Three Simple Steps to Prevent Targeted Attacks
Kevin Haley, Director of Product Management at Symantec, provided tips that organizations can use to stop targeted attacks during a Thought Leadership Spotlight Presented by Symantec at the 2014 Chief Information Security Officer (CISO) Leadership Forum in Chicago on Nov. 19. In his presentation, “Three Simple Steps to Prevent Targeted Attacks,” Haley pointed out that organizations can leverage antivirus software, take steps to protect their websites and work with partners that prioritize security to prevent targeted attacks. Haley noted that organizations need to prepare for a wide variety of targeted attacks. Cybercriminals use numerous tools to launch targeted attacks, Haley said, and an organization that learns about these attacks can take the necessary steps to minimize their effects. Haley also pointed out that an organization can leverage vulnerability management tools to protect its data: “You have to patch the vulnerabilities. You have to do it not necessarily to protect yourself but to protect everybody that goes to your website and you want to make sure that the people you partner with, the websites you go to, they’re doing it as well.” For organizations that want to safeguard their sensitive information, security intelligence is an important piece of the puzzle, Haley said. If an organization collects security intelligence and understands how to properly leverage this information, Haley said, it can bolster its security: “If you don’t bridge those islands, if you don’t bring it all together, if you don’t unify it, it’s not going to do you a lot of good. Security is only intelligent if it’s unified.” - See more at: http://www.argylejournal.com/chief-information-security-officer/thought-leadership-spotlight-presented-by-symantec-three-simple-steps-to-prevent-targeted-attacks-kevin-haley-director-of-product-management-symantec/#sthash.wfPKuwVM.dpuf
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (10)
Similar to Three Simple Steps to Prevent Targeted Attacks
Similar to Three Simple Steps to Prevent Targeted Attacks (20)
More from Argyle Executive Forum
More from Argyle Executive Forum (20)
Recently uploaded
Recently uploaded (20)
Three Simple Steps to Prevent Targeted Attacks
- 1. Three Simple Steps to Prevent Targeted Attacks Kevin Haley Dr, PM, Symantec Security Technology & Response
- 2. 2 +91% Increase in targeted attack campaigns 2012 2013
- 3. 3
- 4. 4
- 5. 5
- 6. Zero-Day Vulnerabilities 13 15 9 12 14 8 14 23 0 5 10 15 20 25 30 2006 2007 2008 2009 2010 2011 2012 2013 Zero-Day Vulnerabilities, Annual Total, 2006 - 2013 Source: Symantec 23 zero-day vulnerabilities discovered in 2013 Increase from 14 in 2012 More zero-day vulnerabilities discovered in 2013 than in any year since we started tracking More zero-days in 2013 than in past two years combined
- 7. 7 Microsoft Windows OLE Package Manager Remote Code Execution Vulnerability (CVE- 2014-4114) Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2014-6352).
- 8. An Example - Exploiting Sandworm 8 • (CVE-2014-4114) • (CVE-2014-6352) • Dropper • Backdoor/downloader • RATS • Web Attack: Microsoft OLE RCE CVE-2014-6352 • Bloodhound.Exploit.553 • Trojan.Mdropper • Backdoor.Lancafdo, Backdoor.Lancafdo.A • Trojan.Taidoor, Backdoor.Darkmoon
- 9. Improving Security - Zero Days Disarm 9
- 10. Targeted Attacks by Company Size 10
- 11. Risk of Being Targeted by Industry Size 11 Ratio of Organization Targeted by Industry Size Sent by Spear-Phishing Email Source: Symantec High Medium Risk 2,500+ 1,501-2,500 1,001-1,500 501-1,000 251-500 1-250 2.3 2.9 2.9 3.8 4.3 5.2 1 in
- 12. 12
- 13. 13
- 14. #1 Run More Than AV on Your Endpoints 14
- 15. An Example - Dragonfly • Ongoing cyberespionage campaign • Targeting the energy sector in Europe and US • Stealing information • Capable of sabotage 15
- 16. Dragonfly Attack Methods Send an email to a person of interest Spear Phishing 16
- 17. Dragonfly Attack Methods Send an email to a person of interest Spear Phishing Infect a website and lie in wait for them Watering Hole Attack 17
- 18. Watering Hole Attacks Energy industry related sites Lightsout Exploit Kit Backdoor.Oldrea or Trojan.Karagany 18
- 19. Website Vulnerabilities 19 Scanned Websites With Vulnerabilities 53% 78% +25% pts 2012 2013 1 IN 8 sites had critical unpatched vulnerabilities
- 20. Malicious Websites With so many vulnerable websites, cybercriminals don’t need to set up own websites to host malware New Unique Malicious Web Domains 56,158 74,001 55,000 -24%2013 2012 2011
- 21. 21
- 22. 1.2 Billion Records Breached 7 month period 400,000 websites SQL Vulnerability
- 23. Dragonfly Attack Methods Send an email to a person of interest Spear Phishing Infect a website and lie in wait for them Watering Hole Attack Infect software update victim downloads Trojanized Update 23
- 24. 24
- 25. 25
- 26. #2 Protect Your Websites – Patch Vulnerabilities 26
- 27. 1014 4562 1916 54321734 5690 2554 23441014 4562 1916 5432 An Example - POS System Attacks
- 28. Internet POS Network Payment Processor 1014 4562 1916 54321734 5690 2554 23441014 4562 1916 5432
- 29. Internet Corporate Network POS Network Payment Processor 1014 4562 1916 54321734 5690 2554 23441014 4562 1916 5432
- 30. Internet Corporate Network POS Network Payment Processor 1014 4562 1916 54321734 5690 2554 23441014 4562 1916 5432
- 31. Internet Corporate Network POS Network Payment Processor 1014 4562 1916 54321734 5690 2554 23441014 4562 1916 5432
- 32. 32
- 33. Internet Payment Processor 1014 4562 1916 54321734 5690 2554 23441014 4562 1916 5432
- 34. #3 Demand That Your Partners Have Good Security 34
- 35. Security Intelligence 35 Security is Only Intelligent if its Unified