cyber security threats - scgmis - homescgmis.org/resources/documents/ms-isac presentation.pdfleon...
TRANSCRIPT
![Page 1: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/1.jpg)
Cyber Security Threatsy yShehzad Mirza
Director of the MS‐ISAC SOC
Will PelgrinCIS President and CEOCIS President and CEO
MS‐ISAC Chair
![Page 2: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/2.jpg)
2.6 Billion Internet Users2.6 Billion Internet Users
10%6% 3%
1%Asia 44%
Europe 22 7%44%
13%
10% Europe 22.7%
North America 13.0%
Lat Am / Carib 10.3%
23%
Africa 5.7%
Middle East 3.3%
Oceania / Australia 1.0%
![Page 3: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/3.jpg)
Connect with constituents Learn new ideasConnect with constituents Learn new ideas
The Internet is a t d t l
Broadcast public functions live
tremendous tool for governments
Broadcast public functions live
Pay employees easilyAllows your constituents to register onlineregister online
![Page 4: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/4.jpg)
Criminals look for data… and state and local governments have a lot of it!
From Cradle To Grave
And Beyond!
Confidential Informants
![Page 5: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/5.jpg)
![Page 6: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/6.jpg)
Leon Panetta, Secretary of Defense
“The next Pearl Harbor that we confront could very well be a b k h lcyber attack that cripples our
power systems, our grid, our security systems, our y ygovernment systems… Cyber war could paralyze the U S ”U.S.
![Page 7: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/7.jpg)
Who Is Behind The Threats?Who Is Behind The Threats?Cyber Criminals Hacktivists
N i SNation States
![Page 8: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/8.jpg)
Cyber Threats
Hacktivism
Mobile Devices
Insider Threats & Human Error
Phishing
Old Infrastructure
![Page 9: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/9.jpg)
HacktivismHacktivism
![Page 10: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/10.jpg)
H kti iHacktivism
“Attacking corporations governmentsAttacking corporations, governments, organizations and individuals…to make a point” Sophos 2012Sophos 2012
Hacktivist groups target:• Private corporations• Federal Government
St t G t• State Government• Local Government• Education• Education• Law enforcement groups
![Page 11: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/11.jpg)
User Account CompromiseA k S iAttack Scenario
1. Law Enforcement Association (i.e. Sheriff i i P li B l S i )association, Police Benevolent Society, etc) gets
compromised2. Attackers gather the stolen credentials and either
post to sharing website (i.e. Pastebin) or keep the login information for themselves
3. Either the hackers themselves or other malicious actors then download and use the credentials from sharing website to login and access local and federal law enforcement systems
4. The compromise of the "association" system may lead to the compromise of the SLTT government systems
![Page 12: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/12.jpg)
![Page 13: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/13.jpg)
![Page 14: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/14.jpg)
What Can You Do To Prevent This?What Can You Do To Prevent This?
• Perform regular vulnerability assessments of allPerform regular vulnerability assessments of all Internet facing systems
• Remind employees not to re‐use work passwords
• Monitor Webmail for:– Failed logins– Logins from out of the area or country
dd h– Logins at odd hours
![Page 15: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/15.jpg)
Mobile DevicesMobile DevicesMobile DevicesMobile Devices
![Page 16: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/16.jpg)
Smartphone and Tablet Security Risks
Too Many Individuals StillToo Many Individuals Still…– Don’t use encryption, passwords,
time-out settings or any other securitytime out settings or any other security protection
– Store their sensitive corporate information on smartphones
– Lose one of these devices at some pointpoint
![Page 17: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/17.jpg)
Mobile Devices – Targets of AttackMobile Devices Targets of Attack
“The number of variants of malicious software aimed at mobile devices has reportedly risen from about 14,000 to 40,000 or about 185% in less than a year” – U.S. Government Accountability Office
![Page 18: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/18.jpg)
Leaving your l tlaptop or
smartphone tt d dunattended
can lead to big blproblems…
More than 10,000 laptops are reported lost every week at 36 of the p p p ylargest U.S. airports, and 65 percent of those laptops are not reclaimed.
Ponemon Institute
![Page 19: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/19.jpg)
Insider Threats Insider Threats and Human Errorand Human Error
![Page 20: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/20.jpg)
Insider Threats are Real…Can be intentional or accidental
• WikiLeaks – Hundreds of thousands of confidential documents leaked by military employee
• Inadvertent posting of the Social Security numbers and birth dates of 22,000 government retirees on a state procurement website
• Disgruntled city employee tampers with city t k t d t t d i i t tnetwork to deny access to top administrators
![Page 21: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/21.jpg)
Human Error – Weak Passwords
tomshardware.com
![Page 22: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/22.jpg)
A longer password is a better passwordStrong passwords should be 9-12 h t dcharacters and
possess a combination of letters, numbers, , ,and special characters.
![Page 23: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/23.jpg)
Example of Strong PasswordExample of Strong Password• ThisI• Is
• A• BetterBetter• Password• Which
Password = T1@bPwWBH2C• Would
• Be• Harder
T1@bPwWBH2C
• Harder• To• CrackCrack
![Page 24: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/24.jpg)
Most Dangerous Cyber Celebrity!!!! g y y
![Page 25: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/25.jpg)
Phi hiPhi hiPhishingPhishing
![Page 26: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/26.jpg)
Gone Phishing…Phishing scams entice email recipients into
g
clicking on a link or opening an attachment which is malicious.c s a c ous
• WELL WRITTEN
• APPEARS CREDIBLE
• ENTICING OR SHOCKING SUBJECTSUBJECT
• APPARENT TRUSTED SOURCE
![Page 27: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/27.jpg)
![Page 28: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/28.jpg)
Protect YourselfProtect Yourself• Never click on a link in a suspicious e‐mail.Never click on a link in a suspicious e mail. • Open a new web browser and manually go to the vendors website to log into your account. g y
• Call your vendor using a phone number from an official source to get the information you need. g y
![Page 29: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/29.jpg)
Old InfrastructureOld InfrastructureOld InfrastructureOld Infrastructure
![Page 30: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/30.jpg)
Old hardware and software that is beyond the end of its supportlif i ft till i t dlife is often still in use today
No longer supported by the vendors
Using them after end of life places your organization at great risksince any security vulnerability will NOT be fixed, making it easy forhackers to launch a successful cyber attack
![Page 31: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/31.jpg)
Industrial Control Systems
![Page 32: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/32.jpg)
Internet Facing Industrial Control Systems
Approximately 7,200 Internet Facing Control System Devices Source: US Department of Homeland Security ICS‐CERT Monthly Oct‐Dec2012
![Page 33: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/33.jpg)
Case StudiesCase Studies
![Page 34: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/34.jpg)
South Carolina 2012South Carolina 2012• More than 3.3 million unencrypted bank account
numbers and 3.8 million tax returns were stolen in an attack against the South Carolina Department of Revenue.
• Data lost: SSNs, bank account numbers and credit card numbers.
• Breach due to a state employee falling for a phishing attack that enabled hackers to leverage p g gthat employee's access rights to gain access to the government entity's systems and databases.
![Page 35: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/35.jpg)
State of Utah 2012• 280,000 Social Security numbers were stolen,
and another 500 000 people lost personaland another 500,000 people lost personal information.
• Eastern European hackers broke into the server maintained by the Utah Department ofmaintained by the Utah Department of Technology Services in the spring of 2012 by taking advantage of a misconfiguration.g g g
![Page 36: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/36.jpg)
What Can You Do?What Can You Do?
• Keep your systems patchedKeep your systems patched• Have cyber security policies
i li i h h li i• Monitor compliance with the policies• Log and monitor network traffic • Backup your systems on a regular basis and check them before storing off siteg
• Train employees on good cyber security practicespractices
![Page 37: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/37.jpg)
Zeus Financial FraudZeus Financial FraudA bank informed a School District that $758,758.70 was to be transferred overseaswas to be transferred overseas
The School District cancelled the transaction
The Bank than asked about the $1,190,400 that was already sent overseas
And the $1,862,400… also already sent overseas
already sent overseas
![Page 38: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/38.jpg)
What Can You Do?What Can You Do?
• Have a dedicated computer for financialHave a dedicated computer for financial transactions
• IP Filtering/white list• IP Filtering/white list• Limit software programs (no java, flash, email,
t )etc.)• Set up “non‐privileged user” account
• Take advantage of two factor authentication where availablewhere available
![Page 39: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/39.jpg)
StatsStats
![Page 40: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/40.jpg)
![Page 41: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/41.jpg)
![Page 42: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/42.jpg)
Number of Infections – All MSS PartnersNumber of Infections All MSS Partners
400
450
Dec‐12
Jan‐13
300
350
Feb‐13
Mar‐13
200
250
100
150
0
50
![Page 43: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/43.jpg)
Daily Activity Summary – All MSS Partners
300
350
Dec‐12
Jan‐13
Feb 13
250
300 Feb‐13
Mar‐13
200
100
150
50
100
0Accepted Inbound Port
ScansPeer‐to‐Peer Usage SQL Injection Exploit
AttemptsSystem File Access
AttemptsLogin Brute Forcing Server Attack: Web
ServerSpyware Traffic Events
![Page 44: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/44.jpg)
NotificationsNotifications300
Dec‐12
Jan‐13
Feb‐13
250 Mar‐13
150
200
100
150
50
0Darknet Keylogger Defacement Credentials
![Page 45: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/45.jpg)
The MS-ISAC is here to help!
![Page 46: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/46.jpg)
What is the MS‐ISAC?What is the MS ISAC?
The Multi‐State Information Sharing and l i C ( S S C) i h f l i fAnalysis Center (MS‐ISAC) is the focal point for
cyber threat prevention, protection, response d f h i ’ l land recovery for the nation’s state, local,
territorial and tribal (SLTT) governments.
![Page 47: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/47.jpg)
MS-ISAC Is Built On A Strong Foundation
Situational AwarenessFederal Government
Homeland Security AdvisorsSHARE
Situational Awareness
States & US TerritoriesSHARE
Local GovernmentsCOLLABORATE
Local GovernmentsTRUST
![Page 48: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/48.jpg)
AK
MS-ISACMember
AKMS-ISACMember
MS-ISACMemberMS-ISAC
MemberMS ISAC
MS-ISACMemberMS-ISAC
MemberMS-ISACMember
MS-ISACMember
MS ISAC MS-ISACMemberMS-ISAC
MemberMS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMember MS-ISAC
MemberMS-ISACMember
MS-ISACMember
MS-ISACMS-ISACMS-ISAC
MS-ISACMember
MS ISAC
MS-ISACMember
MemberMS-ISACMember
MemberMember
MS-ISACMember MS-ISAC
MemberMS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISAC MS ISAC
MS-ISACMember
MS-ISACMember
MS-ISACMember
S S CMember MS-ISAC
MemberMS-ISACMember
MS-ISACMemberMS-ISAC
MemberMS-ISACMember
MS-ISACMember
MS-ISACMember
MS-ISACMemberMS-ISAC
MS-ISACMember
MS-ISACMember
MS ISACMember
A Trusted Model for Collaboration and Cooperation across All States, L l G t d S l U S T it i B ilt 10
American Samoa
HI
Local Governments and Several U.S. Territories—Built on over 10 years of Centralized Outreach, Awareness and Bidirectional Information
Sharing.
![Page 49: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/49.jpg)
Local Governments
MS-ISAC Local Government members represent 33% of the U.S. population
![Page 50: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/50.jpg)
MS‐ISAC Monitoring PartnersWashington
Lane Co.
Connectic t
Idaho
Maine
Massachusetts
Michigan
Minnesota
Montana
NewHampshire
New York
North Dakota
Oregon
Rhode Island
South Dakota
Vermont
Wisconsin
Wyoming
Johnson Co.
NYC
CaliforniaColorado
Connecticut
DelawareIllinois Indiana
Iowa
Kansas
Maryland
g
Missouri
NebraskaNevada
New Jersey
Ohio
Pennsylvania
Utah
Virginia
WestVirginia
y g
S Di
LAWABrentwood
CaryArizona
Arkansas
Georgia
KentuckyMissouri
New Mexico
North Carolina
OklahomaSouth Carolina
Tennessee
San Diego
Goodyear
AlabamaGeorgia
Louisiana
Mississippi
Texas
Florida
Alaska
Hawaii
![Page 51: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/51.jpg)
Security Operations CenterSecurity Operations Center
ff hStaff at the NCCIC
![Page 52: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/52.jpg)
24x7 Cyber Security Operations Center
• Central location to report any cyber security incident, staffed 24x7
• 24x7 support for:– Albert and Managed Security Services– Albert and Managed Security Services– Vulnerability Assessments– Research and analysis
• 24x7 analysis and monitoring of:– Threats– Vulnerabilities
A k– Attacks
• 24x7 reporting:– Web DefacementsWeb Defacements– Account Compromises
![Page 53: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/53.jpg)
CERT CapabilitiesCERT Capabilities
• Incident Responsep– Includes on‐site assistance
• Malware Analysis• Computer Forensics• Network ForensicsL A l i• Log Analysis
• Statistical Data Analysis• Netflow Monitoring / Albert• Netflow Monitoring / Albert• Rapid Sensor Deployment• Penetration Testing• Penetration Testing
![Page 54: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/54.jpg)
MS‐ISAC Intelligence SourcesMS ISAC Intelligence Sources
• 7x24 Monitoring7x24 Monitoring– Analysis of 12 billion logs/records per week
• Intelligence Partners• Intelligence Partners• Federal Government• Private Sector• Internet Research
![Page 55: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/55.jpg)
Multi-State Information Sharing and Analysis CenterProducts and Services
24/7 C b S it A l i N ti l W b t I iti ti
Products and Services
• 24/7 Cyber Security Analysis Center
• Cyber Security Alerts and
• National Webcast Initiative
• National Cyber Security Awareness MonthCyber Security Alerts and
Advisories
• Public and Secure MS-ISAC W b it
Awareness Month
• Monthly Conference Calls
Websites
• Participation in cyber exercises
• Annual Meeting
• Ensuring collaboration with all ti
• Common cyber alert level mapnecessary parties
![Page 56: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/56.jpg)
MS-ISAC Public Website
![Page 57: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/57.jpg)
Take advantage of our RSS feed!Connect to our Cyber Security Advisories to provide greater awareness to thoseawareness to those agencies, organizations and business that frequent your website
Connect to our Daily Cyber Security Tip to provide greaterprovide greater awareness for your employees, constituents and others
![Page 58: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/58.jpg)
Monthly Newsletters
The MS-ISACThe MS-ISAC distributes the newsletters in a template form so they can be re-branded and distributed broadly throughout states and local governmentslocal governments
![Page 59: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/59.jpg)
![Page 60: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/60.jpg)
Cyber Security Guides Cyber Security Guides
![Page 61: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/61.jpg)
Cyber Security Awareness Toolkit
![Page 62: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/62.jpg)
How can you join?How can you join?
![Page 63: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/63.jpg)
SummarySummary
• There is no “silver bullet” for cyber securitye e s o s e bu et o cybe secu ty• Don’t become complacent• Have policies and methodologies in place toHave policies and methodologies in place to monitor compliance
• Log and monitor all trafficg• Be a cyber security champion in your organization
![Page 64: Cyber Security Threats - SCGMIS - Homescgmis.org/Resources/Documents/MS-ISAC Presentation.pdfLeon Panetta, Secretary of Defense “The next Pearl Harbor that we confront could very](https://reader034.vdocument.in/reader034/viewer/2022052018/6031d744d5576e1b6b1007a5/html5/thumbnails/64.jpg)
Thank YouThank You
Questions???Questions???
Contact Information:brian calkin@msisac [email protected]
orinfo@msisac [email protected]‐866‐787‐4722