Your SlideShare is downloading. ×
0
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Website Security Threats: Spotlight on the Netherlands
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Website Security Threats: Spotlight on the Netherlands

378

Published on

The topic of security has grabbed headlines over the last few years and indeed the last few weeks, but most of this attention has focused on a small percentage of large enterprises. However, security …

The topic of security has grabbed headlines over the last few years and indeed the last few weeks, but most of this attention has focused on a small percentage of large enterprises. However, security is not an issue for them alone, as mid-market companies increasingly deal with the same threats.
Join Symantec Website Security Solutions to understand how you can take a proactive website security stance.

A webinar posted here https://www.brighttalk.com/webcast/6331/109323 looks at the size of Ecommerce market opportunity in the Netherlands, and the threat landscape in general and website security solutions that can help your protect your company.

Published in: Technology, Education
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
378
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Website Security Threats: Spotlight on the Netherlands 2 May 2014 9.30am CET Jane Broderick – Account Manager Andrew Horbury – Product Marketing Manager
  • 2. Agenda • The growing market opportunity • Cybercrime • Data Breaches • Website Vulnerabilities & Malware • Targeted Attacks • CA breaches • Diginotar • Symantec Website Security Solutions Spotlight on the Netherlands 2
  • 3. Spotlight on the Netherlands 3
  • 4. Ecommerce in Europe Spotlight on the Netherlands 4
  • 5. Netherlands Ecommerce • 94% of 16,7 million Dutch population used the Internet in 2012 • 10.9 million Dutch citizens bought goods and services online , amounting to a total value of €9.8bn in 2012. This represents an increase of 9,1% compared to 2011. Spotlight on the Netherlands 5
  • 6. Who is affected most by cybercrime? Spotlight on the Netherlands 6 CYBERCRIME VICTIMS MORE LIKELY TO BE: MALE – 64% (COMPARED TO 58% OF FEMALES) MILLENNIAL – 66% (COMPARED TO 54% OF BABY BOOMERS) AND: • MOBILE DEVICE OWNERS – 63% • SOCIAL NETWORK USERS – 63% • PUBLIC / UNSECURED WI-FI USERS – 68% • EMERGING MARKET – 68% • PARENT OF CHILDREN 8-17 – 65% 85% CHINA 77% RUSSIA 73% SOUTH AFRICA Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
  • 7. EUR82 BN FRAUD 38% THEFT OR LOSS 21% REPAIRS 24% OTHER 17% 83% OF DIRECT FINANCIAL COSTS ARE A RESULT OF FRAUD, REPAIRS, THEFT AND LOSS EUR215 AVERAGE COST PER VICTIM THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf REPRESENTS A 50 PERCENT INCREASE OVER 2012 ENOUGH TO HOST THE 2012 LONDON OLYMPICS NEARLY 10 TIMES OVER Spotlight on the Netherlands 7
  • 8. 1 ALL AMOUNTS IN EUR (at 26 April 2014) ROUNDED TO THE NEAREST BILLION 27 USA BN 2MEXICO BN 6BRAZIL BN 9 EUROPE BN 1RUSSIA BN 28CHINA BN 3INDIA BN 1 JAPAN BN AUSTRALIA BN THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME 0.2 SOUTH AFRICA BN CANADA 2 BN; SINGAPORE 0.7 BN; NEW ZEALAND 0.1 BN; TURKEY 1.4 BN; SAUDI ARABIA 0.4 BN; UAE 0.2 BN; COLOMBIA 0.4 BN Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
  • 9. • THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME • EUR82 BILLION ANNUALLY, COST PER CYBERCRIME VICTIM UP 50 PERCENT • THE SCALE OF CONSUMER CYBERCRIME • 1 MILLION+ VICTIMS DAILY • CREATING PERFECT STORM AS LINES BLUR BETWEEN WORK/PLAY • 49% USE THEIR PERSONAL DEVICE FOR WORK AND PLAY • AROUND ONE-IN-FIVE SHARE WORK RELATED INFORMATION WITH FRIENDS AND FAMILY Spotlight on the Netherlands 9 Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
  • 10. Netherlands: State of the nation • 30% of adults have experienced cybercrime in the past 12 months (61% globally) • 3M cybercrime victims in the past 12 months (378M globally) • 53% of males who have been victim of cybercrime in their lifetime (sorry no number available for females) (64% globally) • 137M EUR: total cost of cybercrime in the past 12 months (82Bn EUR globally) • 53EUR: Average direct cost per cybercrime victim in the past 12 months (215EUR globally) • Social network users who do not log out after each session 53% (39% globally) • Social network users who share their social media passwords with others 30% (keep an eye on this one). Spotlight on the Netherlands 10
  • 11. We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. Spotlight on the Netherlands 11
  • 12. We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. USUALDon’t share passwords or reuse them on multiple sites Spotlight on the Netherlands 12
  • 13. Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 13 The Year of the Breach
  • 14. Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 14
  • 15. Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 15 2013 was the Year of the Mega Breach
  • 16. 2013 Year of the Mega Breach Source: 2012 Symantec ISTR • 8 of the top 10 breaches were of more than 10 million identities • Average Identities exposed were 4 times greater than 2012 Spotlight on the Netherlands 16
  • 17. Breaches • The average number of identities exposed per data breach for Hacking incidents was approximately 4.7 million. • Theft or loss of a device was ranked third, and accounted for 27% of data breach incidents. Spotlight on the Netherlands 17
  • 18. Mega Breaches – What Was Lost Spotlight on the Netherlands 18
  • 19. Vulnerabilities 19Spotlight on the Netherlands
  • 20. Vulnerabilities • With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware 20Spotlight on the Netherlands
  • 21. • Targeted Attacks predominantly start as spear phishing attacks • In 2012, Watering Hole Attacks emerged Send an email to a person of interest Spear Phishing Infect a website and lie in wait for them Watering Hole Attack Spotlight on the Netherlands 21
  • 22. Effectiveness of Watering Hole Attacks • Watering Hole attacks are targeted at specific groups • Can capture a large number of victims in a very short time Infected 500 Companies Watering Hole Attack in 2012 1 All Within 24 Hours Spotlight on the Netherlands 22
  • 23. Watering Hole Targeted iOS Developers • Several high profile companies fall victim to just such an attack Spotlight on the Netherlands 23
  • 24. Website Security Challenges Evolving Regulations • Externalisation & Virtualisation • Consolidation • Integration Evolving Cyber Crime • Web-Focused • Targeting users • Stealing Confidential Information Evolving Web Use Enable Business Innovation and Agility Protect the Brand Evolving Infrastructures • Consumerisation • More Mobility • Social Augmented ‘Big Data’ Website • Protect the Consumer • Protect the User • Increasing scope Spotlight on the Netherlands 24
  • 25. Implications of the Evolving Threat Landscape Individual SMB’s Large companies and Enterprises Symantec Increase security of their sites and apps Manage, monitor and automate security of servers/sites/apps. Provide our customers with additional security services Consumers Which sites can I trust? Who can I trust? Spotlight on the Netherlands 25
  • 26. http://bit.ly/1oT6qwc • DigiNotar breach • Browser Exploit Against SSL/TLS Attack (BEAST) • SSL Renegotiation Attack • CRIME, Lucky 13 • Heartbleed Its clear that SSL is more newsworthy today than ever SSL in the news……. 26
  • 27. Heartbleed – OpenSSL Vulnerability • This is not a vulnerability with SSL/TLS • SSL/TLS is not broken, nor are the SSL certificates issued by Symantec • Users of Open SSL versions 1.0.1 through (and including) 1.0.1f are affected Advice for Businesses Check your version of OpenSSL and either: • Recompile OpenSSL without the heartbeat extension • Update to the latest fixed version of the software (1.0.1g) if you are using OpenSSL versions 1.0.1 through (and including) 1.0.1f • After moving to a fixed version of OpenSSL, contact the SSL certificate’s issuing Certification Authority for a replacement • Finally, businesses should also consider resetting end-user passwords that potentially may have been visible in compromised server memory. Website Security Threats: April 2014 Update
  • 28. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 28
  • 29. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 29
  • 30. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 30
  • 31. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 31
  • 32. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 32
  • 33. CA news Spotlight on the Netherlands 33
  • 34. Spotlight on the Netherlands More servers, more certificates, more developers, more complexity Late night calls when a certificate expires, or is wrongly configured What happens when things do go wrong 34
  • 35. Expired & Misconfigured Certificates Drive Costs, Losses & Brand Damage CALLS TO TECH SUPPORT USERS TRAINED TO IGNORE WARNINGS LOST PRODUCTIVITY MISSED SALES OPPORTUNITIES DEFECTION TO COMPETITORS DAMAGE TO BRAND AND CREDIBILITY CALLS TO CUSTOMER SUPPORT INTERNAL APPLICATIONS EXTERNAL APPLICATIONS Spotlight on the Netherlands 35
  • 36. Five to do’s 1. Do you know what certificates you have? – Their expiry dates, how to renew them? 2. Be ready: Expect the unexpected but mitigate the risk 3. How can you deliver improved reporting across your organisation 4. New Algorithms can reduce overheads and create efficiencies – do you know what they are? 5. Are you ready and prepared for Internal Server Name Deprecation? Spotlight on the Netherlands 36
  • 37. One final to do • Call me – I understand SSL, your challenges and needs –Jane Broderick –Tel: +44 20 7448 5608 –Email: jane_broderick@symantec.com Spotlight on the Netherlands 37
  • 38. More information? Spotlight on the Netherlands 2013 ISTR: www.symantec.com/threatreport/ Always-On SSL: go.symantec.com/always-on-ssl/ Symantec Certificate Intelligence Center: go.symantec.com/certificate-intelligence- center Symantec Website Security Solutions www.symantec.com/ssl 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf Twitter @nortonsecured 38
  • 39. Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Spotlight on the Netherlands 39 Jane Broderick – Account Manager Tel: +44 207 4485 608 email: jane_broderick@symantec.com Andrew Horbury – Product Marketing Tel: +44 7703 468 966 email: andrew_horbury@symantec.com
  • 40. Web-based threats: Any website can infect you • In the past – you had to visit dangerous sites to get infected but today it could be a legitimate site attacking you • Web malware exploits - leverage software vulnerabilities without users knowledge • Which sites can infect you? Your favourites: – News, travel, online games, real estate, government, many others With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware • 78% of scanned websites have vulnerabilities • 1 in 8 sites had critical unpatched vulnerabilities • In 2013, over 56,000 domains were used to host web malware Source: Symantec ISTR Spotlight on the Netherlands 40
  • 41. CA news Spotlight on the Netherlands 41

×