1 / 0

Cybersecurity and web-based attacks A perspective from Symantec

Cybersecurity and web-based attacks A perspective from Symantec. Zoltan Precsenyi. Government Affairs Manager. Agenda. About Symantec. 1. The web: a powerful tool. 2. Cyberattacks : the threat landscape. 3. Future trends: growing challenges. 4. About Symantec.

helia
Download Presentation

Cybersecurity and web-based attacks A perspective from Symantec

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Cybersecurity and web-based attacksA perspective from Symantec

    ZoltanPrecsenyi Government Affairs Manager International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  2. Agenda About Symantec 1 The web: a powerful tool 2 Cyberattacks: the threat landscape 3 Future trends: growing challenges 4 International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  3. About Symantec

    International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  4. Symantec™ Global Intelligence NetworkIdentifies more threats, takes action faster & prevents impact Calgary, Alberta Dublin, Ireland Tokyo, Japan San Francisco, CA Chengdu, China Mountain View, CA Austin, TX Culver City, CA Taipei, Taiwan Chennai, India Pune, India Worldwide Coverage Global Scope and Scale 24x7 Event Logging RapidDetection Attack Activity 240,000 sensors 200+ countries Malware Intelligence 133M client, server, gateways monitored Global coverage Vulnerabilities 40,000+ vulnerabilities 14,000 vendors 105,000 technologies Spam/Phishing 5M decoy accounts 8B+ email messages/day 1B+ web requests/day Information Protection Threat Triggered Actions Preemptive Security Alerts International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  5. The web: a powerful tool

    International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  6. The webCybercrime steadily growing http://www.symantec.com/about/news/release/article.jsp?prid=20110907_02 International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  7. The webUnderground Economy a soaring market Credit card information & bank account credentials still on top Big range in bulk prices for credit cards International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  8. The webAttack Kits Get a Caffeine Boost Java exploits added to many existing kits Kits exclusively exploiting Java vulnerabilities appeared More Info: Detailed information available inISTR Mid-Term: Attack Toolkits and Malicious Websites International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  9. The webCommunication channelfor criminals as well Communicate Recruit http://www.cbsnews.com/stories/2007/03/02/60minutes/main2531546.shtml http://www.osce.org/atu/44197 Equip Instruct http://news.intelwire.com/2011/07/internet-provides-terrorists-with-tools.html http://news.bbc.co.uk/2/hi/americas/6197446.stm International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  10. Cyberattacks: the threat landscape

    International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  11. Threat LandscapeThe actors inside and outside Organized Crime Rings WellMeaningInsiders Malicious Insiders Extremists At this stage, terrorism is more a scenario than an actual incident Effective communication and money laundering tool that should not be interrupted Historically terrorism scenarios envisage cyber-attacks as amplifiers International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  12. Threat LandscapeThe objectives information and/or infrastructure Disruption of critical infrastructure operations Well Meaning Insider Malicious Insider Organized Criminal Large-scale DDoS attacks Website defacing Malware outbreaks within protected networks Stealthy ex-filtration or unintended loss of confidential data Symantec Internet Security Threat Report (ISTR), Volume 16
  13. Threat LandscapeAsymmetric warfare small investment, big damage http://online.wsj.com/article/SB126102247889095011.html International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  14. Threat LandscapeOSINT collection http://www.dailymail.co.uk/news/article-1197562/MI6-chief-blows-cover-wifes-Facebook-account-reveals-family-holidays-showbiz-friends-links-David-Irving.html International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  15. Threat LandscapeSocial Networking + Social Engineering = Compromise More Info: Hackers have adopted social networking Use profile information to create targeted social engineering Impersonate friends to launch attacks Leverage news feeds to spread spam, scams and massive attacks Detailed review of Social Media threats available inThe Risks of Social Networking International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  16. 3 2 1 4 Threat LandscapeTargeted Attacks process INCURSION Attacker breaks in via targeted malware, improper credentials or SQL injection CAPTURE Access data on unprotected systems Install root kits to capture network data EXFILTRATION Confidential data sent to hacker team in the clear, wrapped in encrypted packets or in zipped files with passwords DISCOVERY Map organization’s systems Automatically find confidential data International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011 16
  17. Threat LandscapeTargeted Attacks evolution High profile attacks in 2010 raised awareness of impact of APTs Stuxnet was incredibly sophisticated Four zero-day vulnerabilities Stolen digital signatures Ability to “leap” the air gap with USB key Potential damage to infrastructure More Info: Detailed review in the:W32.Stuxnet Dossier& W32.Stuxnet International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  18. Threat LandscapeMalicious activity by country International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  19. Threat LandscapeWeb based attacks on the rise 93% increase in Web-based attacks from 2009 to 2010 Spikes related to specific activities (new attack kits, current events, etc.) International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  20. Future trends: growing challenges

    International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  21. Technology landscapeMega Trends International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  22. Threat Landscape2010 Trends Targeted Attacks continued to evolve  Social Networking + social engineering = compromise  Hide and Seek (zero-day vulnerabilities and rootkits)  Attack Kits get a caffeine boost  Mobile Threats increase  International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  23. Threat LandscapeAttribution will remain an issue Who is behind the attack? What are their motives? Do you know?Can you be sure? Can you disclose the information? Should you? Can you respond? Should you? How? International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  24. Security LandscapeWhat you can do to protect your assets Mind your people: Strong authentication for identity and access control Security awareness training Protect your devices: Advanced reputation security Device management Removable media control Harden your systems and networks: Vulnerability assessment Intrusion prevention Email and web gateway filtering Protect your information: Encryption Data loss prevention Understand the threat in close to real time: Advanced reputation security Network threat and vulnerability monitoring Respond: Security incident management Back-up and recovery International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
  25. ZoltanPrecsenyi zoltan_precsenyi@symantec.com International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011
More Related