Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Défense In-Depth Security
Samson Oduor - Internet Solutions KenyaWatson Kamanga - Seacom
Internet Solutions is a division of Dimension Data 2
Siku Njema! – Good Day!
Internet Solutions is a division of Dimension Data 3
Defense In-depth Security Approach
SECTION 1Introductions
SECTION 2The Wild Wide Web
SECTION 3Cyber Breaches - Causes
SECTION 4Case - Study
SECTION 5Defense In-depth Approach
SECTION 6Questions
Internet Solutions is a division of Dimension Data 4
INTERNET SOLUTIONS - KENYA
IS was founded in 1993. It is an Internet Protocol Communication's Service Provider on the African Continent and a subsidiary of Dimension Data.
Products: Cloud, connectivity, Data Centers, Security and Communication Wholesale
Internet Solutions is a division of Dimension Data 5
SEACOM
SEACOM is a submarine cable operator with a network of submarine and terrestrial high-speed fibre-optic cable that serves the east and west coasts of Africa. SEACOM’s reach extends into Europe and the Asia-Pacific via India
As of June 2017, 51% of the world's population has internet access.WILD WIDE WEB (WWW)
Threat Period Response Time Impact
1ST Gen – Boot Virus
The 80’s Weeks Individual PC’s
2ND Gen – Macros Viruses and DoS
The 90’s Days Individual Networks
3RD Gen DDoS & Mixed threats
Minutes Multiple Networks
4TH Gen Flash threats, Massive “bot” – driven DDoS & Damaging payload worms.
Seconds Regional Networks & Global Infrastructure.
Current Dark-web; Ransomware
Immediately ALL
Cybercrimecriminal activities carried out by means of computers or the Internet.
1. Cyberbullying2. Cyberterrorism3. Cyberextortion4. Cyberwarfare5. Financial Fraud6. Fraud and Identity theft7. Information Warfare8. Phishing Scams9. Spam
10. Offensive/Obscene Content11. Drug Trafficking – Darknets12. Computer Viruses13. DDoS/DoS14. Malware
Downloading malicious software disguised as keygens, cracks, patches or downloading files via peer-to-peer networks (for example, torrents).
The Internet
Spam and Phishing
Vulnerabilities, bugs and glitches of software grant hackers remote access to your computer
Software Vulnerabilities
When you run a file from a removable media you can infect your computer and spread the virus to the drives of your machine.
Removable data storage media
Sources of Threats – Anywhere
Internet Solutions is a division of Dimension Data 9
Using various tricks, malefactors make users install their malicious software. Insider Threats
User Actions
Allows hackers to take over entire domains (pharming)
Network Vulnerabilities
Through Improperly configured firewalls and legacy firewall technology
Improper Configurations
Sources of Threats – Anywhere
Internet Solutions is a division of Dimension Data 10
Case Study.
Months Running to September 2017 the whole Internet was on high Alert due to Ransomware attacks.
Ransomware – malware that threatens to block (encrypt) access or infringe on data privacy unless a ransom is paid. Common mode of attack is through Trojans.
The Ransom is paid through the use of digital currencies making it difficult to trace the attacker. Payments are not guarantee of Decryption. Most recent notable attacks were WannaCry, Petya and Bad Rabbit.
2017 Ransomware Attacks
One of our customers engaged us after receiving a threat Email whose magnitude meant financial loss and reputation damage.
Threat E-mail to Customer – DDoS Warning
Internet Solutions is a division of Dimension Data 11
Case Study.
Months Running to the Month of September 2017 the whole Internet was on high Alert due to Ransomware attacks.
2017 Ransoware Attacks
One of our customers engaged us after receiving a threat Email whose magnitude meant financial loss and reputation damage.
Threat E-mail – DDoS Warning
Internet Solutions is a division of Dimension Data 12
Case Study.
Months Running to the Month of September 2017 the whole Internet was on high Alert due to Ransomware attacks.
2017 Ransoware Attacks
One of our customers engaged us after receiving a threat Email whose magnitude meant financial loss and reputation damage.
Threat E-mail – DDoS Warning
Internet Solutions is a division of Dimension Data 13
Case Study - Old Security Techniques
Internet Solutions is a division of Dimension Data 14
Everyone on the Internet is a suspect
Case Study - Old Security Techniques
Internet Solutions is a division of Dimension Data 15
1
2
3
4
5
6
Everyone within my organization is trustworthy
Security model built to lock outsiders
Hosts were protected with AV only and Firewall was everything !
Monitoring did not exist
Limited or no internal segmentations
Establishing the authenticity of the threat E-mail
Case Study - Defense In-depth Approach
Internet Solutions is a division of Dimension Data 16
1
2
3
4
5
6
Vulnerability and Penetration testing on client network
Quick work-arounds + Patch Management System
Deployment of Disaster recovery site and Activating our NOC/SOC Team
Cloud Scrubbing Phase
Review of Intenal Processes and Policies
Case Study – Defense In-depth Approach
Internet Solutions is a division of Dimension Data 17
Case Study – Defense In-depth Approach
Internet Solutions is a division of Dimension Data 18
Case Study – Defense In-depth Approach
Internet Solutions is a division of Dimension Data 19
Breach Detect – Honeypots
Case Study – Resolves Made
Internet Solutions is a division of Dimension Data 20
1
2
3
4
5
6
Manage User access to web content – accepted policies (Cloud Web Security)
Disaster recovery site + Cyber Insurance
DDoS Protection
DNS Url Filtering
Next-Gen Firewalls - Managed Firewall service
IPS – IPS software is continually updated with new signatures
Case Study – Resolves Made
Internet Solutions is a division of Dimension Data 21
7
8
9
10
11
12
PhishNet – Inhouse Phishing Campaign
Secure Connect – Send Data Safely – Multi-authentication
Vulnerability Scanning + Patch Management + Internal Audits
Web Application Firewalls & Email Security
Penetration Testing – PCI Compliance
Success in Defense In-depth Approach
Internet Solutions is a division of Dimension Data 22
Contact UsWe want to hear from you. Get in touch with us
www.is.co.ke/contact-us/
PHONE+ 254 20 360 0200
WEBSITEwww.is.co.ke