• Save

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Like this presentation? Why not share!

Security threatsandtrends michaelsentonas

on

  • 345 views

迈克菲中国高层峰会2010

迈克菲中国高层峰会2010

Statistics

Views

Total Views
345
Views on SlideShare
345
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Security threatsandtrends michaelsentonas Security threatsandtrends michaelsentonas Presentation Transcript

    • 安全威胁与趋势 Michael Sentonas迈克菲亚太区副总裁兼首席技术官
    • 了解过去…保护未来威胁态势与地下经济 安全互联举措 2
    • 获得安全保护的 最快途径是什么? 3
    • 软盘 曾经是我们面临的最大安全隐患 4
    • 即使最大的问题 也可以在 初期被解决掉恶意软件名称 漏洞公告日期 病毒发布日期 预警天数Nimba 2001 年 3 月 29 日 2001 年 9 月 18 日 173Bugbear 2001 年 3 月 29 日 2001 年 9 月 30 日 185Slammer 2002 年 7 月 24 日 2003 年 1 月 25 日 185Nachi 2003 年 7 月 16 日 2003 年 8 月 18 日 33 5
    • 不过…威胁 在以 光速增长 6
    • 恶意软件呈指数增长5000000040000000350000003000000025000000200000001500000010000000 5000000 0 一月 二月 三月 四月 五月 六月 七月 八月 九月 十月 十一月十二月 一月 二月 三月 四月 五月 六月 七月 八月 九月 09 09 09 09 09 09 09 09 09 09 09 09 10 10 10 10 10 10 10 10 10 2009 年恶意软件数量超过 历年总和 7
    • 一组令人震惊的统计数据… 迈克菲每天审查约 个潜在恶意软件样本 8
    • 一组令人震惊的统计数据… 迈克菲每天识别超过 个新增恶意软件 9
    • 一组令人震惊的统计数据… 迈克菲每天识别约 个新的僵尸程序 10
    • 一组令人震惊的统计数据…迈克菲每月识别约 个新的恶意网站 11
    • 威胁态势不断变化 12
    • 13
    • 地下经济:信用卡 价格 服务 描述 (以美元计)信用卡包含卡验证 Format: FULL NAME | COMPANY | ADDRESS | ADDRESS 2 | CITY | United States $2值 ZIPCODE | PHONE | COUNTRY | CC TYPE | NAME ON CARD | CC Canada $4 NUMBER | EXPIRATION DATE | CVV United Kingdom $4 Australia $7 Europe $8 Asia $8信用卡全部信息 Format: IP | PAYPAL LOGIN | PAYPAL PASSWORD | CC TYPE | CC United States $15 NUMBER | EXPIRATION DATE | CVV | NAME ON CARD | BANK Canada $35 NAME | FIRST NAME | LAST NAME | ADDRESS | ADDRESS2 | CITY United Kingdom $25 | STATE | ZIPCODE | PHONE | DOB | MMN | SSN Australia $30 France $25 Germany $30 Italy $3定制项目 Credit cards, full info or bank logins from any bank or institution with $1,000 up front and $4,000 when the information the customer request project is ready批量 100 Dumps EU Credit Classic - $5,500 (for a card with a chip) 100 Dumps EU Credit Classic - $6,500 (for a card with a magnetic stripe) 100 Dumps EU Credit Gold/Platinum - $7,500 (chip card) Custom Credit cards, full info or bank logins from any bank or $1,000 up front and $4,000 100 Dumps EU Credit Gold/Platinum - $8,500 (stripe card) projects institution with the information the customer request when project is ready 1,000 Dumps USA Credit Classic - $5,000 1,000 Dumps USA Credit Gold/Plat - $10,000 14
    • 地下经济:服务 服务 描述 价格(以美元计) 代理租赁 Botnet networks on a “per use” (on a monthly basis) or “daily rates” Daily rate: 50 per day, 1500 per month: $95 plans. Per use rate: 1000 per month: $69.95 Web 注入 HTML injection codes designed to steal information from customers of Between $10 and $30 each dozens of financial institutions worldwide. Each HTML injection is specifically tailored to match each bank’s specific website design. 垃圾邮件制造 Spamming tools, mailing lists, etc. 5,000 to 7,000 emails per minute, more than 1 million emails per day: $2,000 per month 僵尸网络管理 HTTP Command & Control facilities for ZeuS malware. $50 per month 流量攻击/DDoS Complete paralysis of your competitor by flooding $80 per 24 hours, $20 for one hour, $100 for • fixed or mobile phone one day. $200 for large projects • web site • Live Box $20 for Live Box 存在漏洞的计算机 If you have a malware, they have the vulnerable computers! They install For 1000 computers: for you your malware on them. Asia: $12 Europe: $40 USA : $140 UK: $220Vulnerable If you have a malware, they have the vulnerable computers! Italy: $150 1000 computers:$170 For Germany: Poland: $150 Brazil: $150computers They install for you your malware on them. Canada: $200 $12 Asia: Europe: $40 Others: ~$250 USA : $140 UK: $220 Bulletproof hosting Guarantee of staying online, no matter what types of complaints (or how $650 per month Italy: $150 Germany: $170 many) the ISP receives about that individual’s actions. Poland: $150 Brazil: $150 Canada: $200 Others: ~$250 15
    • 地下经济:工具 犯罪软件 描述 价格 (销售者或作者) (以美元计) FirePack Web Exploitation Malware Kit. Also in Chinese version. $3,000 (Diel) $300 Zeus & Zeus Sploit- The Zeus Trojan can inject code into the login web pages of financial $3,000 for Zeus Pack organizations to request personal data. Sends the information to a $450 to $700 for Zeus, its remote location. Captures keystrokes within browser forms, takes admin panel, an exploit kit and screenshots, remotely controls victims machine, adds pages to and hosting monitors websites, steals passwords stored by popular programs. Adrenaline, an update Universal kit for creating tools to capture targeted banking data. Can $3,000 of Nuclear Grabber intercept and retransmit authentic transactions on the fly between the (Corpse) bank and its client.Zeus & PolySploit, an update The Zeus Trojanmalware kit, statistical engine, login web pages of 100 $3,000 for Zeus Zeus Sploit-Pack Web exploitation can inject code into the enhanced configuration € of NeoSploit financial organizations to request personal data. online forum capability, exploitation package, enhanced support and Sends the $450 to $700 for Zeus, its admin panel, (Grabarz) for customers. information to a remote location. Captures keystrokes within an exploit kit and hosting El fiesta browser forms, takes screenshots, to launch and monitor attacks. $850 Web Based and PDF exploit pack used remotely controls victims Turkojan RAT machine,access pages to in Turkey. Remote adds tool made and monitors websites, steals passwords for Bronze edition $99 (AlienSoftware) stored by popular programs. $179 for Silver edition $249 for Gold edition Sploit25 Browser vulnerability test kit with IE6, IE7 and PDF exploits $2,500 (in WebMoney) for Pro version $1,500 (in WebMoney) for Lite version 16
    • 17
    • 安全互联举措消费化虚拟化 + MOVE 平台现代恶意软件与 APT动态白名单 18
    • 举措 1消费化 19
    • 市场验证需求 变更推动者“ 对于我们正在目睹的移动 Internet 所发生的一切而言,桌面 Internet 只不过是一幕‘暖 场戏’ 而已。在我看来,移动创新步伐之快在历史上是前所未有的。 — 摩根士丹利 2010 20 ”
    • 当今的业务挑战: 企业移动转型 旧有问题: 新问题:移动电子邮件 企业移动 2.0 安全的移动信息功能 可靠的移动应用管理 21
    • 为移动应用提供保护: Trust Digital 和 WaveSecure 集中策略管理 企业和 LOB 应用 保护数据 自动合规与 基本服 报告 务 面向客户的保护用户 Web 与社 应用 自助式配置 交媒体 22
    • McAfee EMM 确保设备安全 企业环境 iPad 邮件 Android 应用程序 iPhone 目录 McAfee EMM 认证服务 webOS 文件 Windows Mobile McAfee Enterprise Mobility Management 数据库 生命周期管理 Symbian验证、连接、安全 23
    • 举措 2虚拟化 + MOV 平台 24
    • 虚拟化海啸 ““ 21% 的企业进行了 VDI 部署,另有 31% 的企业在考虑采 用这项技术。 — Enterprise Strategy Group, 2009 25
    • 市场趋势 安全迁移 用户 用户 用户 操作系统 Hypervisor 芯片 基于服务器 基于桌面系统 26
    • 虚拟化安全保护的未来 用户 用户 用户 Virtual Desktop Infrastructure 应用程序 操作系统 Hypervisor Hypervisor Hypervisor 芯片 芯片 基于 HYPERVISOR 的安全保护 27
    • 优化虚拟环境的 MOVE 管理 安全功能下放 Hypervisor 优化 难以置信的可扩展性 集成管理 McAfee EPO MOVE 虚拟设 备 扫描引擎 MOVE HYPERVISOR Server 缓存同步协议 28
    • 举措 3现代恶意软件与 APT 29
    • 聚社区之力,扬云之威 30
    • Risk 防火墙终端 DLP Mgmt 合规 白名单 风险管理 电子邮 件 加密 Web IPS 31
    • Risk 防火墙终端 DLP Mgmt 合规 白名单 风险管理 电子邮 件 加密 Web IPS 32
    • 迈克菲全球威胁智能感知系统覆盖整个 Internet,包 各种保护技术相结合含数百万个传感器 , 信誉技术必不可少涵盖所有主要威 专门致力于 GTI胁媒介 的全球研究团队文件 | web | 电子邮件 | 网络实时 “基于云”的威胁信息 通过一整套安全产品提供采集与分发模式 33
    • 举措 4动态白名单 34
    • 当轮胎与路面亲密接触安全是勇往直前的保证 35
    • 黑名单 对 白名单 36
    • 销售点 MAC 基于信誉 服务终端 VDI 智能计量设备 COE 桌面机 手机 打印机 NetBook ATM 智能手机 家用 PC 服务器 医疗设备 SCADA 系统动态 静态 白名单动态变化 37
    • 38
    • 未来在于… 此 39
    • 供您使用的迈克菲资源• Michael_sentonas@mcafee.com• 可免费使用的迈克菲资源: – 迈克菲威胁资源中心( McAfee Threat Resource Center )(博客、播客和白皮书) http://www.mcafee.com/us/threat_center/default.asp• 面向家庭用户可免费使用的迈克菲资源: – 迈克菲安全顾问中心(McAfee Security Advice Center ) http://home.mcafee.com/securityadvice) Security Threat Center Award Nominated Security Podcast Journals Security Blog 40
    • 41
    • • Bullet one• Bullet two – Indent one • Indent two 42