1 / 24

Threats to Email Security

kalea
Download Presentation

Threats to Email Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. 2002 Symantec Corporation, All Rights Reserved Threats to Email Security Ken Schneider Chief Architect – Network & Gateway Security

    2. Current threat landscape Techniques to fight spam Phishing What’s Next? Questions?

    3. World-Wide Attack Trends

    4. Spam Continues to Grow and Evolve

    5. The Bullet is Fired Here was have some statistics showing how the rate of spread of computer worms has grown. The high-profile Code Red threat, released in mid-2001, doubled its infection rate every 37 minutes. Less than two years later, the Slammer worm, released in January of 2003, doubled its infection rate every 8.5 seconds! At this rate, Slammer was able to infect 90% of unprotected servers across the Internet in just 10 minutes. Many of the fastest-spreading threats exploit known vulnerabilities or “holes” in the operating system which have been publicly announced. The time between the announcement of a known vulnerability and the release of a threat targeting that vulnerability is also diminishing. During the summer of 2003, the Blaster threat was released just 27 days after the associated vulnerability was announced, the shortest such time period ever. As this time period shrinks in the future, industry’s ability to respond will be increasingly difficult. Finally, the recent MyDoom worm infected email systems across the world – at its peak, 1 out of every 12 emails on the Internet carried MyDoom. Clearly, the newest threats are spreading orders of magnitude too fast for any response-based security mechanism to stop. And the threats of the future could make even Slammer seem slow by comparison. We need to find fundamentally new ways to stop the bullet. Code Red, Slammer references:http://news.com.com/2009-1001-983540.html Blaster reference: Symantec Internet Security Threat Report MyDoom reference: http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci946423,00.html Here was have some statistics showing how the rate of spread of computer worms has grown. The high-profile Code Red threat, released in mid-2001, doubled its infection rate every 37 minutes. Less than two years later, the Slammer worm, released in January of 2003, doubled its infection rate every 8.5 seconds! At this rate, Slammer was able to infect 90% of unprotected servers across the Internet in just 10 minutes. Many of the fastest-spreading threats exploit known vulnerabilities or “holes” in the operating system which have been publicly announced. The time between the announcement of a known vulnerability and the release of a threat targeting that vulnerability is also diminishing. During the summer of 2003, the Blaster threat was released just 27 days after the associated vulnerability was announced, the shortest such time period ever. As this time period shrinks in the future, industry’s ability to respond will be increasingly difficult. Finally, the recent MyDoom worm infected email systems across the world – at its peak, 1 out of every 12 emails on the Internet carried MyDoom. Clearly, the newest threats are spreading orders of magnitude too fast for any response-based security mechanism to stop. And the threats of the future could make even Slammer seem slow by comparison. We need to find fundamentally new ways to stop the bullet. Code Red, Slammer references:http://news.com.com/2009-1001-983540.html Blaster reference: Symantec Internet Security Threat Report MyDoom reference: http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci946423,00.html

    6. 2002 Symantec Corporation, All Rights Reserved Spam Filtering Technology

    7. AntiSpam Technology Approach Examine the source Examine the content Examine the call to action (URL filters)

    8. Solutions Need Multi-Layered Defences Multiple technologies creates a comprehensive defence Force spammers to contend with each layer

    9. 2002 Symantec Corporation, All Rights Reserved Phishing

    10. Phishing Theft of financial information and/or identity Growing problem both in terms of magnitude and awareness Targets expanding from Financial Services to all organizations with financial information online Banks, ecommerce sites, phone companies, government agencies, etc. Global problem – US, UK, Europe, Australia, South America

    11. Fraud is Bigger Threat than Spam

    12. Messages Are Deceptive

    13. Websites Are Also Deceptive

    14. Growth and Impact of Email Fraud

    15. 2002 Symantec Corporation, All Rights Reserved What’s Next? Mobile Threats/More Sophisticated Phishing

    16. Handheld Virus Propagation Through infected e-mail when using a PDA over a wired or wireless Internet connection When synching with an infected PC Via an infected file transferred from another PDA via infrared (IR) or Bluetooth By downloading infected files from the Internet

    17. Vectors of Delivery Synching with a PC Peer to Peer Connectivity Bluetooth Infrared Telephony GSM GPRS UTMS Data Transfer SMS MMS WAP Network Connectivity WLAN (802.11) PCMCIA Network Cards When you look at mobile devices they provide more vectors of delivery for malicious code and hence more opportunity to be exploited.When you look at mobile devices they provide more vectors of delivery for malicious code and hence more opportunity to be exploited.

    18. Indirect SMS Worm One example of a threat is an Indirect SMS womOne example of a threat is an Indirect SMS wom

    19. Indirect SMS Worm

    20. Indirect SMS Worm

    21. Policy and technology Technical solutions exist No silver bullet Insufficient/improper implementation Lack of holistic approach Security is a process not a just product Lack of security in specific areas may mean inadequate overall security Lack of awareness Businesses Consumers Policy makers Technology is not the only solution Coherent legal framework Co-operation between the different actors Governments – security professionals – communications industry

    22. Legal & Regulatory Measures: Government International cooperation Appropriate legislation (data protection, fraud, consumer protection, unfair competition) Transposition of existing directives Technological neutrality Clear allocation of responsibilities between national authorities Stronger enforcement of data protection rules Tough penalties for individuals Spammers should pay for the spam Rules for evidence collection

    23. Legal & Regulatory Measures: Industry Distinguishing Spam from legitimate marketing Using clear opt-out procedures Use of clear codes of conduct Cooperation with government Implementation of best-practice technology

    24. Awareness & Education Role of government in promoting understanding Role of business as employers Role of ISPs Role of the individual

More Related