{"id":3587,"date":"2015-02-16T19:03:01","date_gmt":"2015-02-16T19:03:01","guid":{"rendered":"http:\/\/kasperskydaily.com\/b2b\/?p=3587"},"modified":"2020-02-26T18:52:48","modified_gmt":"2020-02-26T16:52:48","slug":"thesas2015-a-business-angle","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/thesas2015-a-business-angle\/3587\/","title":{"rendered":"#TheSAS2015: a business angle"},"content":{"rendered":"<p>We are now halfway through the first day of Kaspersky Lab\u2019s Security Analyst Summit, a security conference taking place in Cancun, Mexico. So far six presentations have been held, including\u00a0our own research on the large-scale attack on the banks known as <a href=\"https:\/\/securelist.com\/blog\/research\/68732\/the-great-bank-robbery-the-carbanak-apt\/\" target=\"_blank\" rel=\"noopener\">Carbanak<\/a>. We\u2019ve got much more news to come, so we advise you to follow our special <a href=\"https:\/\/www.kaspersky.co.za\/blog\/kaspersky-security-analyst-summit-2015-the-live-blog\/\" target=\"_blank\" rel=\"noopener\">live blog <\/a>today and tomorrow. But now I would like to focus on the particular quotes from our speakers that are particularly important for businesses.<\/p>\n<p>SAS is the conference of experts, so we have a lot of technical stuff here, even the assembly code popping up in PPTs here and there:<\/p>\n<p>But tech is just the part of the story. At some point every speaker talks about how technology applies to the real world. Here are the most notable examples.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Wise words from <a href=\"https:\/\/twitter.com\/dakami?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@dakami<\/a> \u2013 insecurity isn't coincidence, it's consequence. <a href=\"https:\/\/twitter.com\/hashtag\/TheSAS2015?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#TheSAS2015<\/a><\/p>\n<p>\u2014 Costin Raiu (@craiu) <a href=\"https:\/\/twitter.com\/craiu\/status\/567342801835134976?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">February 16, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The presentation by Dan Kaminsky of Doxpara Research was very technical and focused on the inherent insecurity of modern internet communications. Internet is indeed broken, but what is the real reason for it? Infortunately, insecure software, network protocols and infrastructure design are cheaper to build. They are faster and easier. That is why broken internet is not a coincidence, but a consequence of an approach when security is not a top priority. More info <a href=\"https:\/\/threatpost.com\/kaminsky-dns-insecurity-isnt-coincidence-its-consequence\/111094\" target=\"_blank\" rel=\"noopener nofollow\">here<\/a>.<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/02\/06041707\/IMG_6762.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-3589\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/02\/06041707\/IMG_6762.jpg\" alt=\"\" width=\"800\" height=\"410\"><\/a><\/p>\n<p>\u00a0<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Broken internet is not a coincidence #TheSAS2015<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2F8tCM&amp;text=Broken+internet+is+not+a+coincidence+%23TheSAS2015\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>What is the result of loose security?\u00a0Kris McConkey from PriceWaterhouseCoopers\u00a0offered a few examples today. The most notable is how much\u00a0money businesses lose thanks to cyberattacks. Describing the activity of a certain threat actor, he noted how the amount of damage inflicted went up from $10 to $40 million in just a couple of years. Cybercrime gets more and more sophisticated tools at their posession, so the price of a breach for companies increases.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>One particular threat actor\u2019s income increased 4 times in a couple of years<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2F8tCM&amp;text=One+particular+threat+actor%26%238217%3Bs+income+increased+4+times+in+a+couple+of+years\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>The best example of a really devastating advanced persistent threat was shown by Kaspersky Lab\u2019s experts Sergey Golovanov and Sergey Lozhkin during there keynote on Carbanak APT.<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/02\/06041636\/golovanov2.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-3590\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/02\/06041636\/golovanov2.jpg\" alt=\"\" width=\"800\" height=\"514\"><\/a><\/p>\n<p>You can read all details <a href=\"https:\/\/securelist.com\/blog\/research\/68732\/the-great-bank-robbery-the-carbanak-apt\/\" target=\"_blank\" rel=\"noopener\">here<\/a> or <a href=\"https:\/\/www.kaspersky.co.za\/blog\/billion-dollar-apt-carbanak\/\" target=\"_blank\" rel=\"noopener\">here<\/a>. The most important\u00a0business aspect of this story is how cybercriminals managed to fully control operations of a victim bank. They could tell ATMs to dispense money at any given time with no card provided. They altered figures in bank\u2019s internal\u00a0system, inflating their own bank accounts and stealing money. They managed to hide their operations for quite a long time. This is the true example of an advanced threat,\u00a0that is, first of all, very hard to detect.<\/p>\n<p>What should businesses do? The advice comes from another speaker, Steve Adegbite from Wells Fargo.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-3591\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/02\/06041619\/IMG_6926.jpg\" alt=\"IMG_6926\" width=\"800\" height=\"474\"><\/p>\n<p>He talked about enourmous challenges\u00a0that businesses face when trying to protect their sensitive data. Advice? Act like the data exfiltration is already happening or about to take place. Plan you defence strategy accordingly.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-3592\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2015\/02\/06041615\/IMG_6938.jpg\" alt=\"\" width=\"800\" height=\"533\"><\/p>\n<p>Another key advice is maintaining multiple layers of protection. Understand threat landscape and particular threats that your company is facing. Share information.<\/p>\n<p>Stay tuned for more updates from\u00a0#TheSAS2015 here at our business blog and <a href=\"https:\/\/twitter.com\/kasperskylabb2b\" target=\"_blank\" rel=\"noopener nofollow\">Twitter<\/a>.<\/p>\n<p>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We are now halfway through the first day of Kaspersky Lab\u2019s Security Analyst Summit, a security conference taking place in Cancun, Mexico.<\/p>\n","protected":false},"author":53,"featured_media":7549,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3021],"tags":[783,956],"class_list":{"0":"post-3587","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-business-security","10":"tag-thesas2015"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/thesas2015-a-business-angle\/3587\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/thesas2015-a-business-angle\/3587\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/thesas2015-a-business-angle\/3587\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/business-security\/","name":"business security"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/3587","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/53"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=3587"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/3587\/revisions"}],"predecessor-version":[{"id":26478,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/3587\/revisions\/26478"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/7549"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=3587"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=3587"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=3587"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}