gartner uk 2015 anatomy of an attack
TRANSCRIPT
![Page 2: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/2.jpg)
![Page 3: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/3.jpg)
Verizon Data Breach Investigation Report
![Page 4: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/4.jpg)
Verizon Data Breach Investigation Report
![Page 5: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/5.jpg)
2122 Data Breaches
![Page 6: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/6.jpg)
2122 Data BreachesFinancial data, Product data,
Personal data, Usernames/Passwords
![Page 7: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/7.jpg)
Vulnerabilities
![Page 8: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/8.jpg)
> 99% over 1 year old
![Page 9: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/9.jpg)
> 99%
![Page 10: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/10.jpg)
But 40 in 2014
![Page 11: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/11.jpg)
But 40 in 2014and 50% within 2 weeks
![Page 12: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/12.jpg)
> 99%
![Page 13: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/13.jpg)
MalwareInfects
Computer
Exploit for known
Vulnerability
TargetedE-mailSpear
Phishing
Social MediaProfile
Exploit for 0-day
Vulnerability
KnownWorm/Virus
InfectedUSBDrive
Find infected
Computers
Command and Control
Username/Passwords
Dataloss
Brand
Finance
Others
![Page 14: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/14.jpg)
> 99%
![Page 15: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/15.jpg)
1. CTO (punk rock fan), punk rock concert offer, doc opened, no run2. Employee, employment offer, doc opened, script ran
3. COO (Greek History), article comment, doc not opened4. Employee, inquiry on side project, doc not opened
5. Employee, survey form of past employment, doc opened, infected, but no privileged account
6. System Admin, professional society membership offer, doc opened, infected - Bingo
![Page 16: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/16.jpg)
Demo
![Page 17: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/17.jpg)
PhishingTraining
![Page 18: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/18.jpg)
PhishingTraining
10%->2%
![Page 19: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/19.jpg)
VulnerabilitiesPatch
![Page 20: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/20.jpg)
VulnerabilitiesPatch
95%/99%
![Page 21: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/21.jpg)
> 99%
![Page 22: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/22.jpg)
> 99%
![Page 23: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/23.jpg)
VulnerabilitiesPatch
95%/99%Priority on Exploits
MS15-020, MS15-051
![Page 24: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/24.jpg)
0-daysHardening
![Page 25: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/25.jpg)
![Page 26: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/26.jpg)
Then:Passwords
![Page 27: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/27.jpg)
Finally:Breach Detection
![Page 28: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/28.jpg)
Now: Vulnerability Assessments3 months: Passwords12 months+: Breach Detection
![Page 30: Gartner UK 2015 Anatomy of An Attack](https://reader036.vdocument.in/reader036/viewer/2022062503/58f1a4721a28ab07458b4611/html5/thumbnails/30.jpg)
Resources• Verizon DBIR 2015
http://www.verizonenterprise.com/DBIR/
• Chevronhttps://www.rsaconference.com/events/us15/agenda/sessions/1983/building-a-next-generation-security-architecture
• BSIhttps://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2014.pdf
• Hardeninghttps://www.virusbtn.com/pdf/conference_slides/2013/Niemela-VB2013.pdf