Cisco Security Vision (20100121)


Published on

Presentación realizada por Ricardo Rivera E., Business Development Manager Security & Mobility, donde se presentaron los siguientes tópicos:
- Matriz ROI para el Cybercrimen.
- Indice ARMS Race.
- Vision de Borderless Index
- Security Intelligence Operations

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cisco Security Vision (20100121)

  1. 1. Cisco Borderless Security Ricardo Rivera E. Business Development Manager Security & Mobility Presentation_ID © 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1
  2. 2. Agenda Cisco Cybercrime ROI Matrix Cisco ARMS Race Index Cisco Borderless Security Vision Cisco Security Intelligence Operations Q&A 2
  3. 3. Some numbers… 3
  4. 4. Some numbers… 4
  5. 5. Cisco Cybercrime ROI Matrix What are the most promis ing new tech niques? eat landscape? xt on t he thr What’s ne How are crimina ls maki ng the most mo ney? ? ey divesting Wh ere are th 5
  6. 6. Cisco Cybercrime ROI Matrix 6
  7. 7. Zeus: Banking Trojan prime example “$10 million lost in one 24-hour period.” “…[C]riminals have used the Internet to steal more than $100 million from U.S. banks so far this year and they did it without ever having to draw a gun or pass a note to a teller…I've seen attacks where there's been $10 million lost in one 24-hour period.” -Sean Henry, an assistant director of the FBI in charge of the bureau's cyber division. 7
  8. 8. Automation of Targeted & Blended Attacks 8
  9. 9. Why Zeus? 9
  10. 10. What Happened in Kentucky? County treasurer had Zeus malware on his PC Criminals stole credentials and logged in to bank accounts from treasurer’s PC Reconnaissance used to plan theft Mule recruitment pretending to be Created mules as fictitious employees Mules receive $9700 and sent $8700 to Ukraine via Western Union More than 25 <$10,000 wire transfers Total of $415k stolen 10
  11. 11. Screen Injection Your browser NOT on Zeus: Your browser on Zeus: Courtesy Silver Tail Systems 11
  12. 12. Statistics 784 Zeus Botnets tracked by Zeus Tracker Estimate of 1.6M bots in Zeus botnets 1130 brands targeted 960 estimated financial targets (85%) Top 5 US banks EACH targeted by over 500 Zeus botnets Source: Zeus Tracker 12 12
  13. 13. Social Networking Exploits Most important communications tool of the decade. Builds on email, IM. Big crowds = big targets. Facebook hit 350M users in 2009. …and criminals have automated how to best penetrate our trust networks 13
  14. 14. 14
  15. 15. Targeted Social Networking Attacks 15
  16. 16. 16
  17. 17. 17
  18. 18. Bringing it all together…Koobface Links are posted to (or sent from) hijacked social networking accounts The link leads to a fake video site that ask the user to install a new Flash player / codec to view the video 18
  19. 19. Fake video site that delivers malware 19
  20. 20. Introducing The Cisco ARMS Race Index 20
  21. 21. Introducing The Cisco ARMS Race Index Global Adversary Resource Market Share (ARMS) Index Designed to be a barometer of the current level of computing and network resources under criminal control and means for tracking over time. Derived from leading botnet tracking stats, stats for total PCs worldwide, home/work infection rates. 21
  22. 22. ARMS Race Index 22
  23. 23. Cisco ARMS Race Index: Dec-2009 23
  24. 24. Recommendations for 2010 User education and security awareness training remain top priority Maintain defenses for “Cash Cow” threats Evaluate security practices and investments for “Rising Star” threats Develop security architecture for mobility and consumerization of IT 24
  25. 25. For More Information Cisco Security Intelligence Operations Cisco Security Blog The Cisco 2009 Annual Security Report 25
  26. 26. Cisco 26