Presentation is loading. Please wait.

Presentation is loading. Please wait.

Malware – A BILLION DOLLAR BUSINESS

Published byNorma Bradford Modified over 6 years ago

Similar presentations

Presentation on theme: "Malware – A BILLION DOLLAR BUSINESS"— Presentation transcript:

1 Malware – A BILLION DOLLAR BUSINESS
Liviu ARSENE. Senior e-Threat Analyst

2 agenda NCSAM 2016 Cyber-threat Landscape Malware-as-a-service PPP

3 NCSAM Collaboration with Europol, Greek Police, etc.
Last NCSAM week dedicated to mobile threats Cross-regional campaign Free mobile security solutions

4 THE MALWARE LANDSCAPE CONVENTIONAL THREATS, KNOWN FROM THE PREVIOUS YEARS Banker Trojans (Zeus, Carberp, SpyEye) Information Stealers (especially password stealers) Spam-sending Trojans NEW THREATS RANSOMWARE EXPLOIT KITS ADVANCED PERSISTENT THREATS

5 60% of targeted malware aims at SMBs
THE MALWARE LANDSCAPE 60% of targeted malware aims at SMBs 25% of all malware is virtual machine aware. Note: Virtualization alone is not the key to security.

6 MALWARE NOW AVAILABLE AS A SERVICE
Malware Creation Toolkits Selling for between $100 - $10,000; some are free Hourly updates Technical support for “customers”

7 Targets 3 Examples with animation

8 Malware – A BILLION DOLLAR BUSINESS
1,425% ROI * For every dollar spent, hackers make 1,400 times more Example: Cryptolocker ($28 million in 4 months) CryptoWall: 380 million in one year $$$ *source: the RAND Report

9 Cybercrime Global Costs

10 Some issues on PPP investigations
LEA Goal is to find and arrest the perpetrator and bring him to justice Secrecy towards the adversary Finding one proof/evidence Searches limited by data protection Formal chain of evidence Supervised by prosecutor Medium expertise in forensics Restrained capacity in analysis Speed is not the main goal Private Sector Goal is to identify and protect additional victims Secrecy towards the adversary Finding all evidences Few data protection constraints Access to correlated data and intel High expertise in forensics Scalable capacity in analysis Speed is essential LEA – Law Enforcement Agencies Although we had some pretty good success in our joint investigations in Romania, in general, the partnerships between law enforcement agencies and the private sector do not usually work as expected. See the slide for reasons. There are several events/conferences and so on where we discuss the advantages of working together (private and public sector), but when it comes to actual work, LEA does not share information with the private sector (as to not reveal investigations in progress) and if the private sector brings proactive information, cases are not always open. It’s a flawed circle that needs to be addressed. Not to mention jurisdiction issues and most importantly speed. 9

11

Download ppt "Malware – A BILLION DOLLAR BUSINESS"

Similar presentations

Its a new digital world with new digital dangers….

Its a new digital world with new digital dangers….
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
UNODC & the Global Response to Cybercrime

UNODC & the Global Response to Cybercrime
State of play and activities in 2014 March 2014

State of play and activities in 2014 March 2014
C0c0n 2014 23 August 2014 Dinesh O Own Country in the year 2014.

C0c0n August 2014 Dinesh O Own Country in the year 2014.
Challenges facing law enforcement agencies in the fight against cybercrime.

Challenges facing law enforcement agencies in the fight against cybercrime.
Cyber Crime The current threat to the UK Security Marking.

Cyber Crime The current threat to the UK Security Marking.
Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.

Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.
SECI Center: An Efficient Regional Tool for Combating Organized Crime Developments in Justice and Home Affairs in Romania - Panel Discussion - - Panel.

SECI Center: An Efficient Regional Tool for Combating Organized Crime Developments in Justice and Home Affairs in Romania - Panel Discussion - - Panel.
Australian High Tech Crime Centre Resourcing Cybercrime Tuesday, 6 November 2007.

Australian High Tech Crime Centre Resourcing Cybercrime Tuesday, 6 November 2007.
James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur.

James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur.
Bluehat 2014 Looking back and driving forward Chris Betz Senior Director Microsoft Security Response Center.

Bluehat 2014 Looking back and driving forward Chris Betz Senior Director Microsoft Security Response Center.
CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.

CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.
Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.

Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.
1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB

1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
The National Cyber Security Strategy and Action Plan A presentation by Ms. Antoinette Lucas-Andrews Director, International Affairs Ministry.

The National Cyber Security Strategy and Action Plan A presentation by Ms. Antoinette Lucas-Andrews Director, International Affairs Ministry.
For Visa Internal Use Only Visa Europe This information is not intended, and should not be construed, as an offer to sell, or as a solicitation of an offer.

For Visa Internal Use Only Visa Europe This information is not intended, and should not be construed, as an offer to sell, or as a solicitation of an offer.
Cybersecurity Governance in Ethiopia

Cybersecurity Governance in Ethiopia
Cyber Security Nevada Businesses Overview June, 2014.

Cyber Security Nevada Businesses Overview June, 2014.

Similar presentations

Ads by Google