Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Modern Day Attacks and a Silent Security Audit Kierk.

Published byAlanis Selvidge Modified over 9 years ago

Similar presentations

Presentation on theme: "©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Modern Day Attacks and a Silent Security Audit Kierk."— Presentation transcript:

1 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Modern Day Attacks and a Silent Security Audit Kierk Sanderlin

2 2 2©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Monkey See, Monkey Do

3 3 3©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Monkey see, Monkey do, Monkey sell Black hole exploit kit

4 4 4©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Exploiting Zero-day vulnerabilities [Protected] Non-confidential content New vulnerabilities Countless new variants An average of 70,000 to 100,000 new malware samples are created and distributed each day

5 5 5©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Real World Data

6 6 6©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Threat Emulation Statistics Site Number of files emulated last 7 days Number of files emulated last 30 days Comments US Consumer Toys & Goods 6469812177923 New Detections in the last 7 days IL Law Services2210528742 New Detections in the last 7 days US Regional Bank18435037250550 New Detections in the last 7 days US Regional Bank1915936868 US Major Pharma79704154471 963 New Detections in the last 7 days. Same email was sent numerous times IL Online Gaming233523 Europe Major Bank 39095708348 New Detections in the last 7 days US Business Services56566 591 New Detections in the last 7 days. New installation US Electric Utility5494275929

7 7 7©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | What does a bot typically do when it is first started? First Time DNS Query GEO IP Query Catalog of Asset OS Patch level Apps

8 8 8©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | A PC for hire on most any fortune 500 network?

9 9 9©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Woopsie “I made it about halfway through the list of companies in the Fortune 100 with names beginning in “C” when I found a hit: A hacked RDP server at Internet address space assigned to networking giant Cisco Systems Inc. The machine was a Windows Server 2003 system in San Jose, Calif., being sold for $4.55 (see screenshot below). You’ll never guess the credentials assigned to this box: Username: “Cisco,”; password: “Cisco”. Small wonder that it was available for sale via this service. A contact at Cisco’s security team confirmed that the hacked RDP server was inside of Cisco’s network; the source said that it was a “bad lab machine,” but declined to offer more details”

10 10 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | DDOS the Picket Line of the Future?

11 11 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Looking back and forward Main security threats & risks Security architecture Recommendations 2012 2013 and beyond

12 12 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Multiple sources of data SensorNet Span Port Threat Cloud

13 13 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | A comprehensive survey 888companies 1,494gateways 120,000Monitoring hours 112,000,000security events

14 14 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | A comprehensive survey % of companies Americas EMEA APAC Industrial Finance Government Telco Consulting Other By geographyBy sector

15 15 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Security Report 2013 About the research Key findings Security strategy Summary

16 16 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network

17 17 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anything for a Buck HACKED

18 18 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | This does not affect me, right?

19 19 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The majority of companies are infected 63% 100% = 888 companies of the organizations in the research were infected with bots

20 20 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Exploit kits are easy to buy Rental costs One day – 50$ Up to 1 month – 500$ 3 month – 700$ Rental costs One day – 50$ Up to 1 month – 500$ 3 month – 700$ Available online

21 21 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | But there is more than Bots, right? Malware INSIDE How does malware get to my network?

22 22 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Downloading malware all the time 53% of organizations saw malware downloads

23 23 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Most attacks originate in the US Top malware locations, % US 71% Canada 8% Czech Rep 2% Slovakia 2% France 2% UK 2% Germany 2% Israel 3% Turkey 3% China 3%

24 24 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network

25 25 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | No longer a game

26 26 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | What are risky applications? Bypassing security or hiding identity Do harm without the user knowing it P2P file sharing Anonymizers File sharing / storage Social networks

27 27 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Risky applications Anonymizers

28 28 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | What is an anonymizer? UserProxySite

29 29 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | History of Anonymizers Began as “The Onion Router” Officially sponsored by the US Navy 80% of 2012 budget from US Government Used widely during Arab Spring

30 30 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anonymizers inside the corporation 47% of organizations had users of Anonymizers (80% were not aware that their employees use Anonymizers) 100% = 888 companies

31 31 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Risky applications P2P file sharing

32 32 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Risk of P2P Applications Downloading the latest “Walking Dead” episode right now Pirated content liability Malware downloads “Back door” network access

33 33 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | P2P inside the corporation 61% of organizations had a P2P file sharing app in use 100% = 888 companies

34 34 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network

35 35 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | How common is it? 54% of organizations experienced data loss

36 36 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Many types of data leaked 24% Source Code 7% Email marked as confidential 14% Password protected file 29% Credit card information 13% Salary compensation information 7% Bank accounts numbers 6% Business data record 21% Other

37 37 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | PCI compliance can be improved36% Of financial organizations sent credit card data outside the organization

38 38 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We have all had this problem Error 552: sorry, that message exceeds my maximum message size limit Dropbox? YouSendIt? Windows Live?

39 39 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Storing and Sharing applications 80% of organizations use file storage and sharing applications 100% = 888 companies

40 40 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Top sharing and storage apps % of organizations But sharing is not always caring…

41 41 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Security Report 2013 About the research Key findings Security strategy Summary

42 42 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We talked about three issues Threats to the organization Risky enterprise applications Data loss incidents in the network

43 43 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Addressing external threats FW AV IPS Anti Bot Anti-Spam Emulation

44 44 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Enabling secure application use URLF Antivirus Application Control Endpoint

45 45 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Preventing data loss Doc Sec DLP Data End Point Application Control User check

46 46 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | infected with bots Remember……. Threats to the organization Risky enterprise applications Data loss incidents in the network used Anonymizers had a data loss event 63%47%54%

47 47 ©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Thank You!

Download ppt "©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Modern Day Attacks and a Silent Security Audit Kierk."

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
The Threat Within September 2004. Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.

The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.

Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.

Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah

By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Modern Day Attacks and a Silent Security Audit Kierk.

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Modern Day Attacks and a Silent Security Audit Kierk.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
From AV to Internetized Security Solution 马杰 Jeffrey Beijing Rising Tech. Co., Ltd. --- The Analysis Report of Malware Technology in China in 2005.

From AV to Internetized Security Solution 马杰 Jeffrey Beijing Rising Tech. Co., Ltd. --- The Analysis Report of Malware Technology in China in 2005.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Arbor Multi-Layer Cloud DDoS Protection

Arbor Multi-Layer Cloud DDoS Protection
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Similar presentations

Ads by Google