Targeted Attacks on Intellectual Property

Targeted Attacks on Intellectual Property April 13, 2010 Targeted Attacks on Intellectual Property 1

Agenda 1 Symantec’s Unique Vantage Point 2 Targeted Attacks on Intellectual Property 3 New Security Suites from Symantec Targeted Attacks on Intellectual Property 2

Building a “Community of Defense” with Businesses > Customers from businesses around the world Who > Symantec Security Leadership and Experts on Threat Research What > Ongoing discussions about the types of IT risks businesses face today > Share information about security incidents, impact assessment, and best practices to prevent Key Findings > Today’s targeted attacks characterized by organization, covert nature and patience > Strong consensus these attacks represent a significant risk to intellectual property Targeted Attacks on Intellectual Property 3

Anatomy of a Breach > Incursion > Discovery > Capture > Exfiltration Targeted Attacks on Intellectual Property 4

Dissecting Hydraq Hi, I met you at the Malware Conference last month. Wanted to let you know I got this great shot of you doing your presentation. I posted it here: Incursion Organized Organized Attacker breaks into the Criminal network by delivering targeted Criminal malware to vulnerable systems and employees Targeted Attacks on Intellectual Property 5

Dissecting Hydraq Discovery Organized Organized Hacker maps organization’s Criminal Criminal defenses from the inside and creates battle plan Targeted Attacks on Intellectual Property 6

Dissecting Hydraq Capture Organized Organized Attacker accesses data on Criminal unprotected systems and Criminal installs malware to secretly acquire crucial data Targeted Attacks on Intellectual Property 7

Dissecting Hydraq Hydraq Victim Exfiltration Organized Organized Confidential data sent back to Criminal enemy’s “home base” for Criminal exploitation and fraud Attacker 72.3.224.71:443 Targeted Attacks on Intellectual Property 8

Mass Attack vs. Targeted Attack Phase Mass Attack Targeted Attack Generic social engineering Handcrafted and personalized By-chance infection methods of delivery Examination of infected resource, Typically no discovery, assumes monitoring of user to determine content is in a predefined and other accessible resources, predictable location and network enumeration Predefined specific data or data Manual analysis and inspection of which matches a predefined pattern the data such as a credit card number Information sent to dump site often Information sent directly back to with little protection and dump site attacker and not stored in known serves as long term storage location for extended period Targeted Attacks on Intellectual Property 9

The Challenges Develop and Enforce IT Policies Protect The Information Manage Systems Protect The Infrastructure Targeted Attacks on Intellectual Property 10

Comprehensive Security Strategy is Required Risk Based and Policy Driven IT Governance, Risk and Compliance Information - Centric Information Risk Management Operationalized Infrastructure Management Well Managed Infrastructure Infrastructure Protection Targeted Attacks on Intellectual Property 11

New Security Suites Meet These Challenges Develop and > Control Compliance Suite 10.0 Enforce IT Policies Protect the > Data Loss Prevention Suite 10.5 Information Manage Systems > IT Management Suite 7.0 > Symantec Protection Center & Protect the > Symantec Protection Suite Infrastructure Enterprise Edition Family Targeted Attacks on Intellectual Property 12

Develop and > Control Compliance Suite 10.0 Enforce IT Policies Key Benefits New in Version 10.0 • Define risk and develop IT • Centralized evidence policies collection and management • Assess infrastructure and • Dynamic web-based processes dashboards • Report, monitor and • Integration with Symantec demonstrate due care Data Loss Prevention • Remediate problems • New CCS Vulnerability Manager Targeted Attacks on Intellectual Property 13

Protect the > Data Loss Prevention Suite 10.5 Information Key Benefits New in Version 10.5 • Discover where sensitive • Better visibility and control information resides of unstructured data • Monitor how data is being • Enhanced protection for used social media sites • Protect sensitive – Twitter, LinkedIn, YouTube, … information from loss • New protection for private clouds (Citrix) • New endpoint option for less complex environments Targeted Attacks on Intellectual Property 14

Manage Systems > IT Management Suite 7.0 Key Benefits New in Version 7.0 • Implement secure operating • New comprehensive suite that environments brings together all Altiris components • Distribute and enforce patch levels • Automated end to end Windows 7 migration process • Automate processes to • Intelligent software streamline efficiency management providing • Monitor and report on complete visibility system status • Process automation of complex, time-consuming IT tasks Targeted Attacks on Intellectual Property 15

> Symantec Protection Center & Protect the Symantec Protection Suite Infrastructure Enterprise Edition Family Key Benefits What’s New • Improved Visibility into • Symantec Protection Center: Security & Operations – Next generation security • Stronger Protection management solution – Simplifies management & • Accelerated Remediation improves security posture • Containment of Security • Symantec Protection Suites: Expenses – Three new suites designed to meet the needs of enterprise IT personnel in endpoint, gateway and server functions Targeted Attacks on Intellectual Property 16

Thank you! Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Targeted Attacks on Intellectual Property 17

http://www.techgig.com	18
http://www.slideshare.net	6
http://www.techgig.timesjobs.com	1

Targeted Attacks on Intellectual Property

by Symantec

Accessibility

Categories

Upload Details

Usage Rights

3 Embeds 25

Statistics

Targeted Attacks on Intellectual Property Presentation Transcript