Download presentation
Presentation is loading. Please wait.
Published byEden Chamblin Modified over 9 years ago
1
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Advanced Persistent Threat Assessment Services AT&T Security Solutions
2
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. APT Attacks on the Rise 2 2/103/104/105/106/107/108/109/1010/1011/1012/101/112/113/114/115/116/117/118/11 Stolen search source code (Operation Aurora – APT) Stuxnet disables Iranian nuclear power plant (APT) Major data breach Anonymous attacks (DDOS) Stolen records (APT) APT event Major Breach Major Breaches (DDOS/APT) LulzSec Posting Egypt Breach WikiLeaks revenge (DDOS) Russian APT (Lurid/APT) Google Citi Visa PayPal MasterCard RSA Lockhead Martin SONY Oak Ridge National Laboratory PBS
3
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Advanced Persistent Threat -Definition Advanced Taking advantage of latest techniques Leverages Open Source Intelligence and Social Networks Usually involves knowledge of specific operating system or application compromises Code Reversing and Fuzzing techniques can help locate unique weaknesses in specific targeted systems Persistent Intent dedication –resilience even after system reboot Almost always has a (C&C) Command and Control capability Patient / Latent ability … can go to sleep for months Threat Signatures / Vectors 3
4
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Reconnaissance Initial Intrusion into the Network Establish a Backdoor into the Network Obtain User Credentials Install Various Utilities Privilege Escalation / Lateral Movement / Data Exfiltration Maintain Persistence APT Attack and Exploitation Lifecycle 4 Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7
5
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. 5 Key Targets and Threats
6
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Valid, high impact risk Targets your core valuables, your security Persistent, stealthy, controlled, exfiltration Needs focused, ongoing action Step Up Your Game Take actions that Prevent, Detect and Respond Reduce the attack surface and inevitable response time Focus on your key targets Incremental, actionable approaches (existing, new) 6 Advanced Persistent Threat What you should know
7
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Features and Potential Benefits The review covers three main areas of interest: Operational Readiness Review Network Architecture Assessment Social Engineering Review This assessment helps you: Assess how prepared your organization is to detect and respond to a targeted or advanced threat Identify vulnerabilities in your security which could be used by a sophisticated actor to gain access Heighten the capabilities of your team to respond to a targeted cyber attack 7
8
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. How can you prepare? Monitor and address Advanced Persistent Threats in real-time 24/7/365 Get visibility into threats beyond the edge of your network Get visibility and analysis into what’s happening inside your network 123 8
9
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. APT Preparedness Assessment Evaluates your organization’s ability to detect, resist and respond to a targeted or advanced threat. Helps organizations understand their exposure to targeted threats, including Advanced Persistent Threats (APT), and take action to reduce their risk of compromise. Assessment Components – Target Definition – Operational Readiness Review – Network Architecture Review – Social Engineering Assessment 9
10
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. 10 Identify and classify business assets and data stores Conduct vulnerability assessment across critical infrastructure Quantify risk with highest value assets and highest vulnerabilities atop the list Review security measures protecting critical business assets APT Preparedness Assessment Steps Identify incident response team (including legal and business owners) Communication plan, including law enforcement if necessary Schedule/conduct incident response dry run Identify key individuals most likely to be the target of social engineering attacks (due to high levels of access) Implement aggressive access control by restricting network access of key individuals to ‘business need to know’ Employee training- Prioritize high-risk individuals and work groups
11
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Elevator Pitch 11 Correlate your current state to the risk from Advanced Persistent Threat (APT) actors Questions on your Business Client’s mind How do I protect my organization and its assets? What organized elements may be targeting our organization? How can we detect Advanced Persistent Threats when they strike? How do we determine if our organization has already been compromised? How vigilant are our employees to the types of methods APT actors may use? What would motivate an adversary to target your organization Assess your current state and assets 1 Identify risk from Advanced Threats 2
12
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. 12
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.