0926182320 Sophos[1]


Published on

Security Threat Report

Published in: Technology, News & Politics
1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • 0926182320 Sophos[1]

    1. 1. Security Threat Report 2008: What you need to know Christopher Vernon Senior Sales Engineer, Sophos
    2. 2. Agenda <ul><li>Malware – The size and shape of the problem </li></ul><ul><li>Spam – China and beyond </li></ul><ul><li>Phishing – Socializing </li></ul><ul><li>Web – The threat to your reputation </li></ul><ul><li>Not just a Microsoft problem </li></ul><ul><li>Summary </li></ul>
    3. 3. Malware – The Size and Shape <ul><li>20,000 new suspicious files sent to SophosLabs every day - that’s 1 every 4 seconds </li></ul><ul><li>Most are Trojans designed to silent steal information, or compromise PCs </li></ul><ul><li>AV-Test.org estimates that there are over 11 million unique samples of malware in existence </li></ul><ul><li>The web is clearly the major vector for attack </li></ul><ul><li>One new infected webpage discovered every 5 seconds - over 90% are legitimate websites that have been hit by attacks such as SQL Injection </li></ul>
    4. 4. Shift in Delivery <ul><li>Only 1 in 2500 emails have malware attachments </li></ul><ul><li>Down from 1 in 332 in same 2007 period </li></ul><ul><li>Shifted to ‘links in email’ </li></ul><ul><li>Long tail of ‘Old’ malware </li></ul><ul><li>PushDo – new malware, old technique </li></ul>
    5. 5. Spam – China and Beyond <ul><li>96.5% of email is spam - only one in 28 business emails is legitimate </li></ul><ul><li>New spam web page every 20 seconds </li></ul><ul><li>Moving to Chinese domains </li></ul><ul><ul><li>Harder to get information </li></ul></ul><ul><ul><li>Easier to register </li></ul></ul><ul><li>Backscatter </li></ul><ul><ul><li>Non-delivery reports of spam </li></ul></ul><ul><ul><li>Do you click on spam? </li></ul></ul><ul><ul><li>1 in every 530 page requests were to spam URLs </li></ul></ul>
    6. 6. Pump and Dump Done? <ul><li>Volumes have dropped from 30+ % of all spam to less than 1% </li></ul><ul><li>Very few stock symbols being ‘spamvertised’ </li></ul><ul><li>Market slowdown? SEC crackdown? </li></ul><ul><li>Moving to “short selling” </li></ul><ul><ul><li>“ Amazon having troubles ” </li></ul></ul>
    7. 7. Phishing - Socializing <ul><li>Not just financial </li></ul><ul><ul><li>Banks </li></ul></ul><ul><ul><li>Tax payers </li></ul></ul><ul><ul><li>Auction </li></ul></ul><ul><ul><li>Payment sites </li></ul></ul><ul><li>Also Social </li></ul><ul><ul><li>Facebook </li></ul></ul>
    8. 8. Social Targets <ul><li>Social networking sites increasingly targeted </li></ul><ul><ul><li>Spam </li></ul></ul><ul><ul><li>Scam </li></ul></ul><ul><ul><li>Adware </li></ul></ul>
    9. 9. Spear Phishing <ul><ul><li>Very targeted activity </li></ul></ul><ul><ul><li>Use Facebook, LinkedIn, etc. to identify targets </li></ul></ul><ul><ul><ul><li>University of Waterloo </li></ul></ul></ul><ul><ul><ul><li>Oak Ridge National Lab </li></ul></ul></ul><ul><ul><ul><li>University of Minnesota </li></ul></ul></ul><ul><ul><li>Can also be used to target malware </li></ul></ul><ul><ul><ul><li>Subpoena CEO = Install keylogger </li></ul></ul></ul>Remember Phishing works on all platforms!
    10. 10. Web – The Threat to Your Reputation <ul><li>16,173 new malicious web pages a day! </li></ul><ul><li>Major brands affected </li></ul><ul><ul><li>Euro 2008 soccer tournament </li></ul></ul><ul><ul><li>UK broadcaster ITV </li></ul></ul><ul><ul><li>Cambridge University Press </li></ul></ul><ul><ul><li>Lawn Tennis Association </li></ul></ul><ul><ul><li>Trend Micro </li></ul></ul><ul><ul><li>Sony PlayStation </li></ul></ul>
    11. 11. SQL Injection Attacks <ul><li>Mal/BadSrc – 29% of infections in June ’08 </li></ul><ul><li>Simple attack method </li></ul><ul><ul><li>Search for vulnerable servers </li></ul></ul><ul><ul><li>Target attack </li></ul></ul><ul><ul><li>Inserts iframe snippets into every page </li></ul></ul><ul><li>Variety of payloads </li></ul><ul><ul><li>Including ‘scareware’ </li></ul></ul>
    12. 12. Not Just a Microsoft Problem <ul><li>Nearly 60% of compromised web sites are running Apache </li></ul><ul><li>Websites must be properly “hardened” to prevent hackers from taking advantage </li></ul>
    13. 13. What about Apple? <ul><li>Small amount of malware being written for Apple Macs </li></ul><ul><ul><li>Increasingly Mac malware is financially-motivated </li></ul></ul><ul><ul><li>The Hovdy Trojan turned off security, firewalls, and gave remote access to hackers </li></ul></ul><ul><li>High level of complacency amongst Mac users may make Apple Macs a “soft target” in the future </li></ul><ul><li>Record sales of Apple hardware, mean its marketshare is growing </li></ul>
    14. 14. What about Mobile? <ul><li>Malware – Very Low Threat </li></ul><ul><ul><li>No single platform, and mostly written by enthusiasts </li></ul></ul><ul><ul><li>A single proof-of-concept Apple iPhone Trojan was found </li></ul></ul><ul><li>Spam </li></ul><ul><ul><li>Internet-enabled phones like the iPhone are vulnerable to phishing attacks </li></ul></ul><ul><ul><li>SMS text message spam is limited in the West, but.. </li></ul></ul><ul><ul><li>353.8 Billion ‘spam’ messages sent via SMS in China - 600 a year for every mobile phone owner </li></ul></ul><ul><ul><li>438,668 complaints in one month alone </li></ul></ul>
    15. 15. What About Linux? <ul><ul><li>70% of attacks on Linux honeypot, infected with a 6 year old virus </li></ul></ul><ul><ul><li>Linux servers used as command and control for botnets </li></ul></ul><ul><ul><li>Analysis shows RST-B is a global problem, with thousands of compromised servers </li></ul></ul>
    16. 16. SophosLabs global network of experts SophosLabs™ Knows Threats Better Than Anyone
    17. 17. Summary <ul><li>Malware growth continues </li></ul><ul><ul><li>Proactive detection is critical </li></ul></ul><ul><li>Financial motivation for most threats including spam </li></ul><ul><ul><li>Spam still makes money! </li></ul></ul><ul><li>Web represents biggest threat </li></ul><ul><ul><li>To users, and your corporate reputation </li></ul></ul><ul><li>Don’t forget other platforms </li></ul><ul><ul><li>Mac increasingly targeted </li></ul></ul><ul><ul><li>Linux could be your ‘typhoid Mary’ </li></ul></ul>
    18. 18. Staying ahead of the curve <ul><li>Get the latest breaking news about new malware, spam, security threats, and arrests straight to your desktop at www.sophos.com/feeds </li></ul><ul><li>Get daily updates from SophosLabs Blog, which provides insight into the most interesting and widespread threats www.sophos.com/blog </li></ul>
    19. 19. Thank you <ul><li>Call Worldwide: + 44 1235 55 9933 </li></ul><ul><li>[email_address] </li></ul>
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.