1. Stefan Tanase, Senior Security Researcher, Kaspersky Lab
stefant@kaspersky.ro | twitter.com/stefant | pgp_keyid: 0xdd749e1b
Cu ochii în patru
Incidentele de securitate ce au marcat anul 2010
2. Despre Kaspersky Lab
Fondată în 1997
• Cea mai mare companie de securitate IT încă de inută de fondatoriț
• Întotdeauna profitabilă, cre tere organică, concentrare pe R&Dș
+2000 de angaja iț - i tot căutăm!ș
• Aproape 1000 de angaja i doar în R&Dț
27 de birouri locale
• Statele Unite, Rusia, Tucia, UK, Germania, Fran a, România, Dubai, Africa deț
Sud, Japonia, China etc.
• Parteneri în mai mult de 100 de ăriț
Global Research and Analysis Team
• Echipă globală de exper i în securitate informaticăț
+40.000 noi programe malware iș 3.500 de noi semnături în fiecare zi
Protejăm mai mult de 300 de milioane de utilizatori
Luptăm pe toate fronturile împotriva criminalită ii informaticeț
4. Prima poveste
Implica ii majoreț : percep ia amenin ărilor către companiiț ț
Prima poveste aduce implica ii majore modului în care percepem i tratămț ș
amenin ările electronice la adresa companiilorț
Atacul Aurora
5. A doua poveste
Întreaga imagine este devastatoare
Consecin e majoreț felului în care privim securitatea informatică în zilele noastre
Stuxnet botnet
6. A treia poveste
O amenin are în buzunarulț fiecăruia...
…în doar câ iva aniț
7. A patra poveste
Va afecta modul în care procesăm informa ia i luăm deciziiț ș
Este veche i a început să ia avânt foarte încetș
6464 bits computing64 bits computing
11. 64 bi iț
Când securitatea este ca o sabie cu două tăi uri.ș
12. Cele patru incidente ce au marcat anul 2010
Reflectă trecutul, prezentul i viitorulș
amenin ărilor la securitatea informaticăț
Reflectă trecutul, prezentul i viitorulș
amenin ărilor la securitatea informaticăț
14. Thank You
Stefan Tanase, Senior Security Researcher, Kaspersky Lab
stefant@kaspersky.ro | twitter.com/stefant | pgp_keyid: 0xdd749e1b
Vă mul umesc!ț
Întrebări?
Editor's Notes
Today, I will tell you four stories.
They all have happened in 2010 and have major implications towards the way we do security software and protect our clients
These are not success stories – instead, they are warnings to us
What is the picture showing us?
An Aurora Borealis – it’s about the Aurora attack
Stuxnet – cyber espionage, supermalware
Star trek?
It is becoming popular faster than we anticipated
I have one, how many of you have one already?
Eugene Kaspersky said Apple behaves like Novell and Google Behaves like Microsoft. Will the iPhone die?
Probably not, but Android will probably become the new Windows.
This old issue is NOT Chess.
How many squares are on a chess board? 64
64 bit operating systems and malware
The Aurora attack – happened last year
But was reported this year
It was not just Google – evidence seems to indicate over 30 Fortune 500 companies were hit
During the US presidential campaign, Obama’ staff discovered something similar.
The supermalware
Yes, it exists.
Stuxnet is one such example. How many of you know that KL has an NDA with Microsoft about it?
The things we discovered in Stuxnet were so terrible that Microsoft asked us to withhold the public information.
Between the most hit countries – Iran. What is Iran mostly about? Oil and nuclear research. Both are managed via SCADA.
Who would like to get more information about Iran’s nuclear weapon program?
The first real Trojan for Android discovered by KL at the beginning of August
Reports such as the Smobile Systems report indicate tens of thousands of potentially dangerous Android Apps
Unlike the iPhone, Android apps have a higher level of access to the system
Exploits which obtain ‘root’ access (rooting) on Android are already available
It’s easier than Jailbreaking the iPHONE – it is “recommended” on the Internet to boost performance, etc
5 years ago, I predicted 64 bit malware. That didn’t happen!
At the end of August, something bad happened.
Microsoft disclosed that 46% of Windows 7 installations than 64 bit vs 11% in Vista, vs less than 1% XP
32 bit malware is rather ineffective on 64 bit.
At the end of August, TDSS got a 64 bit version. This is the beginning of an era.
Ladies and gentlmen, these are the big four stories that changed and shaped the year
There is no doubt other things will hit the news in 2011. I'd predict we'll see an immediate drop in exploits against PDF Reader once the sandbox is released. We'll only see targeted attacks against older versions and it'll force a lot of these big (Aurora-type) targets to move quickly to upgrade. Other things to keep an eye for and that we’ve been mentioning for a while are probably P2P threats, wireless security, ATM hacks and why not, infrastructure attacks. A lot of reasons to worry, some might say. Yet, we have managed to fight back and protect the customers, which is why I believe the battle goes on. We need bigger guns, better ammunition. We need better laws, and the Dutch police for instance has been doing a great job dismantling botnets. Some hope for better laws, that could allow the police to take a more active role in fighting cybercrime. In essence, we need more soldiers and of course, we need to be prepared.