1Christos VentourisInformation Security SpecialistSymantec EMEAWatch your stepin the waterhole ….eBusinessWorld & Social M...
AgendaA 10 minute tribute on how things gowrong ...and possibly get you tothink twice(10mins for the next 13 slides. Keep ...
7 Years ago …Clicking on an email orattachment link was dangerous3eBusinessWorld & Social Media World
Today …eBusinessWorld & Social Media World 4Visiting yourfavorite websiteis dangerous.1 in 532 websitesinfected.
browseLegitimateWeb siteMost common: DriveBy Download infectionsBrowser is analysed312 Plug-in vulnerabilities (2012)891 B...
eBusinessWorld & Social Media World 6Your passwordcould be hacked bySocial engineering orif a website washacked.7 years ag...
Today : Data Breaches - again and again• Twitter - 250‘000 user records stolen in 2013• Scribd - 500‘000 user records stol...
Today …eBusinessWorld & Social Media World 8Oversharing allows theattacker to gain access to youronline resources by simpl...
A lot of information in social networks• „Luca2013“ could be my password• Service to reset lost passwords• Also for spamme...
~5 years ago …It was almostimpossible to get yoursmartphone infected.eBusinessWorld & Social Media World 10
Today’s mobile threats11eBusinessWorld & Social Media World
Today’s Android Malware• Making money with premium SMS– Profit with SMS between $1.6K-9K / day• Mobile BotNets exist alrea...
020406080100120140160180200Jan11Jul Jan12JulAndroid Malware GrowtheBusinessWorld & Social Media World 135,0004,5004,0003,5...
HacktivismDifferent Motivation – Different Attacks14MoneyTargeted AttacksSabotage EspionageDDoSDefacementBanking TrojanExt...
Tips of advice …• Think “What is the impact to my customers?”• Assess and Control your risks.• Implement best practices fo...
Upcoming SlideShare
Loading in …5
×

e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your step on the waterhole

347 views
276 views

Published on

Η παρουσίαση αυτή έγινε στα πλαίσια του Συνεδρίου e-Business World 2013, το οποίο πραγματοποιήθηκε στις 19 Ιουνίου, στο Divani Caravel στην Αθήνα.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
347
On SlideShare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
3
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your step on the waterhole

  1. 1. 1Christos VentourisInformation Security SpecialistSymantec EMEAWatch your stepin the waterhole ….eBusinessWorld & Social Media World
  2. 2. AgendaA 10 minute tribute on how things gowrong ...and possibly get you tothink twice(10mins for the next 13 slides. Keep focused :] )eBusinessWorld & Social Media World 2
  3. 3. 7 Years ago …Clicking on an email orattachment link was dangerous3eBusinessWorld & Social Media World
  4. 4. Today …eBusinessWorld & Social Media World 4Visiting yourfavorite websiteis dangerous.1 in 532 websitesinfected.
  5. 5. browseLegitimateWeb siteMost common: DriveBy Download infectionsBrowser is analysed312 Plug-in vulnerabilities (2012)891 Browser vulnerabilities (2012)Malicious Script• hacked website• Misconfigured server• Weak password• Banner Ads• …No userinteractionrequiredeBusinessWorld & Social Media World 5
  6. 6. eBusinessWorld & Social Media World 6Your passwordcould be hacked bySocial engineering orif a website washacked.7 years ago …
  7. 7. Today : Data Breaches - again and again• Twitter - 250‘000 user records stolen in 2013• Scribd - 500‘000 user records stolen in 2013• Evernote resets 50 Mio accounts after data breach in 2013• LinkedIn - 6.5 Mio user records stolen in 2012• Who‘s next ?• Many of them happen due to SQL injection on the website– Very old attack, could be protected by following the best practice7Are you sure that your data is well protected?eBusinessWorld & Social Media World
  8. 8. Today …eBusinessWorld & Social Media World 8Oversharing allows theattacker to gain access to youronline resources by simplyputting the pieces together
  9. 9. A lot of information in social networks• „Luca2013“ could be my password• Service to reset lost passwords• Also for spammers• or for Phishing9Hey, here you getcheap rabbit foodSecurity QuestionName of your pet: LUCAHey, is that your bunnyin that picture?Fake Facebook <login>eBusinessWorld & Social Media World
  10. 10. ~5 years ago …It was almostimpossible to get yoursmartphone infected.eBusinessWorld & Social Media World 10
  11. 11. Today’s mobile threats11eBusinessWorld & Social Media World
  12. 12. Today’s Android Malware• Making money with premium SMS– Profit with SMS between $1.6K-9K / day• Mobile BotNets exist already• DriveBy Downloads possible• Privacy is also an issue• Mobile vulnerabilities– 416 (2012) / 315 (2011)Heavy use ofsocial engineeringFake app marketsUnique (bad) APKevery timeSends PremiumSMSs12eBusinessWorld & Social Media World
  13. 13. 020406080100120140160180200Jan11Jul Jan12JulAndroid Malware GrowtheBusinessWorld & Social Media World 135,0004,5004,0003,5003,0002,5002,0001,5001,0005000Cumulative Android Families 2011-2012Cumulative Android Variants 2011-2012
  14. 14. HacktivismDifferent Motivation – Different Attacks14MoneyTargeted AttacksSabotage EspionageDDoSDefacementBanking TrojanExtortionScameBusinessWorld & Social Media World
  15. 15. Tips of advice …• Think “What is the impact to my customers?”• Assess and Control your risks.• Implement best practices for building your eBusiness platform– OWASP Top 10– Find your own holes before others find them first– Lookout for past and new platform vulnerabilities. Fix them as soon asthey are announced and fix is available• Share responsibly.– If you think you have nothing to hide, tweet a picture while in the WC• Watch what you click ?• Protect your assets based on the threats and risks you identify.eBusinessWorld & Social Media World 15

×