Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cosc 4765 SOPHOS Security Threat report about 2013 (and predictions for 2014)

Published byEthel Lewis Modified over 9 years ago

Similar presentations

Presentation on theme: "Cosc 4765 SOPHOS Security Threat report about 2013 (and predictions for 2014)"— Presentation transcript:

1 Cosc 4765 SOPHOS Security Threat report about 2013 (and predictions for 2014)

2 Side note Independent test lab AV-Test, discovers it’s 50 millionth virus/malware (Jan 26, 2011) – 220,000 new malware each day 9,166 every hour or 152 every minute or about 2.5 every second. – History: 1985: 553 different viruses 2000: 176,312 2006: about 1 million 2010: about 20 million new malware variants 2013: about 83 million new malware variants – Source: http://www.av-test.org/http://www.av-test.org/

3 A bad day comes. April 8, 2014 – The end security updates for Windows XP Office 2003 What dangerous “zero-day-forever” attacks may follow it.

4 All pictures and data are from SOPHOS 2013 report.

5 Botnets Grow in Size & Stealth In the past 12 months, infected networks of computers called botnets have become more widespread, resilient and camouflaged—and they’re spreading dangerous new payloads like the nasty Cryptolocker ransomware. – Zeus source, leads to Gameover Which has a P2P Command&Control structure – ZeroAccess Botnet In least than 2 weeks, undoes all the countermeasures by antivirus companies. – Watch: Cryptolocker in Action Watch: Cryptolocker in Action

6 Botnets Grow in Size & Stealth (2) Ransomware has become more common, because fake AV and alert scams are now failing. Banking malware – Carberp steals over $250 million! – Malware like shylock/caphaw botnets targets customers of Barclays, Bank of America, Capital One, Citi, and Wells Fargo.

7 Botnets Grow in Size & Stealth (3) More use of the “Darknet” – Hidden networks such as Tor that are designed to resist surveillance. – Wikileaks and many people use it to protect sources. – Botnet C&C servers are hidden in the Tor network as well.

8

9 Botnet Bitcoin Mining The masters of the ZeroAccess botnet for a short time in 2013 used its computing power to create (or mine) bitcoins, the virtual currency. Back Channels and Bitcoins: ZeroAccess' Secret C&C Communications Back Channels and Bitcoins: ZeroAccess' Secret C&C Communications

10

11 Spam Reinvents Itself. From penny stock pump-and-dump schemes to natural weight loss scams, some spam just never goes away. In 2013, distributed networks of servers helped keep spam under the radar of filters, a technique called “snowshoe spamming.” – Distribute the load across a large area (botnet), so they don’t sink like snow shoes. Uses many IPs so it harder to filter spam out.

12

13 Android Malware Android malware continues to grow and evolve. – The Android Market place is an “open place” – Watch those permissions when installing. Does the facebook app really need all these permissions? – Call phone number, read your text messages, record audio, full location services, read/write contacts, read/write call log – Add/modify calendar events, Read confidential information » “send email to guest without owners’ knowledge” – Read/Modify/delete the content of USB storage – Add/remove accounts, find accounts on the device – Change network connectivity, connect/disconnect wifi, download files without notification – Retrieve and Reorder running apps – Draw over other apps, prevent phone from sleeping, control vibration, change audio settings, read and change sync settings, expand/collapse status bar – And last install shortcuts and send “sticky broadcasts”. https://www.facebook.com/help/210676372433246

14 Android Malware (2) Ransomware: – for the first time in 2013 began infecting smartphones and other Android devices. Botnets, mostly in China – Send premium SMS messages that charge the user. GinMaster: A Case Study in Android Malware

15 Android Malware (2)

16

17 Windows: The Growing Risk of Unpatched Systems The two known big ones are WinXP and Office2010. – Here the real issue, because it’s not your PC. All though 31% of all PCs are running winXP. – There are millions of Point of Sale devices (POS) Running WinXP, some still running Win2K. These handle Credit card information! – And a really scarey note, many medical devices are WinXP as well….

18 Windows: The Growing Risk of Unpatched Systems (2) So Win8/7/Vista are not new code. A vulnerability in one those will point to a now (possible) unpatched vulnerability in WinXP.

19

20 Web-Based Malware dangerous, difficult-to-detect web server attacks by Darkleech and exploit kits like Redkit have been responsible for more drive- by download attacks against vulnerable web users. – DarkLeech compromised over 40K domains Delivered ransomware and other malware to users. – Mostly in “drive-by attacks” 93% of infected sites were running Apache.

21 Web-Based Malware (2) Using kits (such as Blackhole and others) – Attacking Java, Adobe PDF and Flash – Other third party plugins. – Stopping most “drive by-attacks”. Plugins like no-script help, since no javascript, no java, no nothing. Back to the “stone age” of browsers. Unless there is an exploit in the browser itself of course.

22 Web-Based Malware Malware 101: – http://www.youtube.com/watch?v=P1U9_s7j4Hg http://www.youtube.com/watch?v=P1U9_s7j4Hg About an hour long video for beginning on how malware works and spreads.

23

24 Threats to Your Financial Account We are seeing more advanced persistent threats (APTs)—persistent, targeted, hard-to- detect attacks—aimed at compromising financial accounts. – What is APTs? Watch: APTsWatch: APTs

25

26 Threats to Mac OS X Mac malware is becoming more widespread, with new versions of Mac Trojans, adware and ransomware emerging in 2013. And like Windows, a number of still common version of the Mac OS X are no longer receiving security updates.

27

28 Threats to linux growing Why? – Linux servers are widely used to run websites and deliver web content, making them and the software running on them prime targets of attack. – IE, it’s all about deliverables.

29 Trends to watch for in 2014 Attacks on corporate and personal data in the cloud More complex Android malware – Going after person data and financial data on phones! – Attempts to spread via social networks as well. 64bit only malware. At least it won’t work on 32bit OSs.

30 Trends to watch for in 2014 (2) Hacking Everything – Attacks will continue to increase, but not to critical levels in 2014. – Infrastructure – “Internet of Things” From thermostats, network printers, and anything connected to the network.

31 References http://www.sophos.com/en-us/threat- center/security-threat- report.aspx?utm_source=Non- Campaign&utm_medium=AdWords&utm_campa ign=NA-AW-GB-Security-Threat- Report&utm_content=Security-Threat- Report&utm_term=sophos%20security%20threat %20report http://www.sophos.com/en-us/threat- center/security-threat- report.aspx?utm_source=Non- Campaign&utm_medium=AdWords&utm_campa ign=NA-AW-GB-Security-Threat- Report&utm_content=Security-Threat- Report&utm_term=sophos%20security%20threat %20report http://www.sophos.com/en-us/security-news- trends/security-trends/network-security-top- trends.aspx http://www.sophos.com/en-us/security-news- trends/security-trends/network-security-top- trends.aspx

32 Q A &

Download ppt "Cosc 4765 SOPHOS Security Threat report about 2013 (and predictions for 2014)"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Security for Internet Every Day Use Standard Security Practices and New Threats.

Security for Internet Every Day Use Standard Security Practices and New Threats.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Tim Fredrick March 2010 NCAR/ACD/NESL Computing The Mebroot/Torpig threat UCAR Malware incidents.

Tim Fredrick March 2010 NCAR/ACD/NESL Computing The Mebroot/Torpig threat UCAR Malware incidents.
INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.

INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.
INFORMATION SECURITY AWARENESS PRESENTED BY KAMRON NELSON AND ROYCE WILKERSON.

INFORMATION SECURITY AWARENESS PRESENTED BY KAMRON NELSON AND ROYCE WILKERSON.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.

MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Trojan Virus Presented by Andy Lindberg & Denver Bohling.

Trojan Virus Presented by Andy Lindberg & Denver Bohling.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Botnets An Introduction Into the World of Botnets Tyler Hudak

Botnets An Introduction Into the World of Botnets Tyler Hudak
Tyler’s Malware Jeopardy $100 VirusWormSpyware Trojan Horses Ransomware /Rootkits $200 $300 $400 $500 $400 $300 $200 $100 $500 $400 $300 $200 $100 $500.

Tyler’s Malware Jeopardy $100 VirusWormSpyware Trojan Horses Ransomware /Rootkits $200 $300 $400 $500 $400 $300 $200 $100 $500 $400 $300 $200 $100 $500.
Introduction Our Topic: Mobile Security Why is mobile security important?

Introduction Our Topic: Mobile Security Why is mobile security important?
MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.

MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
Cyber Crimes.

Cyber Crimes.

Similar presentations

Ads by Google