cyber breach
play

CYBER BREACH Preventing Bodily Injury and Property Damage - PowerPoint PPT Presentation

CYBER BREACH Preventing Bodily Injury and Property Damage info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 1 THE WORLD WE KNOW TODAY info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 2


  1. CYBER BREACH Preventing Bodily Injury and Property Damage info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 1

  2. THE WORLD WE KNOW TODAY info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 2

  3. INTERNET SECURITY CAMERAS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 3

  4. IoT BOTNET info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 4

  5. WE WARNED YOU IN 2013 info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 5

  6. BUT YOU STILL GOT SUED info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 6

  7. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 7

  8. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 8

  9. AND THE BEAT GOES ON… info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 9

  10. MEDICAL DEVICES info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 10

  11. THE STORY info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 11

  12. VERSUS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 12

  13. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 13

  14. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 14

  15. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 15

  16. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 16

  17. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 17

  18. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 18

  19. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 19

  20. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 20

  21. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 21

  22. THE COST info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 22

  23. ELEMENT IMPACT Fraud losses, legal fees, $Millions to $Billions new security measures in costs info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 23

  24. ELEMENT IMPACT Fraud losses, legal fees, $Millions to $Billions new security measures in costs Drop in stock & profits 5% to 10% drop in stock info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 24

  25. ELEMENT IMPACT Fraud losses, legal fees, $Millions to $Billions new security measures in costs Drop in stock & profits 5% to 10% drop in stock Brand index scores Brand value immediately drop to negative info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 25

  26. ELEMENT IMPACT Credit rating S&P cuts credit rating info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 26

  27. ELEMENT IMPACT Credit rating S&P cuts credit rating Job security Executive shake-ups info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 27

  28. ELEMENT IMPACT Credit rating S&P cuts credit rating Job security Executive shake-ups Some customers never Customers leave return info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 28

  29. DISCOVERING ATTACK VECTORS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 29

  30. AS EASY AS 1, 2, 3 Step 1 Unpack the Firmware Image Open source tool called binwalk can unpack most firmware images. Step 2 Analyze Executable Binaries and System Files Look for low-hanging fruit like insecure coding practices and hidden private crypto keys. Step 3 Fix, Compile, Repeat Replace insecure coding practices with secure methods. Remove all private crypto keys. Recompile code. Re-examine. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 30

  31. BUT MY SOURCE CODE IS SECURE! info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 31

  32. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 32

  33. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 33

  34. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 34

  35. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 35

  36. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 36

  37. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 37

  38. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 38

  39. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 39

  40. HOW TO MITIGATE CYBER SECURITY RISKS IN CONNECTED MEDICAL DEVICES Step 1 Perform a Traditional Security Assessment Open source tools such as Nmap, Nessus, and Metasploit can help. Step 2 Perform Blackbox Testing with Fuzzing Open source tools: w3af, Wfuzz, Wapiti. Commercial tools: Defensics. Step 3 Perform a Firmware Evaluation Open source tool: binwalk, gdb, OllyDbg. Commercial tools: Centrifuge Security Platform. info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 40

  41. WHO IS TACTICAL NETWORK SOLUTIONS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 41

  42. Founded 2007 Founders are former NSA/TAO employees Offensive cyber operations focus 12 Employees info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 42

  43. MANAGEMENT TEAM Terry Dunlap, Founder & CEO National Security Agency - 7 years experience Computer Network Exploitation wireless tool development Acting Branch Chief Peter Eacmen, Co-Founder & CTO National Security Agency - 10+ years experience Computer Network Exploitation tool development Close access operation support Embedded directly with USSOCOM unit at NSA info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 43

  44. FIRMWARE EVALUATION TEAM 10 Employees Former NSA Computer Network Exploitation specialists in firmware reverse engineering info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 44

  45. CUSTOMERS info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 45

  46. CONTACT Tactical Network Solutions LLC 8825 Stanford Blvd., Suite 308 Columbia, MD 21045 (443) 276-2990 Terry Dunlap Peter Eacmen Partner Partner tdunlap@tacnetsol.com peacmen@tacnetsol.com 240-672-2945 (C) 617-548-5384 (C) info@tacnetsol.com Tactical Network Solutions LLC Proprietary Information 46

Recommend


More recommend