© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM X-Force Threat Intelligence Quarterly 2Q 2014 Diana Kelley Executive Security.

Slides:



Advertisements
Similar presentations
IBM Industry Security Electric Sector Security Awareness Rising
Advertisements

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Security for Today’s Threat Landscape Kat Pelak 1.
RTC Agile Planning Component
© 2014 IBM Corporation IBM Security Services 1 © 2014 IBM Corporation IBM Security Intelligence, Integration and Expertise Kawther Haciane Client Solution.
® IBM Software Group © 2007 IBM Corporation Achieving Harmony IBM's Platform and Methodology for Systems Engineering and Embedded Software Development.
Norman SecureSurf Protect your users when surfing the Internet.
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM X-Force: The Emerging Threat Landscape Michael P. Hamelin Lead X-Force Security.
1 Bete Demeke Vice President, Rational Worldwide Sales.
® IBM Software Group © 2012 IBM Corporation OPTIM Data Studio – Jon Sayles, IBM/Rational November, 2012.
Dell Connected Security Solutions Simplify & unify.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
© 2009 IBM Corporation ® IBM Lotus Notes and Domino Product Roadmap April 2009.
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
10/14/2015 Introducing Worry-Free SecureSite. Copyright Trend Micro Inc. Agenda Problem –SQL injection –XSS Solution Market opportunity Target.
© 2010 Verizon. All Rights Reserved. PTE / DBIR.
IBM Software Group ® Jazz Storage Service Thomas.
June 5–9 Orlando, Florida IBM Innovate 2011 Session Track Template Rainer Ersch Senior Research Scientist Siemens AG ALM-1180.
IBM Software Group ® Process Sequence to call ProcessAdminService from browser Thomas.
© 2012 IBM Corporation Introducing IBM Cognos Insight.
Financial Sector Cyber Attacks Malware Types & Remediation Best Practices
® IBM Software Group © 2011 IBM Corporation Innovation for a smarter planet IBM SOA Overview for MITRE “Driving SOA Program Success and Efficiency” April.
© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
DevOps and UrbanCode Deploy Scott Pecnik. Development and Operations Contraction of Development and Operations Industry History “DevOps Days” in 2009.
© 2015 IBM Corporation IBM Security 1 © 2015 IBM Corporation Protecting your executives’ cyber DNA Executive protection from IBM an IBM alliance with Social.
©2015 Check Point Software Technologies Ltd. 1 Website Watering Holes Endpoints are at risk in numerous ways, especially when social engineering is applied.
Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
© 2013 IBM Corporation IBM UrbanCode Deploy v6.0.1 Support Enablement Training Source Configuration and Database Upgrades Michael Malinowski
© 2011 IBM Corporation IBM Security Services Smarter Security Enabling Growth and Innovation Obbe Knoop – Security Services Leader Pacific.
David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.
© 2015 IBM Corporation IBM Security 1 © 2015 IBM Corporation Protecting against cyber threats and security breaches IBM APT Survival Kit Overview Client.
CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.
IBM Software Group ® Jazz Team Build – Part 1 Overview Jonathan.
© 2013 IBM Corporation LDAP Fundamentals & LDAP for CLM Bruce Besch IBM Rational Services.
1 © 2016 IBM Corporation Mobile Device Management Manage smartphones, tablets & laptops featuring iOS, Android, Windows Phone, BlackBerry, Windows PC &
© 2013 IBM Corporation IBM Security Systems © 2012 IBM Corporation Offense Magnitude.
IBM Innovate 2012 Title Presenter’s Name Presenter’s Title, Organization Presenter’s Address Session Track Number (if applicable)
Comparison between EPF Composer and Rational Method Composer
© 2013 IBM Corporation IBM UrbanCode Deploy v6.0 Support Enablement Training Jenkins plug-in 1 November 2013.
IBM Software Group ® Jazz Process Component —Process Template Management Thomas.
European Mobility & Endpoint Security User Group.
Outthink threats The next era of security. Marc van Zadelhoff General Manager, IBM Security.
Advanced Endpoint Security Data Connectors-Charlotte January 2016
Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.
David Hatten Developer, UrbanCode 17 October 2013
Deployment Planning Services
Office 365 is cloud-based productivity, hosted by Microsoft.
Gavin Arthurs PE Sr. Technical Specialist – IBM Rational
Critical Security Controls
Threat Management Gateway
Deploy Plugins Developer 29 October 2013
Integrating Data With Cognos
Office Power Hour New developer APIs and features for Apps for Office
Prevent Costly Data Leaks from Microsoft Office 365
SAM GDPR Assessment <Insert partner logo here>
Embedded Software (ESW) Engineering Practices Introduction
Implementing Client Security on Windows 2000 and Windows XP Level 150
IBM Global Technology Services
Caleb Baker Sr. Program Manager
Microsoft Virtual Academy
Microsoft Data Insights Summit
Cybersecurity Simplified: Phishing
Presentation transcript:

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM X-Force Threat Intelligence Quarterly 2Q 2014 Diana Kelley Executive Security

© 2014 IBM Corporation IBM Security Systems IBM X-Force is the foundation for advanced security and threat research across the IBM Security Framework.

© 2014 IBM Corporation IBM Security Systems Vulnerability Protection ➥ Reverse engineering and protection for more than 73K vulnerabilities and 400 application protocols housed in the X-Force Database Malware Analysis ➥ Analysis and defense of malware targeting financial institutions and customers leveraging a network of 100M endpoints across the globe IP Reputation ➥ Categorization of more than 860K suspect IP addresses into different categories including malware hosts, botnets, spam sources, and anonymous proxies Web Application Control ➥ Identify and manage the capabilities of more than 2000 web and client applications and actions (e.g. Gmail or Skype) Web Application Protection ➥ Able to assess and remediate vulnerabilities in mission critical off-the-shelf and custom web applications URL/Web Filtering ➥ One of the world’s largest URL databases containing categorized information on more than 22 billion URLs Anti-Spam ➥ Detect spam using known signatures, discover new spam types automatically, 99.9% accurate, near 0% over-blocking; monitoring of more than 7M spam & phishing attacks daily. The Mission of X-Force is to… Monitor and evaluate the rapidly changing threat landscape Research new attack techniques and develop protection for tomorrow’s security challenges Educate our customers and the general public Deliver Threat Intelligence to make IBM solutions smarter

© 2014 IBM Corporation IBM Security Systems Coverage 20,000+ devices under contract 3,700+ managed clients worldwide 15B+ events managed per day 133 monitored countries (MSS) 1,000+ security related patents 100M+ customers protected from fraudulent transactions Depth 22B analyzed web pages & images 7M spam & phishing attacks daily 73K documented vulnerabilities 860K malicious IP addresses malware samples collected daily Millions of unique malware samples What we tell our customers: IBM X-Force monitors and analyzes the changing threat landscape

© 2014 IBM Corporation IBM Security Systems We are in an era of continuous breaches. Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2014IBM X-Force Threat Intelligence Quarterly – 1Q 2014 Operational Sophistication IBM X-Force  declared Year of the Security Breach Near Daily Leaks of Sensitive Data 40% increase in reported data breaches and incidents Relentless Use of Multiple Methods 500,000,000+ records were leaked, while the future shows no sign of change SQL injection Spear phishing DDoSThird-party software Physical access MalwareXSSWatering hole Undisclosed Attack types Note: Size of circle estimates relative impact of incident in terms of cost to business.

© 2014 IBM Corporation IBM Security Systems Attackers exploit application vulnerabilities to access sensitive data.  Not testing puts the organization at risk of exposing valuable assets  Broken authentication can result in take over of banking session and funds transfer as if the attacker were the legitimate user.  OpenSSL bug put a huge number of websites at risk for data leakage of private and critical information.  Mitigating potential damages of breached user credentials, SSL certificates, and other sensitive information made cleanup a challenge. of organizations underestimate the number of web applications they have deployed 50%  If your incident response is built around planning for the known situations, you're at a loss. Contents of random access memory (RAM) are now fair game, like data stored on the disk. Test and Remediate AppVulns Protect Web Servers Expect the Unexpected

© 2014 IBM Corporation IBM Security Systems Underestimating web applications is not uncommon. Broken authentication and CSRF occurred in 23% of the 900+ dynamic web app scans tested

© 2014 IBM Corporation IBM Security Systems Client requests to perform large-scale, ongoing scanning of live sites has increased.

© 2014 IBM Corporation IBM Security Systems Spam continues to be a main channel of malware into company networks. In March 2014, we saw the highest levels of spam measured during the last two and a half years.

© 2014 IBM Corporation IBM Security Systems Attackers are recycling old image-spam techniques to test detection and exploit inboxes.

© 2014 IBM Corporation IBM Security Systems Attackers look for creative ways to evade spam filters - again.

© 2014 IBM Corporation IBM Security Systems Attackers are using doctor and medic.ru domains in these attacks. Since the beginning of February 2014, spammers have used the domains they have purchased for other, non-image based types of spam.

© 2014 IBM Corporation IBM Security Systems Spam bot infections are higher in locations still reliant on Windows XP. In 16 of 20 countries researched for spambot infection, usage of Windows XP is significantly higher than the WW average. In some cases, usage is more than 30%.

© 2014 IBM Corporation IBM Security Systems Expanded operations outside of traditional markets occur on a more frequent basis; Incident Response teams must be prepared. Driven by stiffer regulations on personal data and the importance placed on security breaches, many organizations need answers faster and more efficiently than ever before. Bandwidth Data transfers can be limited by slow, unreliable connections. RAM External drives may not be available for storing RAM dump files. Overnight Mail Shipping impacted systems and forensics data can be difficult. Working Hours Time-zone differences can impact work schedules. Skill Sets System administrators may not be trained in incident response.

© 2014 IBM Corporation IBM Security Systems 15 Connect with IBM X-Force Research & Development IBM X-Force Security Insights blog at Download IBM X-Force Threat Intelligence Quarterly Reports Follow us and

© 2014 IBM Corporation IBM Security Systems 16 © Copyright IBM Corporation All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. © Copyright IBM Corporation All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.