Kaspersky - 07apr2011

585 views
529 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
585
On SlideShare
0
From Embeds
0
Number of Embeds
27
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • http://www.h-online.com/security/news/item/Attacks-on-German-mTAN-banking-users-1222260.htmlhttp://www.rsa.com/node.aspx?id=3872http://www.parismatch.com/Actu-Match/Societe/Actu/Affaire-d-espionnage-au-ministere-par-de-l-Economie-et-des-Finances-Paris-Match-258213/http://www.securityweek.com/attackers-subtle-markets-manipulation-could-tilt-global-economies
  • On August 29, 2003, Jeffrey Lee Parson, an 18-year-old from Hopkins, Minnesota was arrested for creating the B variant of the Blaster worm; he admitted responsibility and was sentenced to an 18-month prison term in January 2005.[2]
  • Transformareaunui calculator intr-unzombi cu ajutorulunuitroian
  • While highly customized malware is being used in sophisticated targeted attacks to gain access inside corporate or governmental networks, the potential dangers of classic malware infections are being massively overlooked by the security industry. Right now, cybercriminals are inadvertently sitting on a goldmine of information in the PCs they have already infected and added to their botnets.
  • But let’s move back down to Earth just a little bit and realize that for every major information leakage incident that’s making headlines out there right now there are thousands of average users’ computers getting infected and creating a much bigger risk.
  • 2006 2007 2008 2009 2010Trojan-Banker 3829 6724 18033 22552 27524Trojan-PSW 7540 11252 17434 23772 46029Trojan-Spy 6641 11115 24692 27460 64466 18010290916015973784138019
  • Hereweseethatthenetworkperimeterispracticallyfullofholesandyouhavetoworkinsidetheperimeterasifitdidnotexistatallandasifthisworkweredoneunderconditionsofunprotectedopenspace. Intheseconditions, thefocusininformationsafetyshiftsfromthenetworkperimeterdirectlytothenodesthatcomprisethisnetwork– theworkstationsandfileservers. Inordertoensuresafetytheyhavetobecapableofindependentlyprotectingthemselvesfromdatathreatswithoutrelyingtoomuchontheprotectedperimeter.
  • Thecorrectandmodernapproachtoprotectingacorporatenetworkforvirusthreats, firstofall, involvesthecorporatenetworknodes – workstationsandfileservers – ensuringprotection. Intermsofreliability, wecontinueasbeforetoprotectthenetworkperimeter, thatis, emailserversandaccessgatewaystotheInternet.A correctlyprotectednetworklooksjustlikethediagrambelow.
  • InApril 2007, Kaspersky Lab launchedthesimilarlynamedfamilyofproducts – Kaspersky Open Space Security, whichmeettheaboverequirementsinpractice.Thefamilyincludesfourproducts. Dependingonthesizeandcomplexityofanetworkaswellasthecustomer'sneeds, thecustomershoulduseanyoftheproductsfromOpen Space.Theintroductorystageproduct – Kaspersky Work Space Securityonlyprotectsworkstationsandmobiledevicessuchasnotebooksandsmartphones.Ifacustomeralsorequirestheprotectionoffileservers, thenthecustomerneedsKaspersky Business Space Security.TheproductKaspersky Enterprise Space Security protectscorporateemailserversinadditiontoworkstationsandfileservers.WhileKaspersky Total Space Securitygenerallyprotectseverything, includingInternetgatewayssuchasMicrosoft ISA-Server, Linux Proxy Server orCheck-Point Firewall.
  • AsfortheantivirusprotectionofInternetgateways, Kaspersky Laboratoriesoffersthefollowingrangeofproducts:Kaspersky antivirusforvariousversionsofMicrosoft ISA server: ISA server 2000, 2004 and 2006 Standard andEnterprise Edition.antivirusforProxy server. AllpopulartypesofProxy serversaresupported, forinstance: Squid (with ICAP protocol), Blue Coat SG Appliance, NetApp/Blue Coat NetCache, Cisco ACNS Content Engine, appliedontheGNU/LinuxOSAllantivirusesforInternetgatewaysutilizeasimilarprinciple: Internetgatewayserver (software) receivestheincomingdatastream, thenittransfersthedatathroughitssoftwareinterfacetotheantiviruskernelforchecking. Thenthekerneltakestheobjectsfromthetrafficandchecksthem. Whennecessary, itgrabsthemaliciousobjectsandreturnstheprocessedandcleanedflowbacktotheInternetgateway.
  • AsfortheantivirusprotectionofInternetgateways, Kaspersky Laboratoriesoffersthefollowingrangeofproducts:Kaspersky antivirusforvariousversionsofMicrosoft ISA server: ISA server 2000, 2004 and 2006 Standard andEnterprise Edition.antivirusforProxy server. AllpopulartypesofProxy serversaresupported, forinstance: Squid (with ICAP protocol), Blue Coat SG Appliance, NetApp/Blue Coat NetCache, Cisco ACNS Content Engine, appliedontheGNU/LinuxOSAllantivirusesforInternetgatewaysutilizeasimilarprinciple: Internetgatewayserver (software) receivestheincomingdatastream, thenittransfersthedatathroughitssoftwareinterfacetotheantiviruskernelforchecking. Thenthekerneltakestheobjectsfromthetrafficandchecksthem. Whennecessary, itgrabsthemaliciousobjectsandreturnstheprocessedandcleanedflowbacktotheInternetgateway.
  • Let'sbeginwithmailprotection.WeprotectalltypesofExchange servers. Exchange 2000 and 2003 areprotectedbyKAV forMS Exchange 2000/2003.Also, thereisanapplicationforExchange 2003 calledKaspersky Security forMS Exchange Server 2003thatprotectsagainstvirusesandspam.ThereisalsoaproductforMS Exchange 2007 calledKaspersky Security, butitonlyprotectsfromvirusesandhasnointegratedanti-spamfunction, anditprobablywon'tbeintegratedalthoughitwasinitiallyplanned.ThereisalsoanantivirusforIBMLotus Domino, butonlyforWindows.ThereareantivirusesforUNIX systemsthatprotectmailservicesbasedonSendmail, Qmail, Postfix, and Exim. (Forfurtherinformation, seesystemrequirements).UNIX systemsrequireaseparateKaspersky Antispam installation.ThereistheKaspersky Mail-Gateway application, designedforasinglecomputerthatchecksallmailtrafficformaliciouscodeandspam.
  • AsfortheantivirusprotectionofInternetgateways, Kaspersky Laboratoriesoffersthefollowingrangeofproducts:Kaspersky antivirusforvariousversionsofMicrosoft ISA server: ISA server 2000, 2004 and 2006 Standard andEnterprise Edition.antivirusforProxy server. AllpopulartypesofProxy serversaresupported, forinstance: Squid (with ICAP protocol), Blue Coat SG Appliance, NetApp/Blue Coat NetCache, Cisco ACNS Content Engine, appliedontheGNU/LinuxOSAllantivirusesforInternetgatewaysutilizeasimilarprinciple: Internetgatewayserver (software) receivestheincomingdatastream, thenittransfersthedatathroughitssoftwareinterfacetotheantiviruskernelforchecking. Thenthekerneltakestheobjectsfromthetrafficandchecksthem. Whennecessary, itgrabsthemaliciousobjectsandreturnstheprocessedandcleanedflowbacktotheInternetgateway.
  • Kaspersky - 07apr2011

    1. 1. Datele mobile, amenintarile emergenteTeodor CimpoesuManaging Director, Romania&Bulgaria, Eastern EuropeKaspersky Lab
    2. 2. Cateva stiri2011-04• SpyEye/mTAN: "Die Seriennummer des Zertifikats: 88689-1299F"2011-03• RSA –2011 Recruitment plan.xls “Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). […]. Some of that information is specifically related to RSAs SecurID two-factor authentication products”2011-03• Ministère de l’Economie et des Finances “«Ceux qui ont agi sont des professionnels déterminés et organisés. C’est la première attaque contre l’Etat français de cette ampleur et à cette échelle»”2011-02• European Union Emissions Trading System “cyber-attackers are successfully breaching electronic trading systems not merely for the purpose of stealing funds, but to actively «spread panic among markets and destabilize western financial institutions. »” 2
    3. 3. Numiti virusul!1999 Efectul grafic din stanga era afisat de catre virusul: a) CodeRed b) Melissa c) Happy99 d) Cascade
    4. 4. Numiti virusul!2003 Cum se numeste virusul de mai sus? a) MyDoom b) MyTob c) Rbot d) Blaster/Lovesan
    5. 5. Numiti virusul!2010 Cum se numeste virusul de mai sus? a) BumBoom b) Ayran c) Robotz d) StuxnetPAGE 5 | | 08 April 2011
    6. 6. Perimetrul de securitate - inainte
    7. 7. Perimetrul de securitate - acum
    8. 8. BasicsMetamorfoza troian-bot
    9. 9. Sitting on a time bomb Retelele de tip botnet reprezinta adevarate mine de aur pentru furtul de informatie • Cantitatea de informatie expusa la riscul de a deveni publica este ingrijoratoare Utilizatorul de rand nu realizeaza posibilele consecinte ale folosirii unui calculator infectat • E infectat, dar imi fac treaba cu el! • Malware-ul clasic poate fi convertit oricand in scopuri de furt de informatie
    10. 10. Cifre ingrijoratoare Kaspersky Lab proceseaza mai mult de 70.000 de programe periculoase (virusi, troieni, viermi, adware, etc) in fiecare zi25,000,00022,500,00020,000,00017,500,000 2006: Un virus nou in fiecare minut15,000,00012,500,000 2011: Un virus nou in fiecare secunda10,000,000 7,500,000 5,000,000 2,500,000 0 2004 2005 2006 2007 2008 2009 2010 Sursa: Kaspersky Lab
    11. 11. Malware dedicat furtului de date2009 vs. 2010 vs. 2011 120000 2009 vs. 2010 - 87% crestere in data stealing malware 100000 - 135% crestere in familia Trojan-Spy 80000 2010 a fost primul an in care am adaugat mai mult de 100.000 de semnaturi 60000 pentru malware-ul dedicat furtului de date. 40000 20000 0 2006 2007 2008 2009 2010Sursa: Kaspersky Lab Trojan-Banker Trojan-PSW Trojan-Spy
    12. 12. MalwareNumber of signatures Amenintarile la adresa smartphone-urilor sunt in crestere Numarul total de semnaturi pentru mobile malware la 15 februarie 2011: 1990 Sursa: Kaspersky Lab
    13. 13. Structură standard rețea corporate | 08 April 2011
    14. 14. Back to basicsProtectia endpoint-ului devine vitalaCe inseamna endpoint in ziua de azi:• Desktop• Laptop Endpoint-urile din ce in ce mai• Smartphone mobile aduc o noua provocare:• Tablet protejarea perimetrelor deschise• ?Protectia endpoint-ului devine vitala:• Retele securizate, cu politici stricte, dar cu utilizatori mobili• Adoptia accelerata a smartphone-urilor, o noua problema pentru managerii IT
    15. 15. Kaspersky Open Space SecurityProtecție complexăLinia de produse Kaspersky Open Space Security a fost dezvoltatăpentru a proteja rețelele de tip corporate împotriva celor mai noitipuri de amenințări indiferent de dimensiune și complexitate. | 08 April 2011
    16. 16. Kaspersky Open Space SecurityLinie de produse | 08 April 2011
    17. 17. Kaspersky Work Space Security Kaspersky Anti-Virus for Windows Workstations Kaspersky Anti-Virus for Linux Workstation Kaspersky Endpoint Security for Mac Nou! Kaspersky Endpoint Security for Smartphone Nou!Kaspersky Open Space Security Essentials | 08 April 2011
    18. 18. Kaspersky Business Space Security Kaspersky Work Space Security components Kaspersky Anti-Virus for Windows Servers Kaspersky Anti-Virus for Linux File Server Nou! Kaspersky Anti-Virus for Novell NetWare Kaspersky Anti-Virus for Windows Servers EE Nou!Kaspersky Open Space Security Essentials | 08 April 2011
    19. 19. Kaspersky Enterprise Space Security Kaspersky Business Space Security components Kaspersky Security 8.0 for Microsoft Exchange Servers Nou! Kaspersky Security for Microsoft Exchange Server 2003 Kaspersky Anti-Virus for Linux Mail Server Kaspersky Anti-Virus 8.0 for IBM Lotus Domino Nou! Platforme suportate Microsoft Exchange Linux Servers 2003/2007/2010 Lotus/Domino Mail ServerKaspersky Open Space Security Essentials | 08 April 2011
    20. 20. Total Space Security Componente Kaspersky Enterprise Space Security Kaspersky Anti-Virus for Microsoft ISA Server and Forefront TMG Standard EditionNou! Kaspersky Anti-Virus for Microsoft ISA Server Kaspersky Anti-Virus for Proxy Server Kaspersky Anti-Spam Kaspersky Mail Gateway Platforme Microsoft Proxy suportate ISA / TMG Servers ServerKaspersky Open Space Security Essentials | 08 April 2011
    21. 21. Perspective Securitatea este un process nuun produs Adoptarea de noi tehnologii esteurmata si de cresterea potentialuluide criminalitate informatica Revizuiti-va riscurile de securitate in perimetrele deschise Unde va sunt datele, si cum sunt ele accesate? Exista riscuri si asupra afacerii dvs?
    22. 22. MultumescIntrebari, va rog!teodor.cimpoesu@ro.kaspersky.comtwitter.com/cteodor

    ×