Cyber Security Incidents - Shocked The World

1
Cyber Security Incidents

• 5 Incidents That Shocked The World

2
Introduction

• As technology becomes increasingly interwoven
  with societies around the globe, the number of
  large-scale cyber attacks on companies,
  institutions, and governments is escalating. In
  the last few years, we have seen a number of
  cyber security disasters that have had broad,
  destructive implications for companies and
  consumers alike. Lets take a look at some of the
  most colossal cyber security incidents

3
Equifax Breach

• Earlier this month, the cybersecurity world
  experienced the Equifax earthquake. Considered
  the worst data breach in US history to date,
  attackers stole half of the US populations
  Social Security numbers. Between lawsuits, stock
  price collapse, personnel changes, the ripple
  effect of this breach is absolutely off the
  charts. As security professional, particularly
  troubling is the evidence that the bad guys were
  lurking inside the Equifax ecosystem since March.

4
Shadow Brokers Leak NSA Tools

• In April 2017, one of the largest national
  security cyber incidents took place when a group
  known as the The Shadow Brokers gained access
  to classified NSA data and tools, leaking them
  online. It was the first of what would be a
  number of leaks containing highly classified data
  and tools used to exploit and enter networks and
  systems. As the world prepared for a long Easter
  weekend, the group released nearly 300 megabytes
  of classified NSA data.

5
Powerful Cache Of Exploits

• The data included a number of compiled binaries
  for exploits that targeted vulnerabilities in
  many systems, most notably Windows systems. The
  exploits had been used by the NSA for national
  security purposes. The leak of the materials,
  the most powerful cache of exploits ever
  released according to cyber security expert
  Matthew Hickey, put a handful of classified U.S.
  cyber weapons into the hands of anyone who could
  download them.

6
WannaCry

• One month after the NSA leaks came the WannaCry
  ransomware attack, using some of the data and
  tools from the leak. WannaCry is a ransomware
  cryptoworm that targets computers that run
  Microsoft Windows operating system. It worked by
  encrypting data on the system and demanding that
  users pay a ransom payment in BitCoin to release
  the files. The attack mostly targeted older
  Windows systems running Windows 7, Windows 8.1,
  and several versions of Windows Server.

7
Target Credit Card Hack

• While most cyber security automation scandals
  might not resonate with the general public, the
  Target credit card hack really hit home for
  consumers. In December 2013, Target announced
  that their system had been compromised, and that
  credit and debit card data from 40 million
  accounts had been stolen. To make matters worse,
  the company took heat for waiting three weeks to
  announce the hack, which took place on Black
  Friday.

8
HBO Hack

• In a more recent example, a hacker or group of
  hackers that go by the name Mr. Smith were able
  to infiltrate HBO networks and steal data that
  included scripts, outlines, and internal
  documents.
• When HBO did not comply with early requests, the
  group began to leak small portions of the hack
  online. According to sources within HBO, the
  group continually sent instigative videos
  regarding the leak to HBO Chief Executive Richard
  Plepler.

9
Security Incident Management

• These represent some of the largest cyber
  security incidents in history, shocking the world
  as they unraveled. This is a huge wake-up call
  for folks who havent prioritized security
  incident management. Theres a clear blind spot
  in the entertainment industry where cyber
  security is not yet regarded as top priority, as
  weve seen by the recent Game of Thrones hack. As
  these cyber security incidents grow in size and
  consequence it is absolutely essential we do
  everything in our power to assess, manage and
  prevent these attacks as best we can.

10
Conclusion

• The ability to correlate alerts in real time,
  with proper context, manage cases efficiently and
  respond effectively has never been more pressing
  than today. Once we get beyond the immediate
  patchwork of solutions and accept that these
  attacks will inevitably continue, we need to
  think about how to best bolster response.
  Security orchestration and automation are
  increasingly being looked to boost efficiency and
  effectiveness of security operations and incident
  response activities from initial alert through to
  remediation.