DOCSLIB.ORG

SSL-Based Cyber-Attacks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

TABLE OF CONTENTS 01 Executive Summary • Top Level Findings • Threat Landscape Trends 02 Methodology and Sources • Information Security Industry Survey • Radware Emergency Response Team Cases 03 Threat Landscape • Anatomy of a Hacker: Profiles, Motivations & Tools of the Trade • Business Concerns of Cyber-Attacks • Cyber-Attack Ring of Fire • Attack Vector Landscape 04 Emerging Perils • The Bottom Line: The Rise of Cyber Ransom • Friend Turned Enemy: SSL-Based Cyber-Attacks • Internet of Threats: IoT Botnets and the Economics of DDoS Protection • Evolve and Adapt: Why DevOps is Raising the Bar for Security Solutions 05 Third-Party Viewpoints • From the Corner Office: Views from a Chief Information Security Officer • From the Frontlines: How a Multinational Bank Handled a Ransom Threat and SSL-Based Attack • See Through the DDoS Smokescreen to Protect Sensitive Data • Adaptive Security: Changing Threats Require a New Security Paradigm 06 Building a Cyber-Resilient Business • Calculating the Cost of a Cyber-Attack • Planning a Cyber Security Strategy 07 Cyber Security Predictions • Radware’s Cyber Security Prediction Report Card • What’s on the Horizon – Four Predictions for 2017 08 Respondent Profile 09 Credits • Authors • Advisory Board 01 EXECUTIVE SUMMARY What do cyber-attacks have in common with hurricanes, tornados and earthquakes? All are realities in our world. No matter how common or uncommon they may be, failing to prepare for any of them will lead to costs that could be unbearable—or worse. Radware’s annual Global Application & Network Security Report is designed for the entire security community and will help in understanding the following: • The threat landscape—who the attackers are, their motives and tools • Potential impact on your business, including associated costs of different cyber-attacks • How your preparedness level compares to other organizations • Experiences of organizations in your industry • Emerging threats and how to protect against them • Predictions for 2017 In addition to outlining the findings and analysis of our 2016 security industry survey, this report reflects our Emergency Response Team’s (ERT) in-the-trenches experiences fighting cyber-attacks and offers advice for organizations planning for cyber-attack protection in 2017. It also incorporates perspectives of third-party service providers. This report offers a detailed review of: • Known and common attacks of the past year (that is, what most people are attempting to secure against) • Known and uncommon attacks (that is, what top-performing organizations attempt to address—security incidents akin to the natural disasters cited above) • Unknown attack forecast (that is, what has yet to demonstrate itself with evidence but is VERY “forecastable”) RADWARE GLOBAL APPLICATION & NETWORK SECURITY REPORT 2016-2017 3 Top-Level Findings can be detected only through intelligent automation. 98% of Organizations Experienced Attacks in 2016 Non-Volumetric DoS: Alive and Kicking Analysis: Cyber-attacks became a way of life for Despite astonishing volumes, neither the number of nearly every organization in 2016. This trend will victims nor the frequency of attacks has grown. Most continue in 2017. non-volumetric DDoS attacks are in relatively lower volumes, with 70% below 100Mbps. Rate-based IoT Botnets Open the 1TBps Floodgates security solutions continue to fall short, requiring Analysis: This exemplifies why preparing for companies to rethink their security strategy and “common” attacks is no longer enough. This event embrace more sophisticated solutions. Without those introduced sophisticated vectors, such as GRE floods upgrades, there is a good chance an organization will and DNS water torture. experience, yet lack visibility into service degradation. Cyber-Ransom Proves Easiest, Most Increased Attacks Against Lucrative Tool for Cybercriminals Governmental Institutions Analysis: Almost all ransom events have a different 2016 brought a new level of politically affiliated cyber attack vector, technique or angle. There are hundreds protests. While the U.S. presidential election was in of encrypting malware types, many of which were the spotlight, the media reported on a different breach developed and discovered this year as part of the hype. almost weekly. These incidents happened across the Also, DDoS for ransom groups are professionals who globe, with regimes suffering from cyber-attacks due to leverage a set of network and application attacks to alleged corruption or perceived injustices. demonstrate their intentions and power. SSL-Based Attacks Continue to Grow Cyber-Attacks Cost Almost Although 39% report suffering an SSL-based attack, Twice What You May Think only 25% confidently state they can mitigate it. Analysis: Most companies have not come up with a precise calculation of the losses associated with a DDoS Attacks Are Becoming Shorter cyber-attack. Those who have quantified the losses Burst attacks are increasing thanks to their estimate the damage at nearly double the amount effectiveness against most mitigation solutions. compared to those who estimate. Uncrossed Chasm? Security Strategy Stateful Devices: #1 Point of Failure Evolves More Slowly Than It Should Analysis: Common IT devices, including firewalls, While hackers continue to develop new attack tools application delivery controllers and intrusion protection and techniques, 40% of organizations do not have an systems, now represent the greatest risk for an incident response plan in place. Seventy percent do outage. Consequently, they require a dedicated attack- not have cyber-insurance. And despite the prevalence mitigation solution to protect them. of ransomware, only 7% keep Bitcoin on hand. What’s more, 75% of companies do not employ hackers in Threat Landscape Trends their security teams, and 43% say they could not cope Data Leakage + SLA Impact with an attack campaign lasting more than 24 hours. Are Top Concerns Data leakage and service level impact often come Threats never stand still. together, with a DDoS attack serving as a smokescreen that distracts IT teams so data can be infiltrated. Neither can you. Mirai Rewrites the Rules Radware encourages you to use our findings and As the first IoT open-source botnet, Mirai is changing analysis as you design security strategies against the rules of real-time mitigation and makes security cyber-attacks and work to reduce the costs associated automation a must. It isn’t just that IoT botnets can with them. Apply these insights to understand the real facilitate sophisticated L7 attack launches in high and meaningful changes that have occurred to the volumes. The fact that Mirai is open-source code threat landscape, to explore potential changes to your means hackers can potentially mutate and customize investments in protection strategies, and to look ahead it—resulting in an untold variety of new attack tools that to how possible threats may evolve into real attacks. 4 RADWARE GLOBAL APPLICATION & NETWORK SECURITY REPORT 2016-2017 02 METHODOLOGY AND SOURCES Combining statistical research and frontline experience, this report identifies trends that can help educate the security community. It draws information from the following sources: Information Security Industry Survey The quantitative data source is an industry-wide survey conducted by Radware. This year’s survey had 598 individual respondents representing a wide variety of organizations around the world. The study builds on prior years’ research, collecting vendor-neutral information about issues that organizations faced while planning for and combating cyber-attacks. On average, responding organizations have annual revenue of USD $1.9 billion and about 3,000 employees. Ten percent are large organizations with at least USD $5 billion in annual revenue. Respondents represent more than 12 industries, with the largest number coming from the following: professional services and consulting (15%), high tech products and services (15%), banking and financial services (12%) and education (9%). The survey provides global coverage—with 44% of respondents from North America, 26% from Europe and 20% from Asia. Additionally, 44% of the organizations conduct business worldwide. Radware Emergency Response Team Case Studies Radware’s Emergency Response Team (ERT) is composed of dedicated security consultants who actively monitor and mitigate attacks in real time. The ERT provides 24x7 security services for customers facing cyber- attacks or malware outbreaks. As literal “first responders” to cyber-attacks, ERT members have successfully dealt with some of the industry’s most notable hacking episodes. This team provides knowledge and expertise to mitigate the kinds of attacks that an in-house security team may never have handled. Throughout the report, ERT members highlight how these front-line experiences fighting cyber-attacks provide deeper forensic analysis than surveys alone or academic research. RADWARE GLOBAL APPLICATION & NETWORK SECURITY REPORT 2016-2017 5 THREAT LANDSCAPE 03 Anatomy of a Hacker: Profiles, Motivations & Tools of the Trade Hacking used to require a distinct set of skills and capabilities. These days, attack services are bought and sold via marketplaces on the Clearnet and Darknet—a phenomenon that’s closing the gap between skilled and amateur hackers and fueling an exponential increase in threats. Thanks to the growing array of online marketplaces, it’s now possible to wreak havoc even if you know virtually nothing about computer programming or networks. As attack
Recommended publications
  • (U//Fouo) Assessment of Anonymous Threat to Control Systems

    (U//Fouo) Assessment of Anonymous Threat to Control Systems

    UNCLASSIFIED//FOR OFFICIAL USE ONLY A‐0020‐NCCIC / ICS‐CERT –120020110916 DISTRIBUTION NOTICE (A): THIS PRODUCT IS INTENDED FOR MISION PARTNERS AT THE “FOR OFFICIAL USE ONLY” LEVEL, ACROSS THE CYBERSECURITY, CRITICAL INFRASTRUCTURE AND / OR KEY RESOURCES COMMUNITY AT LARGE. (U//FOUO) ASSESSMENT OF ANONYMOUS THREAT TO CONTROL SYSTEMS EXECUTIVE SUMMARY (U) The loosely organized hacking collective known as Anonymous has recently expressed an interest in targeting inDustrial control systems (ICS). This proDuct characterizes Anonymous’ capabilities and intent in this area, based on expert input from DHS’s Control Systems Security Program/Industrial Control Systems Cyber Emergency Response Team (ICS‐CERT) in coordination with the other NCCIC components. (U//FOUO) While Anonymous recently expressed intent to target ICS, they have not Demonstrated a capability to inflict Damage to these systems, instead choosing to harass and embarrass their targets using rudimentary attack methoDs, readily available to the research community. Anonymous does have the ability to impact aspects of critical infrastructure that run on common, internet accessible systems (such as web‐based applications and windows systems) by employing tactics such as denial of service. Anonymous’ increased interest may indicate intent to Develop an offensive ICS capability in the future. ICS‐CERT assesses that the publically available information regarding exploitation of ICS coulD be leveraged to reDuce the amount of time to develop offensive ICS capabilities. However, the lack of centralized leadership/coordination anD specific expertise may pose challenges to this effort. DISCUSSION (U//FOUO) Several racist, homophobic, hateful, and otherwise maliciously intolerant cyber and physical inciDents throughout the past Decadea have been attributeD to Anonymous, though recently, their targets and apparent motivations have evolved to what appears to be a hacktivist1 agenda.
  • Malpedia: a Collaborative Effort to Inventorize the Malware Landscape

    Malpedia: a Collaborative Effort to Inventorize the Malware Landscape

    Malpedia: A Collaborative Effort to Inventorize the Malware Landscape Daniel Plohmann @push_pnx [email protected] 2017-12-07 | Botconf, Montpellier Martin Clauß martin.clauß@fkie.fraunhofer.de Steffen Enders [email protected] Elmar Padilla [email protected] 1 © Cyber Analysis and Defense Department, Fraunhofer FKIE $whoami Daniel Plohmann Security Researcher @ Fraunhofer (Europe‘s largest organisation for applied research) Research Scope: Malware Analysis Reverse Engineering Automation 2 © Cyber Analysis and Defense Department, Fraunhofer FKIE Outline Summary Motivation (or: how it began) Approach The Malpedia Corpus & Platform A Comparative Structural Analysis of Windows Malware Future Plans / Conclusion 3 © Cyber Analysis and Defense Department, Fraunhofer FKIE Summary 4 © Cyber Analysis and Defense Department, Fraunhofer FKIE Summary TL;DR What is Malpedia? A free, independent, pooled resource for confidently labeled, unpacked reference samples for malware families and versions Meta data tracker for info such as references (analysis reports, blogs, …), YARA rules, actors, tied to these families Status (2017-12-01): 2491 samples for 669 families, multi-platform (WIN, ELF, APK, OSX, …) Our Contributions Definition of requirements for malware corpora and a reference corpus + platform implementing these A Comprehensive, quantitative static analysis of structural features for 446 Windows malware families 5 © Cyber Analysis and Defense Department, Fraunhofer FKIE Motivation … or
  • Identifying Threats Associated with Man-In-The-Middle Attacks During Communication Between a Mobile Device and the Back End Server in Mobile Banking Applications

    Identifying Threats Associated with Man-In-The-Middle Attacks During Communication Between a Mobile Device and the Back End Server in Mobile Banking Applications

    IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661, p- ISSN: 2278-8727Volume 16, Issue 2, Ver. IX (Mar-Apr. 2014), PP 35-42 www.iosrjournals.org Identifying Threats Associated With Man-In-The-Middle Attacks during Communication between a Mobile Device and the Back End Server in Mobile Banking Applications Anthony Luvanda1,*Dr Stephen Kimani1 Dr Micheal Kimwele1 1. School of Computing and Information Technology, Jomo Kenyatta University of Agriculture and Technology, PO Box 62000-00200 Nairobi Kenya Abstract: Mobile banking, sometimes referred to as M-Banking, Mbanking or SMS Banking, is a term used for performing balance checks, account transactions, payments, credit applications and other banking transactions through a mobile device such as a mobile phone or Personal Digital Assistant (PDA). Mobile banking has until recently most often been performed via SMS or the Mobile Web. Apple's initial success with iPhone and the rapid growth of phones based on Google's Android (operating system) have led to increasing use of special client programs, called apps, downloaded to the mobile device hence increasing the number of banking applications that can be made available on mobile phones . This in turn has increased the popularity of mobile device use in regards to personal banking activities. Due to the characteristics of wireless medium, limited protection of the nodes, nature of connectivity and lack of centralized managing point, wireless networks tend to be highly vulnerable and more often than not they become subjects of attack. This paper proposes to identify potential threats associated with communication between a mobile device and the back end server in mobile banking applications.
  • Rethinking Documentary Photography

    Rethinking Documentary Photography

    RETHINKING DOCUMENTARY PHOTOGRAPHY: DOCUMENTARY AND POLITICS IN TIMES OF RIOTS AND UPRISINGS —————————————————— A Thesis Presented to The Honors Tutorial College Ohio University —————————————————— In Partial Fulfillment of the Requirements for Graduation from the Honors Tutorial College with the degree of Bachelor of Arts in Art History —————————————————— by Jack Opal May 2013 Introduction I would like to think about documentary photography. In particular, I would like to rethink the limits of documentary photography for the contemporary. Documentary, traditionally, concerns itself with the (re)presentation of factual information, constitutes a record.1 For decades, documentary – and especially social documentary – has been under siege; its ability to capture and convey and adequately represent “truth” thrown into question, victim to the aestheticization of the objects, fading trust in their authors, and technological development. So much so that the past three decades have prompted photographer, documentarian, and art historian Martha Rosler to question first its utility, then its role, and finally its future in society. All of this has opened up the possibility and perhaps the need to reconsider the conditions and purpose of documentary practice, and to consider the ways in which it has been impacted by recent technological and historical developments. The invention of the internet and the refinement of the (video) camera into ever more portable devices and finally into the smartphone, and the rise to ubiquity within society of these inventions, signifies a major shift in documentary. So, too, have certain events of the past two decades – namely, the beating of Rodney King (and the circulation of the video of that event) and the development and adoption of the occupation as a major tactic within the political left.
  • About the Sony Hack

    About the Sony Hack

    All About the Sony Hack Sony Pictures Entertainment was hacked in late November by a group called the Guardians of Peace. The hackers stole a significant amount of data off of Sony’s servers, including employee conversations through email and other documents, executive salaries, and copies of unreleased January/February 2015 Sony movies. Sony’s network was down for a few days as administrators worked to assess the damage. According to the FBI, the hackers are believed have ties with the North Korean government, which has denied any involvement with the hack and has even offered to help the United States discover the identities of the hackers. Various analysts and security experts have stated that it is unlikely All About the Sony Hack that the North Korean government is involved, claiming that the government likely doesn’t have the Learn how Sony was attacked and infrastructure to succeed in a hack of this magnitude. what the potential ramifications are. The hackers quickly turned their focus to an upcoming Sony film, “The Interview,” a comedy about Securing Your Files in Cloud two Americans who assassinate North Korean leader Kim Jong-un. The hackers contacted Storage reporters on Dec. 16, threatening to commit acts of terrorism towards people going to see the Storing files in the cloud is easy movie, which was scheduled to be released on Dec. 25. Despite the lack of credible evidence that and convenient—but definitely not attacks would take place, Sony decided to postpone the movie’s release. On Dec. 19, President risk-free. Obama went on record calling the movie’s cancelation a mistake.
  • Recent Developments in Cybersecurity Melanie J

    Recent Developments in Cybersecurity Melanie J

    American University Business Law Review Volume 2 | Issue 2 Article 1 2013 Fiddling on the Roof: Recent Developments in Cybersecurity Melanie J. Teplinsky Follow this and additional works at: http://digitalcommons.wcl.american.edu/aublr Part of the Law Commons Recommended Citation Teplinsky, Melanie J. "Fiddling on the Roof: Recent Developments in Cybersecurity." American University Business Law Review 2, no. 2 (2013): 225-322. This Article is brought to you for free and open access by the Washington College of Law Journals & Law Reviews at Digital Commons @ American University Washington College of Law. It has been accepted for inclusion in American University Business Law Review by an authorized administrator of Digital Commons @ American University Washington College of Law. For more information, please contact [email protected]. ARTICLES FIDDLING ON THE ROOF: RECENT DEVELOPMENTS IN CYBERSECURITY MELANIE J. TEPLINSKY* TABLE OF CONTENTS Introduction .......................................... ..... 227 I. The Promise and Peril of Cyberspace .............. ........ 227 II. Self-Regulation and the Challenge of Critical Infrastructure ......... 232 III. The Changing Face of Cybersecurity: Technology Trends ............ 233 A. Mobile Technology ......................... 233 B. Cloud Computing ........................... ...... 237 C. Social Networking ................................. 241 IV. The Changing Face of Cybersecurity: Cyberthreat Trends ............ 244 A. Cybercrime ................................. ..... 249 1. Costs of Cybercrime
  • Alcatel-Lucent Security Advisory Sa0xx

    Alcatel-Lucent Security Advisory Sa0xx

    Alcatel-Lucent Security Advisory No. SA0053 Ed. 04 Information about Poodle vulnerability Summary POODLE stands for Padding Oracle On Downgraded Legacy Encryption. The POODLE has been reported in October 14th 2014 allowing a man-in-the-middle attacker to decrypt ciphertext via a padding oracle side-channel attack. The severity is not considered as the same for Heartbleed and/or bash shellshock vulnerabilities. The official risk is currently rated Medium. The classification levels are: Very High, High, Medium, and Low. The SSLv3 protocol is only impacted while TLSv1.0 and TLSv1.2 are not. This vulnerability is identified CVE- 2014-3566. Alcatel-Lucent Enterprise voice products using protocol SSLv3 are concerned by this security alert. Openssl versions concerned by the vulnerability: OpenSSL 1.0.1 through 1.0.1i (inclusive) OpenSSL 1.0.0 through 1.0.0n (inclusive) OpenSSL 0.9.8 through 0.9.8zb (inclusive) The Alcatel-Lucent Enterprise Security Team is currently investigating implications of this security flaw and working on a corrective measure, for OpenTouch 2.1.1 planned in Q4 2015, to prevent using SSLv3 that must be considered as vulnerable. This note is for informational purpose about the padding-oracle attack identified as “POODLE”. References CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 Advisory severity CVSS Base score : 4.3 (MEDIUM) - AV:N/AC:M/Au:N/C:P/I:N/A:N https://www.openssl.org/news/secadv_20141015.txt https://www.openssl.org/~bodo/ssl-poodle.pdf Description of the vulnerabilities Information about Poodle vulnerability (CVE-2014-3566).
  • Internet Security Threat Report Volume 24 | February 2019

    Internet Security Threat Report Volume 24 | February 2019

    ISTRInternet Security Threat Report Volume 24 | February 2019 THE DOCUMENT IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENT. THE INFORMATION CONTAINED IN THIS DOCUMENT IS SUBJECT TO CHANGE WITHOUT NOTICE. INFORMATION OBTAINED FROM THIRD PARTY SOURCES IS BELIEVED TO BE RELIABLE, BUT IS IN NO WAY GUARANTEED. SECURITY PRODUCTS, TECHNICAL SERVICES, AND ANY OTHER TECHNICAL DATA REFERENCED IN THIS DOCUMENT (“CONTROLLED ITEMS”) ARE SUBJECT TO U.S. EXPORT CONTROL AND SANCTIONS LAWS, REGULATIONS AND REQUIREMENTS, AND MAY BE SUBJECT TO EXPORT OR IMPORT REGULATIONS IN OTHER COUNTRIES. YOU AGREE TO COMPLY STRICTLY WITH THESE LAWS, REGULATIONS AND REQUIREMENTS, AND ACKNOWLEDGE THAT YOU HAVE THE RESPONSIBILITY TO OBTAIN ANY LICENSES, PERMITS OR OTHER APPROVALS THAT MAY BE REQUIRED IN ORDER FOR YOU TO EXPORT, RE-EXPORT, TRANSFER IN COUNTRY OR IMPORT SUCH CONTROLLED ITEMS. TABLE OF CONTENTS 1 2 3 BIG NUMBERS YEAR-IN-REVIEW FACTS AND FIGURES METHODOLOGY Formjacking Messaging Cryptojacking Malware Ransomware Mobile Living off the land Web attacks and supply chain attacks Targeted attacks Targeted attacks IoT Cloud Underground economy IoT Election interference MALICIOUS
  • Security Now! #664 - 05-22-18 Spectreng Revealed

    Security Now! #664 - 05-22-18 Spectreng Revealed

    Security Now! #664 - 05-22-18 SpectreNG Revealed This week on Security Now! This week we examine the recent flaws discovered in the secure Signal messaging app for desktops, the rise in DNS router hijacking, another seriously flawed consumer router family, Microsoft Spectre patches for Win10's April 2018 feature update, the threat of voice assistant spoofing attacks, the evolving security of HTTP, still more new trouble with GPON routers, Facebook's Android app mistake, BMW's 14 security flaws and some fun miscellany. Then we examine the news of the next-generation of Spectre processor speculation flaws and what they mean for us. Our Picture of the Week Security News Update your Signal Desktop Apps for Windows & Linux A few weeks ago, Argentinian security researchers discovered a severe vulnerability in the Signal messaging app for Windows and Linux desktops that allows remote attackers to execute malicious code on recipient systems simply by sending a message—without requiring any user interaction. The vulnerability was accidentally discovered while researchers–amond them Juliano Rizzo–were chatting on Signal messenger and one of them shared a link of a vulnerable site with an XSS payload in its URL. However, the XSS payload unexpectedly got executed on the Signal desktop app!! (Juliano Rizzo was on the beach when the BEAST and CRIME attacks occurred to him.) After analyzing the scope of this issue by testing multiple XSS payloads, they found that the vulnerability resides in the function responsible for handling shared links, allowing attackers to inject user-defined HTML/JavaScript code via iFrame, image, video and audio tags.
  • Sample Iis Publication Page

    Sample Iis Publication Page

    https://doi.org/10.48009/1_iis_2012_133-143 Issues in Information Systems Volume 13, Issue 1, pp. 133-143, 2012 HACKERS GONE WILD: THE 2011 SPRING BREAK OF LULZSEC Stan Pendergrass, Robert Morris University, [email protected] ABSTRACT Computer hackers, like the group known as Anonymous, have made themselves more and more relevant to our modern life. As we create and expand more and more data within our interconnected electronic universe, the threat that they bring to its fragile structure grows as well. However Anonymous is not the only group of hackers/activists or hacktivists that have made their presence known. LulzSec was a group that wreaked havoc with information systems in 2011. This will be a case study examination of their activities so that a better understanding of five aspects can be obtained: the Timeline of activities, the Targets of attack, the Tactics the group used, the makeup of the Team and a category which will be referred to as The Twist for reasons which will be made clear at the end of the paper. Keywords: LulzSec, Hackers, Security, AntiSec, Anonymous, Sabu INTRODUCTION Information systems lie at the heart of our modern existence. We deal with them when we work, when we play and when we relax; texting, checking email, posting on Facebook, Tweeting, gaming, conducting e-commerce and e- banking have become so commonplace as to be nearly invisible in modern life. Yet, within each of these electronic interactions lies the danger that the perceived line of security and privacy might be breached and our most important information and secrets might be revealed and exploited.
  • Deterring Iran After the Nuclear Deal

    Deterring Iran After the Nuclear Deal

    MARCH 2017 COVER PHOTO NIEL HESTER | FLICKR 1616 Rhode Island Avenue NW Washington, DC 20036 202 887 0200 | www.csis.org Lanham • Boulder • New York • London 4501 Forbes Boulevard Lanham, MD 20706 301 459 3366 | www.rowman.com Deterring Iran After the Nuclear Deal PROJECT DIRECTORS AND EDITORS Kathleen H. Hicks Melissa G. Dalton CONTRIBUTING AUTHORS Melissa G. Dalton Thomas Karako Jon B. Alterman J. Matthew McInnis Michael Connell Hijab Shah Michael Eisenstadt Michael Sulmeyer ISBN 978-1-4422-7993-3 Farideh Farhi Ian Williams Kathleen H. Hicks 1616 Rhode Island Avenue NW Washington,Ë|xHSLEOCy279933z DC 20036v*:+:!:+:! 202-887-0200 | www.csis.org Blank MARCH 2017 Deterring Iran after the Nuclear Deal PROJ ECT DIRECTORS AND EDITORS Kathleen H. Hicks Melissa G. Dalton CONTRIBUTING AUTHORS Melissa G. Dalton Thomas Karako Jon B. Alterman J. Matthew McInnis Michael Connell Hijab Shah Michael Eisenstadt Michael Sulmeyer Farideh Farhi Ian Williams Kathleen H. Hicks Lanham • Boulder • New York • London 594-68742_ch00_6P.indd 1 3/13/17 7:13 AM About CSIS For over 50 years, the Center for Strategic and International Studies (CSIS) has worked to develop solutions to the world’s greatest policy challenges. T oday, CSIS scholars are providing strategic insights and bipartisan policy solutions to help decisionmakers chart a course toward a better world. CSIS is a nonprofit organ ization headquartered in Washington, D.C. The Center’s 220 full- time staff and large network of affiliated scholars conduct research and analy sis and develop policy initiatives that look into the future and anticipate change. Founded at the height of the Cold War by David M.
  • Internet Security Threat Report VOLUME 21, APRIL 2016 TABLE of CONTENTS 2016 Internet Security Threat Report 2

    Internet Security Threat Report VOLUME 21, APRIL 2016 TABLE of CONTENTS 2016 Internet Security Threat Report 2

    Internet Security Threat Report VOLUME 21, APRIL 2016 TABLE OF CONTENTS 2016 Internet Security Threat Report 2 CONTENTS 4 Introduction 21 Tech Support Scams Go Nuclear, 39 Infographic: A New Zero-Day Vulnerability Spreading Ransomware Discovered Every Week in 2015 5 Executive Summary 22 Malvertising 39 Infographic: A New Zero-Day Vulnerability Discovered Every Week in 2015 8 BIG NUMBERS 23 Cybersecurity Challenges For Website Owners 40 Spear Phishing 10 MOBILE DEVICES & THE 23 Put Your Money Where Your Mouse Is 43 Active Attack Groups in 2015 INTERNET OF THINGS 23 Websites Are Still Vulnerable to Attacks 44 Infographic: Attackers Target Both Large and Small Businesses 10 Smartphones Leading to Malware and Data Breaches and Mobile Devices 23 Moving to Stronger Authentication 45 Profiting from High-Level Corporate Attacks and the Butterfly Effect 10 One Phone Per Person 24 Accelerating to Always-On Encryption 45 Cybersecurity, Cybersabotage, and Coping 11 Cross-Over Threats 24 Reinforced Reassurance with Black Swan Events 11 Android Attacks Become More Stealthy 25 Websites Need to Become Harder to 46 Cybersabotage and 12 How Malicious Video Messages Could Attack the Threat of “Hybrid Warfare” Lead to Stagefright and Stagefright 2.0 25 SSL/TLS and The 46 Small Business and the Dirty Linen Attack Industry’s Response 13 Android Users under Fire with Phishing 47 Industrial Control Systems and Ransomware 25 The Evolution of Encryption Vulnerable to Attacks 13 Apple iOS Users Now More at Risk than 25 Strength in Numbers 47 Obscurity is No Defense