Cyber Security Trends & Awareness Christian Van Heurck Coordinator
Goal 2
Goal Numbers Threats & Trends Awareness 3
Bottom line 2 awareness 4
What is? 5
What is? a service of operated by 6
to help Belgian key resources, cri7cal informa7on providers and the Belgian public protect their IT- infrastructure by: providing informa/on on incidents, helping them to handle incidents, coordina/ng the response to major incidents, helping them develop their own CSIRT ac7vi7es, sharing data and knowledge. 7
Focus on helping! 8
Dealing with crime 9
What does do? 10
What does do? Brochure: hdps://www.cert.be/pro/files/brochure_fra.pdf hdps://www.cert.be/pro/files/brochure_ndl.pdf hdps://www.cert.be/pro/files/brochure_eng.pdf Flyer: hdps://www.cert.be/pro/files/onepager_fra.pdf hdps://www.cert.be/pro/files/onepager_ndl.pdf hdps://www.cert.be/pro/files/onepager_eng.pdf 11
Services Website: https://www.cert.be 12
Services Twitter en Delicious links: https://delicious.com/certbe https://twitter.com/cert.be 13
assets experts interna7onal network of trusted partners na7onal partners agility neutrality confiden7ality keyrole in.be cyberspace 14
Evolution of number of incidents 6000 4500 3000 1500 2009 2010 2011 2012 0 15
Evolution of number of incidents 16
Evolution of number of incidents 17
Evolution of number of incidents 18
Types of incidents in 2012 multiple 0,1% other 3,0% scans 26,1% system2incidents 24,1% vulnerability2reporting 0,7% worms2&2viruses 4,6% phishing 14,7% stolen2accounts 5,2% queries 4,3% SPAM2related 14,8% DoS2attacks 2,4% 19
Types of cyber threats cyber security cyber crime others 20
Bottom line 1 cyber security & cyber crime are a growing problem of our society 21
Bottom line 2 awareness 22
Aimed towards the Belgian popula/on also has the task to provide the Belgian popula7on with informa7on on computer security. This way everybody stays informed about threats and we provide 7ps to get online safely. 23
24
25
26
27
28
29
30
Trends lack of awareness 31
Trends cyber security cyber crime others 32
Trends cyber security & cyber crime are a growing problem of our society 33
Trends 34
Trends Sophistication increases Mobile usage increases Digital trust is important Tools are not enough The internet of things Snowden 35
Trends Cloud Always online & Big data Weakest link Insider All of the old stuff is still there Hacktivism DDoS 36
Trends Legal obligations Lack of skills / experience Not enough reporting Not enough sharing It all happens in Belgium too We need more exercices 37
Trends Accounts compromised Sony 77 million from PlayStation Network 25 million from Sony Online Entertainment Estimated cost: $1 billion in investigation Average estimated cost: $214 per lost record! CISCO estimates the pay-off for spear phishing attacks to 80 000$ 40 more time than mass attacks Source: Communication of the ACM November 2011 38
Anno 2013 39
Anno 2013 40
Anno 2013 41
Anno 2013 42
Anno 2013 43
Anno 2013 44
Anno 2013 45
Anno 2013 46
Trends 47
Anno 2013 Apple Microsoft Dropbox Belgacom 48
Trends 49
Trends 50
TLP 51
Trends 52
Trends 53
Trends 54
Trends 55
Conclusion It s ge=ng worse 56
Conclusion Over here in Belgium too 57
Conclusion smarter defence 58
Trends lack of awareness 59
Trends Report your incidents 60
Q&A report an incident: informa/on: press: website: rss feeds: newsleder: twider: awareness: cert@cert.be info@cert.be press@cert.be hdps://www.cert.be/pro hdps://www.cert.be/pro/syndica/on hdps://www.cert.be/pro/newsleder hdps://twider.com/certbe hdps://www.safeonweb.be KBC meeting 61