Protect Yourself in the Cloud Age

Transcription

1 Protect Yourself in the Cloud Age Matthew Wu Consultant Hong Kong Computer Emergency Response Team Coordination Centre

2 About HKCERT HKCERT ( 香 港 電 腦 保 安 事 故 協 調 中 心 ) Established in 2001 Funding & Operation 100% funded by the HKSAR Government Operated by HKPC Role Local constituency: Internet Users and SME International: POC of cyber security incidents

3 Services Incident Response Cross Border Coordination Early Warning and Advices Awareness Promotion

4 HKCERT Statistics

5 Security Incident Reports Handled 1, , % +52%

6 Distribution of Security Incident Reports Handled Others, 13 Defacement, 214 Botnet, 423 Phishing, 384 DDoS, 55 Malware, Hacking, Scanning, 504 Involving smartphone = 37

7 Invisible Bots (Unreported compromised computers) 9,575 Mostly home computers 8,657 8,374 Q Q Q4 2013

8 Assist Bot Clean Up Work with ISPs to clean up unreported bots Provide steps and tools for users Content Management System (CMS) - Joomla - Wordpress

9 Incident in the Cloud Do incidents happen in the Cloud? What is it?? 11,491 news articles on cloud computing-related outages from 39 news sources between Jan 2008 and Feb 2012 were reviewed. The investigation revealed that the top three threats were 1. Insecure Interfaces & APIs 2. Data Loss & Leakage 3. Hardware Failure These three threats accounted for 64% of all Cloud outage incidents Source: CSA Cloud Computing Vulnerability Incidents: A Statistical Overview

10 Incident in the Cloud 25 % of reported cloud incident did not reveal the causes of the outages. Now cloud service providers became more transparent with their reports of incidents.

11 Service Status Dashboard

12 Outage of Cloud Services Providers 2013 Amazon (Jan, Aug, Sep) Dropbox (Jan, May) Facebook (Jan, Jun) Microsoft Office 365 and Outlook.com (Jan, Aug, Nov) Microsoft Azure cloud (Feb, Nov) Google Drive (Mar) CloudFlare (Mar) Twitter (Jun) Google Services (Jul, Aug, Sep) Apple icloud (Aug) Verizon (Oct) Yahoo Mail (Dec) Source: InfoWorld

13 Cloud Service Providers

14 How to protect yourself "Information Security Starts from Me 資 訊 保 安 從 我 做 起 "

15 How to protect yourself How do you manage a cloud service? Client PC (Windows, Mac, Linux or mobile devices ) Web Browser Customized GUI client (provided by CSP) Mobile Apps

16 How to protect yourself Baseline Update security and software patch regularly (Operating system, Web Browser and application software) Do not root or jailbreak devices Update GUI Client provided by service providers Install security software (PC and mobile devices)

17 How to protect yourself Identification and Authentication Use 2 Factor authentication (if available) Use strong password for each account Do not share user account Use different passwords for different accounts. Change password periodically. Review account privilege regularly. Disable or delete account if not in use.

18 How to protect yourself Data Protection Data classification - Assess the risk before you store data on Cloud Ownership of the data on the cloud Use encryption (SSL) when transmit data between office and cloud Encrypt the data on cloud if available (be careful of key management) or encrypt by yourself Backup and restore (online and offline) Compatibility on data format or application API

19 How to protect yourself Access Use only trustworthy devices to administrate or access cloud services. Access permission (system and data level) Log off the cloud service after use

20 How to protect yourself Monitoring Health status / outage monitoring Performance Incident management Logging (unauthorized access)

21 How to protect yourself Contingency Plan Outage of internet connection Backup connection? Outage of cloud service provider Switch to alternative geo location or backup cloud service provider? Switch to private cloud? Emergency contact Help desk support (24x7?)

22 To learn more about Cloud Computing InfoCloud ( 雲 資 訊 ) Cloud Security Alliance

23 Security Guideline Security Tools Mobile Security Tools HKCERT Mobile App Search by keyword: HKCERT

24 Thank You HKCERT Contact (24 hrs)