43% Figure 1: Targeted Attack Campaign Diagram

Similar documents
When attackers have reached this stage, it is not a big issue for them to transfer data out. Spencer Hsieh Trend Micro threat researcher

As threat actors target various types of networks, companies with improperly configured network infrastructures risk the following repercussions:

How Do Threat Actors Move Deeper Into Your Network?

A number of factors contribute to the diminished regard for security:

Correlation and Phishing

This document has been provided by the International Center for Not-for-Profit Law (ICNL).

Everyone s online, but not everyone s secure. It s up to you to make sure that your family is.

Cloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?

DIGITAL LIFE E-GUIDE. Keeping Your Cloud Data in Check

Web. Paul Pajares and Max Goncharov. Connection. Edition. ios platform are also at risk, as. numbers via browser-based social.

FastPOS: Quick and Easy Credit Card Theft

Streamlining Web and Security

Terms & Conditions. Introduction. The following terms and conditions govern your use of this website (VirginiaHomeRepair.com).

Beyond the Hype: Advanced Persistent Threats

You are authorised to view and download one copy to a local hard drive or disk, print and make copies of such printouts, provided that:

TERMS AND CONDITIONS OF USE OF KUWAIT FINANCE HOUSE BAHRAIN S WEBSITE & INTERNET BANKING SERVICES

Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud

App Terms and Conditions!

Using Web Security Services to Protect Portable Devices

USERS SHOULD READ THE FOLLOWING TERMS CAREFULLY BEFORE CONSULTING OR USING THIS WEBSITE.

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

The Evolving Threat Landscape and New Best Practices for SSL

Follow the Data: Analyzing Breaches by Industry

DETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?

Types of cyber-attacks. And how to prevent them

Breach Found. Did It Hurt?

GENOA, a QOL HEALTHCARE COMPANY WEBSITE TERMS OF USE

If you do not wish to agree to these terms, please click DO NOT ACCEPT and obtain a refund of the purchase price as follows:

The Business Case for Security Information Management

WEBSITE TERMS OF USE

Terms and Conditions

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

We suggest you retain a copy of these End User Terms of Use for your records.

All copyright, trade mark, design rights, patent and other intellectual property rights (registered or unregistered) in the Content belongs to us.

GENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE

TERMS & CONDITIONS. Introduction

TERMS and CONDITIONS OF USE - NextSTEPS TM

Covered California. Terms and Conditions of Use

ZIMPERIUM, INC. END USER LICENSE TERMS

Latest Business Compromise Malware Found: Olympic Vision

Quartz Legal Terms and Conditions

Reference Architecture: Enterprise Security For The Cloud

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

CA Technologies Healthcare security solutions:

These TERMS AND CONDICTIONS (this Agreement ) are agreed to between InfluencersAtWork,

Terms of Service. This online privacy policy applies only to information collected through our website and not to information collected offline.

E-Sign Disclosure & E-Statements Terms and Conditions

Privacy Policy and Terms of Use

ELECTRONIC SIGNATURE AGREEMENT

Terms & Conditions. In this section you can find: - Website usage terms and conditions 1, 2, 3. - Website disclaimer

Website TERMS OF USE AND CONDITIONS

Copyright Sagicor Life Insurance Company. All rights reserved.

Terms and Conditions

Canadian Pharmaceutical Distribution Network Certificate Authority Services Agreement. In this document:

The term Broadway Pet Stores refers we to the owner of the website whose registered office is 6-8 Muswell Hill Broadway, London, N10 3RT.

By using the Cloud Service, Customer agrees to be bound by this Agreement. If you do not agree to this Agreement, do not use the Cloud Service.

Zander Identity Theft Solutions Benefits Summary and Terms of Service

Terms and Conditions For Online-Payments

Terms and Conditions For Online-Payments

SPEAR PHISHING UNDERSTANDING THE THREAT

Protect Your Connected Business Systems by Identifying and Analyzing Threats

Stay ahead of insiderthreats with predictive,intelligent security

TRIAL AGREEMENT FOR QUALIANCE

Understanding & Improving Hypervisor Security

TERMS AND CONDITIONS

COMPUTER SOFTWARE AS A SERVICE LICENSE AGREEMENT

UGANDA REVENUE AUTHORITY TERMS AND CONDITIONS FOR WEB PORTAL USE

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

User Agreement. Quality. Value. Efficiency.

Countering Insider Threats Jeremy Ho

PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THIS SITE

Rethinking Schools Limited Institutional Site License

TERMS OF USE & GENERAL PRIVACY POLICY

Canon USA, Inc. WEBVIEW LIVESCOPE SOFTWARE DEVELOPMENT KIT DEVELOPER LICENSE AGREEMENT

Revised 10/13 SUBSCRIBER AGREEMENT. Introduction

Self Help Guides. Setup Exchange with Outlook

SYMPHONY LEARNING LICENSE AND REMOTE HOSTED SERVICES AGREEMENT

TERMS AND CONDITIONS

SOFTWARE SUBSCRIPTION SERVICE (SaaS) AGREEMENT

Website terms and conditions

Security Practices for Online Collaboration and Social Media

Service Agreement: January 2008

CSG & Cyberoam Endpoint Data Protection. Ubiquitous USBs - Leaving Millions on the Table

Transcription:

TrendLabs

Data exfiltration is the final stage of a targeted attack campaign where threat actors steal valuable corporate information while remaining undetected. 1 43% of most serious threats to the company s enterprise IT infrastructure are from external sources. Threat actors use a variety of legitimate and malicious tools to extract specific information and mimic normal network traffic. For instance, the EvilGrab malware, which is related to a targeted attack campaign, uses a Windows filter to grab audio and video files. 2 Other techniques include using backdoor malware to upload gathered files, file transfer protocol (FTP) to transfer files without consent, and WMI (Windows Management Instrumentation) to monitor and capture recently opened files, and web applications to open browsers. Figure 1: Targeted Attack Campaign Diagram Preventing the exposure of confidential information is a top challenge for most (71%) enterprises. 3 Given the introduction of the mobile platform and the sophistication of targeted attacks, enterprises need to step up to protect its intellectual property, trade secrets, and other sensitive information. 1 Trend Micro Incorporated. A TrendLabs Security in Context Paper. Data Exfiltration: How Do Threat Actors Steal Your Data? Last updated on: September 2013. Accessed on: November 2013. http://about-threats.trendmicro.com/cloud-content/us/entprimers/pdf/how_do_threat_actors_steal_your_data.pdf 2 Trend Micro Incorporated. A TrendLabs Report. 2Q Report on Targeted Attack Campaigns. Last updated on: July 2013. Accessed on: November 2013. http://about-threats.trendmicro.com/cloudcontent/us/ent-primers/pdf/2q-report-on-targeted-attack-campaigns.pdf 3 International Data Corporation. An IDC Infographic Sponsored by Trend Micro. Keeping Corporate Data Safe. Last updated on: 2013. Accessed on: November 2013. http://apac.trendmicro.com/apac/enterprise/security-suite-solutions/esdp-suite/infographic/index.html 2 TrendLabs Security in Context Paper

Figure 2: Potential Data Threats in an Enterprise Network Data breach and data loss are the most obvious outcomes of a successful targeted attack. However, the following shows real-world consequences that come right after: These include all the monetary costs and resources needed for a company to gauge the amount of damage, find the nature of data stolen, and track all possible traces of the attack. These involve fines incurred by organizations following strict regulations, as those running industrial control systems (ICS). This is the amount that organizations already invested into intangible assets such as research and development advances and trade secrets, the theft of which can decrease their competitive advantage. Data theft from a trusted organization can easily translate to decrease in confidence from the industry it belongs. 3 TrendLabs Security in Context Paper

Detecting targeted attacks at the data exfiltration stage is very challenging for enterprises. We recommend that enterprises assume compromise, enforce preventive measures, and use an airtight custom defense strategy that can detect threats in real time. We have stressed that securing the network infrastructure is the first step in the fight against targeted attacks. 4 This time, we present these key points as the next vital step: protecting valuable data 5 : Every department or business unit should classify the crown jewels, the release of which can negatively affect an organization, from normal day-to-day documentation. These include government information, scientific research, and pharmaceutical formulas. Sharing and downloading them must require privileged access. They can be spread across the network to prevent threat actors from getting the whole information. PCs, mobile devices, and removable devices should be secured by encrypting files, disk, and removable media. Identity-based encryption solutions can be used to protect emails. Data should also be encrypted when using cloud applications, public or private cloud infrastructure, and virtual environments. A protected infrastructure requires multi-tiered access, where top-level information pieces are in a disconnected network, second-level ones require a special two-factor authentication process, while third-level ones are on regular file servers. 4 Trend Micro Incorporated. A TrendLabs Security in Context Paper. Securing Your Network Infrastructure Against Targeted Attacks. Last updated on: 2013. Accessed on: November 2013.http://about-threats.trendmicro.com/cloud-content/us/ent-primers/pdf/the-enterprise-fights-backp01.pdf 5 Trend Micro Incorporated. A Trend Micro Research Paper. Suggestions to Help Companies with the Fight Against Targeted Attacks. Last updated on: 2013. Accessed on: November 2013. http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-suggestionsto-help-companies-with-the-fight-against-targeted-attacks.pdf 4 TrendLabs Security in Context Paper

TREND MICRO LEGAL DISCLAIMER The information provided herein is for general information and educational purposes only. It is not intended and should not be construed to constitute legal advice. The information contained herein may not be applicable to all situations and may not reflect the most current situation. Nothing contained herein should be relied on or acted upon without the benefit of legal advice based on the particular facts and circumstances presented and nothing herein should be construed otherwise. Trend Micro reserves the right to modify the contents of this document at any time without prior notice. Translations of any material into other languages are intended solely as a convenience. Translation accuracy is not guaranteed nor implied. If any questions arise related to the accuracy of a translation, please refer to the original language official version of the document. Any discrepancies or differences created in the translation are not binding and have no legal effect for compliance or enforcement purposes. Although Trend Micro uses reasonable efforts to include accurate and up-to-date information herein, Trend Micro makes no warranties or representations of any kind as to its accuracy, currency, or completeness. You agree that access to and use of and reliance on this document and the content thereof is at your own risk. Trend Micro disclaims all warranties of any kind, express or implied. Neither Trend Micro nor any party involved in creating, producing, or delivering this document shall be liable for any consequence, loss, or damage, including direct, indirect, special, consequential, loss of business profits, or special damages, whatsoever arising out of access to, use of, or inability to use, or in connection with the use of this document, or any errors or omissions in the content thereof. Use of this information constitutes acceptance for use in an as is condition. Trend Micro Incorporated, a global leader in security software, strives to make the world safe for exchanging digital information. Our innovative security solutions for consumers, businesses and governments protect information on mobile devices, endpoints, gateways, servers and the cloud. For more information, visit www.trendmicro.com 2013 by Trend Micro, Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information