Your SlideShare is downloading. ×
0
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Automated Targeted Attacks: The New Age of Cybercrime

2,433

Published on

Published in: Technology, Business
0 Comments
6 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,433
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
6
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  1. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth levelAutomated Targeted Attacks: The New Age of Cybercrime » Fifth level Stefan Tanase Senior Security Researcher Global Research and Analysis Team Kaspersky Lab IDC IT Security Roadshow 2010 – Bucharest, Romania March 9 th, 2010 June 10th , 2009 Event details (title, place)
  2. Overview Click to edit Master title style • • About Kaspersky text styles Click to edit Master Lab • The evolution of malware – Second level • • Third level Motivation: how cybercriminals make money – Fourth level • Targeted» attacks: threats to SMBs & enterprises Fifth level • So, how do they do it? • Social experiment • Targeted attacks becoming mainstream • Mitigation techniques June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  3. About Kaspersky Lab Click to edit Master title style • •Foundedto edit Master text styles Click in 1996 • Largest privately owned – Second level IT security company • Third level • 2000+ employees,level hiring  – Fourth still • 26 local offices Fifth level » • United States, Russia, United Kingdom, Germany, France, Romania, Dubai, South Africa, Japan, China etc. • Global Research and Analysis Team • Researchers working around the clock and around the world • Protecting more than 250 million users • 40,000 new malicious programs and 3,500 new signatures daily June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  4. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level The (R)evolution of malware June 10th , 2009 Event details (title, place)
  5. Clickevolution of malware The to edit Master title style • 1992 – 2007: about 2M unique malware programs • Click to edit Master text styles • But in 2008 alone: 15M – Second level • End of 2009 leveltotal of about 33,9 M unique malicious • Third –a files in the Kaspersky Lab collection – Fourth level » Fifth level June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  6. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level Motivation: how cybercriminals make money June 10th , 2009 Event details (title, place)
  7. Click to edit how cybercriminals make money Motivation: Master title style • By stealing, of course • Click to edit Master text styles – Stealing directly from the user – Second level • Online banking accounts, credit card • Third level numbers, electronic money, blackmailing. – Fourth level – What if I don’tlevel money? » Fifth have – Providing IT resources to other cybercriminals • Creating botnets, sending spam, launching DDoS attacks, pay-per-click fraud, affiliate networks, renting computing power, collecting passwords etc. June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  8. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level Targeted attacks: threats to SMBs & enterprises June 10th , 2009 Event details (title, place)
  9. Targeted attacks: threats to SMBs & enterprises Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  10. Targeted attacks: threats to SMBs & enterprises Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  11. Click to edit Master title stylemalware Targeted attacks vs. classic Lethal injection vs. a round of bullets • Click to• edit Master text styles epidemics Targeted attacks are not – Second • One email is enough, instead of tens of thousands level • Third level • Targeted organizations are either not aware, – Fourth level or don’t publicly disclose information » Fifth level • It is hard to get samples for analysis • Classic signature-based AV is useless • New defense technologies • Much higher stakes • Intellectual property theft, corporate espionage June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  12. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level So, how do they do it? June 10th , 2009 Event details (title, place)
  13. Click to edit Master 4 steps Targeted attacks in title style 1. Profiling the employees • Click to edit Master text styles – Choosing most vulnerable targets – Second level 2. Developing a new and • Third level unique – Fourth level program malicious » Fifth level – Doesn’t have to bypass all AVs, just the one used by the victim 3. Mixing the malicious payload with a perfectly tailored social engineering strategy 4. Delivering the attack June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  14. A targeted attack demo Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  15. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level Social experiment June 10th , 2009 Event details (title, place)
  16. Click – let’s stand up! style Intro to edit Master title • “White”, “black”, “pink”… “not wearing any”  • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  17. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level Targeted attacks becoming mainstream June 10th , 2009 Event details (title, place)
  18. Click to edit Master title style public Personal information becoming • So much personal • Click to edit Master text styles information becomes – Second level public Third level • on social networksFourth level – right now » Fifth level • Advertisers are already doing it: targeted ads – Age, gender, location, interests, work field, browsing habits, relationships etc. June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  19. Targeted attacks becoming mainstream Click to edit Master title style • Targeted ads? Targeted • Click to edit Master text styles attacks arelevel – Second already out there • SocialThird level are enabling • networks – Fourth level cybercriminalslevel start delivering » Fifth to automated targeted attacks • The personal data is there. Next step? Automation. • Geographical IP location has been around for a while • Automatic language translation services are becoming better • Personal interests & tastes are public (ie: trending topics) June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  20. Click targeting example style Geo to edit Master title • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  21. Language targeting example Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  22. Click to edit Masterexample Interests targeting title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  23. Click to edit Masterattacks Surviving targeted title style • • Click to edit Master text styles Security tips • Patch – Second level • Third level • Patch everything – Fourth level • Patch everything level » Fifth twice • …including the human mind • A highly sophisticated targeted attack will eventually succeed • Proactive measures (PDM, HIPS, Sandbox, heuristics, emulation) • Proper security mindset • User education and awareness June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  24. Targeted attacks become mainstream Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level » Fifth level June 10th , Roadshow 2010 – Bucharest, Romania IDC IT Security2009 Event details (title, place)
  25. Click to edit Master title style • Click to edit Master text styles – Second level • Third level – Fourth level Thank you! Questions? » Fifth level stefant@kaspersky.ro twitter.com/stefant Stefan Tanase Senior Security Researcher Global Research and Analysis Team Kaspersky Lab IDC IT Security Roadshow 2010 – Bucharest, Romania March 9th, 2010 June 10th , 2009 Event details (title, place)

×