1 / 12

David Tabatadze CERT Officer Computer Emergency Response Team – Georgia

David Tabatadze CERT Officer Computer Emergency Response Team – Georgia. Global Threat Statistics. Approximately 1,000 new computer viruses are released every month. Today about 25% of malware is designed to be spread via USB storage devices that connect directly to PCs.

avian
Download Presentation

David Tabatadze CERT Officer Computer Emergency Response Team – Georgia

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. David Tabatadze CERT Officer Computer Emergency Response Team – Georgia

  2. Global Threat Statistics • Approximately 1,000 new computer viruses are released every month. • Today about 25% of malware is designed to be spread via USB storage devices that connect directly to PCs. • More than 75% of new malware is designed to infect users through the web. • There is a 90 percent probability that a computer connected to internet without any protection will be infected by a virus less than 1 hour. • 143,574,335 web-borne infections were prevented • 298,807,610 malicious programs were detected and neutralized • 30,036,004 malicious URLs were detected • 261,830,529 network attacks were blocked Kaspersky, February 2012

  3. Global Threat Statistics Make people “think security”, the same way they lock their doors! 3

  4. Georgia Statistics • More than 2000 IPs detected in suspicious internet activity each day. • (Spam, Port-scanners, Brute-Force, DoS-attacks, etc.) • More than 10000 IPs of bots detected, formerly parts of Botnets that were subsequently shut down. • More than 100 infected web sites

  5. ISP Networks bots|188.121.195.33|12497|srcport1047 mwtype irc-botnet|Caucasus Online bots|188.129.234.3|16010|srcport 1079 mwtype irc-botnet|Caucasus Online bots|46.49.7.31|28751|srcport 3715 mwtype Conficker|Caucasus Online bots|78.139.191.97|28751|srcport 1827 mwtype Mebroot|Caucasus Online bots|94.43.8.188| 35805|mwtype Ponmocup|SILKNET-bots|92.241.78.210|15491|srcport 60819 mwtype irc-bots|109.238.233.2|15491||srcport 62920 mwtype Torpig SILKNET bots|213.131.36.242|15491|srcport 34891 mwtype Conficker SILKNET bots|188.169.55.5|35805||srcport 1996 mwtype Conficker SILKNET bots|94.43.144.34|35805|srcport 12988 mwtype SILKNET-AS JSC bots|94.100.238.113|25249|rcport 47543 mwtype irc-botnet|GE-MAGTICOM bots|94.100.238.121|25249|srcport 56442 mwtype irc-botnet|GE-MAGTICOM bots|94.100.238.159|25249|srcport 6406 mwtype irc-botnet|GE-MAGTICOM bots|94.100.238.181|25249|srcport 56022 mwtype irc-botnet|GE-MAGTICOM bots|94.100.238.200|25249|srcport 26355 mwtype irc-botnet|GE-MAGTICOM bots|217.147.235.45|20545|srcport 55091 mwtype Conficker|GRENA-AS bots|95.137.185.110|34797|rcport 1144 mwtype irc-botnet|EGRISI-bots|85.238.57.185|35076|srcport 13088 mwtype irc-botnet|Service-bots|91.151.140.4|42082|srcport 56040 mwtype irc-botnet|GEOCELL Ltd More than 2000 IPs detected each day

  6. DoS Attack SYN FLOOD on Server 46.49.57.17 188.169.78.41 188.169.80.91 188.169.82.3 188.169.87.109 188.169.95.6 188.93.90.190 188.93.93.193 190.222.18.232 212.72.134.164 212.72.135.215 212.72.135.64 212.72.137.121 212.72.137.233 31.146.29.94 31.146.30.53 31.146.3.59 31.146.46.41 31.146.52.171 31.146.59.251 31.146.65.184 31.192.1.139 31.192.16.176 31.192.18.109 31.192.18.42 31.192.26.90 31.192.28.60 31.192.33.198 46.147.31.57 46.49.11.103 46.49.114.104 46.49.17.172 46.49.23.111 46.49.26.132 46.49.28.100 46.49.32.70 46.49.35.64 46.49.37.67 46.49.39.167 46.49.41.160 46.49.47.201 46.49.5.119 46.49.51.213 46.49.52.212 109.234.116.81 109.234.117.94 149.3.16.13 149.3.22.67 149.3.25.38 149.3.28.27 149.3.29.103 149.3.30.114 149.3.31.208 149.3.3.139 149.3.71.50 176.214.176.225 176.73.115.18 176.73.117.218 188.169.61.40 188.169.6.216 188.169.78.41 188.169.80.91 188.169.61.40 188.169.6.216 550-ზე მეტი უნიკალური IP მისამართი 450-ზე მეტი ქართული უნიკალური IP მისამართი 6

  7. How media can influence the world Attacks of civil.ge after news that Estonia is in business of site hosting

  8. Infected web sites Trojan-Dropper - Hidden installation of malicious programs in the system Trojan Iframe Srcipt - website embedded with a trojan horse, to get in to computer • Business Consulting Network- www.bcng.ge • Batumi Vocational Education And Training Center - www.batumivetc.ge • TaoPrivatBank - http://www.taobank.ge/main.php?pform=77&plang=1

  9. Reporting Incident 7 in 10 case removed malware during 2-3 days

  10. Hacked Web Sites GEORGIAN WATER AND POWER COMPANY More Than 10 Web sites hacked using same Vulnerability

  11. Hacked Web Sites Dear ADMIN ! Secure your SITE ! :D Greetz : All Members of 3xp1r3 Cyber Army. Darkness Is My Life ! 3xp1r3 Is My Group ! Hacking Is My Heart ! DefaceMent Is

  12. მადლობა ყურადღებისთვის !

More Related