Cisco Security Vision (20100121)

1,489 views

Published on

Presentación realizada por Ricardo Rivera E., Business Development Manager Security & Mobility, donde se presentaron los siguientes tópicos:
- Matriz ROI para el Cybercrimen.
- Indice ARMS Race.
- Vision de Borderless Index
- Security Intelligence Operations

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,489
On SlideShare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
54
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Cisco Security Vision (20100121)

  1. 1. Cisco Borderless Security Ricardo Rivera E. Business Development Manager Security & Mobility Presentation_ID © 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1
  2. 2. Agenda Cisco Cybercrime ROI Matrix Cisco ARMS Race Index Cisco Borderless Security Vision Cisco Security Intelligence Operations Q&A 2
  3. 3. Some numbers… 3
  4. 4. Some numbers… 4
  5. 5. Cisco Cybercrime ROI Matrix What are the most promis ing new tech niques? eat landscape? xt on t he thr What’s ne How are crimina ls maki ng the most mo ney? ? ey divesting Wh ere are th 5
  6. 6. Cisco Cybercrime ROI Matrix 6
  7. 7. Zeus: Banking Trojan prime example “$10 million lost in one 24-hour period.” “…[C]riminals have used the Internet to steal more than $100 million from U.S. banks so far this year and they did it without ever having to draw a gun or pass a note to a teller…I've seen attacks where there's been $10 million lost in one 24-hour period.” -Sean Henry, an assistant director of the FBI in charge of the bureau's cyber division. 7
  8. 8. Automation of Targeted & Blended Attacks 8
  9. 9. Why Zeus? 9
  10. 10. What Happened in Kentucky? County treasurer had Zeus malware on his PC Criminals stole credentials and logged in to bank accounts from treasurer’s PC Reconnaissance used to plan theft Mule recruitment pretending to be Careerbuilder.com Created mules as fictitious employees Mules receive $9700 and sent $8700 to Ukraine via Western Union More than 25 <$10,000 wire transfers Total of $415k stolen 10
  11. 11. Screen Injection Your browser NOT on Zeus: Your browser on Zeus: Courtesy Silver Tail Systems 11
  12. 12. Statistics 784 Zeus Botnets tracked by Zeus Tracker Estimate of 1.6M bots in Zeus botnets 1130 brands targeted 960 estimated financial targets (85%) Top 5 US banks EACH targeted by over 500 Zeus botnets Source: Zeus Tracker 12 12
  13. 13. Social Networking Exploits Most important communications tool of the decade. Builds on email, IM. Big crowds = big targets. Facebook hit 350M users in 2009. …and criminals have automated how to best penetrate our trust networks 13
  14. 14. 14
  15. 15. Targeted Social Networking Attacks 15
  16. 16. 16
  17. 17. 17
  18. 18. Bringing it all together…Koobface Links are posted to (or sent from) hijacked social networking accounts The link leads to a fake video site that ask the user to install a new Flash player / codec to view the video 18
  19. 19. Fake video site that delivers malware 19
  20. 20. Introducing The Cisco ARMS Race Index 20
  21. 21. Introducing The Cisco ARMS Race Index Global Adversary Resource Market Share (ARMS) Index Designed to be a barometer of the current level of computing and network resources under criminal control and means for tracking over time. Derived from leading botnet tracking stats, stats for total PCs worldwide, home/work infection rates. 21
  22. 22. ARMS Race Index 22
  23. 23. Cisco ARMS Race Index: Dec-2009 23
  24. 24. Recommendations for 2010 User education and security awareness training remain top priority Maintain defenses for “Cash Cow” threats Evaluate security practices and investments for “Rising Star” threats Develop security architecture for mobility and consumerization of IT 24
  25. 25. For More Information Cisco Security Intelligence Operations www.cisco.com/security Cisco Security Blog blogs.cisco.com/security The Cisco 2009 Annual Security Report www.cisco.com/go/securityreport 25
  26. 26. Cisco 26

×