Infosec In the City (IIC)
SINCON 2021 Conference — Breaking Entrypoint — by Mars Cheng
SINCON 2021 Conference — Deep-Tech Talk
Day 1 (05 Nov 2021) 2.00pm—2.45pm @ Main Stage
Breaking Entrypoint — An In-Depth Data Breaches Analysis on the Critical Infrastructure of APAC
Recently, many enterprises globally have suffered from leaks of sensitive customer or employee information due to APT attacks, malware attacks, insider leaks, or misconfigured settings. Data breaches have a considerable impact: harming corporate reputations, causing businesses to be lost, and causing risk for customers. If bad actors acquire leaked data, we can easily imagine the harmful consequences. The critical infrastructures of Asia Pacific countries such as Taiwan, Japan, and Singapore are equally affected by these risks. If sensitive information about employees or external services leaks, hackers can easily apply it to social engineering or advanced continuous penetration attacks. Furthermore, a critical infrastructure security incident can cause more than financial loss – it can also create a threat to the safety of physical equipment or to people’s lives and property.
This is a series of research including data gathered from the USA, Asia Pacific, and global ICS vendors. This part will collect publicly leaked data and share some of the traps and fun that we found during the analysis and focus on the Asia Pacific area, especially Singapore. We will also share how we have used our unique automatic analytical process for building on the cloud to conduct big data analysis on more than 10 billion pieces of data from 200 plus datasets, with a particular focus on the analysis of data leakage, password habits, follow-up effect, and cross-country analysis of Asia’s critical infrastructure service providers. Based on the in-depth analysis of our data, we will try to provide predictions and warnings to high-risk critical infrastructure sectors that may be invaded due to information leakage. Finally, we will advise how to perform prevention and mitigation measures.
About Mars Cheng
Mars Cheng (@marscheng_) is a threat researcher for TXOne Networks, blending a background in ICS/SCADA and enterprise cybersecurity systems. Mars has directly contributed to more than 10 CVE-IDs and has had work published in three Science Citation Index (SCI) applied cryptography journals. Before joining TXOne, Mars was a security engineer at the Taiwan National Center for Cyber Security Technology (NCCST). Mars is a frequent speaker and trainer at several international cyber security conferences including Black Hat Europe, DEF CON, SecTor, FIRST, HITB Amsterdam, Singapore, and Abu Dhabi, ICS Cyber Security Conference Asia and USA, HITCON, SINCON, VXCON, CYBERSEC, CLOUDSEC, and InfoSec Taiwan as well as other conferences and seminars related to ICS and IoT security. Mars is the general coordinator of HITCON (Hacks in Taiwan Conference) 2021 and was the vice general coordinator of HITCON 2020. Mars also is a member of the CHROOT Security Group in Taiwan.