how to rob a bank in the 21st century - pki version
TRANSCRIPT
How To Rob A Bank In The 21st CenturyMarch 2015
Lim Chin Wan
Have you ever wanted to rob a bank?
DOING IT THE OLD SCHOOL WAY?
Hacking A Bank Is Easy Because We’re
All Humans!
I think you should meet someone…
This is Yuri.
In 2012, he and his “anonymous” friends hacked major bank.
In 2013, they hacked credit card company and bought a BMW.
Last year, Yuri hit a major telco with the secret keys provided by a disgruntled employee.
Then Yuri went on a nice 2 month long vacation in the Caribbean Islands.
Banks and telcos all used “State of the Art” encryption… yet they
were still hacked!
So how does Yuri do it?
“Usually, I just find one disgruntled employee. Just one.”
Don’t Believe Me?
Let’s Play A Game…
Can Anyone Tell Me Who These
People Are?
Heidi KlumJessica Alba
Britney Spears
Christina
Aguilera
Scarlett Johansson
Kate
Winslet
Jon Bon Jovi
RATED TOP 20 MOST DANGEROUS CELEBRITIES IN 2014
BY
McAfee
18.19%
Because your users are your weakest link…
They are your customers…
They are your Employees...
They are your vendors…
Regular Training…
www.securityvitamins.com
How can you as a bank protect your customers and
yourself?
CENTAGATE (Centralized Authentication Gateway) is an on-demand identification and access management services that enable cloud-based services to adopt strong multi-factor authentication seamlessly. This is a perfect solution for enterprise applications that are now rapidly moving to a secure, cloud-based services.
Next-Gen Adaptive IntelligentAuthentication Platform
N1.1
N1.2
N1.3 Machine LearningTransaction & Authentication Specific
Hybrid ModelRules Based & Case Based
Openness
Hybrid Adaptive Intelligence Scoring Engine
Implement Server-to-Server Authentication using PKI
What is PKI?
Public Key Infrastructure
Public Key
Private Key
What is a Certificate Authority?
SECRET
MARY’SPublic Key
IDEAL WORLD
MESSAGE
+ENCRYPTED MESSAGE
REAL WORLD
SECRET
Fake MARY’S
Public Key
MESSAGE
+ENCRYPTED MESSAGE
MARY’SPublic Key
MODIFIED ENCRYPTED MESSAGE
+
HOW TO SOLVE PROBLEM?
SECRET
MESSAGE
+ENCRYPTED MESSAGE
MARY’SPublic Key
We are
going round
in circle!
PROBLEM SOLVED
CPS & CP
CERTIFICATE AUTHORITY
Diffie-Hellman Key Exchange Explained
Why banks should use digital certificates?
Your typical server room scene
How many servers do you have?
How many servers are talking to each other?
Which server is talking to which server?
How do you take control of your servers?
How many vendors do you have logged onto your servers?
Assign each server a digital certificate
Digital Certificates Provides
Identity to each server
Expiry date
How much does it cost?
Wow! So expensive!
Become my own CA!
Next generation PKI
51
Why a PKI Appliance?
• Make deployments easier and faster
• Minimize installation/integration efforts
• Lower the TCO with simplified management and maintenance
• Provide one source for Software/Hardware stack
A PKI Appliance Gives You...
• Overview of all your servers in your data centre
• Better security via Server-to-Server authentication
• Control over who can access your servers
• Easy management of your server access
?
Questions?
SecureMetric Technology Group
Lim Chin Wan
Mobile : +6 016 261 8925Office : +603 8996 [email protected]
Formula for Strong Digital [email protected] www.securemetric.com