Symantec Website Security Threat Report - Insights


Published on

Part one of the Symantec Website Security Threat Report white paper is available here:

These slides give insights from the Symantec Website Security's annual global threat report.We look at website malware, malvertising, targeted attacks, watering hole attacks, ransomware and website vulnerabilities.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Symantec Website Security Threat Report - Insights

  1. 1. Symantec Website Security Threat Report12 June 2013Alistair Johnson, Mike Smart, Andrew Horbury1
  2. 2. WelcomeThe WSTR is a subset ofthe annual Symantec ISTR– To complement thiswebinar we have puttogether:• Video• Infographics• Podcasts• And much more…
  3. 3. AgendaIntroduction to report1Targeted attacks2Vulnerabilities3Watering hole attacks4Malware and the emergence of Ransomware53
  4. 4. • 69 million sensors• 157 countries• 51,644 recorded vulnerabilities(spanning two decades)• 3 billion emails processed eachday• 1.5 Million websites scannedInformation sources4
  5. 5. Targeted Attacks5
  6. 6. Targeted attacks up 42% in 20126
  7. 7. Targeted attacks by company size7
  8. 8. Top 10 Industries attacked in 2012• Manufacturingmoved to topposition in 2012• But all industriesare targeted8
  9. 9. Targeted attack by job functionR&D27%Senior12%C-Level17%Sales24%SharedMailbox13%Recruitment4%Media3% PA1%0%5%10%15%20%25%30%• Attacks may start with the ultimate target but often look for any entry into acompany9
  10. 10. Spear phishing Watering hole attackSend target a relevantemail messageInfect the website and thenlie in wait for the target• Targeted attacks predominately start with as spear phishing attacks• In 2012 we saw the emergence of Watering hole attacks
  11. 11. How effective is a watering hole attack?1 Watering HoleAttack in 2012infected500 companiesAll within24 hours• Watering Hole attacks target specific groups and sites• They can capture a large number of victims in a short space oftime11
  12. 12. Watering Hole attacked targeting iOS Developers• An example of a Watering Hole• The attackers were looking for iOS developers12
  13. 13. Recent Examples of Water Hole Attack• In 2013 wepredict this typeof attack willbecome morewidely used• In February thisyear severalhigh profilecompanies fellvictim to thistype of attack13
  14. 14. Malware and Vulnerabilities14
  15. 15. Zero-Day Vulnerabilities13159121481402468101214162006 2007 2008 2009 2010 2011 2012Total Volume15
  16. 16. Zero-Day Vulnerabilities423 413159121481405101520252006 2007 2008 2009 2010 2011 2012Total VolumeElderwoodStuxnet• One group can significantly affect yearly numbers• The Elderwood gang drove the rise in zero day vulnerabilities16
  17. 17. All vulnerabilities4842 464455624814625349895291010002000300040005000600070002006 2007 2008 2009 2010 2011 2012• No significant rise or fall in discovery of new vulnerabilities in last six years17
  18. 18. 74,00055,00043,000010,00020,00030,00040,00050,00060,00070,00080,0002010 2011 2012New unique malicious web domainsDecreaseIn new malicious domains18
  19. 19. Our websites are being used against us•53% of legitimate websites have unpatched vulnerabilities•24% have critical vulnerabilities unpatched•61% of malicious websites are legitimate19
  20. 20. Our own websites are being used against us• In 2012 one threat (LizaMoon) infected more than 1 millionwebsites• Operating on legitimate webpages it sends users to a fakeantivirus alert site, warning them that their computer may beinfected.20
  21. 21. 21
  22. 22. • 16 Number of criminal gangs involved in this cybercrime• 5M USD estimated amount extorted from victims in 2012• 500,000 average number of attacks seen from one threat in 18day period22
  23. 23. How Symantec can help (Print Screen)Symantec technology What it does How it can helpSymantec Extended ValidationSSL CertificatesEncrypts confidential information, such as credit card data,between the browser and your servers. Also confirms theidentity of the website in the browser address bar.• Powerful encryption• Visible security• Authenticates the website• Greater customer trust• Increased conversions.Web Site Malware Scanning Scans websites for malware infections. Reduces the risk of warnings and blocking bysearch engines and the risk of reputationdamage when a site infects its visitors.Symantec Managed PKI for SSL Lets website managers keep track of all their SSLcertificates from a web-hosted management console.Reduce the risk of accidental certificateexpiry and credibility-damaging certificatewarnings.Always-on SSL with SymantecSecure Site Pro SSL CertificatesAlways-on SSL is used by sites such as Google, Facebookand LinkedIn to protect all the user’s interactions with thesite.Build trust and encourage user interaction bymaking sure that it is all encrypted andsecure.The Norton™ Secured Seal Shows customers that you value their trust and that yoursite is secure because it has been scanned weekly formalware and vulnerabilities.The Norton™ Secured Seal is the mostrecognised trust mark on the InternetSymantec Seal-in-Search™ Displays the widely-recognised Norton Secured Seal trustmark in web search results.Increase search trafficIncrease customer trust and confidence.AdVantage Real-time detection, notification, and analysis ofmalvertisement incidents through the cloud fromSymantec.Comprehensive static & dynamicmalvertisement detection technologiesInstant notification of malvertisement activity23
  24. 24. Stay informed• Follow us on twitter @nortonsecured @threatintel••• Blogs
  25. 25. Email: andy_horbury@symantec.com25
  26. 26. Thank you!Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates inthe U.S. and other countries. Other names may be trademarks of their respective owners.This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express orimplied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.Andrew Horbury Email: andy_horbury@symantec.comMike SmartAlistair Johnson26