Introduction à la cybersécurité

CYBERSECURITY

17.11.2022 - ESCP - Paris

Inti Rossenbach

whoami

- Inti Rossenbach, in cybersecurity since 1998

- Physics, applied cryptography then cybersecurity, sea kayak expedition in Patagonia, CISO

- University lecturer

- www.cryptosec.org

- iro@cryptosec.org

- Mastodon @cryptosec@infosec.exchange

- Two real-life cyber attacks

- Threats, risks and security

- Ethics

- Vulnerabilities

- Perimetrical defenses

- In-depth defenses

- Humans

- Detection and reaction

What do you expect?

Two real-life cyber attacks

Target, 2013

Trump, 2016

https://www.theregister.com/2020/09/11/trump_twitter_account_recycled_password

https://crackstation.net

Threats, risks and security

- No 0 risk, life is risky

- Risk =
Likelihood x Impact

- Risk treatment:
--> accept
--> reduce / mitigate
--> refuse
--> transfer

- Impacts:
--> confidentiality
--> integrity
--> availability

- Security controls:
--> prevention
--> detection
--> reaction

Threat landscape:

- cybercrime (frauds, ransomware, data kidnapping...)

- script kiddies

- competitors

- espionnage & state-sponsored actors

- ...

Ethics

- Laws, regulations, privacy, GDPR...

- Always keep thinking by yourself about what you are doing

Vulnerabilities & cyber attacks

- Definition:
--> bugs
--> configuration errors
--> conception mistakes
--> backdoors

- Some samples:
buffer overflows, injections, RCE, supply chain attacks... humans

Security testing

Perimetrical defenses

- Network (DMZ, IDS, WAF...)

- Emails and attachments filtering

- Web filtering

In-depth defenses

- Internal network segregation

- Vulnerability and patch management

- Hardening

- Antimalwares

- Cryptography

- Passwords and authentication

- Secure remote accesses

- Application security

Authentication

Authentication:

- Something I know

- Something I own

- Something I am

--> Strong authentication: 2 of 3

Passwords at risks:

- Shouldersurfing

- Unencrypted flows

- Keylogger / malware

- Password written in cleartext

- Compromised database / reuse of passwords

Secure passwords:

- ... passphrases

- Long enough

- Not necessary often renewed

- Use 2FA

- Use password managers like https://keepass.info

- Check https://haveibeenpwned.com

Humans

Exercise: https://phishingquiz.withgoogle.com

- Social engineering: phishing, spear phishing...

- Security policy

- Security organization

- Security awareness

- In case of doubt, check: https://www.virustotal.com

Detection and reaction

- Logs and alerts

- Scans and pentests

- DFIR

- SOCs, CERTs, CSIRTs...

- Threat intell / survey

¡ Thank you for your attention !

iro@cryptosec.org
Mastodon @cryptosec@infosec.exchange