The Cyber Threat Landscape


Published on

Presentation by Bill Wright, Symantec on the Cyber Threat Environment presented at the Government Technology & Services Coalition (GTSC) meeting The National Security Supply Chain: Reducing the Vulnerabilities

Published in: Technology, News & Politics
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Thanks for the opportunity to be here today and thank you to GTSC for putting together such a great event.Very excited to be before this group, because there is not an event I go to, a panel I speak on, or an industry meeting I attend where we don’t come back to the fact that we need to raise awareness of cyber threats.Lots to cover in a short time so I’ve tried to cherry-pick a few recent examples of cyber attacks that highlight bigger trends that we are seeing. Symantec is the largest security software company in the world and we are truly global so we are very good at identifying trends. We call this my “who-what-how-so what” threat brief.
  • But I’ll start with a quiz: Which one of these devices has recently been hacked in a cyber attack? Several good candidates here….Is it the networked trash can that tracks people walking through London’s financial district through their mobile phones and then displays personalized ad campaigns? Is it the “smart” TV that comes with a web browser, apps, microphone and camera?(Where with just a little bit of extra code, someone can remotely watch you from their laptop without you knowing) Or is it the networked baby monitor?
  • Answer is the baby monitor – so far . . . But the truth is, any of these devices can potentially be hacked. I mention this because we are now entering the age of the “Internet of Things”.Where most of our everyday devices and tools are becoming interconnected through the internet.Very soon, everything from the toaster oven in your kitchen, to crops in the field, to our soldiers in battle will be connected and communicate through the internet.A sobering stat s the stat that the total number of physical devices connected to the internet is estimated to go from 12.5 billion today to 50 billion by 2020 or in the next six years. This is to say that in the years to come, we will be even more reliant on a safe and secure internet – turns out it is not a fad -- and the result will be even more potential threat vectors
  • For example, this year we saw a line of code in a tracking scrip on a human rights organization’s website with the potential to compromise a computer. It exploited a new, zero-day vulnerability in Internet Explorer® to infect visitors. Our data showed that within 24 hours, people in 500 different large companies and government organizations visited the site and ran the risk of infection. The attackers in this case, known as the ElderwoodGang, used sophisticated tools and exploited zero-day vulnerabilities in their attacks, pointing to a well- resourced team backed by a large criminal organization or a nation state.
  • The ISTR 18 revealed a surge in targeted attacks – they have increased 42 percent in the last year alone.
  • This year’s ISTR highlights how businesses of all sizes are at risk; in fact, 31 percent of targeted attacks in 2012 were aimed at businesses with fewer than 250 employees
  • And who is a bigger target among employees? The individual employee or those at the C-level? Both are targets but only 17% of targeted attacks are aimed at the C-level. There are many methods of getting inside the organization, like with phishing attacks in spam email. Or targeting the in box of a shared account like Or HR because in a smaller organization you might still be receiving resumes as attachments in email. You’ve all heard of phishing attacks right? Those are tricky messages that look like urgent business from a bank, a government agency, even a member of a foreign royal family. But if the bad guys want to go after a particular organization, they will use what is known as a spear phishing attack. Now, what is spear phishing attack? Imagine you are the office manager for a small company.
  • The Cyber Threat Landscape

    1. 1. The Threat Landscape Bill Wright Director, Cybersecurity Partnerships
    2. 2. Which of These Have Been Used in a Cyber Attack? Trash Can Smart TV Baby Monitor A B C 2
    3. 3. 3
    4. 4. The “Who” • Organized Crime • Nation States • Hacktivists • Mix & Match
    5. 5. The “What” • Malicious activity in many key sectors • DDOS attacks – financial sector • Destructive attacks – oil & gas • Compromise and manipulation of media websites 5
    6. 6. The “How” • Volume of attacks increasing • Sophistication increasing – but not always • Social engineering still key 6
    7. 7. Real
    8. 8. Real We are under attack. Please change your password for Gmail.
    9. 9. 4,912,833 Followers 1,989,079 Followers 14
    10. 10. Spear Phishing Watering Hole Attack Send an email to a person of interest Infect a website and lie in wait for them • Targeted Attacks predominantly start as spear phishing attacks • In 2012, Watering Hole Attacks emerged Internet Security Threat Report 2013 :: Volume 18 16
    11. 11. Effectiveness of Watering Hole Attacks 1 Watering Hole Attack in 2012 500 Companies All Within 24 Hours • Watering Hole attacks are targeted at specific groups • Can capture a large number of victims in a very short time Internet Security Threat Report 2013 :: Volume 18 17
    12. 12. Recent Example of Watering Hole Attack • In 2013 this type of attack will become widely used • In February of this year several high profile companies fell victim to just such an attack Internet Security Threat Report 2013 :: Volume 18 18
    13. 13. Information Stealing Malware Android.Sumzand 1. User received email with link to download app 2. Steals contact information 3. Sends email promoting app to all contacts 19
    14. 14. Targeted Attacks up 42% Targeted at Small Biz up 300% 20
    15. 15. Targeted Attacks by Company Size 50% 2,501+ 50% 1 to 2,500 Employees 2,501+ 9% 1,501 to 2,500 2% 3% 5% 1,001 to 1,500 501 to 1,000 251 to 500 50% 31% 1 to 250 18% in 2011 21
    16. 16. Employee CEO Only 17% of targeted attacks directed at C-Level executives 22
    17. 17. Targeted Attacks by Industry 24% Manufacturing Manufacturing 19% Finance, Insurance & Estate Finance, Insurance & Real Real Estate 17% Services – Non-Traditional Services – Non-Traditional 12% Government Government 10% Energy/Utilities Energy/Utilities 8% Services – Professional Services – Professional Wholesale Wholesale 2% Retail Retail 2% Aerospace Aerospace 2% 1% Transportation, Communications, Transportation, Communications, Electric, Gas Electric, Gas 0% 5% 10% 15% 20% 25% 30% • Manufacturing moved to top position in 2012 • But all industries are targeted Internet Security Threat Report 2013 :: Volume 18 23
    18. 18. Thank you! Bill Wright, Director Cybersecurity Partnerships Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 24