Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

0926182320 Sophos[1]


Published on

Security Threat Report

Published in: Technology, News & Politics
  • Be the first to comment

0926182320 Sophos[1]

  1. 1. Security Threat Report 2008: What you need to know Christopher Vernon Senior Sales Engineer, Sophos
  2. 2. Agenda <ul><li>Malware – The size and shape of the problem </li></ul><ul><li>Spam – China and beyond </li></ul><ul><li>Phishing – Socializing </li></ul><ul><li>Web – The threat to your reputation </li></ul><ul><li>Not just a Microsoft problem </li></ul><ul><li>Summary </li></ul>
  3. 3. Malware – The Size and Shape <ul><li>20,000 new suspicious files sent to SophosLabs every day - that’s 1 every 4 seconds </li></ul><ul><li>Most are Trojans designed to silent steal information, or compromise PCs </li></ul><ul><li> estimates that there are over 11 million unique samples of malware in existence </li></ul><ul><li>The web is clearly the major vector for attack </li></ul><ul><li>One new infected webpage discovered every 5 seconds - over 90% are legitimate websites that have been hit by attacks such as SQL Injection </li></ul>
  4. 4. Shift in Delivery <ul><li>Only 1 in 2500 emails have malware attachments </li></ul><ul><li>Down from 1 in 332 in same 2007 period </li></ul><ul><li>Shifted to ‘links in email’ </li></ul><ul><li>Long tail of ‘Old’ malware </li></ul><ul><li>PushDo – new malware, old technique </li></ul>
  5. 5. Spam – China and Beyond <ul><li>96.5% of email is spam - only one in 28 business emails is legitimate </li></ul><ul><li>New spam web page every 20 seconds </li></ul><ul><li>Moving to Chinese domains </li></ul><ul><ul><li>Harder to get information </li></ul></ul><ul><ul><li>Easier to register </li></ul></ul><ul><li>Backscatter </li></ul><ul><ul><li>Non-delivery reports of spam </li></ul></ul><ul><ul><li>Do you click on spam? </li></ul></ul><ul><ul><li>1 in every 530 page requests were to spam URLs </li></ul></ul>
  6. 6. Pump and Dump Done? <ul><li>Volumes have dropped from 30+ % of all spam to less than 1% </li></ul><ul><li>Very few stock symbols being ‘spamvertised’ </li></ul><ul><li>Market slowdown? SEC crackdown? </li></ul><ul><li>Moving to “short selling” </li></ul><ul><ul><li>“ Amazon having troubles ” </li></ul></ul>
  7. 7. Phishing - Socializing <ul><li>Not just financial </li></ul><ul><ul><li>Banks </li></ul></ul><ul><ul><li>Tax payers </li></ul></ul><ul><ul><li>Auction </li></ul></ul><ul><ul><li>Payment sites </li></ul></ul><ul><li>Also Social </li></ul><ul><ul><li>Facebook </li></ul></ul>
  8. 8. Social Targets <ul><li>Social networking sites increasingly targeted </li></ul><ul><ul><li>Spam </li></ul></ul><ul><ul><li>Scam </li></ul></ul><ul><ul><li>Adware </li></ul></ul>
  9. 9. Spear Phishing <ul><ul><li>Very targeted activity </li></ul></ul><ul><ul><li>Use Facebook, LinkedIn, etc. to identify targets </li></ul></ul><ul><ul><ul><li>University of Waterloo </li></ul></ul></ul><ul><ul><ul><li>Oak Ridge National Lab </li></ul></ul></ul><ul><ul><ul><li>University of Minnesota </li></ul></ul></ul><ul><ul><li>Can also be used to target malware </li></ul></ul><ul><ul><ul><li>Subpoena CEO = Install keylogger </li></ul></ul></ul>Remember Phishing works on all platforms!
  10. 10. Web – The Threat to Your Reputation <ul><li>16,173 new malicious web pages a day! </li></ul><ul><li>Major brands affected </li></ul><ul><ul><li>Euro 2008 soccer tournament </li></ul></ul><ul><ul><li>UK broadcaster ITV </li></ul></ul><ul><ul><li>Cambridge University Press </li></ul></ul><ul><ul><li>Lawn Tennis Association </li></ul></ul><ul><ul><li>Trend Micro </li></ul></ul><ul><ul><li>Sony PlayStation </li></ul></ul>
  11. 11. SQL Injection Attacks <ul><li>Mal/BadSrc – 29% of infections in June ’08 </li></ul><ul><li>Simple attack method </li></ul><ul><ul><li>Search for vulnerable servers </li></ul></ul><ul><ul><li>Target attack </li></ul></ul><ul><ul><li>Inserts iframe snippets into every page </li></ul></ul><ul><li>Variety of payloads </li></ul><ul><ul><li>Including ‘scareware’ </li></ul></ul>
  12. 12. Not Just a Microsoft Problem <ul><li>Nearly 60% of compromised web sites are running Apache </li></ul><ul><li>Websites must be properly “hardened” to prevent hackers from taking advantage </li></ul>
  13. 13. What about Apple? <ul><li>Small amount of malware being written for Apple Macs </li></ul><ul><ul><li>Increasingly Mac malware is financially-motivated </li></ul></ul><ul><ul><li>The Hovdy Trojan turned off security, firewalls, and gave remote access to hackers </li></ul></ul><ul><li>High level of complacency amongst Mac users may make Apple Macs a “soft target” in the future </li></ul><ul><li>Record sales of Apple hardware, mean its marketshare is growing </li></ul>
  14. 14. What about Mobile? <ul><li>Malware – Very Low Threat </li></ul><ul><ul><li>No single platform, and mostly written by enthusiasts </li></ul></ul><ul><ul><li>A single proof-of-concept Apple iPhone Trojan was found </li></ul></ul><ul><li>Spam </li></ul><ul><ul><li>Internet-enabled phones like the iPhone are vulnerable to phishing attacks </li></ul></ul><ul><ul><li>SMS text message spam is limited in the West, but.. </li></ul></ul><ul><ul><li>353.8 Billion ‘spam’ messages sent via SMS in China - 600 a year for every mobile phone owner </li></ul></ul><ul><ul><li>438,668 complaints in one month alone </li></ul></ul>
  15. 15. What About Linux? <ul><ul><li>70% of attacks on Linux honeypot, infected with a 6 year old virus </li></ul></ul><ul><ul><li>Linux servers used as command and control for botnets </li></ul></ul><ul><ul><li>Analysis shows RST-B is a global problem, with thousands of compromised servers </li></ul></ul>
  16. 16. SophosLabs global network of experts SophosLabs™ Knows Threats Better Than Anyone
  17. 17. Summary <ul><li>Malware growth continues </li></ul><ul><ul><li>Proactive detection is critical </li></ul></ul><ul><li>Financial motivation for most threats including spam </li></ul><ul><ul><li>Spam still makes money! </li></ul></ul><ul><li>Web represents biggest threat </li></ul><ul><ul><li>To users, and your corporate reputation </li></ul></ul><ul><li>Don’t forget other platforms </li></ul><ul><ul><li>Mac increasingly targeted </li></ul></ul><ul><ul><li>Linux could be your ‘typhoid Mary’ </li></ul></ul>
  18. 18. Staying ahead of the curve <ul><li>Get the latest breaking news about new malware, spam, security threats, and arrests straight to your desktop at </li></ul><ul><li>Get daily updates from SophosLabs Blog, which provides insight into the most interesting and widespread threats </li></ul>
  19. 19. Thank you <ul><li>Call Worldwide: + 44 1235 55 9933 </li></ul><ul><li>[email_address] </li></ul>