The Dangers of Lapto

394 views

Published on

  • Be the first to comment

  • Be the first to like this

The Dangers of Lapto

  1. 1. The Dangers Of Laptops, Smartphones & Social Media To Enterprise Security<br />Dr. Paul Judge<br />Chief Research Officer<br />
  2. 2.
  3. 3. Half of The Spam Disappeared<br />3<br />52 Billion<br />26 Billion<br />2010<br />
  4. 4. Five Innovations That Created Security Risks<br />
  5. 5. 1. Rapid Growth<br /><ul><li>One new domain each second
  6. 6. 196 million domain names
  7. 7. 47 million new sites last year</li></ul>Source:Verisign<br />
  8. 8. 2. Dynamic Web Apps: AJAX<br />Rich site-to-browser interaction<br />Browser is the new operating system<br />Browser is active in the application, not simply a passive display tool<br />
  9. 9. <ul><li>20% of the workforce works remotely
  10. 10. 1 in 11 organizations had remote workers infected
  11. 11. 46% of remote infections come from infected Web sites</li></ul>3. Remote Employees<br />
  12. 12. Smartphone and tablet computing blur the line between personal and business computing<br />Companies must reconsider policies for devices that are not owned by the company<br />4. New Devices<br />
  13. 13. Mobile Users<br />Branch Offices<br /><ul><li>Securing all the locations and all the users can be challenging
  14. 14. Need the right delivery model for each location and user
  15. 15. Centralized management, forensics, and reporting is difficult
  16. 16. Remote users and branch offices often not covered because of difficulty or cost
  17. 17. Compromises in security because of the complexity or cost</li></ul>Internet<br />Headquarters<br />Teleworkers<br />Problem: Many Locations and Remote Users<br />Roaming Users<br />
  18. 18. Cloud-based Web Security<br />Cloud-based content filtering and malware protection<br />Centralized multi-site management and reporting<br />Simple policy-based Web security<br />Protects remote and mobile employees<br />Massively scalable infrastructure eliminates latency<br />Rapid response to new and emerging threats<br />Internet<br />Policy Management<br />Security Protection<br />Consolidated Reporting<br />Workplace Users<br />Mobile Users<br />Roaming Users<br />
  19. 19. 5. User-Generated Content<br /><ul><li>Half of Top 100 sites based on UGC
  20. 20. 500 million users on Facebook
  21. 21. 100 million accounts on Twitter
  22. 22. 2.5 billion photos uploaded each month to Facebook
  23. 23. 30 million new ads per day on Craigslist</li></li></ul><li>Domain Level Trust<br />
  24. 24. Then Came Along…<br />User Generated Content<br />
  25. 25. With 100s of millions of users behind a single domain, we need to understand user level reputation<br />Is this account good or bad? Is this account even real?<br />Need for User Reputation<br />
  26. 26. Facebook Social Attacks<br />
  27. 27. Photo ‘Tags’ Up To 50 People<br />
  28. 28. Website Selling Fake Illegal Shoes<br />
  29. 29. Likejacking<br />
  30. 30.
  31. 31. Malicious Facebook Apps<br />
  32. 32.
  33. 33. “Hidden Truth” Photos<br />
  34. 34.
  35. 35.
  36. 36.
  37. 37. Automated Social Engineering<br />
  38. 38. Barracuda Labs Technology:Maltrace: Malware Analysis w. Virtualization<br /><ul><li>Collect thousands of malware samples daily from honeypot network
  39. 39. Load samples into Maltrace
  40. 40. Maltrace allows the malware to run on a virtual PC
  41. 41. Maltrace collects the network traffic generated
  42. 42. Maltrace creates signatures based on malicious traffic
  43. 43. Adds the signatures to URL, IP and fingerprint databases</li></li></ul><li>Malware on twitter<br />
  44. 44. ‘Funniest Video Ever’ Banking Trojan<br />
  45. 45. Rogue A/V + Trending Topics (step 1 of 3)<br />
  46. 46. Rogue A/V + Trending Topics (Step 2 of 3)<br />hxxp://securityland.cn/?uid=144&pid=3&ttl=31c48520c54<br />which acts as a traffic distribution system for a Rogue AV operation; the chain of redirections ends at one of the following Rogue AV distribution points:<br />hxxp://my-systemscan.com/?p=WKmimHVlbG2HjsbIo22EhHV8ipnVbWiMnNah2qeNm 6nZwombm5h2lpd9fXCHodjSbmRelWZxmV6SZGbLU9bYxKWspXOL1dZ2Y2ZuZ2tnaWyVYYrJlG0%3D <br />hxxp://my-newprotection.net/?p=WKmimHVlbG2HjsbIo22EhHV8ipnVbWiMnNah2qeNm 6nZwombm5h2lpd9fXCHodjSbmRelWZxmV6SZGbLU9bYxKWspXOL1dZ2Y2ZuZ2tnaWyVYYrJlG0%3D <br />hxxp://trustsystem-protection.com/?p=WKmimHVlbG2HjsbIo22EhHV8ipnVbWiMnNah2 qeNm6nZwombm5h2lpd9fXCHodjSbmRelWZxmV6SZGbLU9bYxKWspXOL1dZ2Y2ZuZ2tnaWyVYYrJlG0%3D <br />
  47. 47. Rogue A/V + Trending Topics (step 3 of 3)<br />
  48. 48. Barracuda Labs Technology:Twitter Reputation System<br /><ul><li>Process Twitter Public Stream
  49. 49. Query Twitter User Database for Other Users
  50. 50. Analyze Users’ Activities
  51. 51. Analyze Web Links
  52. 52. Add Malicious Sites to Barracuda SPYDEF list</li></li></ul><li>Twitter Reputation System<br />
  53. 53. True Twitter Users<br />≥10<br />Followers,<br />Friends,<br />& Tweets<br />Compared to 21% in Jan 2010<br />
  54. 54. Friends(Following): For every 100 Twitter users… <br />16 have<br />27 have<br />40 have<br />17 have<br />0<br />1-9<br />10-99<br />100+<br />friends<br />friends<br />friends<br />friends<br />
  55. 55. Friend-Follower Delta: For every 100 Twitter users…<br />43<br /> have<br />same <br />(+/- 5) amount<br />23<br />have more<br />friends<br />34<br />have <br />more<br />followers<br />
  56. 56. Crime Rate<br />twitter crime rate is the percentage of accounts created per month that are eventually suspended by Twitter<br />
  57. 57. Twitter Growth – Red Carpet Era<br />Twitter Account Creation 2006-2009<br /><ul><li> 54% of the 50 Most popular Twitter users started using Twitter during the Twitter Red Carpet Era.
  58. 58. Twitter growth rate went from 2.02% in Nov 08 to 21.17% in April 09.</li></ul>Twitter Account Creation <br />Red Carpet Era (11/08-04/09)<br />Barracuda Networks Confidential<br />
  59. 59. Twitter Crime Rate 2006-2009<br /><ul><li> 2006 = 1.2%
  60. 60. 2007 = 1.7%
  61. 61. 2008 = 2.2% </li></ul>During Red Carpet Era:<br /><ul><li> Twitter Crime Rate increased 66% from 2.02% to 3.36%
  62. 62. This more than tripled over the following four months, escalating to 12% in October 2009.</li></ul>Twitter Crime Rate 2006-2009<br />Barracuda Networks Confidential<br />
  63. 63. Twitter Crime Rate 2010<br />
  64. 64. Suspended Accounts: Friend Follower Delta<br /><ul><li>Suspended Accounts Show Greater Delta in Friend/Follower Delta</li></li></ul><li>Tweet Number<br />10-99<br />>100<br />5-9<br />1-4<br /><1<br />
  65. 65. In the 2500 range, we start to see some scammers.<br />
  66. 66. Other direction, you really get the scammers coming out.<br />
  67. 67. Friend/Follower Ratio: 0.002<br />Friend/Follower Delta: -444<br />Tweet Number 144.9<br />
  68. 68.
  69. 69.
  70. 70.
  71. 71. Search Malware<br />
  72. 72. Barracuda Labs Technology:Search Engine Malware Crawler<br /><ul><li>Get Popular Search Terms Hourly
  73. 73. Search for Those Terms
  74. 74. Retrieve the Set of Search Results
  75. 75. Retrieve the Web Sites for the results
  76. 76. Analyze the Sites for Malicious Code
  77. 77. Add Malicious Sites to Barracuda SPYDEF list</li></li></ul><li>Data Set<br />
  78. 78. 34,627 malware samples found<br />1 in 1000 search results lead to malware<br />1 in 5 search topics lead to malware<br />Frequency of Search Engine Malware<br />
  79. 79. Total Malware by Search Engine<br />
  80. 80. Lebron James<br />
  81. 81. Lebron James (1 of 4)<br />56<br />
  82. 82. Lebron James (2 of 4)<br />57<br />
  83. 83. Lebron James (3 of 4)<br />
  84. 84. Lebron James (4 of 4)<br />
  85. 85. Who Is Behind This?<br />
  86. 86. The Worlds Greatest Spammers:Where are they now?<br />
  87. 87. The Worlds Greatest Spammers:Where are they now?<br />
  88. 88. The Worlds Greatest Spammers:Where are they now?<br />
  89. 89. Barracuda Labs Threat Intelligence<br />
  90. 90. Summary<br />Laptops and Mobile Devices Need The Same Level of Security As Computers Inside The Perimeter<br />Attackers are Focused on Social Networking Sites To Reach Users<br />Enterprises Need To Provide Web Security That Understands Social Threats<br />@Barracuda<br />@BarracudaLabs<br />

×