Application of Smart Keeper

Carefulness costs you almost nothing. Carelessness may cost you your business.

diver

Preventing data breach

– Financial institutes
– Army, Police, security services
– Gov’t sector (federal, state, local)
– Manufacturing system not installed security solutions
– Database industries (IDC, research firms, call centers)
– Research labs, broadcasting systems
– Due Diligence under personal privacy
– Technical leakages by industrial spy

Security against viruses penetration

– Telecommunication Infrastructure
– Power plants, factories’ operating system
– Control facilities such as traffic infra
– Financial areas
– Add more with current systems
– Key for authorization

Proposal Background of Smart Keeper

Do not underestimate Inside Threats!
diver

Critical Infrastructure Leakage

– NSA leak by Snowden
– Norwegian energy, defense leaking
– Los Alamos Lab leaking about nuclear technology

Industrial Technology Leakage

– DuPont: proprietary formula stolen, sold to Chinese company by a contractor
– EnerVest: Reset all network servers by an employee
– Samsung: Large screen TV technology leaking
– Niku: ‘Track System’ technology leaking
– Lightwave, Petco, Denso, Toshiba Semiconductor, Nikon
– Michelin, Vallo, Nakamura, Nichia

Customer Information Leakage (2014)

– AT&T by an employee
– Target Stores: 40 million card numbers by a contractor
– Barclays Bank: 27000 files by employees
– Korea Credit Bureau: 27 million records by a contractor
– Softbank (Japan) by an employee
– HSBC: personal information

Virus Infection via USB/IO ports

diver

– Stuxnet infected on Russian nuclear power plants, ISS system via USB memory(11.13.2014)
– Two US power plants infected with malware spread via USB drive (1.15.2013/arstechnica.com)
– US tried and failed to attack North Korea with Stuxnet worm (6.1.2015/SC Magazine)
– ATM hacking discovered via USB flash drive (12.31.2013/Inquisitr)
– China railway system: Stuxnet and worm virus penetration (07. 2012 Daily Secu)

Influx of attacking I/O ports

Commonly Used But Powerful! With USB devices, it is easy to attack and very low to be detected
diver

USB Hacksaw

When system is booting, it is running. It automatically sends data into hackers’ email

USB Switchblade

Stay in USB memory. When logging in, data in the system and networks will be transferred

Botnet

DDos attacks, Keep sending email, unauthorized software Download, Personal information steal

Stuxnet

For attacking SCADA, System Industrial, Programmable logic, controllers (PLCs)

Pod Slurping

Staying all mobile devices when connecting computers, all data will be transferred