could be the future of...

Biometric Systems Could be the future

of Cybersecurity

New Approach in AI learning lead to CAPTCHA break

Issue 002 | NOVEMBER 2017

Words of wisdom and industry insights of Mr. Ashok Banerjee, CTO of Enterprise Symantec

2 Issue: 002; November 2017

Feature Ar cle

内容概括Table of Contents

US U li es Will Splash $7 Bln on Cybersecurity by 2020 12US Senate Looks into Blockchain’sCybersecurity Applica ons 13

SEC Says Data Breach Could Have Resulted in Illegal Trading 13New European cyber laws GDPR and NISD 13

AI and Cybersecurity: Be Afraid 8-9

5

Cybersecurity Policy

htpRAT Latest Sign that Cybercriminals are Ge ng Smarter 16More Transparency on “Vulnerabili es Equi es Policy and Process (VEP)” 17

Malware-Infected CCleaner Roams Computers for A Month Undetected 14MS Offi ce Feature Lets Hackers Into Confi gura on Data 15Apple Launches New Patches 15

Malware/Ransomware

5

Recommended Business Books for 2017

10-11

Publisher’s note

3Issue: 002; November 2017

6 – 7

CEO Corner

Mr. Ashok

BanerjeeCTO Enterprise Securityat Symantec

FDA Warns Medical Device Makers to Priori ze Cybersecurity 18IBM Warns of Sixfold Increase in A acks Involving Cryptocurrency Mining CPUs 19Researchers Teach Computers to Make Be er Password Guesses 19Enterprise of Things Fraught with Cyber Risks 2010 Free Security Related Tools And Resources 21

Top 10 CybersecurityEvents for 2017 24F-Secure: 2017 Is Worse for Cybersecurity than 2016 25Biometric Systems Could be the Future of Cybersecurity 26New Approach in AI Learning Lead to CAPTCHA Break 27Machine Learning Can Help Cybersecurity Eff orts but Can’t Replace Everything Else 28-29

Western Cybersecurity Companies 30-34China Cybersecurity Companies 35-37

Global Cyberspace SecurityCybersecurity Advisory

Cyberspace in Asia

Singapore Government Allocates $16 Mln for Cybersecurity R&D

22

WesteCyberComp

ChinaCyberComp


LET'S GET

SOCIAL!Let CYBER SPACE ASIA and

CyberAsia360 help you improve your social network: global trade events, monthly print magazine,

weekly email marke ng, video promo on, and daily social

media posts.


In his book, “Where is Technology Taking the Economy”, author W. Brian Arthur purports: Digital technologies have created a second economy, a virtual and autonomous one. It’s that it is steadily providing an external intelligence in business—one not housed internally on human workers but externally on the virtual economy’s algorithms and machines.

While the book emphasizes the positive aspects of this second economy in terms of productivity, effi ciency and convenience brought to human activities, we must remind ourselves that algorithms and machines are created by people, and human being behavior sometimes falls on the negative end of the spectrum; with greed and evil that can be cruel and destructive.

Cyberattacks have increased with each technological advancement and as such have become an on-going battle in modern business practices, with most intelligent functions powered by big data. Based on fi ndings by IDG, International Data Group, the cost of data breaches worldwide for enterprises rose 11 percent in 2017. In the U.S., the average cost of a cyber attack for enterprises grew from $1.2 million in 2016 to $1.3 million in 2017. And the trend is expected to continue.

Having said that, we have compiled this issue of CyberAsia360 to bring more awareness to increasing cyber threats and to provide a prevention guide against potential cyber attacks. We are fortunate to share with you, on page XX, the words of wisdom and industry insights of Mr. Ashok Banerjee, CTO of Enterprise Symantec.

To better protect businesses, Cyber Space Asia and CyberAsia360 magazine aim to serve as an across-board platform to facilitate exchange among industry intelligence through collaboration and cooperation on a global scale.

We hope to receive your feedback and to have a dialogue as to how we can best serve you, our faithful readers! Send inquiries, comments and suggestions to [email protected].

Thank you and happy reading!

Editorial team

Ying Wang, Maggie Zhang, Sunny Sun

Publisher’s note

6 Issue: 002; November 2017Issue: 002; Novem

How will security awareness help prevent ransomware for a majority of no-tech equipped SMEs ?

I recommend anti-malware like Symantec Endpoint Pro-tection for Corporate Endpoints and Norton for Consumer Endpoints to safeguard against ransomware. Where will you be attacked – home laptop or work laptop or will you be targeted at all? You have to understand why the hackers target you or your organization. Are you or your business the target (wealthy or confi dential information), or are you a part of the supply chains to some target entity (wealthy or confi dential informa-tion). In Supply Chain attacks you are attacked by the hacker as a stepping stone to a desired destination. No one will be immune from being targeted or attacked. We all have to be on “security-ready” mode both in your awareness and technology preparedness.

The more we depend on digital technology, the more we become vulnerable. How can we balance innovation and safety?

It is always Convenience vs. Safety. With IoT the motiva-

Mr. Ashok BANERJEE

by SUNNY SUNEditor’s note: A statement holds true by ARM’s CEO, Simon Segars: “The Internet of things will change the way we live, but we’re s ll plagued by one big thing: a lack of security”. With increased connec vity and breaches to businesses, large and small, occurring more frequently, I felt an urgency to know how we can protect both our enterprises and our selves. Most of us habitually lock our cars and our homes, which are physically obvious to us. But are we consciously aware of how we should protect ourselves, when we can’t rely on passwords or updated fi rmware on our devices? How can we be prepared to live in the newly connected world of IoT? In pursuing answers to this, I was very fortunate to have had a conversa on with Mr. Ashok Banerjee, CTO Enterprise Security for Symantec, one of the world’s leading pure-play cyber security companies, I am pleased to share his valuable insights on awareness, preven on, and protec on against poten al threats.

My Conversation with

CTO Enterprise Securityat Symantec

tion of the attacker moves from exfi ltration of information to sabotage in physical world. Many of the systems in IoT were built pre-connectivity. Security was an after thought because there were physical layers of security mitigating the otherwise vulnerable operational things. Pre IoT the operational things were vulnerable but were not internet accessible so physical layers of security could mitigate the digital vulnerabilities. IoT opens the fl oodgates to both opportunities and risks. A self-driving car halted in the middle of the freeway can cause a cas-cade of accidents. A railroad crossing-gate remotely opened when it should be down to prevent collisions with trains can cause accidents. Attackers can attack remotely attack repeat-edly with no fear or consequence. Remote attacks can be from outside the jurisdiction of the country.

From power grids, self-driving cars, emergency services, medical systems to nuclear plants are all suddenly within reach of attackers. Attackers infi ltrate and hold control of activation/deactivation or IOT controls. All this is achieved from outside the jurisdiction without the dirty work of breaking into physi-cal systems risking arrest etc.

The awareness people have for the physical world with locking doors and windows somehow does not extend as well to the digital world. We make sure to lock our doors and windows when we leave the house to protect ourselves from a possible burglary invasion; however, we lack the conscious awareness to shut down our digital access to prevent potential hackers’ inva-sions and we have little knowledge about how to go about it.

That is why we need to collaborate on a global scale and

CEO Corner

laws to be implemented at the UN level. A lack of law and jurisdiction in cyberspace will be the problem that amplifi es the danger.

What would be the best prevention you can recommend?There is no silver bullet we need to secure every line, as a

layered defense from social awareness and training, to network security, endpoint security, data loss prevention identity and IOT Security everything matters.

Given the consequence of breach for Banks, Hospitals, Oil and Gas etc I believe it is better to have unavailability than to have security breaches.

What lesson should we learn from the recent Equifax breach?

Once again layered defense. Symantec has many layers of security for a reason. Stay cyber-resilient.

Background information: Atlanta-based Equifax dis-closed a little over a month ago that cyber criminals had breached its systems between mid-May and late July and stolen the sensitive information of 145.5 million people. Randy Abrams, an independent security analyst, said he no-ticed the issue late on Wednesday when he was attempting to check some information in his credit report and a bogus pop-up ad appeared on Equifax’s website. The pop-ups could trick visitors into installing fraudulent Adobe Flash updates and infect computers with malware, he said in an interview with Reuters on Thursday “You’ve got to be kidding me,” he recalled thinking when he fi rst saw the ads. Then he suc-cessfully replicated the problem at least fi ve times, making a video that he posted to YouTube. (bit.ly/2z3GTLc) Equifax’s security protocols have been under scrutiny since Sept. 7 when the company disclosed its systems had been breached. As a credit reporting agency, Equifax keeps vast amounts of consumer data for banks and other creditors to use to deter-mine the chances of their customers’ defaulting.

From your perspective, are most security breaches more likely a business issue or a technology issue?

A single breach crushes the reputation of biggest icons in the industry. Attackers always look for the weakest spot from social to technical. The larger the company the greater the at-tack surface.. For example, for a company with a staff of 10,000, the attack surface of employees is hundred times larger than a company with a staff of 100. So the bigger the company the big-ger the target and it should focus increasingly more on Cyber-Security.

There will be cloud-based platform applications/services. Will it introduce more open outlets for potential breaches?

The cloud-based providers are more automated in De-vOps, Provisioning etc., However the larger more success-ful cloud services are also excellent targets for attackers: hack ONE, to hack ALL. For example, if hackers are able to hack into Salesforce, the attacker gets the CRM data for a large number of companies. A single such breach would give the attacker a com-

plete picture of every sales pipelines for every industry around the globe. Today the attackers are much more organized. Its not a lone wolf attempting things at night, this is not after work, hacking is the work for entire teams.

Could Artifi cial Intelligence be introduced to Cybersecu-rity?

AI has actually been used by Symantec for10 years. My im-pression is McAfee and Trend were also possibly using AI given the attack volumes. We have more data than anyone else in determining attacks. We have more data, but the attacker has more time. It comes down to game theory and adversarial ma-chine learning - my area of focus. For a Netfl ix movie there is no one trying to make Netfl ix believe you like movies you don’t however in CyberSecurity we have a active adversary. With Cy-berSecurity we aren’t just looking for needles in a haystack but active needles that make a conscious eff ort to look like hay.

The 21st century will not just be machine learning but in-creasingly adversarial machine learning. My machine learning versus your machine learning in a increasingly connected in-creasingly adversarial world.

“Seeing is Believing and Hearing is Believing” may them-selves be attacked. Facial Reenactment for instance if used with Adobe Photoshop and a eff ective fake news campaign the con-sequences are scary. With advancements in AR (Augemented Reality) and VR (Virtual Reality) can fake news be far behind.

What would be game-changing cyber-security technolo-gies or standards to maximize security in the digital en-vironment?

There are two things: fi rst, security is a layered sport which is why Symantec focuses on the entire span from Net-work to Endpoint to Email to Storage to Data Loss Prevention and IOT. The hacker targets vulnerability everywhere—hard-ware, software, network, email --so cybersecurity needs to be everywhere as well. This domain is unique because 1+1 = 3 the shared context of Email, Network, Identity and Endpoints en-ables us to do machine learning on data that no one else in the industry has.

Second, most in cybersecurity focus on machine-learning too much, and too little on game theory. Cyber attack and cyber defense have co-evolved. Every move results in a counter move of the adversary and all that matters is the Nash equilibrium of the adversarial game.

In conclusion, cybersecurity should be ingrained from de-sign to threat modeling to runtime at network, email, endpoint, storage and through the entire process.

It is always easier to attack than to defend given the ever increasing surface of our companies.

Multi-week vulnerability remediation is no longer good enough, almost instantly we need a mitigation so though the system is vulnerable the vulnerability is mitigated in the envi-ronment of the customer instantly. If we mitigate after attack-ers incursion teams have set up a reverse shell a remediation after that still leaves the reverse shell for the attackers. Overall I highly recommend a layered defense strategy.


Issue: 002; November 2017

AI and Cybersecurity: Be Afraid

By IRINA SLAV

Here’s a question for everyone following AI developments: do you think we can honestly believe that artifi cial intelligence will forever remain in safe hands? The question is of course clearly rhetorical and its implications are quite scary. What’s even scarier is how fast cybercriminals are moving.

For example, here’s a piece of seemingly good news on the cybersecurity front: at least one lab is working on biometric software that would be able to “read” passwords straight from a user’s brain. According to one biometric industry insider, this software would be impossible to hack. Really?

Here’s a piece of older news: a study from the University of Alabama in Birmingham found that EEG headsets can also read PINs and passwords based on brain-wave monitoring and, guess what, these can be hacked already.

But that’s not AI, is it? Well, based on what we already know about cybercriminals, that is, that they never let cybersecurity experts take a break but fi nd new ways to challenge the solutions they come up with, what are the chances of anyone developing completely, totally, absolutely safe AI?

8

Featured Ar cle


HACKING BRAINSNot high, apparently. Recently, Newsweek

reported that brain-computer interfaces can be hijacked and not by a human actor but by rogue artifi cial intelligence. Newsweek cites a commentary by 27 scientists, including neuroscientists and machine intelligence engineers, who warn that the AI involved in BCIs can turn on humans even if the person supposed to control it does not wish it.

The authors of the commentary describe a hypothetical situation in which a paralyzed person takes part in a BCI trial. The person dislikes the researchers conducting the trial and the AI reading his thoughts through the BCI takes this as a command to harm the researchers.

Okay, that’s far-fetched and all the proponents of AI insist that there is no way for an AI system to jut go rogue like that but, fi rst, how long will such a scenario continue to be far-fetched given the sharp exponential growth we are witnessing in the tech space and, second, how do you make absolutely sure that AI can’t go rogue? Not just sure, but absolutely sure?

Interestingly, the authors of the commentary specifi cally mention Neuralink, the startup Elon Musk set up to research ways of connecting brains to computers as a way of avoiding a catastrophe when—not if, you understand, but when—artifi cial superintelligence comes on the scene. Musk is by no means alone in warning against excessive optimism about AI, Bill Gates and Stephen Hawking are worried as well, to mention just two. And they have every right to be.

NO EV IS SAFEMusk says Tesla is putting a lot of eff ort into

making the cars’ software secure. Yet it can’t be absolutely secure: there were recently news reports about a Dutch company that claims to have hacked the software of a Tesla Model S and made it run on hydrogen.

Let’s leave the point of doing anything like this (given that the conversion itself cost north of $50,000) aside. What’s more interesting is the very fact the hack was possible. This fact was a simple demonstration of what cybersecurity experts like to remind us: that anything that can be hacked, will be hacked, including electric and, by extrapolation, autonomous cars.

SELF TEACHING AI?Here’s some more potentially scary and

potentially wonderful news. An approach dubbed reinforcement learning can enable AI to acquire skills

and knowledge without the intervention of a human “teacher”, simply by a repeated action that the AI internalizes.

It was by mimicking a natural tendency in animals—including humans—to learn new behaviors by remembering the outcome from one and from another behavior, that Alphabet’s AlphaGo became the fi rst AI to beat a human at Go. Now, the same approach is used to, for example, simulate complex traffi c with self-driving cars.

What happens if someone hacks into a self-driving car, or two or a dozen? Nothing good, that’s what. What are the chances of this happening? The companies developing self-driving cars would certainly argue that these chances are very slim but they do have a vested interest in self-driving cars. Those skeptical of everything, such as myself, would suspect that however slim the chances are there and their implications are pretty nasty. After all, how many cybercriminals do what they do for charitable reasons?

NO GOING BACKA lot of companies are working on various

forms of artifi cial intelligence. Granted, most of the information on these developments is, hopefully, secured behind the digital equivalent of a dozen locks and keys but there some of it is public. Can a hacker somewhere develop their own artifi cial intelligence based on what’s publicly available? What’s to stop them?

So, AI is potentially a huge threat to cybersecurity. In fact, it is the biggest one, as security and AI analyst Martin Beltov notes in this story. That’s not exactly news but the need to start working on ways to curb the disastrous potential of what is also one of humankind’s greatest achievements is getting increasingly urgent.

Standards, Beltov says, need to be drafted and implemented as soon as possible and they should span the whole, increasingly wider, spectrum of artifi cial intelligence. This would involve the input of experts in numerous fi elds and the good will of politicians, which is already there, luckily. Yet, as one U.S. governor recently asked Elon Musk during a recent discussion of AI, among other things, how do you begin regulating something that you know so little about?

AI is a mixed blessing. So mixed, in fact, that it’s very easy to see it as a threat only. But that would be wrong, just as it would be wrong to view it as a pure blessing alone. The right attitude seems to be the one made popular by David Cronenberg’s The Fly: be afraid. Be very afraid.

9

In 2015, Ellen K. Pao sued a powerhouse Silicon Valley venture capital fi rm, calling out workplace discrimination and retaliation against women and other underrepresented groups. Her suit rocked the tech world—and exposed its

toxic culture and its homogeneity. Her message overcame negative PR attacks that took aim at her professional conduct and her personal life,

and she won widespread public support—Time hailed her as “the face of change.” Though Pao lost her suit, she revolutionized the conversation at tech offi ces, in the media, and around the world. In Reset, she tells her full story for the fi rst time.

The daughter of immigrants, Pao was taught that through hard work she could achieve her dreams. She earned multiple Ivy League degrees, worked at top startups, and in

2005 was recruited by Kleiner Perkins, arguably the world’s leading venture capital fi rm at the time. In many ways, she

did everything right, and yet she and other women and people of color were excluded from success—cut out of decisive meetings

and email discussions, uninvited to CEO dinners and lavish networking trips, and had their work undercut or appropriated by male executives. It was time for a system reset. Ellen K. Pao’s Reset is a rallying cry—the story of a whistleblower who aims to empower everyone struggling to be heard, in Silicon Valley and beyond.

How only violence and catastrophes have consistently reduced inequality throughout world history?

Are mass violence and catastrophes the only forces that can seriously decrease economic inequality? To judge by thousands of years of history, the answer is yes. Tracing the global history of inequality from the Stone Age to today, Walter Scheidel shows that inequality never dies peacefully. Inequality declines when carnage and disaster strike and increases when peace and stability return. The Great Leveler is the fi rst book to chart the crucial role of violent shocks in reducing inequality over the full sweep of human history around the world.

Ever since humans began to farm, herd livestock, and pass on their assets to future generations, economic inequality has been a defi ning feature of civilization. Over thousands of years, only violent events have signifi cantly lessened inequality. The “Four Horsemen” of leveling―mass-mobilization warfare, transformative revolutions, state collapse, and

catastrophic plagues―have repeatedly destroyed the fortunes of the rich. Scheidel identifi es and examines these processes, from the crises of the earliest civilizations to the cataclysmic world wars and communist revolutions of the twentieth century. Today,

the violence that reduced inequality in the past seems to have diminished, and that is a good thing. But it casts serious doubt on the prospects for a more equal future.

Recommended Business Books

for 2017

to c cuattac

anf

leleledid

of colo

Shortlisted for the 2017 Financial Times and McKinsey

business book of the year

Named a best fall book

by Elle and Bustle

Reset Ellen Pao’s memoir about her experience as a woman working in male-dominated Silicon Valley

The Great LevelerWalter Scheidel’s exploration of the regularity with which violent events like wars and plagues remake society

veve PPR l life, “the the ld.

at tt

HoHohistory

Ainequhistodiesananddshshsh


The Wall Street Journal’s award-winning business reporter unveils the bizarre and sinister story of how a math genius named Tom Hayes, a handful of outrageous confederates, and a deeply corrupt banking system ignited one of the greatest fi nancial scandals in history.

aalalss

Shortlisted for the Financial

Times

business book of the

year

Adaptive MarketsAndrew Lo’s critique of the effi cient-markets hypothesis A new, evolutionary explanation of markets and investor behavior

Half of all Americans have money in the stock market, yet economists can’t agree on whether investors and markets are rational and effi cient, as modern fi nancial theory assumes, or irrational and ineffi cient, as behavioral economists believe―and as fi nancial bubbles, crashes, and crises suggest. This is one of the biggest debates in economics and the value or futility of investment management and fi nancial regulation hang on the outcome. In this

groundbreaking book, Andrew Lo cuts through this debate with a new framework, the Adaptive Markets Hypothesis, in which rationality and irrationality coexist.

Drawing on psychology, evolutionary biology, neuroscience, artifi cial intelligence, and other fi elds, Adaptive Markets shows that the theory of market effi ciency isn’t wrong

but merely incomplete. When markets are unstable, investors react instinctively, creating ineffi ciencies for others to exploit. Lo’s new paradigm explains how fi nancial evolution shapes

behavior and markets at the speed of thought―a fact revealed by swings between stability and crisis, profi t and loss, and innovation and regulation.

AndA n

w

The One Device Brian Merchant’s history of the iPhone

How did the iPhone transform our world and turn Apple into the most valuable company ever? Veteran technology journalist Brian Merchant reveals the inside story you won’t hear from Cupertino-based on his exclusive interviews with the engineers, inventors, and developers who guided every stage of the iPhone’s creation.

This deep dive takes you from inside One Infi nite Loop to 19th century France to WWII America, from the driest place on earth to a Kenyan pit of toxic e-waste, and even deep inside Shenzhen’s notorious “suicide factories.” It’s a fi rsthand look at how the cutting-edge tech that makes the world work-touch screens, motion trackers, and even AI-made their way into our pockets.

The One Device is a roadmap for design and engineering genius, an anthropology of the modern age, and an unprecedented view into one of the most secretive companies in history. This is the untold account, ten years in the making, of the device that changed everything.

The Spider NetworkDavid Enrich’s inside account of the Libor collusion, the biggest scandal in the fi nancial world since the global crisis

ny m m

Issue: 002; November 2017 11


US Utilities Will Splash $7 Bln on Cybersecurity by 2020

U.S. utilities will need to spend around $7.25 billion on cybersecurity over the next three years, research fi rm Zpryme has estimated based on the current unsatisfactotoryry state of cybersecurity systems in thhe secttor.

Forbes authorr CoConsstatance Douris noted in a rerecec nt article thatt at prresentt, ththere are no consistent cybebersr ecurity coconttrorols for the eenergy distribution system iin n the cocoununtrtry.y. Shhe recalled

ththe 202 1515 ccybybererata tatackck oon n UkUkrar inne’e s sellecctrtrici griid,d, wwhih chch cauaused d a a power outage afff ectit ng 222525,0, 00 customers,

susuggggesestitingng a reppeaat t off this attackk oon n ananoto her grid is lalways aa pposossisibibililitty.

Such an atattatackc ccould cause major disruptptioi ns in electricity suppplyly in large areas, which is why uttililitities wiw ll have to sstatartrt thhinknkining g about these controls, annddsosoono . The e gog odod neews is tthahat t there are already such cycybebersrsececururitity y sosoluttions availablle e ththat, according to thehe NaNatitionall IInsstititututete of Standards andd TeTechnology, ccann bebe iintntegegrarateted in uutit lities networks to deal wiwithth attaccksks.

AmAmonong thheese soolulutitiono s s ara e Siemens’ Ruguggegedcdcomom CrCroso sbow, CiCisccoo’s 2950 (Aggregator), and Schneider

Electric’s Tofi no Firewall. Utilidata and Raytheon are working together to develop new solutions for electric grids, and the Sierra Nevada Corporation has launched a Binary Armor – a product providing bidirectional security for communication layers on the grid, Douris writes. ViaSat, BAE Systems, IBM, and Leidos are also working on cybersecurity solutions for power utilities.

The funding of these solutions’ implementation,however, is a problem for both utilities and government agencies. While the Department of Energy and the Department of Homeland Security have allocated grants for such solutions, the allocations are not large enough, which is why

the state agenencies are encouragig ngn ututillitities toto ppartnner with other compm ananies sonon finndid ng ways s toto boost cyby ersecurity

wiwiththouout inincreassingng ccososts too mmucu h.AlAll l ththatat saiaid,d, it t alalll ststarts with a cyber risk

asassesssmementt,, DoDourisis ssayays.s. TThihiss shshoouldd bbe done now, onn a rer ggular baasis, rrattheher r ththan afterr aan attatackck ooccurs.

hhttps:ps://w/ ww.forf bes.cocom/sm/siteit s/cs/conson tanceddoururis/2017/09/21/utilities-wilwi l-sspenpe d-billionnss-on-cybebersecurity-asas-threae t-ggrowro s/#7949 c8ac8acf6f6cfecfe

Cybersecurity Policy


US Senate Looks into Blockchain’s Cybersecurity Applications

The latest U.S. Senate defense bill—a bulky $700-billion aff air—includes a mandate for a study on the cybersecurity applications of blockchain technology. The mandate was proposed by Ohio Senator Rob Portman as an amendment to the bill and calls for a study of “the potential off ensive and defensive cyber applications of blockchain technology and other distributed database technologies and an assessment of eff orts by foreign powers, extremist organizations, and criminal networks to utilize these technologies.”

There was unanimous consent on the amendment and the study should be completed within six months of the signing of the defense bill into law but fi rst the Senate must co-ordinate the details with the House, which passed a similar blockchain cybersecurity bill in July.

https://www.coindesk.com/700-billion-senate-defense-bill-calls-blockchain-cybersecurity-study/

SEC Says Data Breach Could Have Resulted in Illegal Trading

The Securities and Exchange Commission said that a data breach in a fi ling system the authority uses may have led to some illegal trading in 2016. The fi ling system is called Edgar and a review of the agency’s

risk profi le showed that an incident detected earlier had in fact resulted from an attack on a vulnerability in Edgar. The good news is that the breach did not result in any personal data exposure, SEC’s chairman Jan Clayton

said. The SEC uses Edgar to fi le fi nancial market disclosure papers, with a throughput of 1.7 million documents annually.

http://www.businessinsider.com/ap-sec-reveals-2016-hack-that-breached-its-fi ling-system-2017-9

New European cyber laws GDPR and NISD

In December 2015, two new pieces of EU legislation were agreed. General Data Protection Regulation (GDPR)represents a profound reform of data protection law in Europe, shifting the balance of power towards the citizen to whom the personal data belongs, away from organisations that collect, analyse and use such data. Network and Information Security Directive (NISD) can be regarded as a complementary law to GDPR, designed to create a focus on the protection of IT systems in European critical national infrastructure (CNI). Essentially it introduces new breach reporting obligations to whole new swathes of industry, including the energy, transport, banking and healthcare sectors.

Both GDPR and NISD are expected to come into force in spring 2016 but there will be a period of up to two years during which organisations will be allowed to prepare for the new regulations and for the directive to be transposed into country law.

14 Issue: 002; November 2017; November 201017

Cybercriminals managed to infect the installer of CCleaner, a Piriform program for deleting temporary internet fi les, and the infected program was downloaded by millions of people before the malware was detected. The CCleares gets downloaded an average of 20 million times per month. It’s a very popular program, so users who downloaded it between August 15 and September 12 should scan their computers for malware. Up to 3% of CCleaner users may have been aff ected in the attack.

The malware was detected by researchers from the Talos group of Cisco Systems. One of their products signaled malware detected on the CCleaner installer and investigation revealed a backdoor program added to the clean one. The worst about the incident, according to some, was that the malware was installed by someone who was digitally signed with the legitimate certifi cate of the developer and the infected program was then distributed via the developer’s offi cial servers.

This makes the incident stand out because it basically shatters the notion that if you download an program from the offi cial developer’s website, you’re safe. Apparently, this is no longer the case.

As the Talos researcher explained it, as quoted by Motehrboard,

Given the presence of this compilation artifact as well as the fact that the binary was digitally signed using a valid certifi cate issued to the software developer, it is likely that an external attacker compromised a

portion of their development or build environment and leveraged that access to insert malware into the CCleaner build that was released and hosted by the organization. It is also possible that an insider with access to either the development or build environments within the organization intentionally included the malicious code or could have had an account (or similar) compromised which allowed an attacker to include the code.”

Cybersecurity major ESET put forward three most plausible scenarios about how the developer of the CCleaner, Piriform, fell victim to hackers. First, the ESET experts suggested, it could have been an unhappy employee who decided to take revenge on their employer. Second, it could have been an outsider. Third, the attack could have been carried out through a compromised ISP or proxy that redirected download from the real website to a temporary location where the infected program was stashed.

ESET experts also noted in their analysis of the event that it is strange only the 32-bit version of the CCleaner was hit, especially given that damages in the 64-bit version would have been much more severe. Perhaps, they suggested, the cybercriminals could get a digital signature for the 32-bit version.

https://motherboard.vice.com/en_us/article/a3kgpa/ccleaner-backdoor-malware-hack

https://www.welivesecurity.com/2017/09/21/cconsiderations-on-ccleaner-incident/

Malware/Ransomware

i f

SOURCE: Piriform Blog

installer of mporary

m was alware aldd aann ded

ery a verit ed it

of on the

Malware-Infected CCleaner Roams Computers for A Month Undetected

15Issue: 002; November 2017sue: 000202; NNovemIssu

MS Offi ce Feature Lets Hackers Into Confi guration Data

An undocumented feature in Microsoft Offi ce apparently allows hackers access to sensitive confi guration data about the system they are targeting and all it takes for them to gather this access is tricking recipients into opening a Word document. The feature, Kaspersky Lab warns, is used by hackers in multistage attacks.

The cybersecurity fi rm went on to say that the feature, which told attackers which version of MS Offi ce the target computer has, is present in Word for Windows but also in Microsoft Offi ce for iOS and MS Offi ce for Android. To date, the company has detected several spear phishing attacks using the feature.

The Kaspersky experts explained that

To ensure a targeted attack is successful, intelligence fi rst needs to be gathered, i.e. the bad guys need to fi nd ways to reach prospective victims and collect information about them. In particular, they need to

know the operating system version and the version of some applications on the victim computer, so they can send it the appropriate exploit.”

The phishing campaign they detected—and that included the feature—involved Word documents in OLE2 format. OLE2, or Object Linking and Embedding, allows users to embed, as the name suggests, various objects and

link them to numerous resources and other objects within the Word document. When the researchers studied one such document, they found its INCLUDEPICTURE fi eld used Unicode in its instructions rather than ASCII, which it should have used.

The use of this feature for phishing campaigns suggests that hackers are being very inventive and thorough in their preparations, profi ling their potential victims and investigating them in depth ahead of the attack.

https://threatpost.com/attackers-use-undocumented-ms-offi ce-feature-to-leak-system-profi le-data/128011/

Apple Launches New Patches

Along with the offi cial release of the iOS 11, Apple also announced several patches for a range of vulnerabilities. Eight of these concern common vulnerabilities and exposures, including two bugs that let hackers spoof the address bar, tricking users to go to a specifi c site by manipulating URLs.

Another patch addressed CVE-2017-7089, which is a universal cross-scripting bug that addressed a logic issue in the way iOS handles parent tabs, according to Kaspersky Lab.

Yet another of Apple’s new patches targets a problem with the implementation of Exchange ActivSync on iOS. The vulnerability allows an attacker who is already present on a network to erase an iPhone or an iPad during Exchange setup.

In addition to these, the company also released patches for the iOS Mobile Backup preventing the program from

performing unencrypted backups, and for denial-of-service vulnerabilities detected in the Messages, Mail MessageUI, and iBooks. The vulnerabilities identifi ed in these services could lead to the device crashing.

https://threatpost.com/ios-11-update-includes-patches-for-eight-vulnerabilities/128036/

16 Issue: 002; November 2017; November 201010177

Malware/Ransomware

Like othher RATs, the htpRpRAT uses logging keystrtrokes to stealal security credentials, ccaptures dadata fromscreenshots, can n manage fififi leless onon tthehe victiom’s compututer, and d can record audio and video from a computer’s videocam. Yet, on topop of tthat, the peoplebehind the htpRAT uusee the Commandand Control server sidddde to create new functionalities and commands that areommands that ared hthen sent to the malware for execution.

Writing for the Enterprise Times,technology analyst Ian Murphy notesthat like other malware, the htpRAT is distributed via a spear phishing campaign sending an Excel fi le withmacros that, when the fi le is enabled,start a Windows PwoerShell commandand staged downloads.

The staged download approach makes it harder

htpRAT Latest Sign that Cybercriminals are Getting Smarter

for the victim to detect the attack andeasier for the cyberattacker to detect any cybersecurity software on thetarget device. Researchers from security solutions provider RiskIQ found that the malware downloaded code in fi ve stages in total, with the fi rst four setting the stage for the actual download of the malware program.

Interestingly Murphy notes,

the cyberattackers behind the htpRAT hosted their payload on GitHub,

which, unlike most payload servers,is unlikely to ever get blocked simply because of the number of organizations using it for software development. At the same time, the good news for cybersecurity researchers is that GitHubstores history, so the RiskIQ researcherswere able to glean some commonmalware components and details about

Th e htpRAT malware attack on a number of computers in

Southeast Asia is yet one more sign that cybercriminals are get-

ting smarter and more diffi cult to catch. Believed to be backed

fi nancially by the Chinese government, the htpRAT is a new-

generation Remote Access Trojan malware that in addition to

the usual features of this sort of malware also has additional

ones that, unfortunately for the victims, improves its effi ciency.

the identityty of the attackers.Amongg the information obtained

about the atattackers was the fact that they had registstered their C2 domain two years ago, whicich, according to RiskIQ, means Chinese e government backing:state-backed hacckers enjoy more time to plan their attacacks. For cybersecurity software that uses s the age of domain registration as an n iindndicicatatoror ooff ththeee domain owner’s repputation, this is aa way of subversion, usesed in this case as well. According to Murrphy and RiskIkIQ,the attackers behind htppRAT have lolong-term plans that are linkked to ChChina’s regional dominance plalans. Innitially infecting small businessess, ovever time the attackers can start infecctingng larger,internationally present, orgagananizations,potentially wreaking havoc oonon various industries.

https://www.enterprisetimes.c.co.uk/201717/10/27/htprat-chinas-laatest-attack-ak-asean/

Step 3: The a acker gets unauthorized access to the computer and can now

control it form a remote loca on

Step 1: Computer gets infected by RAT

Step 2: The malware program connects back to the a acker

A acker Vic m

17Issue: 002; November 2017sue: 002; NovemIssu

More Transparency on “Vulnerabilities Equities Policy and Process (VEP)”

The VEP is the internal process by which the government decides which software vulnerabilities in its possession it will disclose to vendors, and which it will hold on to and exploit for the purposes of intelligence gathering and supporting national security operations.

The United States is a world leader when it comes to sophisticated processes and conversation on this topic, and no other nation in has created and run a process as advanced, meticulous, and transparent as ours,”

wrote Rob Joyce, the White House cyber security coordinator in a post Wednesday announcing the charter.

According to the Vulnerabilities Equities Policy and Process charter, rules require an annual report that discloses information regarding the number of fl aws discovered, retained and disclosed. If the VEP review board votes and agrees for a vulnerability to be disclosure, the private-sector company will be notifi ed “when possible” within 7 business days, according to the charter.

https://threatpost.com/white-house-releases-vep-disclosure-rules/128917/


FDA Warns Medical Device Makers to Prioritize Cybersecurity

In its new medical device interoprability guide, the Food and Drugs Administration has advices manufacturers of medical devices to keep cybersecurity at the top of their prior-ity list, alongside actual interoperability. The agency believes that the document, offi cially titled Design Considerations and Pre-market Submission Recommendations for Interoperable Medical Devices, should help manufacturers make their devices bet-ter suited for an environment where interoperability is of the utmost important as the digitization of healthcare expands.

Although medical de-vice makers must focus on interoperability, the FDA said, they must also pay close attention to issues such as verifi cation, vali-dation, and risk man-agement. In interoper-ability, manufacturers need to make sure that the device’s functional, perfor-mance, and interface charac-teristics are clearly formulated and easily accessible to users. The makers of the devices need to be able to instruct their users how they

operate and how they integrate with others, so the risk of a malfunction or error is minimized.

In cybersecurity, the FDA warned that older medical devices could represent a greater cyber risk than newer ones as some of these were marketed when cybersecurity was not

as big an issue as it is today. Now, they are fi tted with WiFi connectors to make them interoperable

but the cyber risks remain as they don’t have built-in security features.

It is because of consider-ations such as these that risk

assessment has become an essential part of FDA’s pre-market reviews of medi-cal devices, compared to a peripheral matter just a couple of years ago. The agency aims to deter-mine whether the manu-facturer has assessed the potential for cybersecurity

vulnerability of a device and the mitigation measures it

has taken.

https://healthitsecurity.com/news/medical-device-security-critical-with-fda-interopera-

bility-guide

Cybersecurity Advisory

vices, should help devices bet-nt where tmost tion

-

c-ated users.need to

ers how they

WiFi connectors tobut the cyber

have built-It

ationass

esm

vth

has

https://hdevice-sec

Wireless Implantable Medical Devices

Insulin Pumps

CardiacDefi brillators/

Pacemakers

CochlearImplants

Deep Brain Neuros mulators

Gastric S mulators

Foot DropImplants

SOURCE: Massachuse s Ins tute

of thechnology


IBM cybersecurity experts have warned they have detected a major increase in network attacks involving cryptocurrency CPU mining tools. According to data from IBM Managed Security Services data, over the fi rst eight months between January and August, these attacks, mostly targeting enterprise networks, increased six times. In all of these attacks, the cybercriminals used a tool for the mining of several diff erent coins, hidden in fake image fi les. The fi les were hosted on compromised web servers running WordPress or Joomla or stored on JBoss Application servers, Security Intelligence writes.

The cybercriminals most often tried to mine CryptoNote-based digital currencies, targeting networks from the manufacturing and fi nancial services industries the

most. Each of these two accounted for 29% of the attacks, followed by arts and entertainment, at 21% of the attacks, information and communication technology, at 14%, and retail, at 6%. This distribution of attacks suggests that manufacturing and fi nancial services are the most vulnerable

to cyberattacks, which should be a wake up call for companies operating in these fi elds.

https://securityintelligence.com/network-attacks-containing-cryptocurrency-cpu-mining-tools-grow-sixfold/

imes. In all used a ent e

g the

to cyberattaccompan

https:

Top 5Targe ed Industries

(Volume of A acksContaining

Mining Tools)

6%

29%

29%

21%

14%

ManufacturingFinancial ServicesArts & EntertainmentInforma on and Communica on TechnologyRetail

SOURCE: IBM Managed Security Services data, January 2017 to August 2017

IBM Warns of Sixfold Increase in Attacks Involving Cryptocurrency Mining CPUs

Researchers Teach Computers to Make Better Password Guesses

Researchers from the New York Institute of Technology and the Stevens Institute of Technology have announced the application of Generative Adversarial Networks for generating password guesses. The team said GANs to teach the machines to improve the rate of password generation, using data from previous password leaks. The machine, based on these data, can then develop new password rules that seem to be better than manual password generation tools that are widely applied at the moment.

In a paper titled PassGAN: A Deep Learning Approach for Password Guessing, the researchers write that

“PassGAN represents a substantial improvement on rule-based password generation tools because it infers password distribution information autonomously from password data rather than via manual analysis. As a result, it can eff ortlessly take

advantage of new password leaks to generate richer password distributions.”

Kaspersky Lab’s Threat Post explains that GANs are tools for deep learning that comprise two deep neural networks – a

generative and a discriminative one. The networks are used as a deep learning tool to generate new output from a set of data, such as creating a new image from a set of other images. The PassGAN approach, according to one of the paper’s authors, Paolo Gasti from NYIT, could represent the fi rst foray of this tool into cybersecurity, replacing humans in the analysis of hundreds of thousands of passwords to come up with better, safer ones.

https://threatpost.com/deep-learning-passgan-tool-improves-password-guessing/128039/


Cybersecurity Advisory

Enterprise of Things Fraught with Cyber Risks

A new report from BlackBerry has warned that the growing adoption of connected devices in Internet of Things environments has increased cyber risks. The conclusion, which came after a survey of businesses from a wide range of industries and government agencies, is hardly a surprise: the cybersecurity sector has been warning that IoT brings with it a lot more cyberthreats.

At the same time, this conclusion once again highlights the urgent need for cybersecurity solutions that can be scaled to handle billions of connected devices, as BlackBerry’s COO Marty Beard said in the report.

The survey, meanwhile, found that at least in terms of cybersecurity awareness, things are looking good in the enterprise of things. A majority of 78%, for example, said they would be interested in a cybersecurity solution allowing them to manage all the endpoints of their network from a single place. For 63% cybersecurity was top concern when it came to digital tech and processes. Yet, as App Developer magazine notes, only 37% of those surveyed had a formal digital transformation strategy prepared.

In terms of preparedness, it seems the enterprise of things is most vulnerable to external attacks: almost 66% of respondents in the survey said hack attacks and cyberwarfare were their top concerns. Also, for medium and big enterprises, with a workforce of over 10,000, there was an additional challenge: lack of collaboration between departments. This was true for 51% of medium-sized business respondents and 39% of large enterprise respondents.

https://apple.news/AkbPuZmJBTY62MI-db2dmVQ

“We are focused on securing the EoT because for all its promise, the expanding adoption of connected things means that companies are only as secure as their most vulnerable endpoint.” Beard said.

Marty Beard, BlackBerry’s COO


Free Security Related Tools And Resources

We have a compiled a small list of interesting free security tools and resources

as part of our ongoing eff ort to provide many of the best curated discoveries to

our readership. Please continue to visit CloudTweaks as we will be providing

several new and updated lists. You can also visit our archived articles covering

server, network security scanning as well as performance monitoring tools.

HAVEIBEENPWNEDVisitors can check if they have an online account that was compromised in a data breach. Visitors can enter an email address or username to be checked and then get a list of possibly compromised accounts with information what type of data was compromised in the specifi c hacking attack.

HACKADAYHardware and software tips for advanced users who want to tweak their hardware or take advantage of cheap source hardware that can be upgraded to perform advanced functions. Visitors can fi nd useful tips and tricks about various hardware topics.

HACKERONEBug bounty and vulnerability disclosure platform that also hosts a large community of white-hat hackers. Visitors can explore a list of hacker activity and bug bounties awarded. Clicking on a vulnerability report displays info about the severity of a possible bug and its eligibility for a bug bounty.

DOWNDETECTORDisplays information about the top weekly online service outages. Visitors can check which companies are currently experiencing downtime issues or select a company from their list. Info about past outages is available.

THREAT METRIXThreat Metrix provides a fairly unquie fraud detection map. It off ers a feed highlighting the origin of account takeover attempts, payment fraud and identity spoofi ng attempts around the world.

THREAT CLOUDReal time visualization of worldwide cyber attacks showing both the attacking and target country, as well as the malware used for the specifi c attack. The website also counts the total number of daily cyber attacks worldwide. Visitors can view which are the most attacked countries and where from these attacks originate.

KASPERSKY CYBERMAPMalware detection fl ow visualization that uses Kaspersky data to show cyber threats discovered worldwide. It also displays botnet activity. Visitors can view cyber threat stats for a selected country.

DIGITAL ATTACK MAPDisplays daily statistics on the large and unusual DDoS attacks all over the world. Visitors can view which countries are experiencing unusual high traffi c of cyber attacks for a given day and sort attacks by type, duration, source port, and destination port. Real time and pause mode.

THREATBUTTShows detected global cyber attacks in real time. Visitors can view the attacking and the target IP addresses. The website displays the type of malware used, including unknown malware.

FIRE EYEReal time visualization of global cyber attacks. Displays the total number of detected daily attacks as well as the fi ve most attacked industries for the past 30 days. The service lists detected attacks in real time and shows attacking and target country.

10 By KIRIL KIRILOV


Singapore’s Finance Minister Heng Swee Keat speaking at the opening of the second Singapore

Week of Innova on and Technology (Switch)

Cyberspace in Asia

Singapore Government Allocates $16 Mln for Cybersecurity R&DSingapore’s Finance Minister Heng Swee Keat has announced two funding programs for research and development in the fi eld of cybersecurity worth a combined $16-million. The programs, he said, should further public-private partnerships in the area and stimulate the development of more commercially available cybersecurity solutions.

Ministers and Senior Offi cials from all 10 Asean Member States

The announcement follows the setting up of a National Cybersecurity R&D Program last year, which has to date distributed $15.6 million in grants for nine research projects. The Program was set up to respond to Singapore’s growing cybersecurity needs.

The Program addresses three main priority areas: national security, critical infrastructure, and Smart Nation

and each of the projects that received funding from it, were led by partnerships between cybersecurity companies and academic research teams.

The idea of these partnerships is that while the academic teams will bring in their expertise in cybersecurity, the business partner will speed up the

journey of new solutions to market.The projects that have received funding so far

focus on issues ranging from developing a safety management system for drones to setting up a malware database for attacks targeting iPhones, and to the development of a secure platform for the storage and sharing of confi dential research data on cybersecurity.

Singapore is really taking cybersecurity seriously. In addition to all the local funding, the city state is also allocating $1.5 million over the next three years to train technical offi cers in ASEAN in a bid to improve the region’s preparedness for cyberattacks.

http://www.straitstimes.com/singapore/16m-funding-for-projects-to-boost-singapores-cyber-security-rd

23Issue: 002; November 2017 333333333333333000222020222220000202222200022222022020222202220020222220222200222202002222000222202022222200222222;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; 77777777777777777777777777777

Cyber Space Asia 2018 Beijing Exhibition CenterApril 28–30, 2018

Exhibitors:

200+

Attendees:

30,000+Net Area:

20,000Sqm

Hosted By: Beijing Municipal Public Cyberspace AdministrationOrganized By: China Electronics International Exhibition & Advertising Co., Ltd.

Cyber Space Asia Conference Contacts:

China Electronics International Exhibition & Advertising Co., Ltd.Cecilia Shan/Blair FanTel: 010-84415380 010-84415385Cell: 18612185359 13301001304Email: [email protected]

[email protected]

About Cyber Space Asia

Cyber Space Asia (“CSA”) is China’s largest event focused on the cyber security industry, and as such, has a positive infl uence

on industry development.

CSA 2018 will bring together the top enterprises, both domestic and abroad, such as Alibaba Group, BIDU, Tecent, 360 Total Security,

Cheetah Mobile, Huawei, Kaspersky, Microsoft, IBM, and many more.

CSA 2018 will offer fabulous informational sessions, including:

Factsheet on Cyber Space Asia 2017 (Cybertech 2017)

Date: Apr 26-28, 2017Venue: Beijing Exhibition Center

Opening Hours: 9:00 am —5:00 pmInterval: annually

Since: 2014Exhibitors: 124+

Exhibition Area: 20,000 SqmVisitors: 30,000 visitors for three days

Media: 50 Media outlets, both domestic and abroad, featuring reports on China Cybertech 2017

Activities

• 2016 Data Breach Investigations Report • Two Major International Defense Competitions

• More than 14 New Product Annoucement Conferences• Over 20 forums on Cloud Computing, Big Data, IoT, AI,

Fintech, Cyber Crime, Health, Identity Authentication, Legislation and Standards, etc.

Description

The Beijing Cyber Security Expo, one of the most infl uential Cyber Security events in Beijing, China, is held every year on April 28th to 30th. It is hosted

by the Beijing Municipal Public Security Bureau and organized by CEC Expo. Thus far, the Expo had successfully attracted cyber security giants such as BAIDU, TECENT, 360 TOTAL SECURITY,

CHEETAH MOBILE, HUAWEI, KNOWNSEC, NSFOCUS, KASPERSKY, and more.

• Security policy• Data breach incident management • Cloud security• Legislation and standards • Artifi cial intelligence

• Fintech security• Payment Security• Identity Access Management• Internet of things• Healthcare system


Top 10 It’s hardly a surprise that there is a growing number of cybersecurity-focused conferences and other events. The team of Infosec Conferences has made a special eff ort to select the best ones in the fi eld and there is the list for 2017 as of end-September.

Cybersecurity Events for 2017

#6 Troopers: This German event, which takes place

in Heidelberg, is one of Europe’s fi nest cybersecurity events. It off ers networking opportunities with some of the brightest minds in IT security globally.

#7 Nuit de Hack: As the name suggests, this conference

takes place in France and is among the oldest “underground” events in the cyber space. It brings together pros and amateurs to demonstrate skills. Also, Nuit de Hack has a jobs portal for participants.

#8 Chaos Communication Congress: That’s a classy

event, with lectures and workshops on technical and hacking topics as well as political issues. Every year, more than 10,000 people gather in Berlin to take part in it. It’s the largest hacker organization in Europe.

#9 NorthSec: Greate place to be if you’re new to cybersecurity.

This Canadian event is relatively new but has already earned a lot of praise. This year, there were three tracks at NorthSec: Application & Infrastructure, Cryptography/Obfuscation, and Society/Ethics. They also do a great Catch the Flag game.

#10 nullcon: This Indian event has won the admiration of

the InfoSec team for the friendly spirit of its organizers and its practical bend: the conference features presentations of innovative hacks and problem-solving exercises, along with speeches and networking.

https://infosec-conferences.com/events/conferences-top-ten-must-go-to/

#1 Def Con: That’s the most famous one, the “hacker

convention”. Since 1993, it’s been held annually in Las Vegas and brings together the cream of the cybersecurity business and research.

#2 ShmooCon: Organized by the Shmoo Group, this event

also features top cybersecurity experts, as well as a wide variety of talks and presentations, and, to top it all, it’s aff ordable.

#3 ToorCon: This West Coast conference is the perfect place

for cybersecurity hopefuls. It features lots of hands-on experience sharing from some of the top experts in the fi eld and it’s also popular for its more intimate ambience: the maximum number of attendees is 400.

#4 Thotcon: This one is a non-profi t and non-commercial

event for all those interested in cybersecurity but unable to aff ord the rates of the big guys. Speakers share in-depth knowledge and experience. It takes place every year in Chicago.

#5 Black Hat: Infosec calls this the commercial arm of Defcon.

It takes place in locations across the world. For cybersecurity professionals it’s a must, a right-of-passage sort of event. It is also the place where breaking news are fi rst announced.

Finnish cybersecurity services provider F-Secure has compiled cyberattack data for the fi rst half of 2017and things are not looking good. According to the company, this year will be worse than 2016. That’s certainly saying something since, as we know, 2016 brought some unpleasant trends and events such as ransomware basically becoming a mainstream event, two major data leaks, and an alleged hacker interference in the US presidential elections.

The Finnish company used a network of what it calls honeypots—decoy servers that attract attackers with the promise of valuable data—to collect data about attacks, including source location and type. The fi rst worrisome fi nding is that

the honeypot network experienced a 223% jump in connections, meaning a 223% jump in potential attacks from the second half of 2016.

While the company acknowledged that some of the increase was due to the higher number of honeypots included in the network, the size of the increase clearly

indicated that attacks are on the rise.In terms of geographical location, as much as 40% of attack attempts came from Russia.

A distant second was the United States, with 15% of attack attempts. Some

7% came from the Netherlands, Germany and Belgium were

home to 6% of attacks each, and China

accounted for

5%. As for target locations, most were in the US, at 42%, followed by Germany and the Netherlands, at 7% each, and the UK, at 4%.

F-Secure also notes that attackers are continually refi ning their attack methods, which all cybersecurity experts are warning about all the time, anyway. Now, the Finnish company says, they are more and more often trying to pass for normal users of a network, disguising themselves in the crowd. They also shift away from “noisy” attacks to more silent ones, opting for remote connections instead of port scanning, for example.

What all this tells businesses and network users is that the chances of becoming a cyberattack target have increased, just as IoT device use has increased. Hackers are, by the way, probably welcoming the IoT as a gift from god – so many devices to target!

F-Secure advises users to make sure they have the latest version of their operating system—although as we’ve seen recently, that’s no longer guarantee for security—and install auto-updates of their defense

software. Since 57% of attackers in the period that F-Security analyzed behaved like normal users,

potential targets might consider it safer to hire a cybersecurity services provider

to monitor their traffi c and improve the chances of attack

detection and response.

Where A acks Are Coming From

Russia 44%

United States 15%

Netherlands 7% Other 12%Belgium 6%

Germany 6%

China 5%

UK 2%France 1%

Vietnam <1%

Ukraine <1%

SOURCE: F-Secure A ack Landscape H1 2017

2017 Is Worse for Cybersecurity than 2016

The Biggest Targets

United States 42%

Netherlands 7%

Germany 7%

Other 29%

United Kingdom 4%

Austria 3%Russia 2% Ireland 2%

China 2%Italy 1%Japan 1%

SOURCE: F-Secure A ack Landscape H1 2017

https://business.f-secure.com/report-cyber-attack-landscape-of-2017-so-far

Global Cyberspace Security

F-Secure:


With cyberthreats on a fast rising curve, cybersecurity experts are constantly looking for new, better ways, to deter attacks and biometric technology is beginning to feature more prominently in their eff orts, writes Katie Dolamore for the Telegraph.

PINs and passwords are still all-present but biometric identifi cation technology is beginning to encroach on their territory because of its better eff ectiveness, experts say. The great thing about biometric identifi cation is, of course, that it works with unique features, such as fi ngerprints or irises. However, existing systems of this kind can sometimes be tricked by photos or by hacking the system.

So, researchers are developing biometric solutions that cannot be tricked.

These include a complete 3D scan of a user’s face for authentication, instead of a single element, and a vein scan, among others. French startup OneVisage off ers 3D face recognition through elaborate scanning, eliminating the danger of an attacker fooling the system with as 2D photo of a person. Hitachi’s vein-reading software off ers an alternative to fi ngerprint scans that ca be spoofed.

In fact, vein authentication seems to be among the most promising biometric cybersecurity solutions for the future. The tech uses near infrared rays to scan the vein pattern beneath the skin of your fi ngers to authenticate you. This pattern does not change with age, which makes it applicable for a wide demographic, and, what’s more important, it is very hard to hack: the tech only works with the actual vein patterns of living people.

Naturally, there is an issue of personal information security and it is an important question that legislators are addressing. A lot of awareness-raising is needed so people understand what sort of personal information

they are agreeing to disclose via biometric systems and how this information will be

secured. For now, however, biometric systems are far from the perfect state of aff airs where every user of an authentication system can choose whether they want to have their personal information captured and stored or not.

The future looks bright for biometric security solutions.

It starts looking a bit creepy, though, when you learn that advancements in biometric are also moving in the direction of mind-reading. OneVisage’s CEO, Christophe Remillet, says, a biometric authentication system that can read

your password directly from your brain would be completely unhackable. Yet,

as some cybersecurity experts would say, everything that can be hacked, will be hacked.

http://www.telegraph.co.uk/business/social-innovation/biometric-technology/


Biometric SystemsCould be the Future of Cybersecurity

g

nntnt yyy isisssss

face e eggg, ,

cc The e

they aat

yourwo

a



The method that the team employed is called Recursive Cortical Network and is an alternative to the deep learning approach, which basically comes down to—when we talk about CAPTCHAs—to showing an AI machine hundreds of thousands of diff erent shapes of, say, the letter A, until it memorizes them all.

Unlike that approach, which is far from perfect, recursive cortical network building equips the machine with the ability to build internal models of the

shapes—CATCHA letters—it “sees”. This means the AI can create its own model of what the letters are supposed to look like. How is this helpful for breaking down CAPTCHA defenses? It is closer to how the human brain processes visual information: we know how an A is supposed to look, so we would recognize the letter if it’s wobbly, or slanted, or twisted in any other way.

Now, although the AI is not always accurate, its success rate in tricking CAPTCHA programs has been impressive, at 66.6%

for reCAPTCHAs, 64.4% for BotDetect, 57.4% for Yahoo, and 57.1% for PayPal

The long-term goal of the researchers, as with all AI researchers, is

to create an artificial intelligence that is capable of human reasoning.

Yet the implications of such a development as this AI’s ability to trick systems it is human, may extend into cybersecurity. After all, CAPTCHAs are a very popular way of making sure you can tell humans from bots. Or at least they used to be.

But things are already moving on: Google has replaced its CAPTCHA system with more advanced identifi cation tests. It’s really a case of action and reaction: the more advanced AI becomes, the more advanced cybersecurity checks will need to become to outsmart the new intelligence that could fall into the wrong hands all too easily.

http://www.npr.org/sections/thetwo-way/2017/10/26/560082659/ai-model-

fundamentally-cracks-captchas-scientists-say

to create an artificial intelligence that is capable

of human reasoning.

A representa on of the le er A, which can be used to crack CAPTCHAs.

New Approach in AI Learning Lead to CAPTCHA BreakA team of researchers who applied a new method of developing artifi cial intelligence have announced their eff orts have resulted in the AI acquiring the ability to parse the text in CAPTCHA boxes like a human, essentially tricking the program into believe the AI a human.


In a paper titled Is Machine Learning Cy-bersecurity’s Silver Bullet, ESET looks into

the advantages and limitations of using machine learning for cybersecurity pur-poses. First of all, ESET makes the dis-tinction between supervised and unsu-pervised machine learning stating that the latter is practically useless for cyber-

security unless the algorithms are used to simply classify similar data and separate it

from any anomaly they encounter.

According to ESET, four are three main limitations to the use of machine

learning in cybersecurity.

First among these is what the company calls the training set. In order to be able to

utilize the powers of algorithms for cy-bersecurity solutions you need truly vast amounts of data that the algo-rithms can use to learn to distinguish

between clean, potentially unwanted, and malicious input. Accumulating this

amount of data takes a lot of time. What’s more, regardless of how much data an algorithm is fed, there is no guarantee it will be able to identify all future inputs it receives correctly, which renders the whole endeavor rather pointless.

Machine Learning Can Help Cybersecurity Eff orts but Can’t Replace Everything Else

I


Machine learning has been getting a lot of headline attention as it penetrates a growing number of industries thanks to its varied applications. Cybersecurity is a natural direction in which machine learning can develop and some even argue it can replace other cybersecurity approaches. Basically, ML proponents argue, you can teach the computers what to do and leave it all to them. However, one of the veterans in the business, ESET, warns that this is a too simplistic approach.


The second limitation, ESET says, is that maths can’t solve everything. A lot of new cybersecurity solutions providers, the company argues, claim that their algo-rithms can separate clean from malicious inputs by just “doing the math”. Yet, math-

ematics cannot solve everything and this has been demonstrated by renowned names including Alan Tur-ing and Fred Cohen. The latter demonstrated that it is impos-sible to be absolutely certain whether a program will act in a malicious way if you can only analyze it for a fi nite amount of time, which is, of course, the case with any human activity.

The third limitation of machine learning for cybersecurity purposes is that cybercriminals are not dumb. They are in fact quite smart and sometimes smarter than their op-

ponents. They can also use machine learning for their own ends, eff ec-

t i ve l y turning a solution against its developers. As n example, the ESET authors note steganography: burying malicious code in a harmless fi le, such as an image. This attack method allows the malware to pass undetected, hidden deep in the pixel set-ting of the image fi le. Alternatively, they can split the malware among several fi les that ap-pear to be clean but are in fact infected.

The fourth and fi nal limitation of machine

learning is false posi-tives. Sometimes

false positives can have worse conse-

quences than let-ting malware slip through the cracks of a cybersecurity system. For exam-ple, ESET says, if a car factory’s cy-bersecurity system mislabels a clean program as malware and deletes it, while in fact the program is an es-sential element of the production software, this would result in production delays and millions in compensation.

So, how can these limitations be

overcome?

By supporting machine learning with: human in-

volvement, whitelisting lockdown, minimal function-

ality, and a well-tuned security solution.

For environments that need a round-the-clock moni-

toring, introducing a human par-ticipant in the cybersecurity pro-

cess would be suffi cient to ensure immediate reaction to anything fl agged by the software as suspicious,

reducing the risk of false positives.Whitelisting lockdown refers to

environments where computers only run a limited range of applications and

these can be whitelisted, while anything else is practically blacklisted. This solu-

tion does limit the available space for at-tacks but it also reduces the functionality of

the system.Finally, the most radical approach would

be to opt for minimal functionality. This would considerably reduce the amount of space avail-

able for hackers to try and penetrate, but it will also leave a lot of clean input out.

The optimal solution, then, is to develop a well-balanced solution that takes into account the

characteristics of the specifi c environment and uses human administrators to supervise the machines. In

fact, ESET compares the building an eff ective cyber-security solution to protecting a home by using sev-

eral diff erent layers of defense, from a fence to an alarm system. It’s the same with cybersecurity, the paper’s au-

thors argue. There is no one-size-fi ts-all solution, espe-cially one that entirely relies on algorithms.

https://www.welivesecurity.com/wp-content/uploads/2017/08/NextGen_ML.pdf

II

III

IV

The second limitation, ESET says, t maths can’t solve everything. A lot w cybersecurity solutions providers,

ompany argues, claim that their algo-s can separate clean from malicious s by just “doing the math”. Yet, math-cannot solve everything and this has enowned names including Alan Tur-

e latter demonstrated that it is impos-rtain whether a program will act in a only analyze it for a fi nite amount of

e, the case with any human activity.

he third limitation of machine ng for cybersecurity purposes is cybercriminals are not dumb. are in fact quite smart and

times smarter than their op-ts. They can also use machine for their own ends, eff ec-

on against its developers. As uthors note steganography:

in a harmless fi le, such as ethod allows the malware den deep in the pixel set-Alternatively, they can g several fi les that ap-in fact infected.

fourth and fi nal on of machine ng is false posi-s. Sometimes se positives can ve worse conse-nces than let-

ugh the cracks m. For exam-factory’s cy-

abels a clean d deletes it,m is an es-oduction

result in millions

So, howlim

By supportinlearning with

volvement,lockdown, minim

ality, and a well-tusolution.

For environneed a round-the-

toring, introducing aticipant in the cyber

cess would be suffi cieimmediate reactionfl agged by the software a

reducing the risk of falseWhitelisting lockdo

environments where comrun a limited range of app

these can be whitelisted, whelse is practically blackliste

tion does limit the available tacks but it also reduces the fu

the system.Finally, the most radical app

be to opt for minimal functionalitconsiderably reduce the amount o

able for hackers to try and penetraalso leave a lot of clean input out.

The optimal solution, then, iswell-balanced solution that takes into

characteristics of the specifi c environmhuman administrators to supervise the

fact, ESET compares the building an effsecurity solution to protecting a home

eral diff erent layers of defense, from a fencsystem. It’s the same with cybersecurity, th

thors argue. There is no one-size-fi ts-all socially one that entirely relies on algorithms.

https://www.welivesecurity.com/wp-content/uN


Western Cybersecurity CompaniesWith increased cyber threats and demand for prevention and solution, we’ve compiled a list of top 50 cybersecurity fi rms, aimed to serve as apreliminary resource guide. The top of 50 top western cybersecurity companies are rated by Cybersecurity Ventures (https://cybersecurityventures.com) and the top 50 China cybersecurity companies are rated by Anqiu.com (http://www.aqniu.com) from China. We hope the brief introduction of the focused solutions from the listed companies can help with prevention and protection toward potential threats and breaches.

# Company Cybersecurity Sector

Corporate HQ Info

1 Herjavec Group

Informa on Security Services

Toronto, Canada

At Herjavec Group, informa on security is what we do. Suppor ng your IT Security Lifecycle drives our business and your infrastructure’s protec on is our only priority. We are an expert team of highly dedicated security specialists, supported by strategic and emerging technology partners, who are laser focused on informa on security for our enterprise customers. Herjavec Group quickly became one of North America’s fastest-growing technology companies. We deliver managed security services globally supported by state-of-the-art, PCI compliant Security Opera ons Centres (SOC), operated 24/7/365 by cer fi ed security professionals.

2 IBM Security

Enterprise IT Security Solu ons

Waltham MA

IBM integrated security intelligence protects businesses around the world. New technological ca-pabili es come with new vulnerabili es. How do you keep up with a acks when there is a shortage of IT security skills and rising costs to secure your data? How fast can you address an a ack when your solu ons aren’t integrated? IBM off ers a deep enterprise security por olio customized to your company’s needs. Unmatched in ability to help you disrupt new threats, deploy security innova ons and reduce the cost and complexity of IT security, IBM can safeguard your most cri cal data from compromise.

3 Raytheon Cyber

Cyber Security Services

Waltham MA

Raytheon Cyber provides a comprehensive range of services including Cyber Analy cs, Cyber Hard-ening, Cyber Range, Cyber Security Opera ons Centers (CSOC), Managed Security Services, Proac ve and Dynamic Defense, Threat Research and Assessment, and the UK Cyber Innova on Centre.

4 EY Cybersecurity Consul ng &

Advisory

London, UK At EY, we have an integrated perspec ve on all aspects of organiza onal risk, and cybersecurity is a key area of focus where EY is an acknowledged leader in the current landscape of mobile technology, social media and cloud compu ng.EY provides services in 6 core pillars with over 160 unique cyber off erings - including Cyber Digital & Analy cs, Cyber Defense & Response, Cyber Strategy & Architecture, Cyber Opera ons (Cyber-as-a-Service), Cyber Governance & Compliance and Cyber Technology & Innova on.

5 Mimecast Email Security Watertown MA

Mimecast delivers cloud-based email management for Microso Exchange, including archiving, con nuity and security. By unifying disparate and fragmented email environments into one holis c solu on that is always available from the cloud, Mimecast minimizes risk and reduces cost and complexity, while providing total end-to-end control of email.

6 KnowBe4 Security Awareness

Training

Clearwater FL

KnowBe4 has become the world’s most popular integrated Security Awareness Training and Simu-lated Phishing pla orm. Thousands of enterprise accounts are using it, 25% of which are banks and credit unions. Based on Kevin Mitnick’s 30+ year unique fi rst-hand hacking experience, you now have a tool to be er manage the urgent IT security problems of social engineering, spear phishing and ransomware a acks. With this world-class, user-friendly and eff ec ve Internet Security Awareness Training, KnowBe4 provides self-service enrollment, and both pre-and post-training phishing security tests that show the percentage of end-users that are Phish-prone.

7 Cisco Threat Protec on & Network

Security

San Jose CA Cisco security innova ons provide highly secure fi rewall, web, and email services while helping to enable mobility and teleworking. Cisco security products include:Access Control and Policy; Advanced Malware Protec on; Email Security; Firewalls; Network Secu-rity; Next Genera on Intrusion Preven on System (NGIPS); Security Management; VPN and Endpoint Security Clients; Web Security

WiWiWithththhhh iiincncncwewewe’v’v’veeee e e cococoprprpreleleliprprpreleleliiiprpprelee iiiimimiminininimmminiiimimiminincococompmpmppppananancycycybebebeeeersrsrsecececcococompmpmppppanananWeWeWe hhhhhhopopopeeecococompmpmppppppanananppppthththrerereaaaatatats s s aaa



Corporate HQ Info

8 Sophos An -Virus & Malware Protec on

Abingdon, UK Sophos helps organiza ons keep their data safe and stop the growing number of complex threats. We provide a full range of endpoint, encryp on, email, web and NAC products, help-ing our customers protect their businesses and meet compliance needs.

9 Sera-Brynn Cyber Risk Management

Suff olk VA Sera-Brynn® is a globally recognized cybersecurity audit and advisory fi rm dedicated to help-ing its clients secure their compu ng environments and meet applicable mandatory industry and government compliance requirements in the most economic and effi cient manner possible. Sera-Brynn® is the only PCI QSA in North America partnered with a mul -billion dollar fi nan-cial ins tu on, which gives us a unique perspec ve into the economic aspects of mee ng cybersecurity compliance requirements

10 Lockheed Mar n

Cybersecurity Solu ons &

Services

Bethesda MD At Lockheed Mar n, cyber security begins with the customer’s mission and requirements and ends with a security solu on that is integrated, proac ve, and resilient.

11 Clearwater Compliance

Risk Management

and Compliance

Nashville TN Clearwater Compliance, LLC, focuses on helping healthcare organiza ons and their service providers improve pa ent safety and the quality of care by assis ng them to establish, opera- onalize and mature their informa on risk management programs. Led by veteran, C-suite

healthcare execu ves, Clearwater provides comprehensive, by-the-regs so ware and tools, educa onal events, and expert professional/advisory services for healthcare organiza ons ranging from major healthcare systems, hospitals, health plans and Fortune 100 companies, to medical prac ces and healthcare startups. Since 2003, the company has served over 400 organiza ons.

12 Forcepoint Insider, Cloud & Network

Security

Aus n TX Forcepoint is transforming cybersecurity by focusing on what ma ers most: understand-ing people’s intent as they interact with cri cal data and intellectual property wherever it resides. Our uncompromising systems enable companies to empower employees with unobstructed access to confi den al data while protec ng intellectual property and simplify-ing compliance.

13 Thyco c Privileged Account

Management

Washington DC

Thyco c deploys smart, reliable, IT security solu ons that empower companies to control and monitor privileged account creden als and iden ty access for administrators and end-users. An Inc. 5000 company, Thyco c is recognized as the fastest growing privileged management vendor in IT security and one of the top 30 fastest growing companies head-quartered in Washington, DC. www.thyco c.com

14 BAE Systems Cybersecurity Risk

Management

Surrey, UK Our consul ng services help clients to prepare for cyber a acks by understanding and managing cyber exposure, enabling them to make informed investment decisions and to put pragma c, cost-eff ec ve protec on in place.

15 CyberArk Cyber Threat Protec on

Petach-Tikva, Israel

CyberArk is the only security company laser-focused on striking down targeted cyber threats, those that make their way inside to a ack the heart of the enterprise. Dedicated to stopping a acks before they stop business, CyberArk is trusted by the world’s leading companies – including more than 35% of the Fortune 100 companies – to protect their highest-value informa on assets, infrastructure and applica ons.

16 Digital Defense

Managed Security Risk Assessment

San Antonio TX

Founded in 1999, Digital Defense, Inc., is a premier provider of managed security risk assess-ment solu ons protec ng billions in assets for small businesses to Fortune companies in over 65 countries. Our dedicated team of experts helps organiza ons establish an eff ec ve culture of security and embrace the best prac ces of informa on security.

17 Rapid7 Security Data & Analy cs

Solu on

Boston MA Rapid7’s IT security solu ons deliver visibility and insight that help to make informed decisions, create credible ac on plans, monitor progress, and simplify compliance and risk management. Over 2,500 enterprises use Rapid7’s simple, innova ve solu ons and its free products are downloaded over one million mes per year and enhanced by more than 200,000 open source security community members

18 Palo Alto Networks

Threat Detec on & Preven on

Santa Clara CA

Palo Alto Networks, Inc. has pioneered the next genera on of network security with our innova ve pla orm that allows you to secure your network and safely enable an increasingly complex and rapidly growing number of applica ons. At the core of this pla orm is our next-genera on fi rewall, which delivers visibility and control over applica ons, users, and content within the fi rewall using a highly op mized hardware and so ware architecture.

19 DFLabs Automated Incident & Breach Response

Lombardy, Italy

DFLabs is a Technology and Services company specialized in Cyber Security Incident and Data Breach Response. Our mission is: elimina ng the complexity of Cyber Security Incident and DataBreach, reducing reac on me and risk exposure. In other words Cyber Incidents Under Control. IncMan has been created for SOC and CSIRT orchestra on, and It is currently being used by many Fortune 100/1000, and Financial Services Ins tu ons worldwide. For More Info Go Here or visit us on the web at www.dfl abs.com



Corporate HQ Info

20 FireEye Advanced Threat

Protec on

Milpitas CA FireEye has invented a purpose-built, virtual machine-based security pla orm that provides real- me threat protec on to enterprises and governments worldwide against the next gen-era on of cyber a acks. The FireEye Threat Preven on Pla orm provides real- me, dynamic threat protec on without the use of signatures to protect an organiza on across the primary threat vectors and across the diff erent stages of an a ack life cycle. The core of the FireEye pla orm is a virtual execu on engine, complemented by dynamic threat intelligence, to iden fy and block cyber a acks in real me. FireEyehas over 2,700 customers across 67 countries, including over 157 of the Fortune 500.

21 Symantec Endpoint, Cloud & Mobile

Security

Mountain View CA

Founded in 1982, Symantec has evolved to become the global leader in cyber security, with more than 11,000 employees in more than 35 countries. Opera ng one of the world’s largest cyber intelligence networks, we see more threats, and protect more customers from the next genera on of a acks. We help companies, governments and individuals secure their most important data wherever it lives.

22 Booz Allen Cybersecurity Solu ons &

Services

New York City NY

In a world where everyone is connected, our future is ed to the access, availability and syn-thesis of informa on. That’s why Booz Allen has pioneered a mul disciplinary approach to cybersecurity – one that leverages game-changing technologies and standards to maximize security in the digital environment.

23 Code Dx So ware Vulnerability Management

Northport NY Find, priori ze, and manage so ware vulnerabili es – fast and aff ordably Code Dx is a so -ware vulnerability management system that brings together sta c and dynamic code analysis so you can quickly fi nd and manage vulnerabili es in the code you write, in the languages you use, at a price you can aff ord. By correla ng and consolida ng the results of hybrid appli-ca on tes ng techniques Code Dx helps fi nd the most severe and exploitable vulnerabili es fi rst. Code Dx accelerates the vulnerability discovery and remedia on process.

24 Nexusguard Cloud Enabled DDoS Mi ga on

Hong Kong As a long me leader in DDoS defense, Nexusguard is at the forefront of the fi ght against ma-licious Internet a acks, protec ng organiza ons worldwide from threats to their websites, services, and reputa ons. Con nually evolving to face new threats as they emerge, we have the tools, insight, and know-how to protect our clients’ vital business systems no ma er what comes their way.

25 Telos Corpora on

Risk Management &

Compliance

Ashburn VA For more than 25 years, Telos Corpora on has pursued a single goal: to empower and protect the enterprise with con nuous security assurance for people, systems, and informa- on. Telos gives you constant confi dence in your cyber security posture. So you can manage

risk while achieving your goals. Protect your most vital informa on assets. And assure your customers that it’s safe doing business with you.

26 Check Point So ware

Unifi ed Threat Management

Since 1993, Check Point has been dedicated to providing customers with uncompromised protec on against all types of threats, reducing security complexity and lowering total cost of ownership. We are commi ed to staying focused on customer needs and developing solu- ons that redefi ne the security landscape today and in the future.

27 RSA Intelligence Driven Security

Bedford MA RSA® Business-Driven Security™ solu ons uniquely link business context with security incidents to help organiza ons manage risk and protect what ma ers most. RSA protects millions of users worldwide and works with more than 90 percent of the Fortune 500.

28 Proofpoint Security-as-a-Service

Sunnyvale CA Your people do business well beyond the bounds of tradi onal network perimeters and connected endpoints. Email, social media, and mobile devices are the new tools of the trade–and for cyber criminals, the new tools of a ack. Proofpoint protects your people, data and brand against advanced threats and compliance risks. Built on the cloud and the world’s most advanced intelligence pla orm, our solu ons help you eff ec vely detect and block targeted a acks and respond quickly to suspected compromises.

29 BT Security & Risk Management

Solu ons

London, UK We’re a leading global business communica ons provider. With more than 17,000 people worldwide, we supply ICT services to 5,500 mul na onal companies across 180 countries worldwide. We combine our global strengths in networking, cloud-based unifi ed collabora- on, hybrid cloud services and security with our deep exper se and global delivery model

to be a trusted partner for our customers. We provide them with the services they need to enable the digital transforma on of their businesses.

30 Deloi e Global Risk Management

Services

New York City NY

“Deloi e” is the brand under which tens of thousands of dedicated professionals in inde-pendent fi rms throughout the world collaborate to provide audit & assurance, consul ng, fi nancial advisory, risk advisory, tax and related services to select clients.These fi rms are members of Deloi e Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”). Each DTTL member fi rm provides services in par cular geo-graphic areas and is subject to the laws and professional regula ons of the par cular country or countries in which it operates




Corporate HQ Info

31 Trend Micro Server, Cloud, and Content

Security

Tokyo, Japan Since its incep on in 1988, Eva Chen has spearheaded Trend Micro’s emergence as one of the world’s most innova ve Internet content security companies.Before becoming CEO, Eva served as execu ve vice president from 1988-1996 and CTO from 1996-2004. Under her direc on, Trend Micro has produced a chronology of industry fi rsts, from unique products to security management approaches. As a result of her innova ve leadership, she was appointed CEO in late 2004.

32 PwC Cybersecurity Consul ng &

Advisory

London, UK With offi ces in 158 countries and more than 236,000 people, we are among the leading professional services networks in the world. We help organisa ons and individuals create the value they’re looking for, by delivering quality in assurance, tax and advisory services. Some facts about PwC:In FY17, PwC fi rms provided services to 419 companies in the Fortune Global 500 and more than 100,000 entrepreneurial and private businesses

33 Zi en Unifi ed Security & Management

Aus n TX End-user mobility and the cloud have forever changed systems management and security. Client devices operate off -net and offl ine. Server workloads are virtual and operate in the cloud. But siloed endpoint tools provide only par al, point-in- me data that leaves gaps for IT opera ons and security teams to piece together while trying to address today’s opera onal and security challenges – exposing organiza ons to unacceptable risks and un-necessary costs. Zi en brings it all together with all-the- me visibility and control – enabling IT opera ons and security teams to quickly act to repair user-impac ng issues, minimize endpoint risks, and eliminate threats on any asset, anywhere.

34 Kaspersky Lab Malware & An -Virus Solu ons

Moscow, Russia

Kaspersky Lab is a global cybersecurity company celebra ng its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security exper se is constantly transforming into security solu ons and services to protect businesses, cri cal infrastructure, governments and consumers around the globe. The company’s comprehensive security por olio includes leading endpoint protec on and a number of specialized security solu ons and services to fi ght sophis cated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what ma ers most to them. Today the database is one of the most comprehensive and complete collec- ons in cybersecurity, protec ng systems from more than 100 million malicious programs.

35 SecureWorks Managed Security Services

Atlanta GA We have provided trusted managed security services to organiza ons of all sizes since 1999. We maintain a global presence to counter a global threat, opera ng four Counter Threat Opera ons Centers processing up to 240 billion cyber events dailyIntelligence developed by the Secureworks Counter Threat Unit™ (CTU) research team enables us to provide you with unparalleled protec on against today’s threats

36 Carbon Black Endpoint & Server Security

Pla orm

Waltham MA Thirty of the Fortune 100 rely on Carbon Black. Our diverse customer base includes Silicon Valley leaders in internet search, social media, transporta on, government, fi nance, and higher educa on. Collec vely, 3,000+ organiza ons trust us to protect more than 9 mil-lion endpoints around the world. With an eye on empowering every security team and protec ng every endpoint, we stand true to our founding vision: To create a world safe from cybera acks.

37 Checkmarx So ware Development

Security

Tel-Aviv, Israel Checkmarx was founded in 2006 with the vision of providing comprehensive solu ons for automated security code review. The company pioneered the concept of a query language-based solu on for iden fying technical and logical code vulnerabili es.Checkmarx staff is commi ed to both customers and technology innova on. Our research and development goes side by side with our business opera ons, to provide the best pos-sible products and services to our customers.

38 Tenable Network Security

Vulnerability Scanning

Columbia MD Tenable™, Inc. is the Cyber Exposure company. Over 23,000 organiza ons of all sizes around the globe rely on Tenable to manage and measure their modern a ack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its pla orm from the ground up to deeply understand assets, networks and vulnerabili es, extending this knowledge and exper se into Tenable.io™ to deliver the world’s fi rst pla orm to provide live visibility into any asset on any compu ng pla orm. Tenable customers include more than 50 percent of the Fortune 500, large government agencies and mid-sized organiza ons across the private and public sectors.

39 Threat Stack Cloud Infrastructure

Security

Boston MA Our mission as a leading cloud security company is to provide the highest quality insights to help our customers operate securely in the cloud. Threat Stack takes a comprehensive approach to intrusion detec on, by combining con nuous security monitoring and risk assessment purpose-built for today’s infrastructure – so you can feel confi dent that you’re protected from intrusion, insider threats, & data loss.



Corporate HQ Info

40 i-Sprint Innova ons

Iden ty & Access

Management

Chai Chee, Singapore

i-Sprint Innova ons (i-Sprint) established in the year 2000, is a premier iden ty, creden al and access management solu ons provider that enables individuals, organiza ons, and socie es to build trust and iden ty assurance for powering produc vity gain through digital iden ty and iden ty of things (IDoT). i-Sprint as a world class Solu on Provider in Iden ty, Creden al and Access Management Solu on enables individuals, organiza ons and socie es to build trust and iden ty assurance for powering huge produc vity gain through digital iden ty and iden ty of things.

41 Intel Security Group

An -Virus, Malware & Threat

Protec on

Santa Clara CA

McAfee has a clear mission and roadmap for the future–to drive limitless innova on, securely. We believe that no one person, product, or organiza on can fi ght cybercrime alone. It’s why we rebuilt McAfee around the idea of working together. People working together. Products working together. Organiza ons and industries working together. Our goal is to spread this collabora ve a tude to our customers, partners, even compe tors. All uni ng to overcome the greatest challenge of the digital age–cybercrime–and making the connected world more secure.

42 AlienVault Threat Detec on &

Response

San Mateo CA We founded AlienVault to help organiza ons of all shapes and sizes achieve world-class security without the headaches and huge expense of other solu ons. And we are passionate about our mission. To give our customers the very best threat detec on and response, our unifi ed pla orm – AlienVault Unifi ed Security Management (USM) – combines 5 key security capabili es with expert threat intelligence that is updated every 30 minutes with data from the Open Threat Exchange (OTX) that has been analyzed and classifi ed by our AlienVault Labs team.

43 For net Enterprise Security

Solu ons

Sunnyvale CA From the start, the For net vision has been to deliver broad, truly integrated, high-perfor-mance security across the IT infrastructure.We provide top-rated network and content security, as well as secure access products that share intelligence and work together to form a coopera ve fabric. Our unique security fabric combines Security Processors, an intui ve opera ng system, and applied threat intelligence to give you proven security, excep onal performance, and be er visibility and control--while providing easier administra on.

44 Imperva Data & Applica ons

Security

Redwood Shores CA

Imperva is a leading provider of data and applica on security solu ons that protect business-cri cal informa on in the cloud and on-premises. Founded in 2002, we have enjoyed a steady history of growth and success, genera ng $264 million in 2016, with over 5,200 customers and more than 500 partners in 100+ countries worldwide.

45 AT&T Network Security

Managed Security & Consul ng

Bedminster NJ

At AT&T, we’re bringing it all together. We deliver advanced mobile services, next-genera on TV, high-speed internet and smart solu ons for people and businesses. That’s why we’re inves ng to be a global leader in the Technology, Media and Telecommunica ons industry.

46 Northrop GrummanGrumman

Cyber & Homeland

Security Services

McLean VA Northrop Grumman is a leading global security company providing innova ve systems, products and solu ons to government and commercial customers worldwide, off ering an extraordinary por olio of capabili es and technologies for applica ons from undersea to outer space and into cyberspace.

47 BlackBerry Mobile & Data Security

Waterloo, Canada

BlackBerry is a leading cybersecurity so ware and services company dedicated to securing the Enterprise of Things. Based in Waterloo, Ontario, the company was founded in 1984 and operates in North America, Europe, Asia, Australia, Middle East, La n America and Africa.

48 SAS Ins tute Fraud & Security Analy cs

Cary NC SAS – both the so ware and the company – thrived throughout the next few de-cades. Development of the so ware a ained new heights in the industry because it could run across all pla orms, using the mul vendor architecture for which it is known today. While the scope of the company has spread across the globe, the encouraging and innova ve corporate culture has remained the same.

49 HackerOne Bug Bounty Pla orm

San Francisco

CA

Created by security leaders from Facebook, Microso and Google, HackerOne is the fi rst vulnerability coordina on and bug bounty pla orm. We empower companies to protect consumer data, trust and loyalty by working with the global research community to surface your most relevant security issues. HackerOne is a venture-backed company with headquarters in San Francisco.

50 Inspired eLearning

Security Awareness

Training

San Antonio TX

Our award-winning Security Awareness, Compliance, and HR training solu ons help organiza ons build a culture of accountability and awareness that mi gates risk. Our courses are more than just a requirement: they’re dynamic programs that engage par cipants with high-quality content, driving your workforce towards sustainable, measurable improvements.



China Cybersecurity Companies

公司名称电话市场部联系人网址主要业务领域

1 华为 0086-10-81034499

任娟 www.huawei.com/cn/ 防火墙&NGFW、入侵检测(IDS)/入侵防御(IPS)、统一威胁管理(UTM)、抗DDoS设备、上网行为管理、VPN、Web应用防火墙(WAF)、云抗D、云WAF、移动终端安全、威胁情报、大数据安全、APT。

2 启明星辰 010-82779088 徐梓洋 h p://www.venustech.com.cn/

"防火墙&NGFW、网络隔离（网闸）、入侵检测(IDS)/入侵防御(IPS)、统一威胁管理(UTM)、数据库安全、数据防泄密DLP、VPN、漏洞扫描、SOC&NGSOC、评估加固&安全运维。"

3 深信服 0755-86627888 陈娟娟 h p://www.sangfor.com.cn/

"防火墙&NGFW、统一威胁管理(UTM)、上网行为管理、VPN、移动终端安全。"

4 绿盟科技 010-68438880 徐钏 h p://www.nsfocus.com.cn/

"防火墙&NGFW、入侵检测(IDS)/入侵防御(IPS)、统一威胁管理(UTM)、主机防护及自适应、抗DDoS设备、数据库安全、漏洞扫描、Web应用扫描与监控、Web应用防火墙(WAF)、安全咨询服务、评估加固&安全运维。"

5 360企业安全 4008-136-360 赫添 h p://b.360.cn/ "防火墙&NGFW、网络隔离（网闸）、统一威胁管理(UTM)、终端防护&防病毒、终端检测响应(EDR)、VPN、代码审计、Web应用防火墙(WAF)、移动APP安全、移动终端安全、威胁情报、大数据安全、APT、SOC&NGSOC、渗透测试服务。"

6 亚信安全 (010) 5825 6889 胡婷 h p://www.asiainfo-sec.com/

"统一威胁管理(UTM)、主机防护及自适应、终端防护&防病毒、终端检测响应EDR、防垃圾邮件、云基础架构安全、移动终端安全、APT、反钓鱼、SOC&NGSOC。"

7 天融信 010-82776666 邹佳丽 h p://www.topsec.com.cn/

"防火墙&NGFW、入侵检测(IDS)/入侵防御(IPS)、数据防泄密(DLP)、VPN、云基础架构安全、大数据安全。"

8 卫士通 028-62386000 h p://www.westone.com.cn/

"防火墙&NGFW、入侵检测(IDS)/入侵防御(IPS)、VPN、磁盘加密、文档安全、加密机。"



9 新华三 010-83030601 朱佳音 h p://www.h3c.com/cn/ "防火墙&NGFW、入侵检测(IDS)/入侵防御(IPS)、统一威胁管理(UTM)、VPN。"

10 安恒信息 0571-288609990571-28860099

李小尘 h p://www1.dbappsecu-rity.com.cn/index.aspx

数据库安全、Web应用扫描与监控、Web应用防火墙(WAF)、堡垒机/运维安全、大数据安全、等保工具。

11 美亚柏科 0592-5300188 王劲坦 h ps://300188.cn/ "大数据安全、安全取证、舆情监控、安全培训教育、安全集成服务。"

12 山石网科 010-62997288 冯书萍 h ps://www.hillstonenet.com.cn/

"防火墙&NGFW、入侵检测(IDS)/入侵防御(IPS)、统一威胁管理(UTM)、Web应用防火墙(WAF)、云基础架构安全。"

13 梆梆安全 4008-881-881 郑弛 h ps://www.bangcle.com/

"移动app安全、移动网络安全、移动安全测评、移动安全SOC。"

14 安天 010-82893723 李娜 h p://www.an y.cn/ "主机防护、终端防护&防病毒、移动app安全、威胁情报、APT。"

15 恒安嘉新 010-62384566 李靖 h p://eversec.com.cn/ 移动网络安全。

16 蓝盾股份 "020-85526663（广州总部）

010-82825516（北京分部）"

谢益彬 h p://www.bluedon.com/ "防火墙&NGFW、入侵检测(IDS)/入侵防御(IPS)、安全集成服务。"

17 北信源 010-62140485/86/87

王赛 h p://www.vrv.com.cn/ "网络准入(NAC)、终端防护&防病毒、数据防泄密(DLP)、移动终端安全。"

18 迪普科技 0571-28280933（市场）

于经理 h p://www.dptech.com/ "防火墙&NGFW、入侵检测(IDS)/入侵防御(IPS)、统一威胁管理(UTM)、抗DDoS设备。"

19 通付盾 010-62358221 张馨 h ps://www.tongfudun.com/

云身份管理、移动app安全、反欺诈。

20 飞天诚信 010-62304466 薛璐 h p://www. safe.com.cn/

身份管理。

21 立思辰 010-8273 6600 宁冉 h p://www.lanxum.com/ 加密机、工控安全。

22 北京CA (010)58045600 h p://www.bjca.org.cn/ CA数字证书。

23 明朝万达 010-82743939 崔春霞 h p://www.wonderso .cn/

文档安全、磁盘加密、移动终端安全。

24 爱加密 010-82825622（市场）

h p://www.ijiami.cn/ 移动app安全。

25 任子行 0755-86168366 李思月 h p://www.1218.com.cn/ 上网行为管理、舆情监控。

26 知道创宇 "400-060-9587010-57076191"

陈雪 h ps://www.knownsec.com/#/

"Web应用扫描与监控、云抗D、云WAF、大数据安全。"

27 东软 (86 24) 8366 7788 闫洁 h p://www.neuso .com/cn/

"防火墙&NGFW、入侵检测(IDS)/入侵防御(IPS)、Web应用防火墙(WAF)、SOC&NGSOC。"

28 中新网安 0551-65178555 徐航 h p://www.cnzxso .com/ "防火墙&NGFW、抗DDoS设备、Web应用防火墙(WAF)、云抗D、APT。"

29 信安世纪 010-68025518 陈晓萍 h p://www.infosec.com.cn/

"VPN、堡垒机/运维安全、CA数字证书、身份管理。"




30 永信至诚 010-59403168 许学伟 h p://www.integritytech.com.cn/

攻防训练平台、安全培训教育。

31 泰岳安全 010-58847555 h p://www.ultrapower.com.cn/portal/ultraWeb.

ac on

"堡垒机/运维安全、SOC&NGSOC、安全集成服务。"

32 格尔软件 CA数字证书。

33 众人科技 "8621-339333308610-64669133"

吕茂强 h p://www.people2000.net/

"身份管理、云身份管理、移动业务安全、大数据安全、安全集成服务。"

34 圣博润 8610-82138088 杜英 h p://www.sbr-info.com/ 终端防护&防病毒、堡垒机/运维安全、等保工具。

35 上海观安 021-51206032 h ps://web.idss-cn.com/ 大数据安全，安全大数据。

36 中兴通讯 0755-26770000 h p://www.zte.com.cn/china/

安全集成服务。

37 锐捷网络 0591-28053888-6729

h p://www.ruijie.com.cn/ NGFW、上网行为管理、大数据安全分析平台、WAF、网站安全。

38 优炫软件 010-82886998 逯经理 h p://www.uxsino.com/ 文档安全、数据库安全。

39 交大捷普 029-88333000 h p://www.jump.net.cn/ 防火墙&NGFW、数据库安全、Web应用防火墙(WAF)、SOC&NGSOC、评估加固&安全运维。

40 上讯信息 021-51905999 h p://www.suninfo.com/ 网络准入(NAC)、堡垒机/运维安全、数据库安全、磁盘加密、移动终端安全、安全集成服务。

41 科来 010-82601814-823 金一 h p://www.colaso .com.cn/

APT、安全取证、安全培训教育。

42 安赛科技 400-8888-405 卢云燕 h ps://www.aisec.com/cn/

"Web应用扫描与监控、Web应用防火墙(WAF)。"

43 安博通 010-59576478 邓思 h p://abtweb1.w209.mc-test.com/

防火墙&NGFW、SOC&NGSOC。

44 白虹软件 "021-50271531010-53318218"

h p://www.baihongso .com/

安全取证。

45 安全狗 0592-3764402 庞怀东 h p://www.safedog.cn/ 主机防护及自适应、Web应用防火墙(WAF)。

46 安华金和 010-57569528 李墨 h p://www.dbsec.cn/ 数据库安全。

47 鼎普 010-57328000 h p://www. pfocus.com/ 内网安全、安全集成。

48 华途 010-56913600 陈经理 h p://www.huatuso .com/

主要业务领域：文档安全。

49 国舜股份 010-82838085 司洋 h p://www.unisguard.com/

网页防篡改、评估加固&安全运维。

50 美创 0571-28236100 颜经理 h p://www.mchz.com.cn/meichuang/

数据库安全、业务系统容灾。


Cybertech Tel Aviv 2018 Cybertech 2018, the 5th international event for the cyber industry, will take place in Tel Aviv, Israel, on January 29-31, 2018. This annual global event is the foremost platform for bringing together multinational companies, innovative startups, private and corporate investors, venture capital fi rst, senior government offi cials, entrepreneurs, cyber technology clients and other experts from around the world. Offering attendees an unparalleled opportunity to get acquainted with the latest cyber innovations and solutions from around the world, serving as an incredible B2B platform. Cybertech places special emphasis on networking, strengthening existing relationships and forming new ones.

Hundreds of foreign delegations, representatives of multinational corporations and foreign investors will travel to Israel to gain exposure to the latest innovations in cyber technologies, and take part in the conference and mega exhibition, from countries such as Vietnam, Netherlands, UK, India, USA and many more. The event will allow businesses, startups, investors, government offi cials, military personnel, ambassadors and exhibition visitors to focus on networking, strengthening existing alliances, and forming new ones.

Cybertech offers exciting participation opportunities for a variety of companies and organizations - from the smallest startups to global conglomerates, and for media, government, non-profi ts, chambers of commerce and much more.

Cybertech Tel Aviv is the fl agship event of Cybertech Global Events, producers of Cybertech conferences and exhibitions - both mega-events and boutique sessions - in locations such as Rome, Fairfax, Beverly Hills, Panama City, Tokyo, and Singapore.

In 2017 alone, Cybertech Tel Aviv gathered over 13,500 delegates, 139 Israeli and international speakers, and 204 companies and startups. Cybertech Tel Aviv 2018 will feature variety of cyber-dedicated professional presentations, events and panels with experts from around the world regarding diverse topics such as international cyber cooperation, cyber security for the healthcare industry, securing air and sea ports, in addition to a hacker zone, startup competition and more. In addition to the unique opportunity to discover the latest innovations in the local and global cyber community, Cybertech presents problem-solving strategies and solutions to challenges for a wide range of sectors including fi nance, defense, transportation, utilities, R&D, energy, manufacturing, service sectors, health, media, government, and more.

Cybertech Tel Aviv attracts high-level speakers from around the world. Previous speakers have included Israeli Prime Minister Benjamin Netanyahu, Michigan Governor Rick Snyder, and Cisco CEO Chuck Robbins. This year’s speakers include the GM Security of Micro Focus, Head of Security of PwC, ethical hacker Saket Modi, and CISO of the National Payment Corporation of India, and others from companies like Mobileye, IBM, and Dell-EMC.

Please contact Eliana Schwartz at [email protected], or visit us at cybertechisrael.com to explore opportunities for exhibiting, sponsoring, startups, media partnerships and more.


29-31.1.2018CYBERTECH EXHIBITION For more details: E: [email protected] | W: www.cybertechisrael.com | T: +972-74-7031211

30-31.1.2018 CYBERTECH CONFERENCE

could be the future of...

Documents