Enabling Select Cybersecurity Solutions for the Mining Industry - Camara Minera
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Enabling Select Cybersecurity
Solutions for the Mining Industry
©2020 RHEA Group | Company Confidential | Edit Document Title 12 May 2021
Agenda
• About Us
• Cyber Risk
• Cyber Attack Examples
• Impact on Operations
• Alerting and Managed Detection and
Response
• Why Us
12 May 2021 2
About Us
• RHEA Group, and ALRM Group Chile partnered to bring market-
disrupting, leading edge cyber security services to Latin America;
• We combine Canadian technologies, with Canadian expertise and a
customer support from Cyber SOC in Santiago to service the market.
12 May 2021 3
Cyber Risk is a Business Risk
• Risk and cost of cyber crime has been increasing
• Cyber crime impacts a business, and its value as
follows:
• Cyber crime disrupts companies’ operations and affects
how employees work and support clients
• It damages the brand, which leads to a loss of client loyalty
and trust
• It impacts sensitive information related to clients,
contractors and suppliers
• As tighter regulations (e.g., GDPR) come into force
companies may be subject to fines and lawsuits
• Significant expense to recover
• A cyber attack is no longer if, but when…
12 May 2021 4
Cyber preparedness in South America
• The Global Cyber Security Index (2018) - most countries
are poorly prepared for cyber attacks
• Government-backed Computer Emergency Response
Teams are still relatively new
• Existing “cyber providers” rely on outdated approaches
and technologies (approx. 4-7 years behind global best
practices)
• Limited understanding of rapidly evolving threat
environment
• Limited capacities to assist companies with detecting or
remediating a breach.
12 May 2021 5
What We’ve Seen Since 2019
• Malicious communications emanating from
private and government networks;
• Vulnerable services allow hackers to get in;
• Extensive and very active scanning of
corporate networks for reconnaissance and as
part of growing a C&C network
• Significant botnet and C&C traffic
12 May 2021 6
Examples of Impact of Cyber Crime
• Colonial Pipeline Cyber Attack – May 7, 2021:
• Ransomware attack - DarkSide is the hacking group
• DarkSide 2.0 has been released
• equipped with the fastest encryption speed on the market,
and even includes Windows and Linux versions
• Operates as a RaaS (Ransomware as a Service)
• Attack pattern – Steal the company's data then
encrypt it – Stole 10 GB of data from Colonial
• Objective – financial extortion, reputational harm, and
interfering with operations
• $200,000.00 to $2,000,000.00 is the typical ransom
demand
12 May 2021 7
Examples of Impact of Cyber Crime in South America
• Feb 2021- Vivo and Claro (telcos) breached
exposing 102 million customers personal data
• Sep 2020 – BancoEstado - Ransomware
• Aug 2019 – Chilean financial institutions targeted
by Silence Group
• Jan 2019 – Redbanc ATM Network attacked
• May 2018 – Bank of Chile – Theft of $10,000,000
dollars
• Sep 2017 – Vivo – Brazil’s largest telco -
Ransomware
12 May 2021 8
What it means to operators
• Operations are at risk due to:
• Increased connectivity
• Integrated / exposed supply chains
• Regulatory exposures including fines
• Risk being shut down or taken offline by a successful
attack (e.g., Colonial Pipeline)
• Lacking Board-level governance on cyber risks
• Lack of preparedness for incident and incident
response
12 May 2021 9
Alerting and Managed Detection and Response Solution
• Operations need to be protected by managed
Cybersecurity Services
• Continuous monitoring 24/7/365
• Security services need to include:
• Predictive and in-depth security protection
controls
• Alerting
• Remediation capabilities
• Incident Response
• Post incident analysis
• Predictable monthly costing
12 May 2021 10Why Us
• Alrm Group and RHEA operate in 12 countries • Incident response and post breach analysis
across Europe, North and South America • Predictable monthly costing
• Continuous 24/7 monitoring in Spanish & English • Additional consulting services: threat &
vulnerability analysis, Digital Transformation (cloud
• Includes security controls in services migration), governance guidance and Chief
• Incident remediation worldwide Information Officer Services
North America
South America
12 Europe
countries
11THANK YOU
12 May 2021 12Global Perspective On Cybersecurity
1 Ponemon Institute 2020 Global Cost of Data Breach Report
12 May 2021 13Infected Devices by Region
12 May 2021 14You can also read
