREACH Preventing Bodily Injury and Property Damage info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 1

  2. THE WORLD WE KNOW TODAY info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 2

  3. INTERNET SECURITY CAMERAS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 3

  4. IoT BOTNET info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 4

  5. WE WARNED YOU IN 2013 info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 5

  6. BUT YOU STILL GOT SUED info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 6

  7. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 7

  8. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 8

  9. AND THE BEAT GOES ON… info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 9

  10. MEDICAL DEVICES info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 10

  11. THE STORY info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 11

  12. VERSUS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 12

  13. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 13

  14. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 14

  15. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 15

  16. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 16

  17. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 17

  18. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 18

  19. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 19

  20. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 20

  21. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 21

  22. THE COST info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 22

  23. ELEMENT IMPACT Fraud losses, legal fees, $Millions to $Billions new security measures in costs info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 23

  24. ELEMENT IMPACT Fraud losses, legal fees, $Millions to $Billions new security measures in costs Drop in stock & profits 5% to 10% drop in stock info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 24

  25. ELEMENT IMPACT Fraud losses, legal fees, $Millions to $Billions new security measures in costs Drop in stock & profits 5% to 10% drop in stock Brand index scores Brand value immediately drop to negative info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 25

  26. ELEMENT IMPACT Credit rating S&P cuts credit rating info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 26

  27. ELEMENT IMPACT Credit rating S&P cuts credit rating Job security Executive shake-ups info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 27

  28. ELEMENT IMPACT Credit rating S&P cuts credit rating Job security Executive shake-ups Some customers never Customers leave return info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 28

  29. DISCOVERING ATTACK VECTORS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 29

  30. AS EASY AS 1, 2, 3 Step 1 Unpack the Firmware Image Open source tool called binwalk can unpack most firmware images. Step 2 Analyze Executable Binaries and System Files Look for low-hanging fruit like insecure coding practices and hidden private crypto keys. Step 3 Fix, Compile, Repeat Replace insecure coding practices with secure methods. Remove all private crypto keys. Recompile code. Re-examine. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 30

  31. BUT MY SOURCE CODE IS SECURE! info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 31

  32. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 32

  33. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 33

  34. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 34

  35. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 35

  36. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 36

  37. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 37

  38. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 38

  39. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 39

  40. HOW TO MITIGATE CYBER SECURITY RISKS IN CONNECTED MEDICAL DEVICES Step 1 Perform a Traditional Security Assessment Open source tools such as Nmap, Nessus, and Metasploit can help. Step 2 Perform Blackbox Testing with Fuzzing Open source tools: w3af, Wfuzz, Wapiti. Commercial tools: Defensics. Step 3 Perform a Firmware Evaluation Open source tool: binwalk, gdb, OllyDbg. Commercial tools: Centrifuge Security Platform. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 40

  41. WHO IS TACTICAL NETWORK SOLUTIONS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 41

  42. Founded 2007 Founders are former NSA/TAO employees Offensive cyber operations focus 12 Employees info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 42

  43. MANAGEMENT TEAM Terry Dunlap, Founder & CEO National Security Agency - 7 years experience Computer Network Exploitation wireless tool development Acting Branch Chief Peter Eacmen, Co-Founder & CTO National Security Agency - 10+ years experience Computer Network Exploitation tool development Close access operation support Embedded directly with USSOCOM unit at NSA info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 43

  44. FIRMWARE EVALUATION TEAM 10 Employees Former NSA Computer Network Exploitation specialists in firmware reverse engineering info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 44

  45. CUSTOMERS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 45

  46. CONTACT Tactical Network Solutions LLC 8825 Stanford Blvd., Suite 308 Columbia, MD 21045 (443) 276-2990 Terry Dunlap Peter Eacmen Partner Partner tdunlap@tacnetsol.com peacmen@tacnetsol.com 240-672-2945 (C) 617-548-5384 (C) info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 46

Recommend

Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Prentice Wealth Management Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape Verizon VBIR 2015 Report Cyber Breach Trending Outsider v Insider Threat Personal Identity Protection

819 views • 12 slides
CYBER INSURANCE Luxury or necessary protection? What is a data breach? A breach is defined as an

CYBER INSURANCE Luxury or necessary protection? What is a data breach? A breach is defined as an

CYBER INSURANCE Luxury or necessary protection? What is a data breach? A breach is defined as an event in which an individuals name plus personal information such as an address, phone number and/or financial record such as a social security

307 views • 16 slides
CAN ORGANIZATIONS SURVIVE A POLI-CYBER BREACH ? K e y n o t e b y K h a l e d F a t t a l MLi

CAN ORGANIZATIONS SURVIVE A POLI-CYBER BREACH ? K e y n o t e b y K h a l e d F a t t a l MLi

CAN ORGANIZATIONS SURVIVE A POLI-CYBER BREACH ? K e y n o t e b y K h a l e d F a t t a l MLi Group, C h a i r m a n ( @ ) M L i G r p ( d o t ) c o m 1 WHAT IS A POLI-CYBER ? CYBER ATTACKS PERPETRATED OR INSPIRED BY EXTREMIST

520 views • 17 slides
W ITH THE DATA BREACH AT information for cyber criminals. As consultants to determine whether

W ITH THE DATA BREACH AT information for cyber criminals. As consultants to determine whether

LAW Best Practices for Protecting Electronic Business Data Companies are under attack from cyber-criminals, hackers and spies. Is your data at risk? C OMPILED BY M ILES Z. E PSTEIN E DITOR , COMMERCE W ITH THE DATA BREACH AT information for

290 views • 3 slides
Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents Yang Liu , Armin Sarabi

Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents Yang Liu , Armin Sarabi

Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents Yang Liu , Armin Sarabi , Jing Zhang , Parinaz Naghizadeh Manish Karir , Michael Bailey , Mingyan Liu , EECS Department, University of Michigan, Ann

842 views • 50 slides
CYBER BREACH MITIGATION How Do I Start & Where is my Money Best Spent ? Speakers: George Adkins

CYBER BREACH MITIGATION How Do I Start & Where is my Money Best Spent ? Speakers: George Adkins

CYBER BREACH MITIGATION How Do I Start & Where is my Money Best Spent ? Speakers: George Adkins , Wortham Power Gen Insurance Brad Luna , N-Dimensions 1 TPPA THE FUTURE IS HERE INCIDENTS WITH PUBLIC POWER ELEMENTS 2010 (Stuxnet) WORM

552 views • 34 slides
Cyber Liability Insurance and How to Respond to a Breach Financial Managers Society NY/NJ Chapter

Cyber Liability Insurance and How to Respond to a Breach Financial Managers Society NY/NJ Chapter

Cyber Liability Insurance and How to Respond to a Breach Financial Managers Society NY/NJ Chapter February 17, 2016 John Lawrence Director, Financial Institution Services Assistant Vice President M&T Insurance Agency Todays Agenda

371 views • 18 slides
Cyber Security Readiness & New Mandatory Data Breach Notification Laws Norton Rose Fulbright

Cyber Security Readiness & New Mandatory Data Breach Notification Laws Norton Rose Fulbright

Cyber Security Readiness & New Mandatory Data Breach Notification Laws Norton Rose Fulbright Australia April 2018 Purpose This presentation has been commissioned by CyberHound Pty Ltd (part of the Superloop Group) to assist schools that are

646 views • 26 slides
MANDATORY BREACH REPORTING: REVIEW OF THE REQUIREMENTS UNDER PHIPA OVERVIEW OF BREACH

MANDATORY BREACH REPORTING: REVIEW OF THE REQUIREMENTS UNDER PHIPA OVERVIEW OF BREACH

MANDATORY BREACH REPORTING: REVIEW OF THE REQUIREMENTS UNDER PHIPA OVERVIEW OF BREACH NOTIFICATION AND IPC STATISTICS Fida Hindi, Legal Counsel Office of the Information and Privacy Commissioner of Ontario This presentation is

352 views • 23 slides
PRIVACY BREACH GUIDELINES Purpose The Privacy Breach Guidelines may provide to contain, assess

PRIVACY BREACH GUIDELINES Purpose The Privacy Breach Guidelines may provide to contain, assess

Office of the Saskatchewan Information and Privacy Commissioner PRIVACY BREACH GUIDELINES Purpose The Privacy Breach Guidelines may provide to contain, assess and analyze a privacy some guidance to government institutions, breach. The

291 views • 10 slides
QUANTIFYING THE COST OF DATA BREACH UNDERSTANDING (AND AVOIDING) FUTURE PITFALLS Prepared by

QUANTIFYING THE COST OF DATA BREACH UNDERSTANDING (AND AVOIDING) FUTURE PITFALLS Prepared by

QUANTIFYING THE COST OF DATA BREACH UNDERSTANDING (AND AVOIDING) FUTURE PITFALLS Prepared by Castlebridge and TechPolis for Verimatrix Source: Cisco 2017 Annual Cyber Security Report

606 views • 16 slides
Auditd for the Masses Philipp Krenn @xeraa Learn about a breach From the press or

Auditd for the Masses Philipp Krenn @xeraa Learn about a breach From the press or

Auditd for the Masses Philipp Krenn @xeraa Learn about a breach From the press or users Learn about a breach Attackers asking for a ransom Learn about a breach Cloud provider's bill Learn about a breach Yourself after the

942 views • 51 slides
Cyber Security User Overview Martin Dinham Martin.Dinham@cfsystems.co.uk 01209 340030 Some

Cyber Security User Overview Martin Dinham Martin.Dinham@cfsystems.co.uk 01209 340030 Some

Cyber Security User Overview Martin Dinham Martin.Dinham@cfsystems.co.uk 01209 340030 Some context Daily Mail online, April 2017 52 % the number of small businesses that had a security breach in 2016 UK Government Cyber Security

619 views • 39 slides
Network Security & Privacy Liability: An Overview of Loss Mitigation Concepts and Data Breach

Network Security & Privacy Liability: An Overview of Loss Mitigation Concepts and Data Breach

Network Security & Privacy Liability: An Overview of Loss Mitigation Concepts and Data Breach Response Services March 20 th , 2012 Brian Cole, Managing Director Professional Liability Specialty Practice Overview of Topics Cyber Security

611 views • 21 slides
SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA

SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA

Angelo Prado Neal Harris Yoel Gluck SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA Proceed with caution: Review of CRIME Introducing BREACH In the weeds Demo time! Mitigations b r e a c h SSL,

526 views • 40 slides
PR PROACTIVE CTIVE SE SECUR CURITY ITY: : DATA A BREA BREACH CH ASSE ASSESSM SSMENT

PR PROACTIVE CTIVE SE SECUR CURITY ITY: : DATA A BREA BREACH CH ASSE ASSESSM SSMENT

PR PROACTIVE CTIVE SE SECUR CURITY ITY: : DATA A BREA BREACH CH ASSE ASSESSM SSMENT ENT CyberSecurity Chicago September 2018 Security In The News Frequency and severity of cyber security news on the rise 2 PROPRIETARY AND

449 views • 21 slides
Privacy Breach Risk and Insurance Vancouver Presentation 10 April 2014 Presented by Brian

Privacy Breach Risk and Insurance Vancouver Presentation 10 April 2014 Presented by Brian

Privacy Breach Risk and Insurance Vancouver Presentation 10 April 2014 Presented by Brian Rosenbaum LL.B National Director Aon Risk Solutions Financial Services Group Legal and Research Practice Aon Cyber and Privacy Group Agenda

313 views • 30 slides
Class Actions on Data Breach Class Actions on Data Breach and Privacy on the Rise Litigating Class

Class Actions on Data Breach Class Actions on Data Breach and Privacy on the Rise Litigating Class

Presenting a live 90 minute webinar with interactive Q&A Class Actions on Data Breach Class Actions on Data Breach and Privacy on the Rise Litigating Class Claims, Alleging and Challenging Damages, and Evaluating Insurance Coverage WEDNES

735 views • 55 slides
Compliance Component Simon Bingham Development Unit Manager 4 th December, Golden Lion

Compliance Component Simon Bingham Development Unit Manager 4 th December, Golden Lion

Compliance Component Simon Bingham Development Unit Manager 4 th December, Golden Lion Compliance Assessment Scheme (CAS) No Breaches Minor Significant ELC Breach(es)/ Breach/ >1 Gross Breach or 1 Gross repeated minor Breach breach

1.91k views • 6 slides
Global Breach Response: How to Select Your Key Partners Sponsored By: Global Breach Response:

Global Breach Response: How to Select Your Key Partners Sponsored By: Global Breach Response:

Global Breach Response: How to Select Your Key Partners Sponsored By: Global Breach Response: How to Select Your Key Partners Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides Recording of todays

722 views • 18 slides
Cyber Security Presentation 1. Cybersecurity is a growing priority for federal and state

Cyber Security Presentation 1. Cybersecurity is a growing priority for federal and state

Cyber Security Presentation 1. Cybersecurity is a growing priority for federal and state government. It is a growing and pervasive problem From January 1, 2009 to May 31, 2012, there have been 268 breach incidents in government agencies with more

330 views • 4 slides
Privacy Breach Coverage Commercial Lines 2 Agenda Evolving Need for Insurance Enhanced

Privacy Breach Coverage Commercial Lines 2 Agenda Evolving Need for Insurance Enhanced

Privacy Breach Coverage Commercial Lines 2 Agenda Evolving Need for Insurance Enhanced Privacy Breach Endorsements New Privacy Breach Liability Coverage Ease of Underwriting Value Added Services Whats Next?

669 views • 52 slides
Protect Your Small Business From Cyber Attacks Presenter: Jacob Blacksten Technology Business

Protect Your Small Business From Cyber Attacks Presenter: Jacob Blacksten Technology Business

Protect Your Small Business From Cyber Attacks Presenter: Jacob Blacksten Technology Business Advisor, Delaware SBDC 01/01/2018 www.delawaresbdc.org Small Businesses are a Target 68% of breaches took months or longer to 58% of data breach

529 views • 25 slides
C Y B E R R I S K Tuesday, May 19th | 10:30 am Mark Anelli, Commercial Risk Advisor George Perry,

C Y B E R R I S K Tuesday, May 19th | 10:30 am Mark Anelli, Commercial Risk Advisor George Perry,

C Y B E R R I S K Tuesday, May 19th | 10:30 am Mark Anelli, Commercial Risk Advisor George Perry, IT Manager Nick Sullivan, Risk Management Director Age gend nda Cyber ber Expo posu sure re What Are Your Exposures to a Cyber Breach?

395 views • 13 slides

More recommend