240 likes | 361 Views
Cyberthreat Landscape 2010-2011. Outcomes, Trends and Forecasts. Cyberthreat Landscape. Visualize 2010 Trends, Review What is Behind Us, and Look Forward. 2010 by the Numbers Outcomes for 2010 Forecasts 2011. 2010 by the Numbers. Overall Attacks Increase. 1,906,039,380. +1400%.
E N D
Cyberthreat Landscape 2010-2011 Outcomes, Trends and Forecasts
Cyberthreat Landscape Visualize 2010 Trends, Review What is Behind Us, and Look Forward • 2010 by the Numbers • Outcomes for 2010 • Forecasts 2011
2010 by the Numbers Overall Attacks Increase 1,906,039,380 +1400% 134,814,015 30,075,005 Source: Kaspersky Lab Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 by the Numbers Web Attacks Increase + 800% Source: Kaspersky Lab Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 by the Numbers Strength in the Cloud and Heuristics 95% 75% Source: Kaspersky Lab Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 by the Numbers 2010 Kaspersky Security Network • Kaspersky Security Network (KSN) • Cloud Based Services • Malware, Spam Detection • Voluntary Data Collection • KSN 2010 Malware Statistics • Overall Detections • Web Attacks, Sources Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 by the Numbers Where Is the Malware? Source: Kaspersky Lab Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
Cyberthreat Landscape 2010 Outcomes • Exploitation 2010 – A Year of Vulnerability • Targeted Attacks • The New Stuxnet Era • Digital Certificates and (dis)Trust • Mobile Malware • The Calm Before the Storm • 2009 Predictions for 2010 - Outcomes
2010 Outcomes Attack Techniques, Sources and Monetization Spread Techniques Automated Exploitation Systems, Ready-Made Exploit Packs Monetization Web Attacks Increase – What and How? Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 Outcomes Exploitation 2010 - A Year of Microsoft Vulnerabilities 4 0day Stuxnet Itw IE Use-after-free 0day Malcrafted HCP Url IE6 Aurora Disclosure IE Peers 0day Source: Microsoft Security Bulletins Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 Outcomes Exploitation 2010 - A Year of Adobe Reader Vulnerabilities PEK delivers libTIFF with ROP Cooltype.dll SING TTF targeted emails Targeted emails – libTIFF attacks Source: Microsoft Security Bulletins Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 Outcomes Exploitation 2010 - A Year of Oracle-Sun Java Vulnerabilities Java Trusted Method Chain ITW Java RMIConnectionImpl ITW Source: Microsoft Security Bulletins Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 Outcomes Exploitation 2010 - A Year of Vulnerabilities #1. Internet Explorer #2. Adobe Reader #3. Oracle Sun Java Source: Kaspersky Lab Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 Outcomes Attacking Commerce and Industry Operation Aurora Commercial Targets 30+ Multinational Corporations (non-governmental entities) Google, Yahoo, Symantec, Adobe, Northrop Grumman, Dow Chemical, etc Determined Coordination – Holiday Timing Access and Obtain Source Code on Misconfigured/Insecure Perforce Servers - Authentication Systems, Sensitive Communications Stuxnet Development and Deployment Sophistication Unmatched Precision Targeting PLC’s First public industrial cyber-sabotage incident Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
Calm Before the Storm 2010 Cloud Computing Quietly Attracts Cyberattacks The Low Rumble of Cloud Computing Legitimate adoption Crooked adoption Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
Calm Before the Storm 2010 Cloud Computing Quietly Attracts Cyberattacks 2010 Anti-Cloud Activity Attacking legitimate cloud services Attacking cloud related client components Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 Outcomes Digital (mis)Trust Shaky Foundation of Trust Successful Cybercriminal Access and Use Potential Certificate “Authority” Subversion Key Theft Stuxnet Zeus, SpyEye Certificate Cutting Hodprot Signed by LAVALYS Stuxnet Signed by Realtek Semiconductor Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 Outcomes Mobile Malware – Android and iPhone Android Popularity Skyrockets New Exploits - Kernel Problems and Coverity’s 88 Highly Critical Vulnerabilities Exploit and Shellcode Development – Defcon 18 Demo SMS Trojans and Spyware Android Sideloading and iPhone jail-breaking iPwned and Market Both Closed and Open Models at Risk Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 Outcomes Sensitive Data Accessible and Exposed Network Concerns, Plain Text and Incidents BGP Tables and Plain Text Transmissions Firesheep Firefox Session Hijack Plug-in Data Leaks and Breaches Wikileaks Data Leaks Numerous Breaches Physical Losses Hacked Servers/Malware Social Engineering Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2010 Outcomes 2010 Prediction Results from 2009 An increase in the number of attacks via P2P networks Correct! Competition for traffic Correct! Malware epidemics and increasing complexity of malicious programs Correct! Decreasing global numbers of Rogue AV Correct!(?) Attacks on and via Google Wave Incorrect! Attacks on iPhone and Android devices Partially Correct! Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
Cyberthreat Landscape 2011 Forecasts • Steal Everything
2011 Forecasts Four phenomena to watch in 2011 Methods Client side exploits Mobile platforms, especially Android Social networks New Organizers New Markets and Buyers Unlikely immediate impact on average user Spyware 2.0 and New Aims Steal Everything Acquisition of someone or something’s complete profile and behavior Similarity to social networks and advertisers collection What to Watch 2011 Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
2011 Forecasts New generation of better organized, more malevolent malware writers Malware attacks target information and data for immediate financial gain Personally identifying information becomes the target of the new breed of cybercriminals and another source of income for those already in the game Spyware 2.0 emerges, a new class of malware that steals users’ personal data (identity theft) plus any other type of data it can find Spyware 2.0 becomes a popular tool for both new and old players alike An increasing number of attacks on corporate users by traditional cybercriminals and the gradual decline in direct attacks on everyday users Mobile devices and cloud services become increasingly targeted platforms Exploiting vulnerabilities remains the principal method of carrying out attacks and a significant increase in the scope and speed with which they are used Precise Methods, New Organizers, New Aims Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts"
Cyberthreat Landscape 2010-2011 Outcomes, Trends and Forecasts Kurt Baumgartner, Senior Security Researcher, Kaspersky Lab Kaspersky Lab International Press Tour “Cyberthreat Landscape 2010-2011: Outcomes, Trends and Forecasts” Moscow, February 10-13, 2011