• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
SecureIT 2014 - Data Security Protecting Businesses and National Assets - Rishi R Sharma, Technical Consultant, India, Trend Micro
 

SecureIT 2014 - Data Security Protecting Businesses and National Assets - Rishi R Sharma, Technical Consultant, India, Trend Micro

on

  • 248 views

SecureIT 2014 - Data Security Protecting Businesses and National Assets - Rishi R Sharma, Technical Consultant, India, Trend Micro

SecureIT 2014 - Data Security Protecting Businesses and National Assets - Rishi R Sharma, Technical Consultant, India, Trend Micro

Statistics

Views

Total Views
248
Views on SlideShare
190
Embed Views
58

Actions

Likes
0
Downloads
0
Comments
0

3 Embeds 58

http://secureit.eletsonline.com 56
http://translate.googleusercontent.com 1
http://www.slideee.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • We live in incredible times! We are more connected than ever.About 1/3 of the world’s population is on the Internet. 2.4B users (about 12% or 276M in NA alone…about 2/3 the population) (Source: Internet World Stats, Dec 2012)We have more information at our fingertips than we could have imagined. Google now indexes over 1 Trillion URLs each day. (Source: Google, 2008)…and there are 665M web sites – amazing when you consider this number was only 50M in 2003. (Source: Netcraft Site Data, July 2012)Not only are we using the Internet to access information more quickly and easily, but we are using it to connect with others. To learn from others. To share with others. Facebook now has over 1B users – incredibly rapid growth from 2003 when Mark Zuckerberg was at Harvard and first launched Facebook. (Source: Facebook, Oct 2012)We use our smart phones not only to find the nearest coffee shop or directions on Google Maps, but to send real-time updates to our friends, family and colleagues. Over half of Facebook users use their mobile devices to access and update their social networking information. (Source: Gartner 2012)One of the reasons that Internet traffic is accelerating so quickly is of course the access by mobile devices. They now account for 10% or Internet traffic. Last year there were 427M smart phones sold last year alone. (Source: SocialBakers May 2012)How quickly our world has changed!!
  • Not only are we more connected, but the adoption rates are unprecedented. If you think about how much iPods changed our view of portable devices, yet Apple only sold 1.3M iPods in its first two years. Compare that with the I first two years of iPad sales, Apple sold 66M iPads. (Source: KPCB, Apple Quarterly Results)Recently, Apple sold out of its 5 Million iP hone 5s in its first 3 days!!
  • This willingness for us as consumers to adopt mobile devices has also made like much more challenging for IT. This chart shows the change in platforms that have shipped over the past 35 years or so.Not surprisingly, this growth of mobile devices is changing our landscape forever. ( Source: Asymco.com June 2012)Only 15 years ago, there was really only one dominant platform to support. Windows on the PC. And maybe some Mac as well. Now, with the rapid adoption of new technologies, mobile devices now outsell PCs. And we are about to see an individual mobile platform (Android) to overtake the PC. And these mobile devices are not just for home use. The global install base of tablets, for example, will be 760 million by 2016, with 375 million sold just in that year. And according to Forrester, one third of them will be sold to businesses. This platform evolution will change your jobs in IT irreversibly.
  • A key indicator of business growth is how long it takes to get to 1 million users For example, it took AOL 9 years to get to 1 million users…9 months to do the same for Facebook…but only 9 DAYS for DrawSomething! ! (Source: ReadWriteWeb March 2012)This new world is causing complexity AND great opportunity.
  • The threat environment has evolved over the years. All of these threats still exists out there, but new and more damaging threats are being developed each year. Now, we are dealing with targeted attacks, advanced persistent threats and creative mobile attacks that take advantage of new vulnerabilities, social engineering and mobile proximity.They are stealthy and are designed to fly under the radar, undetected, and to steal your valuable data. And your data is everywhere--in the cloud, on virtualized servers, and on mobile devices. It needs to be protected, w/out slowing you downStreet crime is down 20%. Why? It is becoming so much more profitable and lucrative to enter into the world of cybercrime. And it is getting easier.Cyber criminals use a seemingly endless array of techniques to compromise and infiltrate nearly every aspect of our electronic environment. As our lives, and for that matter, the entire global economy, have become increasingly dependent on Web-based systems and interconnectivity to operate smoothly, cyber-attacks have emerged to stalk us nearly every step of the way. In fact, they’ve grown so complex and varied that traditional IT system defenses such as antivirus (AV) software and intrusion prevention systems (IPSs) are not enough on their own. Cybercrime has become big business with commercialized exploit kits and cybercriminal counter intelligence available to the hackers. This has greatly accelerated the volume, variety and velocity of threats we are dealing with.There are specific emerging trends in cyber-attack: Professionalization and Commoditization of Exploit Kits. i.e. BlackHole Exploit Kit Modularization: We have also observed a high degree of modularization in more advanced malware like SpyEye and FLAME. Increased Sophistication with Traffic Direction Systems (TDS): Traffic Direction Systems (TDS) are used as initial landing pages, also known as “doorway pages”, which direct traffic to content. RansomwareNew Exploitation Vectors Introduced via HTML5 •Evolution of Mobile ThreatsContinued Exploitation of Social Networks As these threats evolve, it is clear that traditional techniques won’t be able to prevent all threats. Additional layered security and specialized visibility into these attacks is needed.
  • Todays attacks are social, sophisticated, and stealthy. They are targeted attacks and advanced persistent threats – and they typically start with the attacker gathering intelligence about the organization and individuals using Facebook, Linkedin, Google+ and other social networking applications.  Next, they target individuals using social engineering based on the intelligence they’ve gathered – perhaps sending a targeted “spear phishing” email at specific employees from one of their co-workers.  Once they have gained access to the organization by compromising a single machine, they establish a command and control server link so they can remotely control the attack from the outside – …giving the attacker the time and means to control their attack and move within the organizations network compromising other machines.They continue to look for  valuable data by exploring the organization from within the internal network. Once they have found it, they will extract the data from the organization – and this may go undetected for months!
  • All of these capabilities enable a complete lifecycle for dealing with targeted threats and APTs – including…Detectmalware, communications and behavior invisible to standard defensesAnalyzetherisk and characteristics of the attack and attackerAdaptsecurity automatically (IP black lists, custom signatures…)Respond using the insight needed to respond to your specific attackers

SecureIT 2014 - Data Security Protecting Businesses and National Assets - Rishi R Sharma, Technical Consultant, India, Trend Micro SecureIT 2014 - Data Security Protecting Businesses and National Assets - Rishi R Sharma, Technical Consultant, India, Trend Micro Presentation Transcript

  • Advanced Targeted Attack Enabling a Smart Protection Strategy – Trend Micro Approach Rishi R Sharma Technical Consultant – India
  • Copyright 2013 Trend Micro Inc. 2.4B Internet Users1 1 Trillion+ URLs indexed by Google2 665M Web Sites3 1B Facebook Users4 427M Smart Phones Sold Last Year5 54% of Facebook Access is via Mobile6 Sources – 1: Internet World Stats, Dec 2012; 2: Google, 2008; 3: NetCraft Site Data, July 2012; 4: Facebook, Oct 2012; 5: Gartner 2012; 6: SocialBakers, May 2012;
  • Unprecedented Adoption Rates Copyright 2013 Trend Micro Inc. Source: KPCB, Apple Quarterly Results 0 1 2 3 4 5 6 7 8 66.1M iPads 21.2M iPhones 1.3M iPods
  • Copyright 2013 Trend Micro Inc. Source: Asymco.com, June 2012
  • Copyright 2013 Trend Micro Inc. Source: ReadWriteWeb, March 2012 9 Days 9 Months 9 Years 1 Million Users
  • CRIMEWARE DAMAGECAUSED Threat Landscape Worm Outbreaks Vulnerabilities Spam Mass Mailers Spyware Intelligent Botnets Web Threats Evolution to Cybercrime 2001 2003 2004 2005 2007 2010 2012+ Targeted Attacks Mobile Attacks • Now, it’s personal • Financially motivated. • Targeting most valuable assets
  • Challenges with current security controls • Firewall and IDS/IPS are ineffective – Open standard ports and protocols for access • Organizations don’t know they’re being targeted – Low and Slow – stealthy, unlike a virus outbreak. • AV just doesn’t work with APT – 63% of malware used in APT are customized • Employees are the weakest link in security – Spear-phishing a common tactic • Vulnerabilities & Zero-day Exploits – What percentage of your servers and endpoints are patched?
  • Attacker Gathers intelligence about organization and individuals Employees Targets individuals using social engineering Establishes Command & Control server Moves laterally across network seeking data of interest Extracts data of interest – can go undetected for months! $$$$ Today’s Attacks: Social, Sophisticated, Stealthy!
  • A Custom Attack NEEDS a Custom Defense! Attacker Gathers intelligence about organization and individuals Employees Targets individuals using social engineering Establishes Command & Control server Moves laterally across network seeking data of interest Extracts data of interest – can go undetected for months! $$$$ Network Admin Security Malicious Content Suspect Communication Attacker Behavior
  • Custom Defense Strategy A Custom Defense Lifecycle Network Admin Security Network-wide Detection Detect malware, communicati ons and behavior invisible to standard defenses Custom Sandboxes Advanced Threat Analysis Analyze the risk and characteristics of the attack and attacker Threat Intelligence Automated Security Updates Adapt security automatically (IP black lists, custom signatures…) Services and Support Respond using the insight needed to respond to your specific attackers
  • Gateway Anti-virus software IPS FW DDI 0100100 0101 Malicious content • Embedded doc exploits • Drive-by downloads • Zero-day • Malware Suspicious communication • C&C access • Data stealing • Worms • Backdoor activity… Attack behavior • Propagation & dropper • Vuln. scan & bruteforce • Data exfiltration… Visibility of Network
  • Thank You!