1 APRIL 2015 VOLUME 20 INTERNET SECURITY THREAT REPORT
2 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS 4 Introduction 5 Executive Summary 9 IN NUMBERS 18 MOBILE DEVICES & THE INTERNET OF THINGS 19 Mobile Malware 23 SMS and the Interconnected Threat to Mobile Devices 25 Mobile Apps and Privacy 26 Internet of Things 26 Wearable Devices 27 Internet-Connected Everything 27 Automotive Security 28 The Network As the Target 29 Medical Devices Safety First, Security Second 31 WEB THREATS 32 Vulnerabilities 32 Heartbleed 32 ShellShock and Poodle 33 High-Profile Vulnerabilities and Time to Patch 34 The Vulnerability Rises 35 SSL and TLS Certificates Are Still Vital to Security 35 Vulnerabilities as a Whole 41 Compromised Sites 42 Web Attack Toolkits 43 Malvertising 43 Malvertising at Large 44 Denial of Service 45 SOCIAL MEDIA & SCAMS 46 Social Media 46 Facebook, Twitter, and Pinterest 48 Affiliate Programs: The Fuel That Drives Social Media Scams 50 Instagram 51 Messaging Platforms 53 Dating Scams 54 Malcode in Social Media 54 The Rise of Antisocial Networking 54 Phishing 56 Phishing in Countries You Might Not Expect 58 Scams and Spam 60 TARGETED ATTACKS 61 Cyberespionage 62 Industrial Cybersecurity 63 Securing Industrial Control Systems 65 Reconnaissance Attacks 66 Watering Hole Attacks 69 Shifting Targets and Techniques 70 Threat Intelligence 70 Techniques Used In Targeted Attacks 77 DATA BREACHES & PRIVACY 83 Retailers Under Attack 84 Privacy and the Importance of Data Security 85 Data Breaches in the Healthcare Industry 87 E-CRIME & MALWARE 88 The Underground Economy 90 Malware 93 Ransomware 93 Crypto-Ransomware 95 Digital Extortion: A Short History of Ransomware 97 Bots and Botnets 98 OSX as a Target 100 Malware on Virtualized Systems 101 APPENDIX 102 Looking Ahead 104 Best Practice Guidelines for Businesses Critical Security Controls 108 Critical Control Protection Priorities 111 Best Practice Guidelines for Consumers 112 Best Practice Guidelines for Website Owners 114 Footnotes 117 Credits 118 About Symantec 118 More Information
3 MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS 2015 Internet Security Threat Report 3 CHARTS & TABLES 9 IN NUMBERS 18 MOBILE DEVICES & THE INTERNET OF THINGS 19 New Android Mobile Malware Families 20 Cumulative Android Mobile Malware Families 20 New Android Variants per Family 21 App Analysis by Symantec s Norton Mobile Insight 21 New Mobile Vulnerabilities 22 Mobile Vulnerabilities by Operating System 22 Mobile Threat Classifications 31 WEB THREATS 33 Heartbleed and ShellShock Attacks 35 New Vulnerabilities 36 Total Number of Vulnerabilities 36 Browser Vulnerabilities 37 Plug-In Vulnerabilities by Month 37 Top 10 Vulnerabilities Found Unpatched on Scanned Webservers 38 Scanned Websites with Vulnerabilities Percentage of Which Were Critical 38 Websites Found with Malware 39 Classification of Most Frequently Exploited Websites 39 Web Attacks Blocked per Month 40 New Unique Malicious Web Domains 40 Web Attacks Blocked per Day 42 Top 5 Web Attack Toolkits 42 Timeline of Web Attack Toolkit Use 44 DDoS Attack Traffic 45 SOCIAL MEDIA & SCAMS 47 Social Media 55 Phishing Rate (Not Spear-Phishing) 57 Phishing Rate 57 Number of Phishing URLs on Social Media 58 Overall Spam Rate 58 Estimated Global Spam Volume per Day 59 Global Spam Volume per Day 60 TARGETED ATTACKS 62 Vulnerabilities Disclosed in ICS Including SCADA Systems 66 Zero-Day Vulnerabilities 67 Top 5 Zero-Day Vulnerabilities, Time of Exposure & Days to Patch 68 Zero-Day Vulnerabilities, Annual Total 70 Distribution of Spear-Phishing Attacks by Organization Size 71 Risk Ratio of Spear-Phishing Attacks by Organization Size 71 Top 10 Industries Targeted in Spear-Phishing Attacks 72 Risk Ratio of Organizations in an Industry Impacted by Targeted Attack Sent by Spear-Phishing 72 Risk Ratio of Spear-Phishing Attacks by Industry 73 Spear-Phishing s per Day 73 Spear-Phishing Campaigns 74 Spear-Phishing Word Cloud 74 Risk Ratio of Spear-Phishing Attacks by Job Role 75 Risk Ratio of Spear-Phishing Attacks by Job Level 75 Average Number of Spear-Phishing Attacks per Day 76 Analysis of Spear-Phishing s Used in Targeted Attacks 77 DATA BREACHES & PRIVACY 78 Total Breaches 78 Breaches with More Than 10 Million Identities Exposed 79 Top Causes of Data Breach 79 Average Identities Exposed per Breach 80 Median Identities Exposed per Breach 80 Timeline of Data Breaches 81 Total Identities Exposed 82 Top 10 Sectors Breached by Number of Incidents 82 Top 10 Sectors Breached by Number of Identities Exposed 83 Top-Ten Types of Information Exposed 87 E-CRIME & MALWARE 89 Value of Information Sold on Black Market 90 New Malware Variants 90 Malware Rate (Overall) 91 Malware as URL vs. Attachment 91 Percent of Malware as URL vs. Attachment by Month 92 Proportion of Traffic in Which Malware Was Detected 92 Ransomware Over Time 93 Ransomware Total 94 Crypto-Ransomware 97 Number of Bots 97 Malicious Activity by Source: Bots 98 Top 10 Spam-Sending Botnets 99 Top 10 Mac OSX Malware Blocked on OSX Endpoints
4 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS Introduction Symantec has established the most comprehensive source of Internet threat data in the world through the Symantec Global Intelligence Network, which is made up of more than 57.6 million attack sensors and records thousands of events per second. This network monitors threat activity in over 157 countries and territories through a combination of Symantec products and services such as Symantec DeepSight Intelligence, Symantec Managed Security Services, Norton consumer products, and other third-party data sources. In addition, Symantec maintains one of the world s most comprehensive vulnerability databases, currently consisting of more than 66,400 recorded vulnerabilities (spanning more than two decades) from over 21,300 vendors representing over 62,300 products. Spam, phishing, and malware data is captured through a variety of sources including the Symantec Probe Network, a system of more than 5 million decoy accounts, Symantec.cloud, and a number of other Symantec security technologies. Skeptic, the Symantec.cloud proprietary heuristic technology, is able to detect new and sophisticated targeted threats before they reach customers networks. Over 8.4 billion messages are processed each month and more than 1.8 billion web requests filtered each day across 14 data centers. Symantec also gathers phishing information through an extensive anti-fraud community of enterprises, security vendors, and more than 50 million consumers. Symantec Trust Services secures more than one million web servers worldwide with 100 percent availability since The validation infrastructure processes over 6 billion Online Certificate Status Protocol (OCSP) look-ups per day, which are used for obtaining the revocation status of X.509 digital certificates around the world. The Norton Secured Seal is displayed almost one billion times per day on websites in 170 countries and in search results on enabled browsers. These resources give Symantec analysts unparalleled sources of data with which to identify, analyze, and provide informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam. The result is the annual Symantec Internet Security Threat Report, which gives enterprises, small businesses, and consumers essential information to secure their systems effectively now and into the future.
5 MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS 2015 Internet Security Threat Report 5 Executive Summary If there is one thing that can be said about the threat landscape, and Internet security as a whole, it is that the only constant is change. This can clearly be seen in : a year with far-reaching vulnerabilities, faster attacks, files held for ransom, and far more malicious code than in previous years. While was seen as the Year of the Mega Breach, had high-profile vulnerabilities grabbing the headlines. Data breaches are still a significant issue, since the number of breaches increased 23 percent and attackers were responsible for the majority of these breaches. However, attention shifted during the year from what was being exfiltrated to the way attackers could gain access. Vulnerabilities have always been a big part of the security picture, where operating system and browser-related patches have been critical in keeping systems secure. However, the discovery of vulnerabilities such as Heartbleed, ShellShock, and Poodle, and their wide-spread prevalence across a number of operating systems, brought the topic front and center. The conversation has shifted from discussing threat X that exploits a vulnerability to detailing how vulnerability Y is used by these threats and in these attacks. This is one of many constants that changed in. Based on the data collected by the Symantec Intelligence network and the analysis of our security experts, here are other trends of note in. Attackers Are Moving Faster, Defenses Are Not Within four hours of the Heartbleed vulnerability becoming public, Symantec saw a surge of attackers stepping up to exploit it. Reaction time has not increased at an equivalent pace. Advanced attackers continue to favor zero-day vulnerabilities to silently sneak onto victims computers, and had an all-time high of 24 discovered zero-day vulnerabilities. As we observed with Heartbleed, attackers moved in to exploit these vulnerabilities much faster than vendors could create and roll out patches. In, it took 204 days, 22 days, and 53 days, for vendors to provide a patch for the top three most exploited zero-day vulnerabilities. By comparison, the average time for a patch to be issued in was only four days. The most frightening part, however, is that the top five zero-days of were actively used by attackers for a combined 295 days before patches were available.
6 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS Attackers Are Streamlining and Upgrading Their Techniques, While Companies Struggle to Fight Old Tactics In, attackers continued to breach networks with highly targeted spear-phishing attacks, which increased eight percent overall. They notably used less effort than the previous year, deploying 14 percent less towards 20 percent fewer targets. Attackers also perfected watering hole attacks, making each attack more selective by infecting legitimate websites, monitoring site visitors and targeting only the companies they wanted to attack. Further complicating companies ability to defend themselves was the appearance of Trojanized software updates. Attackers identified common software programs used by target organizations, hid their malware inside software updates for those programs, and then waited patiently for their targets to download and install that software in effect, leading companies to infect themselves. Last year, 60 percent of all targeted attacks struck small- and medium-sized organizations. These organizations often have fewer resources to invest in security, and many are still not adopting basic best practices like blocking executable files and screensaver attachments. This puts not only the businesses, but also their business partners, at higher risk. Cyberattackers Are Leapfrogging Defenses in Ways Companies Lack Insight to Anticipate As organizations look to discover attackers using stolen employee credentials and identify signs of suspicious behavior throughout their networks, savvy attackers are using increased levels of deception and, in some cases, hijacking companies own infrastructure and turning it against them. In, Symantec observed advanced attackers: Deploying legitimate software onto compromised computers to continue their attacks without risking discovery by anti-malware tools. Leveraging a company s management tools to move stolen IP around the corporate network. Using commonly available crimeware tools to disguise themselves and their true intention if discovered. Building custom attack software inside their victim s network, on the victim s own servers. Using stolen accounts from one corporate victim to spear-phish their next corporate victim. Hiding inside software vendors updates, in essence Trojanizing updates, to trick targeted companies into infecting themselves. Given all of this stealthy activity, it s not surprising that Symantec Incident Response teams brought in to investigate one known breach to an organization discovered additional breaches still in progress.
7 MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS 2015 Internet Security Threat Report 7 Almost no company, whether large or small, is immune. Five out of every six large companies (2,500+ employees) were targeted with spear-phishing attacks in, a 40 percent increase over the previous year. Small- and medium-sized businesses also saw an uptick, with attacks increasing 26 percent and 30 percent, respectively. Malware Used In Mass Attacks Increases and Adapts Non-targeted attacks still make up the majority of malware, which increased by 26 percent in. In fact, there were more than 317 million new pieces of malware created last year, meaning nearly one million new threats were released into the wild each day. Some of this malware may not be a direct risk to organizations and is instead designed to extort end-users. Beyond the annoyance factor to IT, however, it impacts employee productivity and diverts IT resources that could be better spent on high-level security issues. Malware authors have various tricks to avoid detection; one is to spot security researchers by testing for virtual machines before executing their code. In, up to 28 percent of all malware was virtual machine aware. This should serve as a wake-up call to security researchers who are dependent on virtual sandboxing to observe and detect malware. It also makes clear that virtual environments do not provide any level of protection. Certain malware like W32.Crisis, upon detecting a virtual machine, will search for other virtual machine images and infect them. Digital Extortion on the Rise: 45 Times More People Had Their Devices Held Hostage in While most people associate extortion with Hollywood films and mafia bosses, cybercriminals have used ransomware to turn extortion into a profitable enterprise, attacking big and small targets alike. Ransomware attacks grew 113 percent in, driven by more than a 4,000 percent increase in crypto-ransomware attacks. Instead of pretending to be law enforcement seeking a fine for stolen content, as we ve seen with traditional ransomware, crypto-ransomware holds a victim s files, photos and other digital media hostage without masking the attacker s intention. The victim will be offered a key to decrypt their files, but only after paying a ransom that can range from $300-$500 and that s no guarantee their files will be freed. In, crypto-ransomware accounted for a negligible percentage of all ransomware attacks (0.2 percent, or 1 in 500 instances). However, in, crypto-ransomare was seen 45 times more frequently. While crypto-ransomware predominately attacks devices running Windows, Symantec has seen an increase in versions developed for other operating systems. Notably, the first piece of crypto-ransomware on mobile devices was observed on Android last year. Cybercriminals Are Leveraging Social Networks and Apps to Do Their Dirty Work remains a significant attack vector for cybercriminals, but there is a clear movement toward social media platforms. In, Symantec observed that 70 percent of social media scams were manually shared. These scams spread rapidly and are lucrative for cybercriminals because people are more likely to click something posted by a friend.
9 MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS 2015 Internet Security Threat Report 9 IN NUMBERS
10 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS Grayware apps, which aren t malicious by design but do annoying and inadvertently harmful things like track user behaviour, accounted for 36 percent of all mobile apps New Android Mobile Malware Families Cumulative Android Mobile Malware Families 6.3 M 6.1 M 1 M.7 M 2.3 M 2.2 M Total Apps Analyzed Total Apps Classified as Malware Total Apps Classified as Grayware ,839 7,612 App Analysis by Symantec s Norton Mobile Insight New Android Variants per Family Cumulative Android Mobile Malware Variants New Mobile Vulnerabilities Symantec found that 17 percent of all Android apps (nearly one million total) were actually malware in disguise. MOBILE DEVICES
11 MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS 2015 Internet Security Threat Report % 77% 20% 16% Scanned Websites with Vulnerabilities Percentage of Which Were Critical 6,549 6, , ,734 Web Attacks Blocked per Day New Vulnerabilities Within four hours of the Heartbleed vulnerability becoming public, Symantec saw a surge of attackers stepping up to exploit it. 1 in 1,126 1 in 566 Websites Found with Malware Inverse Graph: Smaller Number = Greater Risk 1 SSL/TLS Poodle Vulnerability 2 Cross-Site Scripting 3 SSL v2 support detected 4 SSL Weak Cipher Suites Supported 5 Invalid SSL certificate chain Top 5 Vulnerabilities Found Unpatched on Scanned Web Servers WEB THREATS
12 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS in % 66% 1 in 392 Overall Spam Rate Phishing Rate Inverse Graph: Smaller Number = Greater Risk % 81% Fake Offering Social Media Scams % 2% Manually Shared Social Media Scams In, Symantec observed that 70 percent of social media scams were manually shared. 3,829 6,993 Average Number of Phishing URLs on Social Media 28 Billion 29 Billion Estimated Global Spam Volume per Day SCAMS & SOCIAL MEDIA
13 MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS 2015 Internet Security Threat Report Spear Phishing s per Day Campaigns Recipients per Campaign Average Number of Attacks per Campaign 9 Days 8 Days Average Duration of a Campaign Industry Manufacturing Services Nontraditional 20% 13% 20% 14% Spear Phishing Campaigns Finance, Insurance & Real Estate 18% 13% Industry Risk Ratio Mining Wholesale 1 in % 1 in % 1 in % 1 in % Services Professional Wholesale 11% 15% 10% 5% Top 10 Industries Targeted in Spear-Phishing Attacks Manufacturing Transportation, Communications, Electric, Gas & Sanitary Services 1 in % 1 in % 1 in % 1 in % Public Administration (Government) 1 in % 1 in % Risk Ratio of Spear-Phishing Attacks by Industry TARGETED ATTACKS
14 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS Individual Contributor 1 in % Manager 1 in % Intern 1 in % Director 1 in % Support 1 in % Top 5 Risk Ratio of Spear-Phishing Attacks by Job Level Sales/Marketing 1 in % Finance 1 in % 34% 30% 25% 31% 41% 39% Operations 1 in % R&D 1 in % Distribution of Spear-Phishing Attacks by Organization Size Small Businesses (SMBs) 1 to 250 Employees Medium-Size Businesses 251 to 2,500 Employees Risk Ratio of Spear-Phishing Attacks by Organization Size Large Enterprises 2,500+ Employees IT 1 in % Top 5 Risk Ratio of Spear-Phishing Attacks by Job Role.doc 39%.exe 23%.scr 9%.au3 8%.jpg 5% Spear-Phishing s Used in Targeted Attacks 45% 1 in % 1 in % 1 in % 1 in % 1 in % 1 in 2.3 Last year, 60 percent of all targeted attacks struck small- and medium-sized organizations.
15 MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS 2015 Internet Security Threat Report 15 In total, the top five zero-days of were actively exploited by attackers for a combined 295 days before patches were available Average Days to Patch by Vendor for Top 5 Zero-Days Total Days of Exposure for Top 5 Zero-Days Number of Attacks Detected (THOUSANDS) % Microsoft ActiveX Control 10% Microsoft Internet Explorer 7% Adobe Flash Player 2% Adobe Flash Player <1% Microsoft Windows 81% Microsoft ActiveX Control Top 5 Zero-Day Vulnerabilities Days of Exposure and Days to Patch Number of Days After Vulnerability Publication Zero-Day Vulnerabilities
16 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS M 552 M 1.1 M 2.2 M 7,000 6,777 Total Breaches Total Identities Exposed Average Identities Exposed per Breach Median Identities Exposed per Breach The number of breaches increased 23 percent in. Attackers were responsible for the majority of these breaches. Healthcare % Retail 34 11% Education 31 10% Gov. & Public 26 8% 4 8 Breaches with More Than 10 Million Identities Exposed Financial 19 6% Top 5 Sectors Breached by Number of Incidents Real Names 69% Gov. ID Numbers (e.g, SSN) 45% Home Addresses 43% Retail 205M 59% Financial 80M 23% Computer Software 35M 10% Healthcare 7M 2% Financial Information 36% Birth Dates 35% Top 10 Types of Information Exposed Gov. & Public 7M 2% Top 5 Sectors Breached by Number of Identities Exposed DATA BREACHES
17 MOBILE & IOT WEB THREATS SCAMS & SOCIAL MEDIA TARGETED ATTACKS 2015 Internet Security Threat Report M 252M New Malware Variants (Added Each Year) 1 in in 196 Malware Rate Inverse Graph: Smaller Number = Greater Risk 24 K Per Day 8.8 Million Item 1,000 Stolen Addresses Cost $0.50 to $10 Ransomware Total 11 K Per Day 4.1 Million Credit Card Details $0.50 to $20 Scans of Real Passports Stolen Gaming Accounts $1 to $2 $10 to $15 Custom Malware $12 to $3500 Ransomware attacks grew 113 percent in, along with 45 times more crypto-ransomware attacks. 1,000 Social Network Followers $2 to $12 Stolen Cloud Accounts $7 to $8 1.9M 2.3M Number of Bots In, up to 28 percent of all malware was virtual machine aware % 25% Malware as URL vs. Attachment 1 Million Verified Spam Mail-outs Registered and Activated Russian Mobile Phone SIM Card Value of Information Sold on Black Market $70 to $150 $100 E-CRIME & MALWARE
18 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS MOBILE DEVICES & THE INTERNET OF THINGS
19 MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS 2015 Internet Security Threat Report 19 Mobile Devices and the Internet of Things With billions of smartphones and potentially many billions of Internet-connected devices of all kinds, the focus of Internet security is shifting from the desktop and the data center to the home, the pocket, the purse, and, ultimately, the infrastructure of the Internet itself. Mobile Malware The tenth anniversary of mobile malware occurred in. In 2004, researchers discovered SymbOS.Cabir, 1 a worm that spread through Bluetooth and targeted the Symbian OS, the most popular mobile operating system at the time. 2 Today many apps contain malware. As of, Symantec has identified more than 1 million apps that are classified as malware. This includes 46 new families of Android malware in. In addition, there are perhaps as many as 2.3 million grayware apps that, while not technically malware, display undesirable behavior, such as bombarding the user with advertising % 57-45% New Android Mobile Malware Families At a Glance There are now more than 1 million malicious apps in existence. Proof-of-concept attacks on the Internet of Things are here, including wearables, Internet infrastructure, and even cars. Devices on the cusp of the Internet of Things, such as routers, network-attached storage devices, and embedded Linux devices, are already under attack. The falling number of families doesn t indicate that this problem is going away but just that the rate of innovation is slowing. New Android Mobile Malware Families The falling number of families doesn t indicate that this problem is going away but just that the rate of innovation is slowing. This may be because existing malware is effective enough and there is less demand for new software. In addition, the overall trend masks significant fluctuations from month to month. The drop also suggests that developers are maximizing the number of variants per family, for example, by repackaging well-known games and apps with malware. Symantec expects the growth in mobile malware to continue in 2015, becoming more aggressive in targeting a user s money. Already 51 percent of U.S. adults bank online and 35 percent use mobile phones to do so. 4 This creates an incentive for malware writers to target phones to capture bank details. 5 Today, Android malware can intercept text messages with authentication codes from your bank and forward them to attackers. Fake versions of legitimate banks mobile applications also exist, hoping to trick users into giving up account details.
20 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS In there were 46 new mobile malware families discovered Cumulative Android Mobile Malware Families, 2011 Cumulative Android Mobile Malware Families 48-16% There was a 16 percent drop in the number of Android variants per family in % New Android Variants per Family New Android Variants per Family
21 MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS 2015 Internet Security Threat Report 21 Total Apps Analyzed Total Apps Classified as Malware 2012 Millions Of the 6.3 million apps analyzed in, one million of these were classified as malware, while 2.3 million were classified as grayware. A further 1.3 million apps within the grayware category were classified as madware. Total Apps Classified as Grayware Total Grayware Further Classified as Madware Known Ad Libraries Malware Definition Programs and files that are created to do harm. Malware includes computer viruses, worms, and Trojan horses. Grayware Definition Programs that do not contain viruses and that are not obviously malicious but that can be annoying or even harmful to the user (for example, hack tools, accessware, spyware, adware, dialers, and joke programs). Madware Definition Aggressive techniques to place advertising in your mobile device s photo albums and calendar entries and to push messages to your notification bar. Madware can even go so far as to replace a ringtone with an ad. App Analysis by Symantec s Norton Mobile Insight App Analysis by Symantec s Norton Mobile Insight % There were 168 mobile vulnerabilities disclosed in, a 32 percent increase compared to % New Mobile Vulnerabilities New Mobile Vulnerabilities
22 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS 100% 80 82% 84% 84% of mobile vulnerabilities related to Apple ios in, compared with 11% for Android, 4% for BlackBerry and 1% for Nokia % 11% 1% 4% 0% 1% ios Android Blackberry OS Windows Phone Mobile Vulnerabilities by Operating System, Mobile Vulnerabilities by Operating System 35% Traditional threats increased 6 percentage points between and, while threats that steal information from the device or track users declined in. Send Content Adware Annoyance Reconfigure Device Traditional Threats Steal Information Track User Send Content Threats that send premium SMS, Spam and SEO Poisoning threats. Adware/Annoyance Threats that cause advertisement popups and unwanted information. Reconfigure Device Threats that modify user settings, and elevates privileges. Traditional Threats Threats like Backdoor Trojans, Downloaders, DDoS utility, Hacktool and Security Alerts. Steal Information Threats that steal device data, media files and any user credentials. Eg., Banking Trojan. Track User Threats that spy on users, tracks user location. Mobile Threat Classifications, 2012 Mobile Threat Classifications
APRIL 2015 VOLUME 20 INTERNET SECURITY THREAT REPORT 2 2015 Internet Security Threat Report MOBILE & IOT WEB THREATS SOCIAL MEDIA & SCAMS TARGETED ATTACKS 4 Introduction 5 Executive Summary 9 IN NUMBERS
QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
- 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
White paper Phishing, Vishing and Smishing: Old Threats Present New Risks How much do you really know about phishing, vishing and smishing? Phishing, vishing, and smishing are not new threats. They have
WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
Basic Security Considerations for Email and Web Browsing There has been a significant increase in spear phishing and other such social engineering attacks via email in the last quarter of 2015, with notable
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
Symantec Intelligence Symantec Intelligence Report: February 2013 Welcome to the February edition of the Symantec Intelligence report, which provides the latest analysis of cyber security threats, trends,
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
Building a Business Case: Cloud-Based Security for Small and Medium-Size Businesses table of contents + Key Business Drivers... 3... 4... 6 A TechTarget White Paper brought to you by Investing in IT security
INTRODUCING isheriff CLOUD SECURITY isheriff s cloud-based, multi-layered, threat protection service is the simplest and most cost effective way to protect your organization s data and devices from cyber-threats.
SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright
400,000000 Almost 400 million people 1 fall victim to cybercrime every year. A common way for criminals to attack people is via websites, unfortunately this includes legitimate sites that have been hacked
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.
National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.
Cybersecurity Threats, Trends, and Tips for SMBs Date or subtitle May 25, 2016 1 Cybersecurity Threats, Trends, and Tips for SMBs 2 Cybersecurity Threats, Trends, and Tips for SMBs Mark Scholl Partner,
Contents Introduction... 1 Main findings... 2 Methodology... 3 Section 1. Device usage... 4 Section 2. Online and on the move: Internet activity... 6 Section 3. The connected treasure chest: what is stored
The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities Protecting a business s IT infrastructure is complex. Take, for example, a retailer operating a standard multi-tier infrastructure
Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from
WHITE PAPER: REDUCING THE COST AND COMPLEXITY OF WEB..... VULNERABILITY.............. MANAGEMENT..................... Reducing the Cost and Complexity of Web Vulnerability Management Who should read this
Emerging Security Technological Threats Jamie Gillespie Training and Education Team Leader, AusCERT About AusCERT Australia s national CERT Collect, monitor, advise on threats and vulnerabilities Incident
Smartphones and tablets are invading the workplace along with the security risks they bring with them. Every day these devices go unchecked by standard vulnerability management processes, even as malware
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 CONTENTS At a glance 03-03 Forecasts and trends 03-03 Current situation: 4,900 new Android malware samples every day 04-04 Half of Android malware is
isheriff CLOUD SECURITY isheriff is the industry s first cloud-based security platform: providing fully integrated endpoint, Web and email security, delivered through a single Web-based management console
WHITE PAPER SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM Why Automated Analysis Tools are not Created Equal SECURITY REIMAGINED CONTENTS Executive Summary...3 Introduction: The Rise
Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a
G Data Mobile MalwareReport Half-Year Report July December 2013 G Data SecurityLabs Contents At a glance... 2 Android malware: share of PUPs increasing significantly... 3 Android.Application consists of
G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015 CONTENTS At a glance 03-03 Forecasts and trends 03-03 Current situation: 4,900 new Android malware samples every day 04-04 Half of Android malware is
The SMB Cyber Security Survival Guide Stephen Cobb, CISSP Security Evangelist The challenge A data security breach can put a business out of business or create serious unbudgeted costs To survive in today
The Increasing Threat of Malware for Android Devices 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them INTRODUCTION If you own a smartphone running the Android operating system, like the
Top five strategies for combating modern threats Is anti-virus dead? Today s fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce.
How Attackers are Targeting Your Mobile Devices Wade Williamson Today s Agenda Brief overview of mobile computing today Understanding the risks Analysis of recently discovered malware Protections and best
Symantec enterprise security Symantec Internet Security Threat Report April 00 Regional Data Sheet Latin America An important note about these statistics The statistics discussed in this document are based
Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series Whitepaper Advanced Threat Detection: Necessary but Not Sufficient 2 Executive Summary Promotion
AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS ftrsecure.com Can You Separate Myths From Facts? Many Internet myths still persist that could leave you vulnerable to internet crimes. Check out
White Paper Spear Phishing Attacks Why They are Successful and How to Stop Them Combating the Attack of Choice for Cybercriminals White Paper Contents Executive Summary 3 Introduction: The Rise of Spear
Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?
ii IBM MSS INDUSTRY OVERVIEW: FINANCIAL RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: NOVEMBER 5, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW... 1 MAJOR FINANCIAL
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
Why Device Fingerprinting Provides Better Network Security than IP Blocking How to transform the economics of hacking in your favor Why Device Fingerprinting Provides Better Network Security than IP Blocking
Are you suffering from misconceptions about safe web browsing? You might think you re being safe, but with a newly infected webpage discovered every few seconds, it s next to impossible to stay up to date
Mobile App Reputation A Webroot Security Intelligence Service Timur Kovalev and Darren Niller April 2013 2012 Webroot Inc. All rights reserved. Contents Rise of the Malicious App Machine... 3 Webroot App
Countermeasures against Bots Are you sure your computer is not infected with Bot? Information-technology Promotion Agency IT Security Center http://www.ipa.go.jp/security/ 1. What is a Bot? Bot is a computer
WHITE PAPER Three Steps to Reduce Mobile Device Security Risks Table of Contents Executive Overview 3 Mobile Device Security: 3 Just as Critical as Security for Desktops, Servers, and Networks 3 Find the
Introduction: SiteLock scans your website to find and fix any existing malware and vulnerabilities followed by using the protective TrueShield firewall to keep the harmful traffic away for good. Moreover
I N T E L L I G E N C E A S S E S S M E N T (U//FOUO) Malicious Cyber Actors Target US Universities and Colleges 16 January 2015 Office of Intelligence and Analysis IA-0090-15 (U) Warning: This document
Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library Why should you be concerned? There are over 1 million known computer viruses. An unprotected computer on the
THE HOME LOAN SAVINGS BANK Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is
Malware B-Z: Inside the Threat From Blackhole to ZeroAccess By Richard Wang, Manager, SophosLabs U.S. Over the last few years the volume of malware has grown dramatically, thanks mostly to automation and
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
IT TRENDS AND FUTURE CONSIDERATIONS Paul Rainbow CPA, CISA, CIA, CISSP, CTGA AGENDA BYOD Cloud Computing PCI Fraud Internet Banking Questions The Mobile Explosion Mobile traffic data in 2011 was nearly
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
Session No. 744 The Internet of Things (IoT) Opportunities and Risks David Loomis, CSP Risk Specialist Chubb Group of Insurance Companies Brian Wohnsiedler, CSP Risk Specialist Chubb Group of Insurance
Webroot Security Intelligence for Mobile Suite Cloud-based security solutions for mobile management providers TABLE OF CONTENTS INTRODUCTION 3 WEBROOT INTELLIGENCE NETWORK 4 MOBILE SECURITY INTELLIGENCE
HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT The frequency and sophistication of Distributed Denial of Service attacks (DDoS) on the Internet are rapidly increasing. Most of the earliest
Innovations in Network Security Michael Singer April 18, 2012 AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.
INFOCOMM SEC RITY is INCOMPLETE WITHOUT Be aware, responsible secure! U HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD FASTEN UP!
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123 Cybersecurity: A Growing Concern for Small Businesses Copyright Materials This presentation is protected by US and International Copyright
White Paper THE FOUR ATTACK VECTORS TO PREVENT OR DETECT RETAILER BREACHES By James Christiansen, VP, Information Risk Management Executive Summary Security breaches in the retail sector are becoming more
Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
An Executive Brief from Cisco Cybersecurity: A View from the Boardroom In the modern economy, every company runs on IT. That makes security the business of every person in the organization, from the chief
Surviving the Ever Changing Threat Landscape Kevin Jordan Cyber Security Specialist Dell GLBA FFIEC NCUA PCI HIPAA NERC CIP FISMA 700+ Percentage of U.S. adults who Federal named online and banking state
12 Security Camera System Best Practices - Cyber Safe Dean Drako, President and CEO, Eagle Eye Networks Website version of white paper Dean Drako video introduction for cyber security white paper Introduction
Contents Introduction... 1 Main findings... 2 Methodology... 3 Section 1. Device usage... 4 Section 2. Online and on the move: Internet activity... 6 Section 3. The connected treasure chest: what is stored
Trust the Innovator to Simplify Cloud Security Contents MailGuard Pty Ltd Page 1 of 7 2 Let s get real for a moment. Your antivirus software isn t stopping fastbreak phishing and other spam attacks like
BOYD- Empowering Users, Not Weakening Security Table of Contents Exec summary... 3 Benefits of BYOD... 4 Threats that BYOD Harbours... 5 Malware... 5 Data Leakage... 5 Lost or Stolen Devices... 5 Public