Embed Size (px)
Citation preview
Local Threat ReportVikram Kumar – Chief Executive, InternetNZ22/08/2012
© 2009 IBM Corporation
Building a smarter planet
About InternetNZ
Not for profit, open membership body Our goal is to protect and promote the Internet for New Zealand Combination of policy, advocacy with support for community groups Recognised delegated manager for .nz domain name space .nz is run by 2 subsidiaries. Gives us income independent of government and
commercial interests Result: independent organisation with a drive to benefit the wider community
2
© 2009 IBM Corporation
Building a smarter planet
A Personal Story
Advanced Persistent Threats
No one is too small or unimportant
New Zealand’s geographic isolation and low level of physical threats tends to be reflected in our relaxed thinking about Internet threats
3
© 2009 IBM Corporation
Building a smarter planet
Do You Have Special Risks?
Identify any special threats. In that case, conventional “signature-based” anti-virus approach is no longer sufficient.
Run critical national infrastructure?– Family of malware (Stuxnet and Flame), likely State-sponsored, sophisticated, made by
100-150 strong teams
– Now expanded to commercial targets: Gauss, from the same family, targets commercial banking
– Not known to target NZ specifically but could be collateral damage
– Work closely with government (National Cyber Security Centre)
4
© 2009 IBM Corporation
Building a smarter planet
Special Risks continued
Trade, or plan to do so, with certain countries?– Some countries and businesses routinely use malware for stealing business secrets
– Could be your supplier, lawyer or key staff
Commercially significant online operations?– Denial of Service attacks is a real threat
5
© 2009 IBM Corporation
Building a smarter planet
“Consumer” threats
Computer viruses and malware Credit card fraud Online scams Phishing Identity theft
securitycentral.org.nz
“In the last couple of years, more than 70% of New Zealanders have been the victims of some form of cyber crime” NetSafe
6
© 2009 IBM Corporation
Building a smarter planet
Attack Kits Are Changing the Economics
“Commoditisation” of Internet-based attacks One estimate is that 2/3rd of all online attacks can be traced to botnets and tool kits Most popular: MPack, NeoSploit, and ZeuS Typically priced from $40 to $8,000, depending on competition For example, basic ZeuS tool kit costs $2,000 in a range of colours and optional
modules (e.g. $2,000 more to hack Windows 7 computers; $2,000 for a Firefox form grabber; $1,000 for after-sales support; subscription to updates; etc.)
Used to steal financial and social networks credentials. A $4,000 investment in the ZeuS tool kit can easily return $50,000 to $100,000 with very little risk
7
© 2009 IBM Corporation
Building a smarter planet
How Big is the Problem?
Lack of neutral, credible statistics A security vendor’s 2011 report put cost to New Zealand from cyber crime at $625
million/year; more than 2,000 Kiwis affected every day. Another security vendor says cyber crime could cost NZ $4.7 billion every year Unbelievable numbers undermines seriousness of the issue Undermines ability to do a ‘cost/benefit analysis’ which should be at the heart of
your risk management and security strategy
“There has been no breach, that we are aware of, of New Zealand's banking system” TSB Bank
8
© 2009 IBM Corporation
Building a smarter planet
2 Local Initiatives Backed by Credible Numbers
New Zealand Internet Task Force (NZITF) is a group of cybersecurity professionals across government, industry, vendors, researchers, etc.
A number of working groups across certification, exercising, surveys, etc. I chair the Botnet Working Group Initiative 1: Removal of drive-by malware
– Drive-by malware infects users who simply visit an infected web page
– Website owner mostly unaware as source of malware is 3rd party advertising
– Honeypot project carried out by the Victoria University of Wellington with funding from InternetNZ
– Identified 241 malicious URLs in .nz domain over a 12 month period
– Pilot will work with NZ Police to send notices to website owners
9
© 2009 IBM Corporation
Building a smarter planet
2 Local Initiatives continued
Initiative 2: Infected customers’ devices– Statistics NZ survey indicates about 50,000 customer devices infected (zombies)
– ISPs take a variety of steps when notified or detect an infected customer
– May become a bigger problem once fibre brings ultra-fast broadband and bigger monthly data caps
– Initiative is to share best practices; improved information about infections; and consistent approach by participating ISPs
10
© 2009 IBM Corporation
Building a smarter planet
Summary
Overall, New Zealand cybersecurity threats are in line with international trends New Zealand’s geographic isolation and low level of physical threats tends to be
reflected in our relaxed thinking about Internet threats No one is too small or unimportant Identify any special threats. In that case, conventional “signature-based” anti-virus
approach is no longer sufficient. Off-the-shelf attack kits are commoditising cyber attacks Lack of neutral, credible statistics makes cost/benefit analysis difficult Several initiatives under way from a number of organisations, including
InternetNZ, under the umbrella of NZ Internet Task Force
11
© 2009 IBM Corporation
Building a smarter planet
Questions?
© Internet New Zealand Inc. 2012
Vikram Kumar
Chief Executive, InternetNZ
Email: [email protected]
12
