Download - The Bad Guys are using IT. Are You?
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 1
The Bad Guys are using IT. Are You?
Picture credit: www.wearelegionthedocumentary.com
Koh Hong Eng
Vice President (Corporate), POLCYB The Society for the Policing of Cyberspace
Global Lead, Justice & Public Safety (JPS)
Oracle Corporation
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 2
The Safe Harbor
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 3
Oracle Global Justice & Public Safety Team
Jorge Medina
Cindy Schwimer Tim Wallace Jeff Penrose David Shepherd
Udi Nessimyan
Koh Hong Eng
Global Lead
Twitter Gives Occupy Wall Street Tweets To New York Judge 14 Sep 2012
“We talk on the Internet about what happened in Egypt, about our structure, about our organization, how to organize a flash mob, how to organize a sit-in”
Ahmed Maher, one of the founders of Egypt’s Facebook Revolution on 6 Apr 08,
on advising the Occupy activists
Why BlackBerry Messenger was rioters' communication method of choice 7 Dec 2011
Crime-Sourcing Criminals Turn to Outsourcing to Launch Distributed Denial of Service Attacks 3 Dec 2013
Man-In-The-Middle
How a Hacker Intercepted FBI and Secret Service Calls With Google Maps 27 Feb 2014
US Government Agency Compromised by Social Engineering 4 Nov 2013
2009: “Robin Sage” (The Security Blogger)!Information and intelligence obtained from US military personnel!
2011: “Emily Williams”!“What else can happen outside of data being leaked over social networks?”!
Emily Williams Social Engineering
Massive data theft hits 40% of South Koreans
21 Jan 2014
“Customer details appear to have been swiped by a worker at the Korea Credit Bureau, a company that offers risk management and fraud detection services.”
1 April 2013
UK sex crimes via Facebook, Twitter increased 400% since 2009
“Personal data on Twitter and Facebook are being utilized by sexual predators to identify susceptible females and gain their confidence.”
Ransomware
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 12
Adapted from Kuppinger Cole Presentation, March 2013
COORDINATED ATTACKS
HACKING
DATA THEFT
DENIAL OF SERVICE BLACKMAIL
• PRIVILEGE
ABUSE • DELIBERATE
LEAKAGE • CURIOSITY
• ACCIDENTAL
ERASURE
• ACCIDENTAL DISCLOSURE
Cloud Mobile Social
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 13
PEOPLE Employees, Contractors Costumers & Partners
THE NETWORK IS NO LONGER THE POINT OF CONTROL
DEVICES Phones, Servers, Laptops, Tablets
DATA Unstructured & Structured
THE NEW PERIMETER PREVENTIVE
DETECTIVE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 14
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
Oracle Engineered
Systems
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 15
S E C U R I T Y S E C U R I T Y
S E C U R I T Y S E C U R I T Y
S E C U R I T Y
S E C U R I T Y
S E C U R I T Y
SECURITY INSIDE OUT BUILT-IN AT EVERY LAYER
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 16
Governance, Risk and Compliance
Identity Management
Mobile Security
Cloud Security
Infrastructure Security
SECURITY INSIDE OUT
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 17
Infrastructure Security
§ Ensure confidentiality of medical and patient data through comprehensive database security with centralized configuration, unified interface, and simplified deployment across platforms.
§ Monitor access to sensitive data regarding global bidding, medical licenses, medical supplies, human resources, financials, etc.
§ Provide detailed information about every user who accesses the databases, including requests for applications or IP addresses, and report these details on demand to facilitate efficient audit detection.
Kingdom of Saudi Arabia Ministry of Health
• Exadata • Audit Vault • DB Firewall
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 18
Identity Management
§ Grocery retailing and food logistics. § More then 2,200 stores and about 2,500 franchises. § 2,200 iPads for store managers.
SUPERVALU
• Identity Management • Access Management • Directory Server
"Through Oracle’s forward-thinking approach to identity management, we can provide our employees with the technology they need to be more productive and bolster customer relationships, while enabling the company to securely leverage the latest social and mobile innovations.” – Phillip Black, IT Director for Identity and Access Management, SUPERVALU
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 19
Governance, Risk and Compliance
§ Established in 1817 with total assets of $658B; 35,000 employees. § Challenges:
– User access was too broad. – Privacy Act violations. – No audit trail. – Segregation of Duties (SoD) process was expensive and ineffective.
§ Results: – Resolved 85% of SoD conflicts across ERP system; mitigating controls for the rest. – Resolved privacy issues with access to Social Security Numbers. – Created detailed access rules and comprehensive audit trails.
USA Department of Health & Human Services
• GRC Control Suite
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 20
Cloud Security USA Federal Emergency Management Agency
• RightNow Government Cloud
Hurricane Sandy
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 21
Cloud Security
§ Engage the community as part of community policing.
§ Better understanding of public sentiments.
§ Improve crime analysis over social networks.
§ Early detection of suspicious activities and crime suspects.
§ Incorporate new techniques in crime investigation process.
Federal Police of a Latin America country
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 22
CONTAINER EXPERIENCE CONTROL
Isolate corporate data, support remote wipe, restrict
data transfer
Secure applications & communication, corporate
application store
Role based access, self service request, sign-on,
fraud detection
MOBILE SECURITY SUITE
Mobile Security Oracle’s Strategy
A top 50 bank in USA with few million customers
across few states
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 23
What about Social Engineering? Big Data to the Rescue
Oracle Big Data Appliance
NoSQL DB Driver
Application
HDFS, Hadoop, CDH
Map ReduceORCH -‐ Stats
Map ReduceHive -‐ Activities
Map ReducePig -‐ Sessionize
Cyber Information Discovery
Complex EventProcessing
Expert SystemDecisionEngine
Cyber Real-‐time Analysis
API/NBI SIEM/SOC
Mass Analysis\Algorithm
s Layer
Probe/Switch
LAN
Probe/switch
Real-‐time Access
Batch Processing
System M
onitoring & M
anagement
§ Cyber Intelligence § Network Behavior
Anomaly Detection (NBAD)
§ Analytics & Reporting § DPI-based Router
• Big Data Appliance • Oracle Event Processing • Real-Time Decisions • Endeca Information Discovery
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 24
Cyber Intelligence Countering Social Engineering
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 25
Cyber Intelligence Countering Social Engineering
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 26
Cyber Intelligence Countering Social Engineering
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 27
Cyber Intelligence Countering Social Engineering
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 28
DON’T SECURE YOURSELF OUT OF BUSINESS
• You can’t defend everything • Re-assess, Re-evaluate
• People, Data, Devices
• Prevent. Detect. Assume breached • Security inside out
• Protect your most valuable assets • Have a plan and execute the plan
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 29
Internet of Things 2010 2015 2020
PEOPLE More DEVICES Than
Source: Cisco IBSG, Apr 2011
50 Billion
25 Billion
12.5 Billion
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. 30
@he_koh
linkedin.com/in/hekoh
Thank You!