Symantec Security Awareness October 2012
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Symantec Security Awareness October 2012

  • 2,717 views
Uploaded on

Believe it or not, a higher percentage of religious sites have been compromised with malware than adult websites. Organizations of all kinds are at risk as are everyday internet users, but there are ...

Believe it or not, a higher percentage of religious sites have been compromised with malware than adult websites. Organizations of all kinds are at risk as are everyday internet users, but there are simple steps to take to avoid being duped and stay safe online.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
2,717
On Slideshare
2,704
From Embeds
13
Number of Embeds
2

Actions

Shares
Downloads
100
Comments
0
Likes
2

Embeds 13

https://twitter.com 11
https://si0.twimg.com 2

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Quiz question – which is more dangerous?It’s not what we used to think.We’ve been telling people that “bad” sites are dangerous … but one of the most interesting pieces of data is that religious sites are more likely to infect you than an adult site
  • This chart is from the ISTR 17 (April 2012)Looked at sites that were infected – how many pieces of malware were on each of these sitesAlmost 5x more malware on religious sites than on adult sitesTakeaway? Sites with poor security become an easy target – sites are beginning to realize that if their sites are infected, people won’t visit. Adult websites are businesses – they have learned that if they infect their customers, they wont’ get repeat visits, so they are working hard to keep their sites cleanMessage for SMBs – you need to protect your site or you will become a host for malware and customers will go elsewhere
  • This is one of the key assumptions … Anybody that has gone into an SMB has heard this – that they don’t believe they are a target.
  • This is one of the key assumptions … Anybody that has gone into an SMB has heard this – that they don’t believe they are a target.
  • Assumption 2 – only executives are targeted
  • This shows targeted attacks by the target’s occupation …Executives seem to be a big chunk … but …
  • So, spam is down and vulnerabilities are down, but malware is up. Why?Attack toolkits continue to flourish – they use existing vulnerabilities – the malware authors use those vulnerabilities that work – they focus on the vulns that are not patchedThis chart at the bottom looks at toolkits that were in use in 2011 – Blackhole was a big one and another was NumDir (not named)Toolkit authors trying to go a bit more undercover than in the past – trying to lower their profile – they are also moving to service model like legit SW – think of it like cloud computing for malware authors – they are not handing out SW as in the past

Transcript

  • 1. Security Awareness TrainingWould You Get Duped by Attackers?Kevin HaleyDirector, Symantec Security Technology And Response @kphaley
  • 2. Symantec’s Security Awareness Quiz How well will you do? 2
  • 3. Which Website is More Dangerous? A B 3
  • 4. Most Harmful Websites by Categories• Websites with poor security become easy targets for malware authors• Any website you visit could potentially be infected with malware 4
  • 5. Can Macs Get Infected by Malware? 5
  • 6. Yes. Even Macs Get Infected. In 2012, 500,000 Macs were infected by 1 threat. Flashback• Malware can figure out what type of computer you use• Then it infects you with the appropriate malware 6
  • 7. Which is More Likely to Get Attacked? A B Small or Medium Large Organization Organization 7
  • 8. Which is More Likely to Get Attacked? All sizes of organizations get attacked Small or Medium Large Organization Organization 8
  • 9. Who is Most Likely to be Targeted in an Attack? A B Typical Employee CEO 9
  • 10. Who is Most Likely to be Targeted in an Attack? BothOnly 25% of targeted attacks directed at C-Level executives 10
  • 11. Are You at Risk From This Website? 11
  • 12. Do You See it Now? 12
  • 13. Would You be Fooled by This?How About by This? twitter.dsdsdds.com/main/sessions-login/ If something seems wrong take a closer look Attackers can’t fool all the people all the time 13
  • 14. Double Click to Edit Following Text Areas;Are You Expecting a Package? Subject, Date, Body Window Title, From, To, From: UPS Sent: Mon 6/4/2012 4:08 PM To: Kevin Haley Cc: Subject: Unable to Deliver Package Dan, I have been a Weyerhaeuser shareholder since late 2008 and recently had the opportunity to attend your Annual Shareholders’ Meeting at your headquarters. I spoke to you briefly after your address and it was pleasure to hear from you about all of Weyerhaeuser’s innovations. I also never realized that Clint Eastwood was once an employee of the company – now it makes sense why I like him so much! I posted this picture from your address, I hope you like it. 14
  • 15. Double Click to Edit Following Text Areas;Did You Have Trouble LoggingSubject, Date, Body Window Title, From, To, Into Facebook? From: Facebook Sent: Mon 6/4/2012 4:08 PM To: Kevin Haley Cc: Subject: Login Problem Dan, I have been a Weyerhaeuser shareholder since late 2008 and recently had the opportunity to attend your Annual Shareholders’ Meeting at your headquarters. I spoke to you briefly after your address and it was pleasure to hear from you about all of Weyerhaeuser’s innovations. I also never realized that Clint Eastwood was once an employee of the company – now it makes sense why I like him so much! I posted this picture from your address, I hope you like it. 15
  • 16. Double Click to Edit Following Text Areas;Would Your Bank Really WantSubject, Date, Body Window Title, From, To, You to Click Here? From: YourBank Sent: Mon 6/4/2012 4:08 PM To: Kevin Haley Cc: Subject: Account Issue Dan, You can ensure your I have been a Weyerhaeuser shareholder since late 2008 and recently had the Your Bank opportunity to attend your Annual Shareholders’ Meeting at your headquarters. I spoke bank account is okay to you briefly after your address and it was pleasure to hear from you about all of Weyerhaeuser’s innovations. I also never realized that Clint Eastwood was once an employee of the company – now it makes sense why I like him so much! I posted this picture from your address, I hope you like it. 16
  • 17. Then Don’t Click! 17
  • 18. How Likely is it That Someone Posted Your Pic Online? 18
  • 19. How Likely is it That Someone Posted Your Pic Online? Not Very But it’s very likely that malware is at the end of that link 19
  • 20. This is All Social Engineering That’s a fancy way of saying you’re being fooled 20
  • 21. Which of These is a Real Person? A B C 21
  • 22. Which of These is a Real Person? James Stavridis is the commander of NATO He created his own Facebook page after he found someone on Facebook pretending to be him A People may not be who they say they are on the Internet 22
  • 23. Which of These is Most Likely to be a Facebook Scam? OMG! Profile Dislike Videos Viewers Buttons A B C 23
  • 24. Which of These is Most Likely to be a Facebook Scam? OMG! Profile Dislike Videos Viewers Buttons All of Them 24
  • 25. Which of These is Most Likely to be a Facebook Scam? Bad Guys Want to Get Us to Click to: • Infect us with malware • Make us take bogus surveys to: • Gain information or • Sign us up for premium SMS services OMG! • Send spam to us and our friends Videos OMG! Videos Get People to Click 25
  • 26. Which of These is Most Likely to be a Facebook Scam? Profile Viewers Bad guys know that people want to know who viewed their Facebook page 26
  • 27. Which of These is Most Likely to be a Facebook Scam? Dislike Buttons Bad guys know that people want a dislike button 27
  • 28. Which of These is Most Likely to be a Facebook Scam? OMG! Profile Dislike Videos Viewers Buttons They can’t give us these things, but they can fool us into thinking they can 28
  • 29. What Are Your Chances of Getting Your Lost Phone Back? 29
  • 30. What Are Your Chances of Getting Your Lost Phone Back?Source: Symantec’s “Project HoneyStick” researchhttp://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=symantec-smartphone-honey-stick-project 30
  • 31. What are the Chances of Your Work and PersonalInformation Being Looked at? 31
  • 32. What are the Chances of Your Work and PersonalInformation Being Looked at?Source: Symantec’s “Project HoneyStick” researchhttp://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=symantec-smartphone-honey-stick-project 32
  • 33. How Many New Pieces of Malware are Created Each Day? A 1,000 B 100,000 C 1,000,000 33
  • 34. How Many New Pieces of Malware are Created Each Day?• 1 million+ new pieces of malware are created every day• In 2011 we saw 403 million new pieces of malware C 1,000,000 34
  • 35. Why?• Bad guys have tools to easily create and distribute new threats• Some of these tool kits can create malware-on-demand 35
  • 36. Does it Seem Pretty Bad Out There?• Symantec and Norton have good tips on protecting yourself and your business• But … if you need it simplified, remember these 3 things … 36
  • 37. You don’t have to give upusing the Internet…There are ways to protectyourself. 37
  • 38. What your mother told youis still true…If something doesn’t seemright, it probably isn’t. 38
  • 39. Get help from experts…We hope it’s from Symantecand Norton. 39
  • 40. Additional Resources If You Are More Technical If You Are Less TechnicalInternet Security Threat Report Norton Security CenterSymantec Security Response Norton Family Resources WebsiteAdvanced Persistent Threat WebsiteMalicious Insider White PaperTwitter.com/threatintel 40
  • 41. Thank you!Kevin Haley @kphaleyCopyright © 2012 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of SymantecCorporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied,are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 41