Exploring Modern Threat Vectors and Trends

Size: px
Start display at page:

Download "Exploring Modern Threat Vectors and Trends"

Transcription

1 Exploring Modern Threat Vectors and Trends Brian Contos, Director Global Security Strategy and Risk Management, McAfee February 2011

2 Insider Threats Industrialized Hacking Advanced Persistent Threats

3 The Consumerization of IT and Virtualization Cloud and Web 2.0 Uniting Data Protection and Network Security

4 Connected Security Strategy Connects the business to security Provides risk based view of security Provides situational awareness Connects security together Provides enterprise security Provides reputation based security Connects on a platform Provides open system for 3 rd parties Provides ability to automate key workflows

5 Your Actions Identify the threats most critical to your organization Understand key trends in IT Define mechanisms for security to enable business priorities Select solutions that embrace a connected security framework Drive an implementation project to address the above

6 Connected: One Billion Today, 50 Billion by 2020 Digitization, Access, Dependence Information Gone Viral Circa Event/Technology Circa Event/Technology 20,000 B.C. Cave Paintings 1969 ARPANET 3,100 B.C. Sumerian Cuneiform Markings - First language-based writing system 1969 Telnet 500 B.C. Pre-Columbian civilizations use paper 1970 Banking ATMs 350 B.C. Greek Ionic alphabet of 24 letters 1971 FTP 1100 Wax seals used to sign documents , C Programming Language 1455 Guttenberg produces printed bibles using movable type 1973 NCP Later renamed TCP/IP 1755 First comprehensive/authoritative English dictionary 1979 Xerox introduces Ethernet 1800 Library of Congress opens in Washington 1980 Personal Computer 1804 Joseph-Marie Jacquard of France devises an automatic loom 1982 Lotus Charles Babbage builds a prototype of his difference engine 1983 Cellular Technology 1837 Samuel Morse develops telegraph and Morse Code 1988 Internet 1877 Photography 1989 Web Browser based on HTTP 1877 Telephone 1997 Blogs 1897 Radio 1998 Google 1923 Credit Cards 2000 Wikipedia 1928 Television 2001 ipod 1931 Telex (Antecedent to FAX) 2003 Social Networks 1946 Mobile Phones 2004 Podcasting 1958 ARPA Created by President Eisenhower 2005 YouTube 1966 ASCII 2006 Twitter

7 Comparative Threat Windows Sea 3,000 BC people in the Mediterranean distributed goods 1,300 first recorded pirates Threat Window 1,700 years Air 1859 John Wise distributed mail via air balloon India to NY 1931 first hijacking (Peru) Threat Window 72 years Space 1962 first commercial satellite just five years after Sputnik Access and cost have made it less attractive Different Cultures International Boundaries Complex Jurisdiction Cyber ARPANET1969 / Commercial use NSFNET/MCI Mail 1988 Threat Window zero

8 Motives Why do you rob banks? NOW Money AND Politics THEN Curiosity AND Excitement Willie "The Actor" Sutton ( )

9

10 Insiders Low-tech Trumps Hi-tech Anything done unintentionally can also be done intentionally with greater impact Trust & Access

11 Who Are They Why hack when you can recruit It is very important to concentrate on hitting the U.S. economy through all possible means. Osama Bin Laden or plant?

12 Downloading Structured Data Unstructured Data

13 Sending and Posting

14 The Countermeasures Executive Leadership Beyond IT Users & Data Beyond Prevention Augment Human Intuition

15

16 Industrial Revolution 19th century Mass Production Automation, Efficiency, Scalability

17 Old School 1997 EarthLink & AOL 2002 ebay 2003 Amazon, Banks, ISPs (Grammar)

18 New School If crime didn t pay there d be no crime. G. Gordon Liddy 350,000+ Apps 100,000+ Apps

19 Q108 Q208 Q308 Q408 Q109 Q209 Q309 Q409 Q110 Q210 Q310 Malware Continues to Be the Biggest Threat to Enterprises and Consumers Number of malware samples in our database 50,000,000 40,000,000 New pieces of malware per day: 2007: 16, : 29, : 46, : 60,000 30,000,000 20,000,000 10,000,000 0

20 Botnets By The Numbers Number of Systems: 160,000 Bandwidth: 500 Gbps Number of Systems: 500,000 Bandwidth: 1,500 Gbps Number of Systems: 6,400,000 Bandwidth: 28 Terabits Across over 230 Countries

21 Industrialized Hacking Maturity Model Hacking Is a Profitable Industry Researching Vulnerabilities Developing Exploits Growing Botnets Exploiting Targets Consuming Direct Value i.e. IP, PII, CCN Command & Control Malware Distribution Phishing & spam DDoS Blackhat SEO Growing Botnets and Exploiting Vulnerabilities Selecting Targets via Search Engines Templates & Kits Centralized Management Service Model Roles Optimization Automation It s not fair and it s not personal; it s just business

22 Black Hat SEO 2010 s Most Dangerous Internet Searches 60% of Popular Google Searches Yield Malicious Sites in First 100 Results Cameron Diaz Julia Roberts Jessica Biel Gisele Bündchen

23 Rome Is the Mob Neptune, Poseidon, Oceanus Mister Splashy Pants 78% of Votes

24 Zeus: An Abbreviated Love Story Discovered July 2007 More recent versions with over 150 variants Doesn t self propagate requires spam, phishing, drive-by downloads C&C 196 countries; 2,400 companies impacted, 3.6M PCs in U.S. alone Targeted: accounts, social networking sites and banking Control, steal credentials, transfer funds Man in the Browser Kit: $700-$4,000 USD plus add-ons & plug-ins $500-$10,000 USD Binary generator to evade detection Copy protection and license keys Money mules in U.S. recruited and paid on commission Create bank accounts using fake documents and phony names Wire fund to Eastern Europe or smuggle cash Stole around $70M USD 100+ arrested across U.S., U.K., & Ukraine 2010 Charges of bank fraud & money laundering Zitmo: SMS (Blackberry & Symbian-based phones)

25 The Countermeasures Reputation Reduce complexity Wolverines not mosquitoes Damn the whales save the plankton Anti-social engineering The Internet is the first thing that humanity has built that humanity doesn't understand, the largest experiment in anarchy that we have ever had. Eric E. Schmidt, Chairman of the Board and CEO Google

26

27 APT Industrialized Hacking APT Advanced: Custom exploits and other mature tools Persistent: Not a crime of opportunity on a mission Threat: They have money and they are motivated

28 APT Maturity Model Actors Motives Targets Goals Nation-States Insiders & Ex-employees Unscrupulous Competitors Terrorist/Activist/ Criminal Organizations Political Economic Large corporations Critical infrastructure Governments Academic & Media Stealth intrusion, backdoors Sensitive data, Monitoring, Sabotage Leave no traces

29 Technology Shifts Advantage Early weapons Circa 323 BC Greeks Bronze, Iron, Phalanx Fight as a unit Circa 120 BC Romans Steel, Gladius Sword Fight in multiple directions and terrain

30 Technology Shifts Advantage New weapons old tactics Circa 1500 Ottoman Empire Matchlock musket; armor ineffective 1st time used in infantry in force Circa 1862 American Civil War Rifled muskets Accurate, mass produced

31 Technology Shifts Advantage Like taking a knife to a gun fight almost Today: AK-47 Simple, Cheap, Reliable 100,000,000 Made Today: Modern Warrior Boron Carbide Body Armor Night Vision; Robots Drones; Satellites Prompt Global Strikes < 60 minutes Smart Dust (bio, chemical or mechanical)

32 Technology Shifts Advantage Technology becomes an equalizer again Inexpensive Anonymous Simple Excellent Range State & Non-state Participants Espionage Propaganda Attack God made man, but Samuel Colt made them equal.

33 Convergence of Kinetic and Non-Kinetic Warfare Estonia May 2007: Three weeks of cyber attacks following the removal of a bronze soldier Russian mafia and Russian sympathizers in Latvia, Ukraine, and the US (80,000 IP address sources) Georgia - August 2008: Kinetic + Non-kinetic attacks where radio station towers were being shot by tanks, as DDoS was taking out online capabilities Others attacks 2007 Lithuania, Ukraine 2009 Kyrgyzstan

34 Patriotic DDoS April 2008 CNN reports on Tibet 5,000 Chinese forums recruit patriots anticnn.exe CNN blocks traffic from.cn Double win

35 Espionage The essence of espionage is access Allen Dulles, longest serving director of the CIA ( ) 2003 Titian Rain April 2009 $300 Billion Fighter (F-35) Equivalent to about 4,600 tanks The US has about 8,000

36 36 Critical Infrastructure Meltdown: There s An App Four Zero Days Stolen encryption Advanced & Expensive PLC not SCADA DOE/DHS Test beds Patching..oops According to a CNN interview with economist Scott Borg A multi month attack on a small part of the U.S. is equivalent to being hit by about 50 hurricanes at once with economic damage greater than any modern economy has ever experienced.

37 The Countermeasures Discover Connect Assume Risk Awareness Partnerships The best poker players walk a tightrope between their business sense and their passion. As professionals, they seek out the most profitable opportunities and control as many factors as possible to create a positive result. As gamblers, they want the risk and excitement of something important on the line with the outcome in the balance. Michael Craig Full Tilt Poker Blog

38 Trends in IT

39 Consumerization of IT: What Consumerization will force more IT change over the next 10 years than any other trend. Gartner 2009

40 Consumerization of IT: Why Pick Your Metaphor

41 Consumerization of IT: Approach Maximize employee flexibility, capabilities while minimizing organizational risk Happier and more effective employees with lower procurement costs Manage provisioning, revocation, access and control where sensitive data resides Mobility Management (lock, track, backup, wipe (partial) NAC Virtualization

42 Virtualization: What Operating Systems Applications Profiles Endpoints Servers

43 Virtualization: Why Unmanaged Devices Used for Business- Related Work Bring Your Own Computer Management Efficiencies Use of Home Computer Minimize Hardware Footprint/Costs Power to the Data Center (Centralization)

44 Virtualization: Approach Optimization On-Access AV Management Reporting Intelligence Virtual Machines (VMs) Cache Virtual Desktop Image (VDI) VM VDI VM VDI VM Anti-Virus VM Cache Type 1 Hypervisor (Bare Metal) Citrix VMWare Microsoft Etc. Cache Data Center Hardware Cache

45 Cloud: What IaaS PaaS SaaS

46 Cloud: Why Accelerate ability to use business applications , CRM Leverage infrastructure with greater resources at lower cost

47 Cloud: Approach Security FROM the cloud - Security-as-a-Service (SaaS) Security IN the cloud - Global Threat Intelligence (GTI) Security FOR the cloud - Security for the cloud ecosystem

48 Management Cloud: Approach (Threat Intelligence) 450+ Dedicated researchers in 30+ countries Identify -1 new malicious web server/60 sec -60k new pieces of malware/day -5M new zombies/month GLOBAL THREAT INTELLIGENCE Across all threat vectors Network/IPS Signatures Malware Vulnerability Management Spam Outbound Web Protection Real-time in the cloud threat collection and distribution model Spans the entire Internet including millions of sensors Providing reputation based capabilities -20B mail queries/month -75B web queries/month Network Content Desktop Data Apps DBs Cloud 48 March 4,

49 Web 2.0: What really

50 #1 Site On The Internet If Facebook Was a Country Rank Country Population Date of Estimate 1 China 1,340,950,000 December 2nd India 1,190,930,000 December 2nd Facebook 500,000,000 December 2nd USA 310,829,000 December 2nd Indonesia 237,556,000 May 10 th Brazil 190,732,000 August 1 st 2010 People spend over 700 billion minutes per month on Facebook

51 Web 2.0: Why Just saying no doesn t scale and misses business opportunities The next generation sees and traditional web as archaic

52 Web 2.0: Approach Leverage application-aware controls Control application access, downloads, and posts Don t block manage interactions based on roles, permissions, and business requirements Educate users on social engineering and other Web 2.0 attacks

53 Uniting Data Protection and Network Security: What Data has value & people want it; network-centric controls alone won t protect it Resources are limited; adding more solutions in a silo isn t desirable Network controls in parity with data controls represent symbiotic mutualism

54 Uniting Data Protection and Network Security: Why Data at rest, in motion, and in use (transactions) must be considered Across applications, databases, laptops, mobile phones So patterns & anomalies of users interacting with data can be gleaned

55 Uniting Data Protection and Network Security: Approach Monitor user behavior Protect data across the network and on endpoints from careless and malicious activity Achieve enhanced analytics, expansive reporting, accurate alerting and streamlined management Address questions such as: Where is the data that needs protection? Who has access to it? What uses is it being put to; for example, is it being copied to insecure locations/devices? Who else is involved, what else might be happening, and how long has this been occurring?

56 More Information on McAfee McAfee

Cyber Security in Healthcare 2012: Threats, Trends & Business Priorities

Cyber Security in Healthcare 2012: Threats, Trends & Business Priorities Cyber Security in Healthcare 2012: Threats, Trends & Business Priorities Brian Contos, Customer Security Strategist and Sr. Director, Emerging Markets, McAfee an Intel Company Las Vegas Nevada, Venetian

More information

2012 Bit9 Cyber Security Research Report

2012 Bit9 Cyber Security Research Report 2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by

More information

Web 2.0 and Data Protection. Paul Tsang Security Consultant McAfee

Web 2.0 and Data Protection. Paul Tsang Security Consultant McAfee Web 2.0 and Data Protection Paul Tsang Security Consultant McAfee Criminal Motivators For Profit Targeted Attacks Cyber Warfare (Credit Cards, PII, Criminal Infrastructure) (Nation-State Secrets, Trade

More information

Attacks from the Inside

Attacks from the Inside Attacks from the Inside Eddy Willems, G Data Righard J. Zwienenberg, Norman Attacks from the Inside. Agenda - Social Networking / Engineering - Where are the threats coming from - Infection vectors - The

More information

The Hillstone and Trend Micro Joint Solution

The Hillstone and Trend Micro Joint Solution The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry

More information

End to End Security do Endpoint ao Datacenter

End to End Security do Endpoint ao Datacenter do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:

More information

Patrick Gray Principal Security Strategist DATA SECURITY CHALLENGES IN THE ALL TOO PUBLIC AND NOT SO PRIVATE SECTORS

Patrick Gray Principal Security Strategist DATA SECURITY CHALLENGES IN THE ALL TOO PUBLIC AND NOT SO PRIVATE SECTORS Patrick Gray Principal Security Strategist DATA SECURITY CHALLENGES IN THE ALL TOO PUBLIC AND NOT SO PRIVATE SECTORS I want you to take home four points Understand Educate Collaborate Prepare It s a great

More information

Advanced & Persistent Threat Analysis - I

Advanced & Persistent Threat Analysis - I Advanced & Persistent Threat Analysis - I Burak Ekici ekcburak@hotmail.com Department of Computer Engineering, Yaşar University, Turkey. April 21, 2012 Burak Ekici (Dept. of Comp. Eng.) Advanced & Persistent

More information

Security workshop Protection against botnets. Belnet Aris Adamantiadis Brussels 18 th April 2013

Security workshop Protection against botnets. Belnet Aris Adamantiadis Brussels 18 th April 2013 Security workshop Belnet Aris Adamantiadis Brussels 18 th April 2013 Agenda What is a botnet? Symptoms How does it work? Life cycle How to fight against botnets? Proactive and reactive NIDS 2 What is a

More information

Some Perspectives On Cybersecurity. Shernon Osepa Manager Regional Affairs Latin America & Caribbean www.internetsociety.org

Some Perspectives On Cybersecurity. Shernon Osepa Manager Regional Affairs Latin America & Caribbean www.internetsociety.org Some Perspectives On Cybersecurity Shernon Osepa Manager Regional Affairs Latin America & Caribbean www.internetsociety.org Agenda What is the Internet Society (ISOC) On the IETF Cyber Security Themes

More information

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop

More information

Can We Become Resilient to Cyber Attacks?

Can We Become Resilient to Cyber Attacks? Can We Become Resilient to Cyber Attacks? Nick Coleman, Global Head Cyber Security Intelligence Services December 2014 Can we become resilient National Security, Economic Espionage Nation-state actors,

More information

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private

More information

CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP

CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP CYBERCRIMINAL IN BRAZIL SHARES MOBILE CREDIT CARD STORE APP August 2014 RSA agents recently traced a threat actor advertising a mobile credit card store application. The cybercriminal shared the information

More information

Automated Protection on UCS with Trend Micro Deep Security

Automated Protection on UCS with Trend Micro Deep Security Copyright 2014 Trend Micro Inc. Automated Protection on UCS with Trend Micro Deep Security Chris Van Den Abbeele Senior presales Engineer Agenda 1. Industrialization of Cyber threats The boomerang of Project

More information

Mucho Big Data y La Seguridad para cuándo?

Mucho Big Data y La Seguridad para cuándo? Mucho Big Data y La Seguridad para cuándo? Juan Carlos Vázquez Sales Systems Engineer, LTAM mayo 9, 2013 Agenda Business Drivers Big Security Data GTI Integration SIEM Architecture & Offering Why McAfee

More information

Innovations in Network Security

Innovations in Network Security Innovations in Network Security Michael Singer April 18, 2012 AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.

More information

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats

More information

Endpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014

Endpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014 Endpoint & Server Protection Brent Biernat First Vice President Network Services May 13, 2014 The Evolution of Cyber Crime 1878 Bell Telephone Teenage Switchboard Operator Disconnected calls, eavesdropped,

More information

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen 14th Annual Risk Management Convention New York, New York March 13, 2013 Today s Presentation 1)

More information

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015 Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders

More information

Data Center security trends

Data Center security trends Data Center security trends Tomislav Tucibat Major accounts Manager, Adriatic Copyright Fortinet Inc. All rights reserved. IT Security evolution How did threat market change over the recent years? Problem:

More information

Security A to Z the most important terms

Security A to Z the most important terms Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from

More information

Security from the Cloud

Security from the Cloud Security from the Cloud Remote Vulnerability Scanning Writer: Peter Technical Review: David Contact: info@hackertarget.com Published: April 2008 Summary: This white paper describes advantages of using

More information

McAfee Network Security Platform

McAfee Network Security Platform McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking

More information

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager 1 AGENDA Mobile Explosion Mobile Trends BYOD Benefits, Challenges and Threats BYOD Security BYOD Strategy

More information

Are you prepared to be next? Invensys Cyber Security

Are you prepared to be next? Invensys Cyber Security Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber

More information

September 20, 2013 Senior IT Examiner Gene Lilienthal

September 20, 2013 Senior IT Examiner Gene Lilienthal Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank

More information

Security Information & Event Management (SIEM)

Security Information & Event Management (SIEM) Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting

More information

Advanced Persistent Threats

Advanced Persistent Threats Advanced Persistent Threats Craig Harwood Channel Manager SADC and Indian Ocean Islands 1 Agenda Introduction Today s Threat landscape What is an Advance persistent Threat How are these crimes perpetrated

More information

Protecting the un-protectable Addressing Virtualisation Security Challenges

Protecting the un-protectable Addressing Virtualisation Security Challenges Protecting the un-protectable Addressing Virtualisation Security Challenges Paul Hogan, Technical Director, Ward Solutions November 11, 2010 Top Cloud Security Challenges Secure Virtualisation Need secure

More information

Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald

Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald Cloud and Security (Cloud hacked via Cloud) Lukas Grunwald About DN-Systems Global Consulting and Technology Services Planning Evaluation Auditing Operates own Security Lab Project Management Integral

More information

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA IT TRENDS AND FUTURE CONSIDERATIONS Paul Rainbow CPA, CISA, CIA, CISSP, CTGA AGENDA BYOD Cloud Computing PCI Fraud Internet Banking Questions The Mobile Explosion Mobile traffic data in 2011 was nearly

More information

Secure Your Mobile Workplace

Secure Your Mobile Workplace Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in

More information

Modular Network Security. Tyler Carter, McAfee Network Security

Modular Network Security. Tyler Carter, McAfee Network Security Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution

More information

BOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL

BOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL BOTNETS Douwe Leguit, Manager Knowledge Center GOVCERT.NL Agenda Bots: what is it What is its habitat How does it spread What are its habits Dutch cases Ongoing developments Visibility of malware vs malicious

More information

Cybersecurity: An Innovative Approach to Advanced Persistent Threats

Cybersecurity: An Innovative Approach to Advanced Persistent Threats Cybersecurity: An Innovative Approach to Advanced Persistent Threats SESSION ID: AST1-R01 Brent Conran Chief Security Officer McAfee This is who I am 2 This is what I do 3 Student B The Hack Pack I used

More information

Ensuring today s highly connected world is safe and secure

Ensuring today s highly connected world is safe and secure Ensuring today s highly connected world is safe and secure R Chandrashekhar President, NASSCOM 8 th March, 2016, Canberra Digital Space: Opportunities and Concerns Digitalization of society, businesses

More information

SPEAR-PHISHING ATTACKS

SPEAR-PHISHING ATTACKS SPEAR-PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM WHITE PAPER RECENTLY, THERE HAS BEEN A RAPID AND DRAMATIC SHIFT FROM BROAD SPAM ATTACKS TO TARGETED EMAIL-BASED-PHISHING CAMPAIGNS THAT

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

Security Analytics for Smart Grid

Security Analytics for Smart Grid Security Analytics for Smart Grid Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC robert.griffin@rsa.com blogs.rsa.com/author/griffin @RobtWesGriffin 1 No Shortage of Hard

More information

Next-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security

Next-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security Next-Generation Penetration Testing Benjamin Mossé, MD, Mossé Security About Me Managing Director of Mossé Security Creator of an Mossé Cyber Security Institute - in Melbourne +30,000 machines compromised

More information

SECTOR 2015 Malware Activity in Mobile Networks Kevin McNamee (Alcatel-Lucent)

SECTOR 2015 Malware Activity in Mobile Networks Kevin McNamee (Alcatel-Lucent) SECTOR 2015 Malware Activity in Mobile Networks Kevin McNamee (Alcatel-Lucent) Agenda How the data is collected Lies, Damn Lies and Statistics Windows PC Malware Android Malware Examples of malware Conclusion

More information

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to

More information

Surviving the Ever Changing Threat Landscape

Surviving the Ever Changing Threat Landscape Surviving the Ever Changing Threat Landscape Kevin Jordan Cyber Security Specialist Dell GLBA FFIEC NCUA PCI HIPAA NERC CIP FISMA 700+ Percentage of U.S. adults who Federal named online and banking state

More information

Keyword: Cloud computing, service model, deployment model, network layer security.

Keyword: Cloud computing, service model, deployment model, network layer security. Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging

More information

24/7 Visibility into Advanced Malware on Networks and Endpoints

24/7 Visibility into Advanced Malware on Networks and Endpoints WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction

More information

Fighting Advanced Threats

Fighting Advanced Threats Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.

More information

National Cyber Security Month 2015: Daily Security Awareness Tips

National Cyber Security Month 2015: Daily Security Awareness Tips National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

Introduction The Case Study Technical Background The Underground Economy The Economic Model Discussion

Introduction The Case Study Technical Background The Underground Economy The Economic Model Discussion Internet Security Seminar 2013 Introduction The Case Study Technical Background The Underground Economy The Economic Model Discussion An overview of the paper In-depth analysis of fake Antivirus companies

More information

The User is Evolving. July 12, 2011

The User is Evolving. July 12, 2011 McAfee Enterprise Mobility Management Securing Mobile Applications An overview for MEEC The User is Evolving 2 The User is Evolving 3 IT s Challenge with Mobile Devices Web 2.0, Apps 2.0, Mobility 2.0

More information

Endpoint Threat Detection without the Pain

Endpoint Threat Detection without the Pain WHITEPAPER Endpoint Threat Detection without the Pain Contents Motivated Adversaries, Too Many Alerts, Not Enough Actionable Information: Incident Response is Getting Harder... 1 A New Solution, with a

More information

Authenticating and policing the internet for consumer confidence and security

Authenticating and policing the internet for consumer confidence and security Authenticating and policing the internet for consumer confidence and security Secure On-Line ID Introduction Unique zero intervention at a glance solution Built on positive site validation Allows policing

More information

Protecting the Irreplacable. November 2013 Athens Ian Whiteside, F-Secure Ian.Whiteside@f-secure.com

Protecting the Irreplacable. November 2013 Athens Ian Whiteside, F-Secure Ian.Whiteside@f-secure.com Protecting the Irreplacable November Athens Ian Whiteside, F-Secure Ian.Whiteside@f-secure.com PC Sales continue to fall. Lack of innovation and no excitement Windows 8 doesn t seem to have excited the

More information

Spear Phishing Attacks Why They are Successful and How to Stop Them

Spear Phishing Attacks Why They are Successful and How to Stop Them White Paper Spear Phishing Attacks Why They are Successful and How to Stop Them Combating the Attack of Choice for Cybercriminals White Paper Contents Executive Summary 3 Introduction: The Rise of Spear

More information

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations

More information

Security strategies to stay off the Børsen front page

Security strategies to stay off the Børsen front page Security strategies to stay off the Børsen front page Steve Durkin, Channel Director for Europe, Q1 Labs, an IBM Company 1 2012 IBM Corporation Given the dynamic nature of the challenge, measuring the

More information

Integrated Protection for Systems. João Batista Joao_batista@mcafee.com Territory Manager

Integrated Protection for Systems. João Batista Joao_batista@mcafee.com Territory Manager Integrated Protection for Systems João Batista Joao_batista@mcafee.com Territory Manager 2 McAfee Overview Proven Expertise And what it means to you Proof of Expertise Impact of Expertise 1 17 100 300

More information

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal WHITE PAPER SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM Why Automated Analysis Tools are not Created Equal SECURITY REIMAGINED CONTENTS Executive Summary...3 Introduction: The Rise

More information

Security Threats on National Defense ICT based on IoT

Security Threats on National Defense ICT based on IoT , pp.94-98 http://dx.doi.org/10.14257/astl.205.97.16 Security Threats on National Defense ICT based on IoT Jin-Seok Yang 1, Ho-Jae Lee 1, Min-Woo Park 1 and Jung-ho Eom 2 1 Department of Computer Engineering,

More information

Bitdefender GravityZone Sales Presentation

Bitdefender GravityZone Sales Presentation 6 March 2014 Page 1 Bitdefender GravityZone Sales Presentation 1 Page 2 Bitdefender at a Glance The #1 Anti-Malware Security Technology in the world First security software vendor to receive top recommendations

More information

Agenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.

Agenda. 3 2012, Palo Alto Networks. Confidential and Proprietary. Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and

More information

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL

More information

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms Overview Common Internet Threats Tom Chothia Computer Security, Lecture 19 Phishing Sites Trojans, Worms, Viruses, Drive-bydownloads Net Fast Flux Domain Flux Infiltration of a Net Underground economy.

More information

How Attackers are Targeting Your Mobile Devices. Wade Williamson

How Attackers are Targeting Your Mobile Devices. Wade Williamson How Attackers are Targeting Your Mobile Devices Wade Williamson Today s Agenda Brief overview of mobile computing today Understanding the risks Analysis of recently discovered malware Protections and best

More information

Threat Intelligence. How to Implement Software-Defined Protection. Nir Naaman, CISSP Senior Security Architect

Threat Intelligence. How to Implement Software-Defined Protection. Nir Naaman, CISSP Senior Security Architect How to Implement Software-Defined Protection Nir Naaman, CISSP Senior Security Architect Threat Intelligence 1 The Spanish flu, 1918 killing at least 50-100 million people worldwide. 2 The H1N1 Pandemic,

More information

The thriving malware industry: Cybercrime made easy

The thriving malware industry: Cybercrime made easy IBM Software Thought Leadership White Paper The thriving malware industry: Cybercrime made easy Technology and processes from IBM Security help your organization combat malware- driven fraud and achieve

More information

Advanced Persistent Threats

Advanced Persistent Threats Emilio Tonelli Senior Sales Engineer South Europe WatchGuard Technologies, Inc. Advanced Persistent Threats the new security challenge Are you protected? Current Threat Landscape 2 Global Threat Landscape:

More information

The ForeScout Difference

The ForeScout Difference The ForeScout Difference Mobile Device Management (MDM) can help IT security managers secure mobile and the sensitive corporate data that is frequently stored on such. However, ForeScout delivers a complete

More information

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799 Cyber Security An Executive Imperative for Business Owners SSE Network Services www.ssenetwork.com 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799 Pretecht SM by SSE predicts and remedies

More information

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia Helmi Rais CERT-TCC Team Manager National Agency for Computer Security, Tunisia helmi.rais@ansi.tn helmi.rais@gmail.com Framework

More information

What keep the CIO up at Night Managing Security Nightmares

What keep the CIO up at Night Managing Security Nightmares What keep the CIO up at Night Managing Security Nightmares Tajul Muhammad Taha and Law SC Copyright 2011 Trend Micro Inc. What is CIOs real NIGHTMARES? Security Threats Advance Persistence Threats (APT)

More information

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention symantec.com One of the interesting things we ve found is that a lot of the activity you d expect to be malicious

More information

CSM-ACE 2014 Cyber Threat Intelligence Driven Environments

CSM-ACE 2014 Cyber Threat Intelligence Driven Environments CSM-ACE 2014 Cyber Threat Intelligence Driven Environments Presented by James Calder Client Services Manager, Singapore 1 CONTENTS Digital criminality Intelligence-led security Shylock case study Making

More information

Cyber Security and Critical Information Infrastructure

Cyber Security and Critical Information Infrastructure Cyber Security and Critical Information Infrastructure Dr. Gulshan Rai Director General Indian Computer Emergency Response Team (CERT- In) grai [at] cert-in.org.in The Complexity of Today s Network Changes

More information

The Truth About Enterprise Mobile Security Products

The Truth About Enterprise Mobile Security Products The Truth About Enterprise Mobile Security Products Presented by Jack Madden at TechTarget Information Security Decisions 2013 Welcome to my enterprise mobile security product session! Instead of printing

More information

Cyber liability threats, trends and pointers for the future

Cyber liability threats, trends and pointers for the future Cyber liability threats, trends and pointers for the future Tim Smith Partner, BLM t: 020 7865 3313 e: tim.smith@blm-law.com February 2013 Cyber liability threats, trends and pointers for the future The

More information

Analyzing HTTP/HTTPS Traffic Logs

Analyzing HTTP/HTTPS Traffic Logs Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that

More information

How Data-Centric Protection Increases Security in Cloud Computing and Virtualization

How Data-Centric Protection Increases Security in Cloud Computing and Virtualization How Data-Centric Protection Increases Security in Cloud Computing and Virtualization Executive Overview Cloud services and virtualization are driving significant shifts in IT spending and deployments.

More information

Introduction to Computer Networking: Trends and Issues

Introduction to Computer Networking: Trends and Issues Introduction to Computer Networking: Trends and Issues Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Indo-US Collaboration in Engineering Education (IUCEE) Webinar,

More information

Next Generation Security Strategies. Marc Sarrias Regional Sales Manager msarrias@paloaltonetworks.com

Next Generation Security Strategies. Marc Sarrias Regional Sales Manager msarrias@paloaltonetworks.com Next Generation Security Strategies Marc Sarrias Regional Sales Manager msarrias@paloaltonetworks.com IT Ever-Evolving Challenges & Constraints Support IT Initiatives Minimize Business Risks from Cybersecurity

More information

G Data Mobile MalwareReport. Half-Year Report July December 2013. G Data SecurityLabs

G Data Mobile MalwareReport. Half-Year Report July December 2013. G Data SecurityLabs G Data Mobile MalwareReport Half-Year Report July December 2013 G Data SecurityLabs Contents At a glance... 2 Android malware: share of PUPs increasing significantly... 3 Android.Application consists of

More information

Trust the Innovator to Simplify Cloud Security

Trust the Innovator to Simplify Cloud Security Trust the Innovator to Simplify Cloud Security Contents MailGuard Pty Ltd Page 1 of 7 2 Let s get real for a moment. Your antivirus software isn t stopping fastbreak phishing and other spam attacks like

More information

Mobile Malware Network View. Kevin McNamee : Alcatel-Lucent

Mobile Malware Network View. Kevin McNamee : Alcatel-Lucent Mobile Malware Network View Kevin McNamee : Alcatel-Lucent Agenda Introduction How the data is collected Lies, Damn Lies and Statistics Windows PC Malware Android Malware Network Impact Examples of malware

More information

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! I D C T E C H N O L O G Y S P O T L I G H T S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! December 2014 Adapted from Worldwide Endpoint Security 2013 2017 Forecast and 2012 Vendor Shares by

More information

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4) Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware

More information

Combating a new generation of cybercriminal with in-depth security monitoring

Combating a new generation of cybercriminal with in-depth security monitoring Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.

More information

An New Approach to Security. Chris Ellis McAfee Senior System Engineer Chris_Ellis@McAfee.com

An New Approach to Security. Chris Ellis McAfee Senior System Engineer Chris_Ellis@McAfee.com An New Approach to Security Chris Ellis McAfee Senior System Engineer Chris_Ellis@McAfee.com Advanced Targeted Attack Challenges Criminal Theft Sabotage Espionage After the Fact Expensive Public Uncertainty

More information

Unknown threats in Sweden. Study publication August 27, 2014

Unknown threats in Sweden. Study publication August 27, 2014 Unknown threats in Sweden Study publication August 27, 2014 Executive summary To many international organisations today, cyber attacks are no longer a matter of if but when. Recent cyber breaches at large

More information

Gregg Gerber. Strategic Engagement, Emerging Markets

Gregg Gerber. Strategic Engagement, Emerging Markets Government of Mauritius Gregg Gerber Strategic Engagement, Emerging Markets 2 (Advanced) Persistent Targeted attacks 2010 2011 2012 Time 1986-1991 Era of Discovery 1992-1998 Era of Transition 1999-2005

More information

Mobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall

Mobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall Mobile security and your EMR Presented by: Shawn Tester & Allen Cornwall Date: October 14, 2011 Overview General Security Challenges & best practices Mobile EMR interfaces - EMR Access - Today & Future

More information

Beyond the Hype: Advanced Persistent Threats

Beyond the Hype: Advanced Persistent Threats Advanced Persistent Threats and Real-Time Threat Management The Essentials Series Beyond the Hype: Advanced Persistent Threats sponsored by Dan Sullivan Introduction to Realtime Publishers by Don Jones,

More information

Practical Steps To Securing Process Control Networks

Practical Steps To Securing Process Control Networks Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.

More information

ForeScout MDM Enterprise

ForeScout MDM Enterprise Highlights Features Automated real-time detection of mobile Seamless enrollment & installation of MDM agents on unmanaged Policy-based blocking of unauthorized Identify corporate vs. personal Identify

More information

應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊

應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊 應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊 HP Enterprise Security 林 傳 凱 (C. K. Lin) Senior Channel PreSales, North Asia HP ArcSight, Enterprise Security 1 Rise Of The Cyber Threat Enterprises and Governments are experiencing

More information

Cisco & Big Data Security

Cisco & Big Data Security Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that

More information

Politics of Security Webcast Summary Cyber Threat News and APT Defenses

Politics of Security Webcast Summary Cyber Threat News and APT Defenses Politics of Security Webcast Summary Cyber Threat News and APT Defenses Introduction Stories about cyber espionage and Advanced Persistent Threats (APTs) are part of the mainstream news cycle. Concerns

More information

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013 Integrated Approach to Network Security Lee Klarich Senior Vice President, Product Management March 2013 Real data from actual networks 2 2012, Palo Alto Networks. Confidential and Proprietary. 2008: HTTP,

More information

Global IT Security Risks

Global IT Security Risks Global IT Security Risks June 17, 2011 Kaspersky Lab leverages the leading expertise in IT security risks, malware and vulnerabilities to protect its customers in the best possible way. To ensure the most

More information