Défense In-Depth Security. Samson Oduor - Internet Solutions Kenya Watson Kamanga - Seacom

Transcription

1 Défense In-Depth Security Samson Oduor - Internet Solutions Kenya Watson Kamanga - Seacom

2 Siku Njema! Good Day! 2

3 Defense In-depth Security Approach SECTION 1 Introductions SECTION 4 Case - Study SECTION 2 The Wild Wide Web SECTION 5 Defense In-depth Approach SECTION 3 Cyber Breaches - Causes SECTION 6 Questions 3

4 INTERNET SOLUTIONS - KENYA IS was founded in It is an Internet Protocol Communication's Service Provider on the African Continent and a subsidiary of Dimension Data. Products: Cloud, connectivity, Data Centers, Security and Communication Wholesale 4

5 SEACOM SEACOM is a submarine cable operator with a network of submarine and terrestrial high-speed fibre-optic cable that serves the east and west coasts of Africa. SEACOM s reach extends into Europe and the Asia-Pacific via India 5

6 As of June 2017, 51% of the world's WILD WIDE WEB (WWW) population has internet access.

7 Threat Period Response Time Impact 1ST Gen Boot The 80 s Virus 2ND Gen The 90 s Macros Viruses and DoS Weeks Individual PC s Days Individual Networks 3RD Gen DDoS & Mixed threats Flash threats, Massive bot driven DDoS & Damaging payload worms. Minutes Multiple Networks Regional Networks & Global Infrastructure. Dark-web; Ransomware Immediately 4TH Gen Current Seconds ALL

8 Cybercrime criminal activities carried out by means of computers or the Internet Cyberbullying Cyberterrorism Cyberextortion Cyberwarfare Financial Fraud Fraud and Identity theft Information Warfare Phishing Scams Spam Offensive/Obscene Content Drug Trafficking Darknets Computer Viruses DDoS/DoS Malware

9 Sources of Threats Anywhere The Internet Downloading malicious software disguised as keygens, cracks, patches or downloading files via peer-to-peer networks (for example, torrents). Spam and Phishing Software Vulnerabilities Vulnerabilities, bugs and glitches of software grant hackers remote access to your computer Removable data storage media When you run a file from a removable media you can infect your computer and spread the virus to the drives of your machine. 9

10 Sources of Threats Anywhere User Actions Using various tricks, malefactors make users install their malicious software. Insider Threats Network Vulnerabilities Allows hackers to take over entire domains (pharming) Improper Configurations Through Improperly configured firewalls and legacy firewall technology 10

11 Case Study Ransomware Attacks Months Running to September 2017 the whole Internet was on high Alert due to Ransomware attacks. Ransomware malware that threatens to block (encrypt) access or infringe on data privacy unless a ransom is paid. Common mode of attack is through Trojans. The Ransom is paid through the use of digital currencies making it difficult to trace the attacker. Payments are not guarantee of Decryption. Most recent notable attacks were WannaCry, Petya and Bad Rabbit. Threat to Customer DDoS Warning One of our customers engaged us after receiving a threat whose magnitude meant financial loss and reputation damage. 11

12 Case Study Ransoware Attacks Months Running to the Month of September 2017 the whole Internet was on high Alert due to Ransomware attacks. Threat DDoS Warning One of our customers engaged us after receiving a threat whose magnitude meant financial loss and reputation damage. 12

13 Case Study Ransoware Attacks Months Running to the Month of September 2017 the whole Internet was on high Alert due to Ransomware attacks. Threat DDoS Warning One of our customers engaged us after receiving a threat whose magnitude meant financial loss and reputation damage. 13

14 Case Study - Old Security Techniques 14

15 Case Study - Old Security Techniques 1 Everyone on the Internet is a suspect 2 Everyone within my organization is trustworthy 3 Security model built to lock outsiders 4 Hosts were protected with AV only and Firewall was everything! 5 Monitoring did not exist 6 Limited or no internal segmentations 15

16 Case Study - Defense In-depth Approach 1 Establishing the authenticity of the threat 2 Vulnerability and Penetration testing on client network 3 Quick work-arounds + Patch Management System 4 Deployment of Disaster recovery site and Activating our NOC/SOC Team 5 Cloud Scrubbing Phase 6 Review of Intenal Processes and Policies 16

17 Case Study Defense In-depth Approach 17

18 Case Study Defense In-depth Approach 18

19 Case Study Defense In-depth Approach 19

20 Case Study Resolves Made 1 Breach Detect Honeypots 2 Manage User access to web content accepted policies (Cloud Web Security) 3 Disaster recovery site + Cyber Insurance 4 DDoS Protection 5 DNS Url Filtering 6 Next-Gen Firewalls - Managed Firewall service 20

21 Case Study Resolves Made 7 IPS IPS software is continually updated with new signatures 8 PhishNet Inhouse Phishing Campaign 9 Secure Connect Send Data Safely Multi-authentication 10 Vulnerability Scanning + Patch Management + Internal Audits 11 Web Application Firewalls & Security 12 Penetration Testing PCI Compliance 21

22 Success in Defense In-depth Approach 22

23 Contact Us We want to hear from you. Get in touch with us PHONE info@is.co.ke WEBSITE