Big Breaches: Cybersecurity Lessons For Everyone [1st Edition] 1484266544, 9781484266540, 9781484266557
The cybersecurity industry has seen an investment of over $45 billion in the past 15 years. Hundreds of thousands of job
528 57 5MB
English Pages 457 Year 2021
![Big Breaches: Cybersecurity Lessons For Everyone [1st Edition]
1484266544, 9781484266540, 9781484266557](https://dokumen.pub/img/200x200/big-breaches-cybersecurity-lessons-for-everyone-1st-edition-1484266544-9781484266540-9781484266557.jpg)
Table of contents :
Table of Contents......Page 7
About the Authors......Page 17
About the Technical Reviewer......Page 19
Acknowledgments......Page 20
Foreword......Page 26
Preface......Page 29
Introduction......Page 40
Part I: Big Breaches......Page 45
Pragmatic Root Causes......Page 46
“Meta-Level” Root Causes: Prioritization, Investment, and Execution......Page 47
Technical Root Causes......Page 55
Unencrypted Data......Page 58
Phishing......Page 59
Malware......Page 62
Third-Party Compromise or Abuse......Page 65
Software Security......Page 68
Inadvertent Employee Mistakes......Page 71
Summary......Page 76
Chapter 2: The Capital One Breach......Page 77
Erratic......Page 78
Capital One and the “Cloud”......Page 81
Cloud Basics......Page 84
System Layout......Page 87
Buckets Private to WAF Role......Page 88
EC2 Instance Vulnerable to Server-Side Request Forgery (SSRF)......Page 89
Stolen Credentials......Page 91
Bucket Breach......Page 92
Incident Timeline and Aftermath......Page 93
Summary......Page 94
Chapter 3: The Marriott Breach......Page 96
The Acquisition......Page 97
Malware......Page 101
Poor Security at Starwood......Page 102
Mega-Breach Detection......Page 105
Even More Malware......Page 106
The Aftermath and Lessons Learned......Page 109
Summary......Page 115
Chapter 4: The Equifax Breach......Page 116
Apache Struts and CVE-2017-5638......Page 119
End-of-Life McAfee Vulnerability Scanner......Page 121
Apache Struts Vulnerabilities......Page 122
How CVE-2017-5638 Worked......Page 123
Mega-Breach Detection......Page 128
Breach Response......Page 131
Summary......Page 135
Chapter 5: Facebook Security Issues and the 2016 US Presidential Election......Page 137
Early Privacy Incidents and FTC Action......Page 141
Watering Hole Attack......Page 147
Download More Than Just Your Information......Page 148
From Breaking Things to Fixing Things......Page 149
Russian Disinformation......Page 150
Cambridge Analytica Abuse of Facebook......Page 158
Passwords in the Clear......Page 166
FTC Fines Facebook Five Billion Dollars......Page 167
Profiles for Sale on the Dark Web......Page 168
Summary......Page 169
Chapter 6: The OPM Breaches of 2014 and 2015......Page 171
State-Sponsored Chinese Attackers......Page 173
The Breaches: An Overview and Timeline......Page 174
The US Government Warns OPM......Page 175
X1: OPM Is Under Attack......Page 177
X1: Malware and Keylogging......Page 178
Kicking Out X1: The Big Bang......Page 179
X2: A Devastating Blow to US Intelligence......Page 180
OPM Finds Captain America and Iron Man......Page 182
Cylance Attempts to Help OPM......Page 184
Lessons Learned......Page 187
Summary......Page 191
Chapter 7: The Yahoo Breaches of 2013 and 2014......Page 194
Russian Attackers......Page 196
Attack Deep Dive......Page 198
The User Database (UDB)......Page 199
Yahoo Cookie Compromise......Page 201
32 Million Cookies Minted......Page 204
The Aftermath......Page 205
Summary......Page 207
Chapter 8: The Target and JPMorgan Chase Breaches of 2013 and 2014......Page 209
Why Target? Why the HVAC Supplier?......Page 210
The Attack: A Black Friday Nightmare......Page 212
Early Warnings......Page 215
Fazio Paid for Not Paying for Anti-virus......Page 217
The Verizon Auditors......Page 218
The Aftermath......Page 221
JPMorgan Chase: One of the Largest US Bank Breaches......Page 224
Hold Security Identifies Stolen Credentials......Page 225
JPMC Is Breached......Page 226
The Attackers......Page 227
Summary......Page 228
Part II: Cybersecurity Lessons for Everyone......Page 230
Chapter 9: The Seven Habits of Highly Effective Security......Page 231
Habit 1. Be Proactive, Prepared, and Paranoid......Page 233
Be Proactive: Act or Be Acted Upon......Page 234
Train Employees Continuously......Page 235
Proactively Build and Maintain Your Support Network......Page 236
Regularly Evolve Your Incident Response Strategy......Page 239
Engage Forensics Firms Before You Have an Incident......Page 240
Practice Your Communications Tools and Process......Page 241
Be Paranoid......Page 242
Organizational Focus......Page 244
Mitigating Risks......Page 245
Security as Sales Enablement......Page 246
Pulling It Together......Page 247
Security Is Risk Mitigation......Page 248
Habit 3. Build Security and Privacy In......Page 249
Keep It Simple (“Economy of Mechanism,” “Least Common Mechanism”)......Page 251
Fail-Safe Defaults (“Secure by Default”)......Page 252
Principle of Least Privilege......Page 253
Ease of Use/Psychological Acceptability......Page 254
Avoid Security Design Flaws......Page 255
Habit 4. Focus on Security First; Achieve Compliance as a Side Effect......Page 257
Defend Your Turf Like a Security Rebel!......Page 258
Habit 5. Measure Security......Page 259
Measuring Phishing Susceptibility......Page 260
Measuring Malware Detection......Page 262
Measuring Software Vulnerabilities......Page 263
Habit 6. Automate Everything......Page 264
Habit 7. Embrace Continuous Improvement......Page 266
Summary......Page 267
Chapter 10: Advice for Boards of Directors......Page 269
Digital Transformation......Page 270
Board-Level Backdrop: Permanent Whitewater......Page 271
Speed of Digital Transformation and User Adoption......Page 272
Threats and Data Breaches......Page 273
Sizing and Prioritizing Risk......Page 274
Managing Incidents and Public Disclosures......Page 275
Setting the Tone at the Top......Page 277
Effective Boards Lead with CARE and Asking the Right Questions......Page 279
Consistent......Page 281
Adequate......Page 282
Reasonable......Page 283
Effective......Page 284
Summary......Page 286
Chapter 11: Advice for Technology and Security Leaders......Page 287
The Invitation to the Board Meeting......Page 288
Tell a Story!......Page 289
Create Context: What Are We Protecting?......Page 292
Lead with Your Approach to Fighting Attackers, and Then Follow Up with Metrics!......Page 293
Connecting the Dots: Business Strategy and Security......Page 299
Report on Security Events Calmly......Page 301
Summary......Page 302
Chapter 12: Technology Defenses to Fight the Root Causes of Breach: Part One......Page 304
The Challenge......Page 305
Phishing Defenses......Page 307
Two-Factor Authentication (2FA)......Page 308
Security Keys......Page 309
Dedicated OTP Tokens......Page 314
Mobile App 2FA Authenticator......Page 317
SMS-Based OTP......Page 318
Multi-factor Authentication (MFA)......Page 319
Phishing-Proof Your Domain(s) with SPF, DKIM, and DMARC......Page 321
Look-Alike Domains......Page 323
Credential Stuffing and Account Takeover......Page 325
Password Managers......Page 326
Anti-phishing Training and Testing......Page 327
Password Complexity Checks......Page 329
Malware Defenses......Page 330
Anti-malware......Page 331
Endpoint Detection and Response (EDR)......Page 333
Network Detection and Response (NDR)......Page 334
Remote Browser Isolation (RBI)......Page 335
Virtual Desktop Interface (VDI)......Page 336
Summary......Page 337
Mitigating Third-Party Risk......Page 338
Supplier Security......Page 339
Acquisitions......Page 343
Developers, Partners, and Customers......Page 345
Identifying Software Vulnerabilities......Page 346
First-Party Vulnerabilities......Page 347
Development......Page 348
Testing......Page 349
Production......Page 351
Third-Party Vulnerabilities......Page 352
Identification and Validation......Page 353
Prioritization......Page 354
Workflow Tracking and Verification......Page 355
Endpoint Patching......Page 356
Unencrypted Data......Page 357
Data at Rest......Page 358
Data in Motion......Page 359
Data in Use......Page 360
Inadvertent Employee Mistakes......Page 361
Tactical Approach and Tool Selection......Page 362
Summary......Page 364
Data Sources......Page 365
Security Startup Revolution......Page 366
Investment Factors......Page 368
Market Size/Need......Page 369
Investments to Date......Page 371
Cloud Security......Page 373
Mobile Security......Page 374
Market Size vs. Investment to Date......Page 375
Overinvested Areas......Page 377
Blockchain and Cryptocurrency......Page 378
Artificial Intelligence......Page 379
Analytics......Page 383
Big Data and Database Security......Page 384
Social Media and Online Advertising Security......Page 385
Fraud Detection......Page 387
IoT Security......Page 388
Additional Underfunded Areas......Page 389
Root Causes......Page 390
Summary......Page 392
Chapter 15: Advice to Consumers......Page 394
Seatbelts for Our Digital Lives......Page 395
The Danger Is Real......Page 396
Defense Checklist......Page 397
Protect Your Identity......Page 400
Enable Two-Factor Authentication......Page 402
Use a Password Manager......Page 403
Credit and Identity Protection......Page 405
Protect the Gateway to “Close the Front Door”......Page 407
Run Anti-malware......Page 409
Encrypt Your Data......Page 410
Back Up Your Data......Page 411
System Updates......Page 412
Protect Your Interactions......Page 413
Summary......Page 415
Chapter 16: Applying Your Skills to Cybersecurity......Page 417
An Example Security Team......Page 418
Reporting Relationships......Page 420
Governance, Risk, and Compliance......Page 421
Security Operations......Page 423
Incident Response......Page 424
Getting a Job in Cybersecurity......Page 426
SOC Analyst......Page 431
Security Architect......Page 433
CISO......Page 435
Strong Collaboration......Page 436
Chief Explainers and Storytellers......Page 437
Summary......Page 439
Chapter 17: Recap......Page 440
Index......Page 447
![Transforming Cybersecurity Solutions Using Blockchain [1st Edition]
9813368578, 9789813368576, 9789813368583](https://dokumen.pub/img/200x200/transforming-cybersecurity-solutions-using-blockchain-1st-edition-9813368578-9789813368576-9789813368583.jpg)
![The Ethics Of Cybersecurity [1st Edition]
3030290522, 9783030290528, 9783030290535](https://dokumen.pub/img/200x200/the-ethics-of-cybersecurity-1st-edition-3030290522-9783030290528-9783030290535.jpg)
![Hands-On Cybersecurity for Finance: Identify vulnerabilities and secure your financial services from security breaches [1 ed.]
9781788831734](https://dokumen.pub/img/200x200/hands-on-cybersecurity-for-finance-identify-vulnerabilities-and-secure-your-financial-services-from-security-breaches-1nbsped-9781788831734.jpg)
