Cyber liability threats, trends and pointers for the future

Size: px
Start display at page:

Download "Cyber liability threats, trends and pointers for the future"

Transcription

1 Cyber liability threats, trends and pointers for the future Tim Smith Partner, BLM t: e: February 2013

2 Cyber liability threats, trends and pointers for the future The European Network and Information Security Agency (ENISA) has recently reviewed the security threat Landscape. ENISA had identified the current top threats as follows: Drive-by exploits. This refers to the injection of malicious code in HTML coded websites which exploits vulnerabilities in user web browsers (also known as drive-by download attacks ). These attacks target software residing in internet users computers (such as web browsers, browser plug-ins and operating systems) and infects them automatically when visiting a drive-by download website, without any user interaction. ENISA had identified these as the top web threat, with attackers moving into targeting browser plugs-ins such as Java, Adobe Reader and Adobe Flash. The attacks are almost exclusively launched through compromised legitimate websites which are used by attackers to host malicious links and malicious codes. The first drive-by download for Android was identified in May 2012, demonstrating that drive-by download attacks are a mobile threat as well. This threat is regarded as being an increasing one. Worms/trojans. Worms and malicious programmes have the ability to replicate and redistribute themselves by exploiting the vulnerabilities of their target systems. Trojans (trojan horses) are malicious programmes that are injected into users systems and can let in other programmes (remote access trojans) or steal user data and credentials. ENISA has identified data theft trojans as being widely used by cyber criminals. Trojans are the most reported type of malicious code. Social networks have been identified as an appealing distribution channel for those preparing malware. Again, this is regarded as an increasing threat. The Downadup worm which emerged in early 2008 caused one of the largest epidemics of all time and managed to infect more than 12 million computers in less than 12 hours. Social networks present a vehicle for malware authors to distribute their programmes in ways that are not easily blocked. The Koobface worm infiltrated Facebook, MySpace and other social networking sites. More than three years after its initial release the Conficker worm is still the most commonly encountered piece of malicious software. The Android marketplace has been targeted by cyber criminals luring users into installing trojans disguised as legitimate apps. This has also happened to Apples App Store and, to a lesser extent, Google s Play Store. Code injection attacks. These consist of attacks against web applications with the aim of extracting data or stealing credentials or taking control of the targeted web server. These are popular among hacktivist groups such as Anonymous. Again this is regarded as a threat that is increasing. The ENISA Report indicates that the hacktivist groups, Anonymous and Lulzsec, had a major presence in SQL injection tactics early in 2011 and will continue to hone their skills with new injection attack methods (according to an IBM Mid Year Trend and Risk Report for 2012). Trustwave ranked SQL injection as the number one web application risk. Cyber liability - threats, trends and pointers for the future 1

3 Exploit kits. Exploit kits are ready to use software packages that automate cyber crimes. They mostly use drive-by download attacks (where malicious crypt code is injected into compromised websites). ENISA has identified Malware as a service (MAAS) as a new and emerging criminal business model. Cyber crime has clearly become more professional and commercial through this kind of threat which is viewed as increasing. According to an AVG Community Powered Threat Report from the first quarter of 2012 Blackhole is a sophisticated and powerful exploit kit, mainly due to its polymorphic nature and the fact that it is heavily disguised to evade detection by anti-malware solutions. AVG reported that Blackhole had a 63% malware market share and its consequences included social networks being overwhelmed by malicious advertising for uncompromised ad servers and normal graphics images containing malicious script. It was predicted that new versions of Blackhole would result in an upsurge in larger scale attacks. The attraction for cyber criminals is that Blackhole can be used to make money through credit card and banking frauds and by installing rogue security products or through Ransomware and other payloads. Botnets. A botnet is a group of compromised computers under the control of an attacker. The compromised system communicates with the person controlling it who can use it, for example in spamming, identity theft or infecting other systems or for the distribution of malware. ENISA has noted that botnets are increasingly used as a commodity with interested parties able to rent botnets in order to achieve their purposes. ENISA has also noted that malware authors appear interested in turning android mobile phones into bots/zombies. Again, this regarded as an increasing threat. The report (looking at an IBM Trend and Risk Report in 2011) noted that spam was declining, the view being that this was the result of several botnet take-downs. It was felt (according to a report by the Italian Information Security Association in 2012) that mobile systems would constitute an escalating proportion of botnets as they had valuable processing power and bandwidth and most of them were not provided with effective antimalware protections. Users often tampered with them to unlock some advanced functions, which often made them even more vulnerable. The Kaspersky Lab reported that those controlling botnets were targeting the mobile and Mac sectors. It noted that few users appear to realise that their smartphones were fully functional computers which contained valuable data that might be of interest to cyber criminals. Denial of service. A denial of service attack is an attempt by multiple attackers to make a service unavailable to its users. The multiple attackers use simultaneous attacks with as much intensity as possible (usually through compromised computer systems/botnets) in order to make the attack difficult to defend. ENISA expects future attacks to abandon a simple flood based approach and to increase in sophistication and the number of applications they target. Although this is regarded as a stable area of threat there was a significant increase in the prevalence of very substantial denial of service attacks. Cyber liability - threats, trends and pointers for the future 2

4 Phishing. Phishing is the combined use of fraudulent s and legitimate looking websites by cyber criminals in order to gain user credentials. Whilst financial institutions account for most active phishing sites, payment services, social networking, ISP, non profit organisations, parcel services and government websites are also among those most commonly utilised. ENISA reported that the up times of phishing sites dropped to a record low in the first half of It regards the current trend as being stable. From 2010 to 2012 the scam/phishing volume went up nearly 400% according to an IBM Mid Year Trend Report in Financial institutions were once again the most targeted businesses. Generally speaking either the phishing itself would contain a malicious attachment or the attachment would contain a URL that led to malware. One of the most widely used attacks was to forward website addresses via SMS messages on a smartphone. According to IBM in 2012 the volume of spam and the volume of scam behaved contrarily. Compromising confidential information. This refers to data breaches that occur via intentional or unintentional information disclosure by external or internal threats. Data breaches are usually achieved through some form of hacking, malware, physical attacks, social engineering attacks and misuse of privileges. ENISA categorised 2011 as the year of the security breach. The number of data breaches detected at healthcare organisations has increased. The adoption of electronic health record systems storing personally identifiable information has attracted the attention of cyber criminals. Data breaches have become more targeted. Negligent insiders and external malicious attacks are the main causes of data breaches. More than nine out of ten breaches would have been prevented if organisations had followed data protection and information security best practices. Web application vulnerabilities are key to many data breaches. Enterprises that suffer data breaches not only lose money but also reputation and customers. ENISA regards this trend as increasing. According to a FireEye Report for the first half of 2012, between January 2012 and June 2012 the number of events detected at healthcare organisations almost doubled. As healthcare organisations moved towards the adoption of electronic health record systems and began to digitally store and manage personally identifiable information, these sensitive assets were coming under increasing attack by cyber criminals. Hackers are responsible for 40% of breaches. According to Symantec (in an Intelligence Report dated August 2012), in the last eight months of 2011 the average number of identities stolen was 1,311,629 per data breach. In 2012 this went down to 640,169. Bitdefender reported that in the first half of 2012 popular web services such as Last. FM, LinkedIn and Yahoo Voice were compromised and had their user database stolen and shared online. In some instances the database leaks were followed by phishing attempts sent to victims. A Data Breach Investigation Report analysing 855 security incidents in 2011 exposing 174 million records showed that 63% could have been prevented with measures categorised as simple and cheap. Another 31% could have been prevented with measures deemed intermediate. In effect nine out of ten breaches would have been thwarted if organisations had followed best practice (Verizon 2012 Data Breach Investigations Report). According to Verizon hacktivism surpassed organised crime in the amount of data stolen. The Ponemon Institute reported that 96% of all healthcare organisations surveyed had experienced at least one data breach in the previous two years. Trustwave reported Cyber liability - threats, trends and pointers for the future 3

5 that the majority of their analysis revealed that the third party responsible for system support, development and/or maintenance introduced the security deficiencies exploited by attackers. Rogueware/scareware. Rogueware deliberately imitates the graphical user interface and branding of established legitimate antivirus or anti Spyware programmes (in some cases even copying the designs or logos). The most typical scenario for Rogueware infections starts with the user being shown a fake system scam warning. Sophos reported that fake antivirus was still a big problem. Whilst there had been little technical change in the products there had been changes in their distribution methods (eg, via search engines, spam and drive-by downloads). Scareware is rogue security software which tries to infect computers by providing false security alerts. ENISA reports that whilst fake security software is still a big problem the threat has fallen off as a result of increased user awareness as well as more effective international cooperation. As a result it regards the current trend as being stable. Spam. Spam is the use of technology to flood mailboxes with unsolicited messages. ENISA reported that spam activity was significantly lower in 2011 due to coordinated activities at national and international level and that this trend continued in Spam content mostly included fake medication, sex/dating content, compulsive gambling and participation in criminal activities and malware. It is regarded by ENISA as a decreasing threat. Pharma spam had fallen out of favour as a result of law enforcement activities and botnet shutdowns (according to Sysco s 2011 Annual Security Report). However, whilst the volume of spam had reduced it was increasingly targeted and accordingly the risk potential remained high. IBM reported in their Trend and Risk Report in 2011 that spam was taking advantage of topical news or other hot topics by promising more details when a link was clicked resulting in the users machine being infected. Targeted attacks. A targeted attack consists of an information gathering phase and the use of advance techniques to achieve the attacker s goal. During the first half of 2012 an increase of target attacks was reported. More and more targeted attacks against small companies have been registered. One of the major events during 2012 was the detection of the Flamer Malware, a powerful cyber weapon similar to Stuxnet and Duqu. Flamer was designed for perpetrating targeted attacks and it is estimated that its the development could have taken more than 10 years of work. These types of attacks are regarded as increasing. There was an increased prevalence of limited use domains in spear phishing attacks. With spear phishing the average theft per victim could be forty times that of a mass attack (according to a Cisco report). More than 36% of all targeted attacks were aimed at small companies (double that at the end of 2011) according to Symantec in a June 2012 Report. Most of the Advanced Persistent Threat (APT) launched in recent times had attempted to insert a backdoor into a corporate network via , instant messages or SNS. Many APT attacks were made by using files with vulnerabilities attached to s. Such s regularly contained a social issue or an interesting topic in the message to persuade the user to open the attachment. In relation to the Flame virus which was particularly used for information gathering and espionage in the Middle East a striking feature was that it could Cyber liability - threats, trends and pointers for the future 4

6 steal data in multiple ways (even by turning on victims microphones to record conversations). Flame had managed to evade antivirus detection for five years. Physical theft/loss/damage. The ENISA Report found that due to the popularity of mobile computing the probability of data loss (potentially of sensitive data) and device theft is increasing. An increasing number of corporations are encouraging people to bring their own device to work and this had had an impact on corporations since in the case of theft or loss of mobile devices, potentially sensitive corporate data will be disclosed. The loss or theft of mobile devices and equipment by staff is a major threat for organisations. Corporations having experienced a data breach reported that one of the top three causes was physical theft of devices containing sensitive data. Lack of encryption on mobile devices is an issue that needs to be addressed. ENISA consider this type of attack to be increasing. In a survey by Kaspersky Lab 10% of respondents said they had experienced critical information leaks due to the loss or theft of a mobile device. Identify theft. Identity theft is an attack that occurs when an adversary steals user credentials and uses them to achieve malicious goals, generally related to financial fraud. The ENISA Report states that cyber criminals have a very professional approach towards exploiting home banking. There has been an increase in advanced trojan malware designed for identify theft and identity fraud. This is regarded as an increasing threat. Zeus and SpyEye and other banking trojans specialise in stealing online banking credentials. The Zeus Banking Trojan had become an open source crime kit. A VeriSign Report on Cyber Threats and Trends in 2012 predicted that the release of the Zeus source code was going to have a dramatic impact on the production of new and dangerous banking trojans. Other reports noted that in the first half of 2012 attack schemes had become increasing professional. A new SpyEye variant was able to activate the victims webcam and use the video stream for its purposes. Abuse of information/leakage. This relates to the deliberate revealing of information, making it available to an unauthorised party. The report states that user data tracking and GPS location data can be leaked and misused in order to breach privacy on mobile platforms. Aggressive advertising networks on mobile applications have access to mobile user data without notifying the user. This is regarded as an increasing threat. The Cloud Security Alliance reported that data leakage through poorly written third party Apps was one of the top mobile threats. Search engine poisoning. This exploits the trust between internet users and search engines. Attackers deliver bait for searches to particular topics with users searching for such items being diverted to malicious content. This is regarded as being a stable threat. Cyber liability - threats, trends and pointers for the future 5

7 After social networks, search engines are the primary means used by attackers to lure users to malicious sites. Rogue certificates. Attackers steal, produce and circulate rogue certificates to evade detection. This is regarded as an increasing threat. ENISA conclusions The emerging areas are: a b c d e f Mobile computing with increased use of mobile services such as social networking business applications and data and use of cloud services. Social technology and use of social media is one of the main activities performed by private users. Social networking is playing an increasingly significant role in business. Critical infrastructures. Trust infrastructure. Cloud computing. Big data 1 Mobile computing The ENISA Report states that there has been an almost exponential increase in threats predicted. It is thought that mobile devices will take over the role PCs previously performed. The increase in threat is due to the nature of mobile systems and devices. All communication takes place over poorly secured (GSM) or unsecured channels (Wi-fi). The software using such systems, both operating system and applications, are of a rather moderate maturity level. In addition, the mobility of devices makes them vulnerable to theft and loss. As a result of increasing processing power and bandwidth, mobile devices will be targets for attacks that were traditionally aimed at PCs (eg, botnets and phishing). The top threats are thought to be drive-by exploits, worms/trojans, exploit kits, physical theft/loss/damage and the compromising of confidential information. It is thought that there will be an increase in proximity based hacking (for example based on wireless communication). In addition, the increasing use of mobile platforms for financial transactions, such as payments and banking, will make attacks on these platforms more attractive to cyber criminals. The report states that advancements in App Store security need to be introduced to improve security. 2 Social technology The main entry points to social networks are via mobile devices. In addition, social networks have low to medium maturity of security control. Combined with possible security gaps at entry points and the low security awareness of end users social networks are therefore regarded as offering a relatively large surface for any type of attack on privacy, data theft, identity theft and misuse. The report identifies the top emerging threats as worms/trojans, abuse of information, physical theft/loss/damage, phishing attacks and spam. 3 Threat trends in critical infrastructures These structures are complex systems which are important for individuals and national security. ENISA has identified the emerging threats as drive-by exploits, worms/trojans, code injection, exploit kits and denial of service. ENISA notes that attack methods and tools have reached the maturity that could be used for cyber warfare. Cyber liability - threats, trends and pointers for the future 6

8 4 Threat trends in trust infrastructure Trust infrastructure refers to information systems that provide strong authentication and aim to establish trust and create secure connections between two end points. They are usually based on strong encryption technology and key management. They are extremely important for information security. The emerging threats have been identified as denial of service, rogue certificates, compromising confidential information, targeting attacks and physical theft/loss/damage. ENISA says that the security of trust infrastructures will need to be taken more seriously in the future. It recommends permanent security monitoring. It has stated that providers of App Stores will need to pay special attention to the implementation of trust and security functions in order to avoid serious impact on user trust. ENISA has stated that operators of trust infrastructures need to undergo much more extensive, intensive and frequent security testing than any other infrastructure. 5 Threat trends in cloud computing Cloud computing is the commission and delivery of various infrastructure services based on a virtualised environment that is accessible over a web browser. The concentration of vast amounts of data in a few locations means that cloud computing presents an attractive target for attackers. The top emerging threats have been identified as code injection, worm/trojans, driveby exploits, abuse of information and compromising confidential information. The ENISA Report states that the risk to the cloud environment emanating from the increased use of mobile devices will grow. 6 Threat trends in big data Big Data is a reference to large volumes of a wide variety of data collected from various sources across an enterprise. The top emerging threats are drive-by exploits, worms/trojans, exploit kits, phishing attacks and compromising confidential information. The ENISA Report considers that risk management will converge with corporate governance and will better interfaced with business objectives, detection of possible attacks and operational security data. The ENISA Report conclusions The report concludes that it is important to: collect and develop better evidence about attack types collect and develop better evidence about the impact achieved by those carrying out attacks. collect and maintain more qualitative information about threats. collect security intelligence. perform a shift in security controls. Tim Smith Partner Berrymans Lace Mawer LLP 2013 Disclaimer This document does not present a complete or comprehensive statement of the law, nor does it constitute legal advice. It is intended only to highlight issues that may be of interest to clients of Berrymans Lace Mawer. Specialist legal advice should always be sought in any particular case. Information is correct at the time of release. Cyber liability - threats, trends and pointers for the future 7

INDUSTRY OVERVIEW: FINANCIAL

INDUSTRY OVERVIEW: FINANCIAL ii IBM MSS INDUSTRY OVERVIEW: FINANCIAL RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: NOVEMBER 5, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW... 1 MAJOR FINANCIAL

More information

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference

More information

WEB ATTACKS AND COUNTERMEASURES

WEB ATTACKS AND COUNTERMEASURES WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in

More information

Perception and knowledge of IT threats: the consumer s point of view

Perception and knowledge of IT threats: the consumer s point of view Perception and knowledge of IT threats: the consumer s point of view It s hard to imagine life without digital devices, be it a large desktop computer or a smartphone. Modern users are storing some of

More information

ENISA s Study on the Evolving Threat Landscape. European Network and Information Security Agency

ENISA s Study on the Evolving Threat Landscape. European Network and Information Security Agency ENISA s Study on the Evolving Threat Landscape European Network and Information Security Agency Agenda Introduction to ENISA Preliminary remarks The ENISA report Major findings Conclusions 2 ENISA The

More information

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015 Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders

More information

Commissioned Study. SURVEY: Web Threats Expose Businesses to Data Loss

Commissioned Study. SURVEY: Web Threats Expose Businesses to Data Loss Commissioned Study SURVEY: Web Threats Expose Businesses to Data Loss Introduction Web-borne attacks are on the rise as cybercriminals and others who do harm to computer systems for profit or malice prey

More information

Managing Web Security in an Increasingly Challenging Threat Landscape

Managing Web Security in an Increasingly Challenging Threat Landscape Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.

More information

INDUSTRY OVERVIEW: HEALTHCARE

INDUSTRY OVERVIEW: HEALTHCARE ii IBM MSS INDUSTRY OVERVIEW: HEALTHCARE RESEARCH AND INTELLIGENCE REPORT RELEASE DATE: OCTOBER 7, 2014 BY: JOHN KUHN, SENIOR THREAT RESEARCHER iii TABLE OF CONTENTS EXECUTIVE OVERVIEW/KEY FINDINGS...

More information

Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS

Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS A Primer TROUBLE IN YOUR INBOX 5 FACTS EVERY SMALL BUSINESS SHOULD KNOW ABOUT EMAIL-BASED THREATS Even with today s breakthroughs in online communication, email is still one of the main ways that most

More information

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private

More information

Almost 400 million people 1 fall victim to cybercrime every year.

Almost 400 million people 1 fall victim to cybercrime every year. 400,000000 Almost 400 million people 1 fall victim to cybercrime every year. A common way for criminals to attack people is via websites, unfortunately this includes legitimate sites that have been hacked

More information

Don t Fall Victim to Cybercrime:

Don t Fall Victim to Cybercrime: Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security

More information

10 Smart Ideas for. Keeping Data Safe. From Hackers

10 Smart Ideas for. Keeping Data Safe. From Hackers 0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000

More information

Christos Douligeris cdoulig at unipi dot gr. Department of Informatics University of Piraeus

Christos Douligeris cdoulig at unipi dot gr. Department of Informatics University of Piraeus cdoulig at unipi dot gr Department of Informatics University of Piraeus Safety & Security in Cyber Space: Building up Trust in the EU Athens, 6-7 March 2014 Cybersecurity: where do we stand? Major Trends

More information

State of the Phish 2015

State of the Phish 2015 Introduction The threat is real Phishing continues to pose a growing threat to the security of industries of every kind from financial organizations to government contractors to healthcare firms. Though

More information

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

PROTECT YOUR COMPUTER AND YOUR PRIVACY! PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That

More information

Global IT Security Risks

Global IT Security Risks Global IT Security Risks June 17, 2011 Kaspersky Lab leverages the leading expertise in IT security risks, malware and vulnerabilities to protect its customers in the best possible way. To ensure the most

More information

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015 Cybersecurity: A Growing Concern for All Businesses RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015 RLI Design Professionals is a Registered Provider with The American

More information

Secure Your Mobile Workplace

Secure Your Mobile Workplace Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in

More information

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123 Cybersecurity: A Growing Concern for Small Businesses Copyright Materials This presentation is protected by US and International Copyright

More information

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA IT TRENDS AND FUTURE CONSIDERATIONS Paul Rainbow CPA, CISA, CIA, CISSP, CTGA AGENDA BYOD Cloud Computing PCI Fraud Internet Banking Questions The Mobile Explosion Mobile traffic data in 2011 was nearly

More information

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes

More information

Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa

Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa SECURING THE DIGITAL DIVIDE: COMBATING CYBERCRIME Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa INTRODUCTION q Given modern

More information

Malware & Botnets. Botnets

Malware & Botnets. Botnets - 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online

More information

2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security

2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security 2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.

More information

Surviving and operating services despite highly skilled and well-funded organised crime groups. Romain Wartel, CERN CHEP 2015, Okinawa

Surviving and operating services despite highly skilled and well-funded organised crime groups. Romain Wartel, CERN CHEP 2015, Okinawa Surviving and operating services despite highly skilled and well-funded organised crime groups Romain Wartel, CERN CHEP 2015, Okinawa 1 Operation Windigo (2011 - now) 30,000+ unique servers compromised

More information

Network Security and the Small Business

Network Security and the Small Business Network Security and the Small Business Why network security is important for a small business Many small businesses think that they are less likely targets for security attacks as compared to large enterprises,

More information

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks White paper Phishing, Vishing and Smishing: Old Threats Present New Risks How much do you really know about phishing, vishing and smishing? Phishing, vishing, and smishing are not new threats. They have

More information

Cyber Security Current Trends & Emerging Threats

Cyber Security Current Trends & Emerging Threats Cyber Security Current Trends & Emerging Threats Michael Saylor Executive Director Cyber Defense Labs Page 1 Michael Saylor, CISM, CISA Michael (Mike) possesses over 19 years of experience with both domestic

More information

INFOCOMM SEC RITY. is INCOMPLETE WITHOUT. Be aware, responsible. secure!

INFOCOMM SEC RITY. is INCOMPLETE WITHOUT. Be aware, responsible. secure! INFOCOMM SEC RITY is INCOMPLETE WITHOUT Be aware, responsible secure! U HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD FASTEN UP!

More information

Kaspersky Fraud Prevention platform: a comprehensive solution for secure payment processing

Kaspersky Fraud Prevention platform: a comprehensive solution for secure payment processing Kaspersky Fraud Prevention platform: a comprehensive solution for secure Today s bank customers can perform most of their financial operations online. According to a global survey of Internet users conducted

More information

Using big data analytics to identify malicious content: a case study on spam emails

Using big data analytics to identify malicious content: a case study on spam emails Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime

More information

NEW ZEALAND S CYBER SECURITY STRATEGY

NEW ZEALAND S CYBER SECURITY STRATEGY Appendix 1 NEW ZEALAND S CYBER SECURITY STRATEGY June 2011 New Zealand Government 7 June 2011 ISBN: 978-0-478-38200-6 www.med.govt.nz/cyberstrategy MED11 Foreword from the Minister The Internet and digital

More information

National Cyber Security Month 2015: Daily Security Awareness Tips

National Cyber Security Month 2015: Daily Security Awareness Tips National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.

More information

Global IT Security Risks: 2012

Global IT Security Risks: 2012 Global IT Security Risks: 2012 Kaspersky Lab is a leading developer of secure content and threat management solutions and was recently named a Leader in the Gartner Magic Quadrant for Endpoint Protection

More information

Top tips for improved network security

Top tips for improved network security Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a

More information

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global

More information

Security A to Z the most important terms

Security A to Z the most important terms Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from

More information

2012 Bit9 Cyber Security Research Report

2012 Bit9 Cyber Security Research Report 2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by

More information

STOP Cybercriminals and. security attacks ControlNow TM Whitepaper

STOP Cybercriminals and. security attacks ControlNow TM Whitepaper STOP Cybercriminals and security attacks ControlNow TM Whitepaper Table of Contents Introduction 3 What the headlines don t tell you 4 The malware (r)evolution 5 Spear phishing scams 5 Poisoned searches

More information

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime sponsored by Introduction

More information

SPEAR-PHISHING ATTACKS

SPEAR-PHISHING ATTACKS SPEAR-PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM WHITE PAPER RECENTLY, THERE HAS BEEN A RAPID AND DRAMATIC SHIFT FROM BROAD SPAM ATTACKS TO TARGETED EMAIL-BASED-PHISHING CAMPAIGNS THAT

More information

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats

More information

3 Email Marketing Security Risks. How to combat the threats to the security of your Email Marketing Database

3 Email Marketing Security Risks. How to combat the threats to the security of your Email Marketing Database 3 Email Marketing Security Risks How to combat the threats to the security of your Email Marketing Database Email Marketing Guide June 2013 Security Threats PROTECTING YOUR EMAIL DATABASE FROM HACKERS

More information

The Key to Secure Online Financial Transactions

The Key to Secure Online Financial Transactions Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on

More information

white paper Malware Security and the Bottom Line

white paper Malware Security and the Bottom Line Malware Security Report: Protecting Your BusineSS, Customers, and the Bottom Line Contents 1 Malware is crawling onto web sites everywhere 1 What is Malware? 2 The anatomy of Malware attacks 3 The Malware

More information

I ve been breached! Now what?

I ve been breached! Now what? I ve been breached! Now what? THE AFTERMATH OF A BREACH & STEPS TO REDUCE RISK The number of data breaches in the United States in 2014 hit a record high. And 2015 is not looking any better. There have

More information

Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue

Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437 Specialist Security Training Catalogue Did you know that the faster you detect a security breach, the lesser the impact to the organisation?

More information

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent

More information

Defending Against. Phishing Attacks

Defending Against. Phishing Attacks Defending Against Today s Targeted Phishing Attacks DeFending Against today s targeted phishing attacks 2 Introduction Is this email a phish or is it legitimate? That s the question that employees and

More information

Unknown threats in Sweden. Study publication August 27, 2014

Unknown threats in Sweden. Study publication August 27, 2014 Unknown threats in Sweden Study publication August 27, 2014 Executive summary To many international organisations today, cyber attacks are no longer a matter of if but when. Recent cyber breaches at large

More information

BE SAFE ONLINE: Lesson Plan

BE SAFE ONLINE: Lesson Plan BE SAFE ONLINE: Lesson Plan Overview Danger lurks online. Web access, social media, computers, tablets and smart phones expose users to the possibility of fraud and identity theft. Learn the steps to take

More information

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12 Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,

More information

Global Corporate IT Security Risks: 2013

Global Corporate IT Security Risks: 2013 Global Corporate IT Security Risks: 2013 May 2013 For Kaspersky Lab, the world s largest private developer of advanced security solutions for home users and corporate IT infrastructures, meeting the needs

More information

Evolution of attacks and Intrusion Detection

Evolution of attacks and Intrusion Detection Evolution of attacks and Intrusion Detection AFSecurity seminar 11 April 2012 By: Stian Jahr Agenda Introductions What is IDS What is IDS in mnemoic How attacks have changed by time and how has it changed

More information

Indian Computer Emergency Response Team (CERT-In) Annual Report (2010)

Indian Computer Emergency Response Team (CERT-In) Annual Report (2010) Indian Computer Emergency Response Team (CERT-In) Annual Report (2010) Indian Computer Emergency Response Team (CERT-In) Department of Information Technology Ministry of Communications & Information Technology

More information

Information Security. CS526 Topic 1

Information Security. CS526 Topic 1 Information Security CS 526 Topic 1 Overview of the Course 1 Today s Security News Today: 220 million records stolen, 16 arrested in massive South Korean data breach A number of online gaming & movie ticket

More information

Knowing Your Enemy How Your Business is Attacked. Andrew Rogoyski June 2014

Knowing Your Enemy How Your Business is Attacked. Andrew Rogoyski June 2014 Knowing Your Enemy How Your Business is Attacked Andrew Rogoyski June 2014 Why Cyber is the New Security 1986: Lawrence Berkeley NL discovers attempt to copy US Government Information on Arpanet 1988:

More information

Malware B-Z: Inside the Threat From Blackhole to ZeroAccess

Malware B-Z: Inside the Threat From Blackhole to ZeroAccess Malware B-Z: Inside the Threat From Blackhole to ZeroAccess By Richard Wang, Manager, SophosLabs U.S. Over the last few years the volume of malware has grown dramatically, thanks mostly to automation and

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

More information

Hot Topics in IT Security PREP#28 May 1, 2014. David Woska, Ph.D. OCIO Security

Hot Topics in IT Security PREP#28 May 1, 2014. David Woska, Ph.D. OCIO Security Hot Topics in IT Security PREP#28 May 1, 2014 David Woska, Ph.D. OCIO Security CME Disclosure Statement The North Shore LIJ Health System adheres to the ACCME s new Standards for Commercial Support. Any

More information

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination

More information

Detailed Description about course module wise:

Detailed Description about course module wise: Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference

More information

Small businesses: What you need to know about cyber security

Small businesses: What you need to know about cyber security Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...

More information

Cybercrime: risks, penalties and prevention

Cybercrime: risks, penalties and prevention Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,

More information

Advanced Persistent Threats

Advanced Persistent Threats Advanced Persistent Threats Craig Harwood Channel Manager SADC and Indian Ocean Islands 1 Agenda Introduction Today s Threat landscape What is an Advance persistent Threat How are these crimes perpetrated

More information

Malware Analysis Summary: Dyre. F5 Security Operations Center November 2014

Malware Analysis Summary: Dyre. F5 Security Operations Center November 2014 Malware Analysis Summary: Dyre F5 Security Operations Center November 2014 WHY MALWARE MATTERS Long gone are the days when fraud was perpetrated primarily by forging checks or IDs to assume a stolen identity.

More information

Tutorial on Smartphone Security

Tutorial on Smartphone Security Tutorial on Smartphone Security Wenliang (Kevin) Du Professor wedu@syr.edu Smartphone Usage Smartphone Applications Overview» Built-in Protections (ios and Android)» Jailbreaking and Rooting» Security

More information

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015 Cybersecurity Kill Chain William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015 Who Am I? Over 20 years experience with 17 years in the financial industry

More information

Security Challenges and Solutions for Higher Education. May 2011

Security Challenges and Solutions for Higher Education. May 2011 Security Challenges and Solutions for Higher Education May 2011 Discussion Topics Security Threats and Challenges Education Risks and Trends ACH and Wire Fraud Malware and Phishing Techniques Prevention

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May 2014. TrustInAds.org. Keeping people safe from bad online ads

Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May 2014. TrustInAds.org. Keeping people safe from bad online ads Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams May 2014 TrustInAds.org Keeping people safe from bad online ads OVERVIEW Today, even the most tech savvy individuals can find themselves

More information

Protecting Data From the Cyber Theft Pandemic. A FireEye Whitepaper - April, 2009

Protecting Data From the Cyber Theft Pandemic. A FireEye Whitepaper - April, 2009 Protecting Data From the Cyber Theft Pandemic A FireEye Whitepaper - April, 2009 Table of Contents Executive Summary Page 3 Today s Insider Threat Is Stealth Malware Page 3 Stealth Malware Attacks Are

More information

Marble & MobileIron Mobile App Risk Mitigation

Marble & MobileIron Mobile App Risk Mitigation Marble & MobileIron Mobile App Risk Mitigation SOLUTION GUIDE Enterprise users routinely expose their employers data and threaten network security by unknowingly installing malicious mobile apps onto their

More information

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,

More information

Current Threat Scenario and Recent Attack Trends

Current Threat Scenario and Recent Attack Trends Current Threat Scenario and Recent Attack Trends Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In) Objectives Current Cyber space Nature of cyberspace and associated risks

More information

Security Practices for Online Collaboration and Social Media

Security Practices for Online Collaboration and Social Media Cisco IT Best Practice Collaboration Security Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 2013 Cisco and/or its affiliates. All rights reserved.

More information

Property of Secure Network Technologies-Do Not Distribute or Post Without Written Permission-Copyrights and Trademark Apply

Property of Secure Network Technologies-Do Not Distribute or Post Without Written Permission-Copyrights and Trademark Apply Malware - Mules & Money Mobile Edition v2.0 By Steve Stasiukonis What We Do Security Assessments & Penetration Tests Incident Response Digital Investigation & Forensic Services Technical Surveillance Countermeasure

More information

THREAT VISIBILITY & VULNERABILITY ASSESSMENT

THREAT VISIBILITY & VULNERABILITY ASSESSMENT THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings

More information

Innovations in Network Security

Innovations in Network Security Innovations in Network Security Michael Singer April 18, 2012 AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.

More information

ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS

ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISS The Internet Threat Landscape Symantec TM Dean Turner Director Global Intelligence Network Symantec Security

More information

Securing mobile devices in the business environment

Securing mobile devices in the business environment IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services 2 Securing mobile

More information

OVERVIEW. 1. Cyber Crime Unit organization. 2. Legal framework. 3. Identity theft modus operandi. 4. How to avoid online identity theft

OVERVIEW. 1. Cyber Crime Unit organization. 2. Legal framework. 3. Identity theft modus operandi. 4. How to avoid online identity theft OVERVIEW 2 1. Cyber Crime Unit organization 2. Legal framework 3. Identity theft modus operandi 4. How to avoid online identity theft 5. Main challenges for investigation 6. Conclusions ORGANIZATION 3

More information

Cyber Essentials Scheme

Cyber Essentials Scheme Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these

More information

Identity Theft. CHRISTOS TOPAKAS Head of Group IT Security and Control Office

Identity Theft. CHRISTOS TOPAKAS Head of Group IT Security and Control Office Identity Theft CHRISTOS TOPAKAS Head of Group IT Security and Control Office Agenda Identity Theft Threats and Techniques Identity Theft Definition and Facts Identity Theft & Financial Institutions Prevention

More information

Introduction The Case Study Technical Background The Underground Economy The Economic Model Discussion

Introduction The Case Study Technical Background The Underground Economy The Economic Model Discussion Internet Security Seminar 2013 Introduction The Case Study Technical Background The Underground Economy The Economic Model Discussion An overview of the paper In-depth analysis of fake Antivirus companies

More information

G Data Mobile MalwareReport. Half-Year Report July December 2013. G Data SecurityLabs

G Data Mobile MalwareReport. Half-Year Report July December 2013. G Data SecurityLabs G Data Mobile MalwareReport Half-Year Report July December 2013 G Data SecurityLabs Contents At a glance... 2 Android malware: share of PUPs increasing significantly... 3 Android.Application consists of

More information

MOBILE MALWARE REPORT

MOBILE MALWARE REPORT TRUST IN MOBILE MALWARE REPORT THREAT REPORT: H2/2014 CONTENTS At a Glance 03-03 Forecasts and trends 04-04 Current situation: 4.500 new Android malware instances every day 05-05 Third-party App-Stores

More information

Cyber-Threats and Financial Institutions: Assume all networks are infected...is this the new normal? October 2012. Sponsored by:

Cyber-Threats and Financial Institutions: Assume all networks are infected...is this the new normal? October 2012. Sponsored by: : Assume all networks are infected...is this the new normal? October 2012 Cyber-Threats and Financial Institutions: Assume all networks are infected...is this the new normal? Executive Summary Financial

More information

Malicious Websites uncover vulnerabilities (browser, plugins, webapp, server), initiate attack steal sensitive information, install malware, compromise victim s machine Malicious Websites uncover vulnerabilities

More information

Web Security. Discovering, Analyzing and Mitigating Web Security Threats

Web Security. Discovering, Analyzing and Mitigating Web Security Threats Web Security Discovering, Analyzing and Mitigating Web Security Threats Expectations and Outcomes Mitigation strategies from an infrastructure, architecture, and coding perspective Real-world implementations

More information

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat. Defeating cybercriminals Protecting online banking clients in a rapidly evolving online environment The threat As the pace of technological change accelerates, so does the resourcefulness and ingenuity

More information

Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only

Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors Microsoft Confidential for internal use only Wall Street Journal, JP Morgan, Lockheed, Bushehr nuclear

More information

Spyware: Securing gateway and endpoint against data theft

Spyware: Securing gateway and endpoint against data theft Spyware: Securing gateway and endpoint against data theft The explosion in spyware has presented businesses with increasing concerns about security issues, from data theft and network damage to reputation

More information

Spear Phishing Attacks Why They are Successful and How to Stop Them

Spear Phishing Attacks Why They are Successful and How to Stop Them White Paper Spear Phishing Attacks Why They are Successful and How to Stop Them Combating the Attack of Choice for Cybercriminals White Paper Contents Executive Summary 3 Introduction: The Rise of Spear

More information

IBM Security re-defines enterprise endpoint protection against advanced malware

IBM Security re-defines enterprise endpoint protection against advanced malware IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex

More information

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Today s bank customers can perform most of their financial activities online. According to a global survey

More information

PREP Course #25: Hot Topics in Cyber Security and Database Security. Presented by: Joe Baskin Manager, Information Security, OCIO JBaskin@nshs.

PREP Course #25: Hot Topics in Cyber Security and Database Security. Presented by: Joe Baskin Manager, Information Security, OCIO JBaskin@nshs. PREP Course #25: Hot Topics in Cyber Security and Database Security Presented by: Joe Baskin Manager, Information Security, OCIO JBaskin@nshs.edu Objectives Discuss hot topics in cyber security and database

More information