SlideShare a Scribd company logo

Raimund genes from traditional malware to targeted attacks

Graeme Wood
Graeme Wood
News & PoliticsTechnology
1 of 36
Download to read offline
From Traditional Malware to Targeted Attacks Raimund Genes Chief Technology Officer Trend Micro
Internet PC PC PC Internet Gateway Exchange Server 150 infected Mails
CRIMEWARE DamagecausedbyCybercrime 2001 2003 2004 2005 2007 2010 Vulnerabilities W orm Outbreaks Spam Mass Mailers Spyware Intelligent Botnets Web Threats Evolution to Cybercrime 2011+ Targeted Attacks Mobile Attacks
Trustwave 2013 Global Security Report: Average time from initial breach to detection was 210 days, more than 35 days longer than in 2011.
Malware / Bot / APT Behavior Comparison Table APT Bot Malware Distribution With organized planning Mass distribution over regions Mass distribution over regions Services interruption No No Yes Attack Pattern Targeted (only a few groups/organizations) Not targeted (large area spread- out) Not targeted (large area spread- out) Target Audience Particular Organization/Company Individual credentials including online banking account information Random Frequency of attacks Many times Once Once Weapon -Zero-day exploit -Drop embedded RAT -Dropper or Backdoor Multiple-Exploits,All in one By Malware design Detection Rate Lower than 10% within one month Around 86% within one month Around 99% within one month
Some Documented Advanced Persistent Threat Campaigns (Real-world Examples) • LURID – threat actors launched around 300 campaigns targeting different industries in different countries • Luckycat – threat actors used diverse infrastructure (from throwaway free hosting to dedicated VPSs) • Taidoor – threat actors primarily targeted government organizations located in Taiwan • IXESHE – threat actors used compromised computers inside the network to evade network detection
Advanced Persistent Threat Targeted Attacks
The attacker knows what he’s looking for!
South Korea – Hacktivism, Cyber Sabotage, or Cyberterrorism?
Sometimes an “unusual” targets
Typical Industrial Control System (ICS)
• In a small city in US with 8000 citizens • It has to look like a real system • And by “accident” the system has a link to the Internet Let’s simulate a Water Pressure Control station
Building a SCADA Honeypot…
Attacks from US, 9 LAOS, 6 UK, 4 CHINA, 17 NETHERLANDS, 1 JAPAN, 1 BRAZIL, 2 POLAND, 1 VIETNAM, 1 RUSSIA, 3 PALESTINE, 1 CHILE, 1 CROATIA, 1 NORTH KOREA, 1
What to expect next?
Your phone as your wallet
Android Malware 120,000 350,000
Vehicle past and now TOYOTA'S Vehicle(1955) TOYOTA'S Hybrid Vehicle(2011) None of computers included over 70 of computers included
Tire Pressure Monitoring System UNAUTHORIZED APPS, Multimedia File Smartphone, USB Immobilizer Cutter DOOR LOCKS Smart Key CHAdeMO : Quick charging method for battery powered electric vehicles KEY FOB TELEMATICS SYSTEM OBDII , CAN, ECU Vehicle Area Network
iVehicle
Embedded OS selected by car industry SELECTED IVI Standard Organization
Security Assessment Kernel > 2.6.35.3 Gain Privilege > 18
• All the ECU turned into Fail-Safe-Mode. • Engine fan and headlamp kept working. • Meter(e.g. speed) needle keeps wobbling Overflow attack to CAN bus
If someone wants to get in, he get’s in!
So do we do a lot of stuff just to satisfy the auditors?
LATIN AMERICA EUROPE APAC NORTH AMERICA GLOBAL
Thank You

Recommended

The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
Stephen Cobb
 
Spy Programs
Spy ProgramsSpy Programs
Spy Programs
HHSome
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security Risks
Michael Davis
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
Sahil Vashishtha
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
Jose L. Quiñones-Borrero
 
Cyber threats landscape and defense
Cyber threats landscape and defenseCyber threats landscape and defense
Cyber threats landscape and defense
fantaghost
 
Mobile security
Mobile securityMobile security
Mobile security
home
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
MarketingArrowECS_CZ
 

Recommended

The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
Stephen Cobb
 
Spy Programs
Spy ProgramsSpy Programs
Spy Programs
HHSome
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security Risks
Michael Davis
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
Sahil Vashishtha
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
Jose L. Quiñones-Borrero
 
Cyber threats landscape and defense
Cyber threats landscape and defenseCyber threats landscape and defense
Cyber threats landscape and defense
fantaghost
 
Mobile security
Mobile securityMobile security
Mobile security
home
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
MarketingArrowECS_CZ
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for android
Kazi Sarwar Hossain
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
Keshab Nath
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
Peter Wood
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and Solutions
Goutama Bachtiar
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
Lookout
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Raheela Patel
 
Hot Cyber Security Technologies
Hot Cyber Security TechnologiesHot Cyber Security Technologies
Hot Cyber Security Technologies
RuchikaSachdeva4
 
Security models of modern mobile systems
Security models of modern mobile systemsSecurity models of modern mobile systems
Security models of modern mobile systems
Divya Raval
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David Turahi
Commonwealth Telecommunications Organisation
 
Attacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell PhonesAttacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell Phones
Faizan Shaikh
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
Tejesh Dhaypule
 
Why Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You ThinkWhy Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You Think
Blue Coat
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and Tools
Karan Bhandari
 
Mobile security
Mobile securityMobile security
Mobile security
Naveen Kumar
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber Attacks
Venafi
 
Digital Security
Digital Security Digital Security
Digital Security
MCMAUP01
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
CAS
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal Auditors
Jim Kaplan CIA CFE
 
NormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk Brief
NormShield
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ck
Narinrit Prem-apiwathanokul
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
shreemala1
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
Fidelis Cybersecurity
 

More Related Content

What's hot

Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
Keshab Nath
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David Turahi
Commonwealth Telecommunications Organisation
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and Tools
Karan Bhandari
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal Auditors
Jim Kaplan CIA CFE
 

What's hot (20)

Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for android
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and Solutions
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Hot Cyber Security Technologies
Hot Cyber Security TechnologiesHot Cyber Security Technologies
Hot Cyber Security Technologies
 
Security models of modern mobile systems
Security models of modern mobile systemsSecurity models of modern mobile systems
Security models of modern mobile systems
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David Turahi
 
Attacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell PhonesAttacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell Phones
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
 
Why Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You ThinkWhy Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You Think
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and Tools
 
Mobile security
Mobile securityMobile security
Mobile security
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber Attacks
 
Digital Security
Digital Security Digital Security
Digital Security
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal Auditors
 
NormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk Brief
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ck
 

Similar to Raimund genes from traditional malware to targeted attacks

7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
shreemala1
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
♟Sergej Epp
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
Abdelfatah hegazy
 
TC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbragaTC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbraga
George Braga
 
External threats-to-information-system
External threats-to-information-systemExternal threats-to-information-system
External threats-to-information-system
Souman Guha
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
arnoldmeredith47041
 

Similar to Raimund genes from traditional malware to targeted attacks (20)

7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial Sector
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and Response
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
 
C3
C3C3
C3
 
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
 
Brooks18
Brooks18Brooks18
Brooks18
 
TC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbragaTC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbraga
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
 
External threats-to-information-system
External threats-to-information-systemExternal threats-to-information-system
External threats-to-information-system
 
Malware
MalwareMalware
Malware
 
Information security
Information securityInformation security
Information security
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded Devices
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 

More from Graeme Wood

AIIA_DataAnalytics_Project_External_20160721
AIIA_DataAnalytics_Project_External_20160721AIIA_DataAnalytics_Project_External_20160721
AIIA_DataAnalytics_Project_External_20160721
Graeme Wood
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
Graeme Wood
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Graeme Wood
 
Trend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationTrend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning Presentation
Graeme Wood
 

More from Graeme Wood (15)

TechCatalyst free assessment
TechCatalyst free assessment TechCatalyst free assessment
TechCatalyst free assessment
 
TechCatalyst Corporate Overview
TechCatalyst Corporate Overview TechCatalyst Corporate Overview
TechCatalyst Corporate Overview
 
How does semantic technology work?
How does semantic technology work? How does semantic technology work?
How does semantic technology work?
 
AI and the Financial Service Segment
AI and the Financial Service SegmentAI and the Financial Service Segment
AI and the Financial Service Segment
 
Ai and Legal Industy - Executive Overview
Ai and Legal Industy - Executive OverviewAi and Legal Industy - Executive Overview
Ai and Legal Industy - Executive Overview
 
Semantic Computing Executive Briefing
Semantic Computing Executive Briefing Semantic Computing Executive Briefing
Semantic Computing Executive Briefing
 
Introduction to Semantic Computing
Introduction to Semantic ComputingIntroduction to Semantic Computing
Introduction to Semantic Computing
 
AIIA_DataAnalytics_Project_External_20160721
AIIA_DataAnalytics_Project_External_20160721AIIA_DataAnalytics_Project_External_20160721
AIIA_DataAnalytics_Project_External_20160721
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
 
andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013
 
Anz campaign creative 11 sept 2010
Anz campaign creative 11 sept 2010Anz campaign creative 11 sept 2010
Anz campaign creative 11 sept 2010
 
Anz cloud thought leadership 16 mar
Anz cloud thought leadership 16 marAnz cloud thought leadership 16 mar
Anz cloud thought leadership 16 mar
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend Micro
 
Trend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationTrend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning Presentation
 

Recently uploaded

The political system of the united kingdom
The political system of the united kingdomThe political system of the united kingdom
The political system of the united kingdom
lunadelior
 
9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR
9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR
9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
Andy (Avraham) Blumenthal
 
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
hyt3577
 
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
Faga1939
 

Recently uploaded (20)

422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdf422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdf
 
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
 
The political system of the united kingdom
The political system of the united kingdomThe political system of the united kingdom
The political system of the united kingdom
 
Gujarat-SEBCs.pdf pfpkoopapriorjfperjreie
Gujarat-SEBCs.pdf pfpkoopapriorjfperjreieGujarat-SEBCs.pdf pfpkoopapriorjfperjreie
Gujarat-SEBCs.pdf pfpkoopapriorjfperjreie
 
9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR
9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR
9953056974 Call Girls In Pratap Nagar, Escorts (Delhi) NCR
 
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
 
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
 
Embed-4.pdf lkdiinlajeklhndklheduhuekjdh
Embed-4.pdf lkdiinlajeklhndklheduhuekjdhEmbed-4.pdf lkdiinlajeklhndklheduhuekjdh
Embed-4.pdf lkdiinlajeklhndklheduhuekjdh
 
declarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdfdeclarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdf
 
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
 
05052024_First India Newspaper Jaipur.pdf
05052024_First India Newspaper Jaipur.pdf05052024_First India Newspaper Jaipur.pdf
05052024_First India Newspaper Jaipur.pdf
 
Job-Oriеntеd Courses That Will Boost Your Career in 2024
Job-Oriеntеd Courses That Will Boost Your Career in 2024Job-Oriеntеd Courses That Will Boost Your Career in 2024
Job-Oriеntеd Courses That Will Boost Your Career in 2024
 
China's soft power in 21st century .pptx
China's soft power in 21st century .pptxChina's soft power in 21st century .pptx
China's soft power in 21st century .pptx
 
04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdf04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdf
 
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
 
Embed-2 (1).pdfb[k[k[[k[kkkpkdpokkdpkopko
Embed-2 (1).pdfb[k[k[[k[kkkpkdpokkdpkopkoEmbed-2 (1).pdfb[k[k[[k[kkkpkdpokkdpkopko
Embed-2 (1).pdfb[k[k[[k[kkkpkdpokkdpkopko
 
Politician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full DetailsPolitician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full Details
 
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
 
06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdf06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdf
 
Group_5_US-China Trade War to understand the trade
Group_5_US-China Trade War to understand the tradeGroup_5_US-China Trade War to understand the trade
Group_5_US-China Trade War to understand the trade
 

Raimund genes from traditional malware to targeted attacks

  • 1. From Traditional Malware to Targeted Attacks Raimund Genes Chief Technology Officer Trend Micro
  • 2.
  • 4. CRIMEWARE DamagecausedbyCybercrime 2001 2003 2004 2005 2007 2010 Vulnerabilities W orm Outbreaks Spam Mass Mailers Spyware Intelligent Botnets Web Threats Evolution to Cybercrime 2011+ Targeted Attacks Mobile Attacks
  • 5. Trustwave 2013 Global Security Report: Average time from initial breach to detection was 210 days, more than 35 days longer than in 2011.
  • 6. Malware / Bot / APT Behavior Comparison Table APT Bot Malware Distribution With organized planning Mass distribution over regions Mass distribution over regions Services interruption No No Yes Attack Pattern Targeted (only a few groups/organizations) Not targeted (large area spread- out) Not targeted (large area spread- out) Target Audience Particular Organization/Company Individual credentials including online banking account information Random Frequency of attacks Many times Once Once Weapon -Zero-day exploit -Drop embedded RAT -Dropper or Backdoor Multiple-Exploits,All in one By Malware design Detection Rate Lower than 10% within one month Around 86% within one month Around 99% within one month
  • 7. Some Documented Advanced Persistent Threat Campaigns (Real-world Examples) • LURID – threat actors launched around 300 campaigns targeting different industries in different countries • Luckycat – threat actors used diverse infrastructure (from throwaway free hosting to dedicated VPSs) • Taidoor – threat actors primarily targeted government organizations located in Taiwan • IXESHE – threat actors used compromised computers inside the network to evade network detection
  • 9. The attacker knows what he’s looking for!
  • 10. South Korea – Hacktivism, Cyber Sabotage, or Cyberterrorism?
  • 13. • In a small city in US with 8000 citizens • It has to look like a real system • And by “accident” the system has a link to the Internet Let’s simulate a Water Pressure Control station
  • 14. Building a SCADA Honeypot…
  • 15.
  • 16. Attacks from US, 9 LAOS, 6 UK, 4 CHINA, 17 NETHERLANDS, 1 JAPAN, 1 BRAZIL, 2 POLAND, 1 VIETNAM, 1 RUSSIA, 3 PALESTINE, 1 CHILE, 1 CROATIA, 1 NORTH KOREA, 1
  • 17.
  • 18. What to expect next?
  • 19.
  • 20. Your phone as your wallet
  • 22. Vehicle past and now TOYOTA'S Vehicle(1955) TOYOTA'S Hybrid Vehicle(2011) None of computers included over 70 of computers included
  • 23. Tire Pressure Monitoring System UNAUTHORIZED APPS, Multimedia File Smartphone, USB Immobilizer Cutter DOOR LOCKS Smart Key CHAdeMO : Quick charging method for battery powered electric vehicles KEY FOB TELEMATICS SYSTEM OBDII , CAN, ECU Vehicle Area Network
  • 24.
  • 26. Embedded OS selected by car industry SELECTED IVI Standard Organization
  • 27. Security Assessment Kernel > 2.6.35.3 Gain Privilege > 18
  • 28. • All the ECU turned into Fail-Safe-Mode. • Engine fan and headlamp kept working. • Meter(e.g. speed) needle keeps wobbling Overflow attack to CAN bus
  • 29.
  • 30. If someone wants to get in, he get’s in!
  • 31.
  • 32. So do we do a lot of stuff just to satisfy the auditors?
  • 33.
  • 34.