1 Cybersecurity and web-based attacks A perspective from Symantec Zoltan Precsenyi Government Affairs Manager International Conference on Terrorism and.

Slides:



Advertisements
Similar presentations
Symantec Education Skills Assessment SESA 3.0 Feature Showcase
Advertisements

IT Analytics for Symantec Endpoint Protection
‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Security for Today’s Threat Landscape Kat Pelak 1.
1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing
Lloyds 360 Risk Insight Dec 2010 Malcolm Harkins Malcolm Harkins Chief Information and Security Officer General Manager Intel Information Risk and Security.
The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.
Symantec Security Intelligence Internet Security Threat Report Volume XVI June, 2011 Tiffany Jones Director – Programs and Strategy Symantec Public.
E-Commerce Security and Fraud Issues and Protections
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Wonga example Register Question- What risks do you think businesses face due to IT developments?
Stuxnet – Getting to the target Liam O Murchu Operations Manager, Symantec Security Response 1 Feb 2011.
1 When Cloud Networking meets Cloud Computing: Software-Defined Networking (SDN) Customer Application Faan DeSwardt Infrastructure Architecture Manager.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Практические аспекты аутсорсинга ИБ Алексей Чередниченко Ведущий консультант, Symantec Services Group 28 апреля 2009.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
President’s Forum and WSML 2012 INDSTRAT 02 Mobile Market Dynamics Brian Duckering, Deborah Clark, Evan Quinn “A Day in the Life of Mobile” 1.
Mobile Devices Carry Hidden Threats With Financial Consequences Hold StillInstalled.
Did You Hear That Alarm? The impacts of hitting the information security snooze button.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Adversary Defense: Past, Present, Future Presenter’s Name Here Presenter’s Title Here.
Dell Connected Security Solutions Simplify & unify.
Symantec Managed Security Services The Power To Protect Duncan Evans Director, Cyber Security Services 1.
1 Safely Using Shared Computers Amanda Grady December 2013.
President’s Forum and WSML 2012 Mobile Market Dynamics Deborah Clark, Dawn Davis, Brian Duckering, Marie Pettersson 1 “A Day in the Life of a Mobile Family”
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
1 The New Security Blueprint : Challenges & Opportunities Ajay Goel, Managing Director, Symantec India & SAARC Sept 1, 2011.
Cyber Security Nevada Businesses Overview June, 2014.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
The Changing World of Endpoint Protection
The current state of Cybersecurity Targeted and In Your Pocket Dale “Dr. Z” Zabriskie CISSP CCSK Symantec Evangelist.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
President’s Forum and WSML 2012 SYMSTRAT 03: Enterprise Sales Conversations for Virtualization Todd Zambrovitz with guest appearance by Kevin Fiedler 1.
WLAN Auditing Tools and Techniques Todd Kendall, Principal Security Consultant September 2007.
Cyberdefense and security policy – concepts and considerations for government policy 1 Cyberdefense and security policy Concepts and considerations for.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
Installation of Storage Foundation for Windows High Availability 5.1 SP2 1 Daniel Schnack Principle Technical Support Engineer.
MANAGING RISK. CYBER CRIME The use of the internet and developments in IT bring with it a risk of cyber crime. Credit card details are stolen, hackers.
Engineering and Management of Secure Computer Networks School of Engineering © Steve Woodhead 2009 Corporate Governance and Information Security (InfoSec)
Optimized Synthetics 1 OpenStorage Optimized Synthetics.
Cyber Security in the Post-AV Era Amit Mital Chief Technology Officer General Manager, Emerging Endpoints Business Unit.
External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.
© 2011 IBM Corporation IBM Security Services Smarter Security Enabling Growth and Innovation Obbe Knoop – Security Services Leader Pacific.
Get Full Protection on Microsoft Azure with Symantec™ Endpoint Protection 12.1 MICROSOFT AZURE ISV PROFILE: SYMANTEC Symantec™ Endpoint Protection is an.
CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.
Office 365 is cloud-based productivity, hosted by Microsoft.
Cybersecurity - What’s Next? June 2017
Public Facilities and Cyber Security
Cyber Security: State of the Nation
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
Joe, Larry, Josh, Susan, Mary, & Ken
I have many checklists: how do I get started with cyber security?
Cybersecurity Strategy
Cybersecurity at PJM Jonathon Monken
E-Commerce Security and Fraud Issues and Protections
Securing the Threats of Tomorrow, Today.
CRITICAL INFRASTRUCTURE CYBERSECURITY
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Managing IT Risk in a digital Transformation AGE
Cybersecurity at PJM Jonathon Monken
In the attack index…what number is your Company?
Presentation transcript:

1 Cybersecurity and web-based attacks A perspective from Symantec Zoltan Precsenyi Government Affairs Manager International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

Agenda 2 About Symantec 1 The web: a powerful tool 2 Cyberattacks: the threat landscape 3 Future trends: growing challenges 4 International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

3 About Symantec International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

Symantec™ Global Intelligence Network Identifies more threats, takes action faster & prevents impact Information Protection Preemptive Security Alerts Threat Triggered Actions Global Scope and Scale Worldwide Coverage 24x7 Event Logging Rapid Detection Attack Activity 240,000 sensors 200+ countries Malware Intelligence 133M client, server, gateways monitored Global coverage Vulnerabilities 40,000+ vulnerabilities 14,000 vendors 105,000 technologies Spam/Phishing 5M decoy accounts 8B+ messages/day 1B+ web requests/day Austin, TX Mountain View, CA Culver City, CA San Francisco, CA Taipei, Taiwan Tokyo, Japan Dublin, Ireland Calgary, Alberta Chengdu, China Chennai, India Pune, India 4 International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

5 The web: a powerful tool International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

6 The web Cybercrime steadily growing International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

The web Underground Economy a soaring market Credit card information & bank account credentials still on top Big range in bulk prices for credit cards 7 International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

The web Attack Kits Get a Caffeine Boost 8 Java exploits added to many existing kits Kits exclusively exploiting Java vulnerabilities appeared More Info: Detailed information available in ISTR Mid- Term: Attack Toolkits and Malicious WebsitesISTR Mid- Term: Attack Toolkits and Malicious Websites International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

9 The web Communication channel for criminals as well news.intelwire.com/2011/07/internet-provides-terrorists-with-tools.html CommunicateRecruit Equip Instruct International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

10 Cyberattacks: the threat landscape International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

11 Organized Crime Rings Well Meaning Insiders Malicious Insiders Extremists At this stage, terrorism is more a scenario than an actual incident Effective communication and money laundering tool that should not be interrupted Historically terrorism scenarios envisage cyber-attacks as amplifiers International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011 Threat Landscape The actors inside and outside

Symantec Internet Security Threat Report (ISTR), Volume Organized Criminal Well Meaning Insider Malicious Insider Disruption of critical infrastructure operations Large-scale DDoS attacks Malware outbreaks within protected networks Stealthy ex-filtration or unintended loss of confidential data Website defacing Threat Landscape The objectives information and/or infrastructure

13 International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, Threat Landscape Asymmetric warfare small investment, big damage

14 Threat Landscape OSINT collection International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

Threat Landscape Social Networking + Social Engineering = Compromise 15 Hackers have adopted social networking – Use profile information to create targeted social engineering – Impersonate friends to launch attacks – Leverage news feeds to spread spam, scams and massive attacks Detailed review of Social Media threats available in The Risks of Social NetworkingThe Risks of Social Networking More Info: International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

16 EXFILTRATION Confidential data sent to hacker team in the clear, wrapped in encrypted packets or in zipped files with passwords 4 International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011 Threat Landscape Targeted Attacks process

Threat Landscape Targeted Attacks evolution 17 High profile attacks in 2010 raised awareness of impact of APTs Stuxnet was incredibly sophisticated – Four zero-day vulnerabilities – Stolen digital signatures – Ability to “leap” the air gap with USB key – Potential damage to infrastructure Detailed review in the: W32.Stuxnet Dossier & W32.Stuxnet W32.Stuxnet DossierW32.Stuxnet More Info: International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

18 International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011 Threat Landscape Malicious activity by country

93% increase in Web-based attacks from 2009 to 2010 Spikes related to specific activities (new attack kits, current events, etc.) 19 International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011 Threat Landscape Web based attacks on the rise

20 Future trends: growing challenges International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

21 TechnologyStrengthsWeaknesses Cloud Enhanced overall security capabilities: Detection Protection Backup and recovery Blurred individual security perimeter: Loss of control over certain assets Increased interdependencies New single points of failure Virtualisation Flexibility and efficiency: More resilient infrastructure Better use of hardware Enhanced interoperability Segregated tasks run on shared assets: Physical proximity between isolated virtual environments Higher exposure to more vulnerabilities Mobile Well, mobility: Access to data anytime, anywhere Federated identity management Better convergence between different communication channels Well, again, mobility: Lower security awareness and culture Cross-exposure of federated identities to vulnerabilities in one of them Increased risk of data loss through device loss International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011 Technology landscape Mega Trends

Threat Landscape 2010 Trends 22  Social Networking + social engineering = compromise  Attack Kits get a caffeine boost  Targeted Attacks continued to evolve  Hide and Seek (zero-day vulnerabilities and rootkits)  Mobile Threats increase International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011

23 Threat Landscape Attribution will remain an issue International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011 Who is behind the attack? What are their motives? Do you know? Can you be sure? Can you disclose the information? Should you? Can you respond? Should you? How?

Mind your people: Strong authentication for identity and access control Security awareness training Protect your devices: Advanced reputation security Device management Removable media control Harden your systems and networks: Vulnerability assessment Intrusion prevention and web gateway filtering 24 Protect your information: Encryption Data loss prevention Understand the threat in close to real time: Advanced reputation security Network threat and vulnerability monitoring Respond: Security incident management Back-up and recovery International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011 Security Landscape What you can do to protect your assets

Thank you! Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Thank you! 25 Zoltan Precsenyi International Conference on Terrorism and Democracy in the 21st Century, Budapest, September 29-30, 2011