Threat landscape 4.0

569 views

Published on

Presentation in National Cyber Security Summit 2013, April 27-28, at Jeepiar Engineering College

Published in: Technology, Education
1 Comment
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total views
569
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide
  • Malware (meaning viruses, worms and Trojans) are the most obvious and potentially damaging threats. Keylogging Trojans can steal confidential information, such as school records, or student information. Proxy Trojans can route email through your servers, wasting bandwidth. Network bots are particularly damaging, not only for the administrators to clean but the potential harm they can do to your network. Rootkits are particularly insidious. (get into later) “ Ransomware” is a recent form of malware. The way it works - the program compresses and hides users’ documents. Then an email is sent that states that the docs will be deleted unless the user either a) send a money order of x dollars or b) purchase something from an online pharmacy. The email will state they will send you the encryption code once the money has cleared. Malware used to be a nuisance (displaying stupid messages or deleting data) Obvious payloads meant the victim was made aware of the problem early in the cycle. Now cybercriminals are using less obvious, more stealthy methods Examples - stealing information, turning off a computer’s anti-virus software, and dropping malicious code which can then be used for a variety of tasks. Virtually impossible to know that you are infected unless you run security software
  • We have seen examples of this several times. A school network administrator sends in sample after sample of specific malware variants that are never seen by any other customer. The malware is being launched again and again by someone within the school - a user or a student.
  • So to summarize, The vast majority of malware that SophosLabs process is this type of simple trojan. They are sent out in small targetted attacks. It’s a lot easier to steal from 200 people, you can process the data easily, and no one notices. We also see them testing first to make sure av vendors can’t detect. They can either purchase a copy of av products, or send them to websites that will run 25 av scanners over them and report back who detects what. They use a variety of techniques to hide themselves, mostly using packing techniques and a variety of updating techniques. We saw an example of this late last year, where we watched as an attacker spammed out his malware, changed the packing, spammed it again, changed the packing, and so on. It started at 2pm UK time and continued on till 10pm, then the next day it started again, he was obviously working US east coast time. We’ve also seen examples of malware toolkits for sale, allowing authors to easily develop and deploy new malware. One particular site, where these can be bought even has a technical support telephone number to call. And describe themselves as ‘Independent Spyware and Adware developers’.
  • Threat landscape 4.0

    1. 1. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeThreatThreat landscapefor Desktops Dr. C.V. Suresh BabuDr. C.V. Suresh BabuProfessor, Dept. of Information Technology,VTMTNational Cyber safety and security standardNational Cyber safety and security standardsummit-2013summit-2013
    2. 2. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering College“We are seeing attacksshifting into avariety of new areas,from factories, tocorporations, togovernmentagencies, to theinfrastructure thatconnects themtogether”Vincent WeaferSenior vice-president
    3. 3. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeWhat kind of threats are there?External threats
    4. 4. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeInternal threats
    5. 5. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeThe threat landscape over thelast 5years has changedand the way Institutionsand individuals think aboutsecurity has changeddramatically.The shift of threat type hasmoved from targetingindividuals to much moreorganised attacks on largeInstitutions
    6. 6. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeChanges in the Landscape• Modern threat has movedbeyond pure technicalwisdom of launchingattacks to include theexploitation of humanbehavior.• Attackers’ erase theirfootprint from IntrusionDetection and PreventionSystem (IDPS) inside thenetwork.
    7. 7. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering College• Don’t want to drawattention• Strong evidence that they‘test’ first.• Easier to steal from 200,than 200,000• Specific targeted attacks– Easily deployed through spam.– Drop malware either directly or from website
    8. 8. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering College
    9. 9. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering College• Mobile Security (BYOD)• Cloud-Based Services
    10. 10. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeCountering The Emerging Threat• Engage With Peers– Note- In our institution we have a policyof information sharing among our groupand other institutions• Industry – institution Sharing• Industry – Government Sharing• Global Communication• Prioritizing Data– Note- In our institution we have a in placea data-centric protection strategy
    11. 11. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeOur practices• We Prepare Students to Fight Cyber Threats• We have been implementing newtechnologies, new procedures and sharinghacking and malware indicators that helpidentify and remediate malicious attacks
    12. 12. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeCyber threats are growing,So are your career opportunitiescareer opportunities
    13. 13. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeIt has been calculated that the worldwidemarket for protection against cyberattacks will have reached80 billion $80 billion $by2017
    14. 14. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeTurning threat Into OpportunitiesInnovationis the ability to see changeas an opportunitynot a threat
    15. 15. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering College• it has become increasingly necessary toremain educated about exposure to potentialthreats, as well as safeguards against them.• The more we get attacked, the more we areable to collect data points turning them intointelligence that can be used to counter thethreats
    16. 16. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering CollegeSuggestionsSuggestions• We have the potential to do well incyber security,• Need for cyber security in ourcurriculum• Research based education ininformation security should beincreased
    17. 17. Vel Tech Multi Tech Dr.Rangarajan Dr.Sakunthala Engineering College Conclusions & recommendations“If you think technology can solve your security problems, thenyou don’t understand the PROBLEMS &you don’t understand the TECHNOLOGY– Bruce Schneier• The field of IT security threats—and mitigating them—is aconstantly changing landscape—meaning it is importantto patch, remediate and review your existing devices, aswell as applying the same processes to your ongoingdefenses and defense strategies.

    ×