Network Intrusion Responder Program

Slides:



Advertisements
Similar presentations
© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.
Advertisements

4 Information Security.
OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
1 Telstra in Confidence Managing Security for our Mobile Technology.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
CYBER CRIME AND SECURITY TRENDS
Bank Crime Investigation Techniques by means of Forensic IT
Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Submitted by: Abhashree Pradhan CA (1)
Securing Information Systems
CIS 2200 Kannan Mohan Department of CIS Zicklin School of Business, Baruch College.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Physical Security By: Christian Hudson. Overview Definition and importance Components Layers Physical Security Briefs Zones Implementation.
Cybersecurity and the Department of Justice Vincent A. Citro, Assistant United States Attorney July 9-10, 2014 Unclassified – For Public Use.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.
8.1 © 2007 by Prentice Hall Minggu ke 6 Chapter 8 Securing Information Systems Chapter 8 Securing Information Systems.
Information Warfare Playgrounds to Battlegrounds.
Salary Possibilities Newly assigned Special Agents start at a yearly salary of $43,441, or also recognized as a GS-10, plus multiple other pay increases.
A PRACTICAL GUIDE TO RESPONDING TO A HEALTHCARE DATA SECURITY BREACH May 19, 2011 | State College, PA Matthew H. Meade Stephanie Winer-Schreiber.
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
An Introduction to Cyber Dr Mark Hawksworth Technology Practice Group Leader.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Scott Charney Cybercrime and Risk Management PwC.
Hurdles in implementation of cyber security in India.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
Safe’n’Sec IT security solutions for enterprises of any size.
MIS323 – Business Telecommunications Chapter 10 Security.
FBI Phoenix Computer Crime Squad SA Tom Liffiton 10/23/2003 Maricopa Association of Governments Telecommunications Advisory Group.
Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.
Cyber Crime in China: Current Situation and Countermeasures He Xing Cyber Crime Investigation Division Ministry of Public Security, China.
CYBERCRIME & ADVANCED PERSISTENT THREATS TEMITAYO OLOYEDE ( ) ATHABASCA UNIVERSITY ETHICAL, LEGAL, AND SOCIAL ISSUES IN INFORMATION TECHNOLOGY (COMP607)
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
October 28, 2015 Cyber Security Awareness Update.
NANDHA ENGINEERING COLLEGE ERODE-52. CYBER WAR-A NEW FACE OF TERRORISM Guided byGuided by E.Kanimozhi,M.EE.Kanimozhi,M.E AP/Dept of ITAP/Dept of IT PRESENTED.
Securing Information Systems
Proactive Incident Response
Protect your Digital Enterprise
Cyber Security Zafar Sadik
Fusion Center ITS security and Privacy Operations Joe Thomas
Cybersecurity - What’s Next? June 2017
Cloud Firewall.
Team 1 – Incident Response
Data Center Firewall.
Public Facilities and Cyber Security
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
The Best Way To Secure U R Self
Securing Information Systems
Partnering to Minimize the Impact of Data Compromises
Cyber Issues Facing Medical Practice Managers
Advanced Services Cyber Security 101 © ABB February, | Slide 1.
Information Security CIS 9002 Kannan Mohan Department of CIS
Malware, Phishing and Network Policies
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
Federal Protective Service
Objectives Telecommunications and Network Physical and Personnel
Faculty of Science IT Department By Raz Dara MA.
Physical Security.
Forensic and Investigative Accounting
Computer Security By: Muhammed Anwar.
M.Eng. Alessandro Mancuso Supervisor: Dr. Piotr Żebrowski
Chapter # 3 COMPUTER AND INTERNET CRIME
Presentation transcript:

Network Intrusion Responder Program Gateway ECTF Network Intrusion Responder Program NITRO SA Timothy Reboulet U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

NITRO- a set of skills to conduct a successful network intrusion investigation that adheres to a formal methodology to ensure the admissibility of evidence in court, and the apprehension of the intruder. U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Target Nieman Marcus Schnucks U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Types of Network Intrusion -Denial of Service (DoS) -Malicious Code (virus, worm, Trojan Horse) -Unauthorized Access -Inappropriate Usage -Multiple Component U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Traditional crime vs. Technology Based crime -Bank Robbery vs. Hacking -Credit Card Theft vs. Credit Card Theft Online Fraudulent calls vs. Phishing U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Networks Head Office Remote User Regional Office U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

-Intruder (advanced, intermediate, beginner) -Insider Attacker Profiles -Intruder (advanced, intermediate, beginner) -Insider U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

-Social or Political Agenda -Espionage -Terrorism Attacker Motivations -Money -Entertainment -Fame and Recognition -Social or Political Agenda -Espionage -Terrorism U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Opportunistic vs. Targeted Attacks -Opportunistic (POS, Mass Malware, SQL injection) -Targeted (APT-style attacks, State-sponsored espionage, SCADA attacks) U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Stages of a Breach -Reconnaissance -Infiltration -Propagation -Capture -Exfiltration U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Detection U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Initial Breach vs. Detection Self Detection 28 days Law Enforcement 51.5 days Public Detection 87.5 days Regulatory Detection 156.5 days U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Overview of Investigation Process -Scope Assessment -Data Acquisition -Forensic Analysis -Threat Detection -Containment and Remediation U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Questions?

Critical Systems Protection U.S. SECRET SERVICE Critical Systems Protection

OBJECTIVE The CSP Program seeks to identify networks of interest (NOI) and assess which computer networks, process-control systems or remotely-controlled devices could, if compromised, indirectly or directly impact the Secret Service-led operational security plan and/or affect the safety of the protectee(s).

MISSION -- Mitigate risk to Secret Service Protectees posed by information systems -- Lead the Critical Infrastructure Protection Sub-committee for National Special Security Events OVERALL GOAL -- Provide a secure cyber-environment for the Secret Service Protectees.

Critical Systems – USSS ENERGY ILLUMINATION HVAC (environmental) SECURITY & OBSERVATION ACCESS CONTROL (physical/virtual) INFORMATION TECHNOLOGY SAFETY TELECOMMUNICATIONS INTERNAL TRANSPORTATION AUDIO & VISUAL CONTROL SYSTEMS Examples of Critical Systems Access Control (physical/virtual) Audio (public address) CCTV (coaxial and wireless) Electrical Elevators Fire Detection HVAC (environmental) Information Networks Panic Alarm Personnel (insider threat) Security Policy (comprehensive) Signage (jumbotrons) Telecommunications

Questions? U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

SA Timothy Reboulet U.S. Secret Service timothy.reboulet@usss.dhs.gov 314-539-2238 U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Craig Byrkit – FBI Joey Smith – Schnucks Break Roundtable Questions U.S. Department of Homeland Security United States Secret Service 11/13/2018 Timothy R. Reboulet

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.