Application of Smart Keeper
Carefulness costs you almost nothing. Carelessness may cost you your business.
Preventing data breach
– Financial institutes
– Army, Police, security services
– Gov’t sector (federal, state, local)
– Manufacturing system not installed security solutions
– Database industries (IDC, research firms, call centers)
– Research labs, broadcasting systems
– Due Diligence under personal privacy
– Technical leakages by industrial spy
Security against viruses penetration
– Telecommunication Infrastructure
– Power plants, factories’ operating system
– Control facilities such as traffic infra
– Financial areas
– Add more with current systems
– Key for authorization
Proposal Background of Smart Keeper
Do not underestimate Inside Threats!
Critical Infrastructure Leakage
– NSA leak by Snowden
– Norwegian energy, defense leaking
– Los Alamos Lab leaking about nuclear technology
Industrial Technology Leakage
– DuPont: proprietary formula stolen, sold to Chinese company by a contractor
– EnerVest: Reset all network servers by an employee
– Samsung: Large screen TV technology leaking
– Niku: ‘Track System’ technology leaking
– Lightwave, Petco, Denso, Toshiba Semiconductor, Nikon
– Michelin, Vallo, Nakamura, Nichia
Customer Information Leakage (2014)
– AT&T by an employee
– Target Stores: 40 million card numbers by a contractor
– Barclays Bank: 27000 files by employees
– Korea Credit Bureau: 27 million records by a contractor
– Softbank (Japan) by an employee
– HSBC: personal information
Virus Infection via USB/IO ports
– Stuxnet infected on Russian nuclear power plants, ISS system via USB memory(11.13.2014)
– Two US power plants infected with malware spread via USB drive (1.15.2013/arstechnica.com)
– US tried and failed to attack North Korea with Stuxnet worm (6.1.2015/SC Magazine)
– ATM hacking discovered via USB flash drive (12.31.2013/Inquisitr)
– China railway system: Stuxnet and worm virus penetration (07. 2012 Daily Secu)
Influx of attacking I/O ports
Commonly Used But Powerful! With USB devices, it is easy to attack and very low to be detected
USB Hacksaw
When system is booting, it is running. It automatically sends data into hackers’ email
USB Switchblade
Stay in USB memory. When logging in, data in the system and networks will be transferred
Botnet
DDos attacks, Keep sending email, unauthorized software Download, Personal information steal
Stuxnet
For attacking SCADA, System Industrial, Programmable logic, controllers (PLCs)
Pod Slurping
Staying all mobile devices when connecting computers, all data will be transferred