SlideShare a Scribd company logo

Presentatie Kaspersky over Malware trends en statistieken, 26062015

Download as PPTX, PDF
SLBdiensten
SLBdiensten

Beveiligingsdag SLBdiensten: 26 juni 2015 Presentatie Kaspersky: Malware en statistieken. Welke trends neemt Kaspersky waar mbt malware, wat zijn de motieven en wat kun je hier tegen doen? - Door Jornt van der Wiel, Security Researcher, Kaspersky Lab Benelux

Education
1 of 19
NEW MOTIVES, NEW THREATS: HOW TO PROTECT YOURSELF FROM TARGETED ATTACKS Jornt v.d. Wiel Global Research and Analysis Team
THE SCALE OF THE THREAT 1 NEW VIRUS EVERY HOUR 1994 1 NEW VIRUS EVERY MINUTE 2006 1 NEW VIRUS EVERY SECOND 2011 325,000 NEW SAMPLES EVERY DAY 2014 The evolving threat landscape2
0.1% 9.9% 90% THE NATURE OF THE THREAT The evolving threat landscape3 Traditional cybercrime Targeted threats to organisations Cyber-weapons
HOW MALWARE SPREADS Exploit kits Email Social networks USB The evolving threat landscape4
Exploit kits Social networks WEB-BASED THREATS The evolving threat landscape5 Exploit kits Social networks Kaspersky Lab discovered almost 1.4 billion web attacks in 2014 38 attacks per second 3.8 million attacks per day 159.000 attacks per hour 2.663 attacks per minute ATTACKS IN 2014
INFECTION: WHERE & WHAT 6 The Evolving Threat Landscape
ADVANCED PERSISTENT THREATS (APT) Facts Classification Detection Time Active Since Gauss Espionage program July 2012 Aug / Sep 2011 • Sophisticated toolkit for cyber- espionage • Implemented by creators of the Flame platform • Modules perform a variety of functions Flame Espionage program May 2012 2007 • Complex set of operations • Downloads extra modules to victim computers • 20 extension modules detected • Sophisticated toolkit Duqu Espionage program September 2011 2010 • Destroys all traces of activity • Core module never detected • No modifications discovered since Feb 2012 miniFlame Espionage program October 2012 October 2012 • Miniature fully- fledged spyware module • Used for highly targeted attacks against select victims • Stand-alone malware or as a plug-in for Flame Wiper Destroyer Never Detected April 2012 • Destroyed dozens of database and computer systems • Majority of targets were organisations in Iran’s oil industry • Malware still unknown to this day The evolving threat landscape7
CYBER-WEAPONS: NUMBER OF VICTIMS OVER 100K OVER 300K 2,500 10K 700 5-6K 20 50-60 10-20 50-60 Stuxnet Gauss Flame Duqu miniFlame Known number of incidents Additional number of incidents (approximate) 300K 100K 10K 1K 50 20 The evolving threat landscape8 Source: Kaspersky Lab
ENERGETIC BEAR – CROUCHING YETI Recent APT Targets: Educational (32); Research(14); IT(10); Geography: 99 different countries Interesting facts: No 0-days used, slightly modified metasploit exploits used How does it work? Three different infection methods Spear-phishing Trojanized software installers Watering hole attacks Upon infection 4 different backdoors + additional tools are installed The evolving threat landscape9 June 2014 2010 Classification: Detection time: Active since: Espionage program
PAGE 10 | Source: Kaspersky Lab 0 2000 4000 6000 8000 10000 12000 14000 16000 18000 20000 MOBILE MALWARE 2014 Growth The evolving threat landscape10
WHY TARGET MOBILE DEVICES? Mobile devices contain a lot of ‘interesting’ things: incoming and outgoing SMS messages work emails business contacts personal photos GPS coordinates online banking credentials various installed apps calendar The evolving threat landscape11
MOBILE MALWARE: TARGETED PLATFORMS Mostly Android! 98.05% Android 1.55% 0.27% 0.13% Others Symbian J2ME The evolving threat landscape12
FUTURE IT THREATS The evolving threat landscape13 CYBER WEAPONS will be tailor-made for specific cases. Cyber criminals will increasingly use simpler tools to destroy data at a required time MULTIPLE ATTACKS ON GOVERNMENT institutions and businesses will be carried out all over the world. ‘Hacktivism’ may also be used to conceal other types of attacks MALWARE will be uploaded to official app stores. Mobile espionage will become widespread including stealing data from mobile phones and tracking people using their phones ATTACKS ON ONLINE BANKING SYSTEMS will become one of the most widespread methods of stealing money from users THE NUMBER OF TARGETED ATTACKS will continue to grow. Cybercriminals will start using new infection methods. The range of targeted businesses under threat will expand CYBER CRIMINALS will write mobile malware increasingly attacking Google Android
MINIMISING YOUR RISK OF INFECTION The evolving threat landscape14 A GReAT tip: Raise Awareness Cybercriminals are increasingly using public data to launch targeted attacks against businesses. Tell your colleagues about the risks associated with sharing personal and business information online.
MINIMISING YOUR RISK OF INFECTION The evolving threat landscape15 A GReAT tip: Keep your software up to date Prevention is better than the cure. Often malware does not use 0- days but known vulnerabilities. Keeping your software up to date mitigates the attack vector considerably. This holds especially for: • Operating System • PDF reader • MS Office • Java • Browser • Flash
MINIMISING YOUR RISK OF INFECTION The evolving threat landscape16 A GReAT tip: Apply whitelisting Having a pre-defined list of benign applications prevents malware from executing applications on your system.
MINIMISING YOUR RISK OF INFECTION The evolving threat landscape17 A GReAT tip: Choose good and different passwords Passwords up to 8 characters can be easily cracked. Therefore passwords of more than 16 characters are recommended. Also, choosing an unique password for each account is advised. In case one account gets compromised, your other accounts are still safe. A password manager can help you with this.
AND IN THE CASE THAT IT GOES WRONG…. The evolving threat landscape18 A GReAT tip: Create backups Backups are always good. If you get infected with, for example, ransomware, then you haven’t lost all of your files. You can backup to the version prior to your infection and you are safe again. Backups are also great for data loss (e.g. due to failing hardware).
THANK YOU

Recommended

4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced Threats4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced ThreatsSymantec
 
State of Application Security: State of Piracy
State of Application Security: State of PiracyState of Application Security: State of Piracy
State of Application Security: State of PiracyIBM Security
 
David Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwareDavid Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwarePro Mrkt
 
INFOGRAPHIC: Top Most Dangerous Malware Trends for 2014
INFOGRAPHIC: Top Most Dangerous Malware Trends for 2014INFOGRAPHIC: Top Most Dangerous Malware Trends for 2014
INFOGRAPHIC: Top Most Dangerous Malware Trends for 2014IBM Security
 
INFOGRAPHIC: 5 Most Dangerous Malware Trends of 2013
INFOGRAPHIC: 5 Most Dangerous Malware Trends of 2013INFOGRAPHIC: 5 Most Dangerous Malware Trends of 2013
INFOGRAPHIC: 5 Most Dangerous Malware Trends of 2013IBM Security
 
IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:
IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:
IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:Nancy Nimmegeers
 
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Jacob Tranter
 
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin KleczynskiKaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin KleczynskiKaseya
 

Recommended

4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced Threats4 Ways to Respond to Today's Advanced Threats
4 Ways to Respond to Today's Advanced ThreatsSymantec
 
State of Application Security: State of Piracy
State of Application Security: State of PiracyState of Application Security: State of Piracy
State of Application Security: State of PiracyIBM Security
 
David Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwareDavid Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwarePro Mrkt
 
INFOGRAPHIC: Top Most Dangerous Malware Trends for 2014
INFOGRAPHIC: Top Most Dangerous Malware Trends for 2014INFOGRAPHIC: Top Most Dangerous Malware Trends for 2014
INFOGRAPHIC: Top Most Dangerous Malware Trends for 2014IBM Security
 
INFOGRAPHIC: 5 Most Dangerous Malware Trends of 2013
INFOGRAPHIC: 5 Most Dangerous Malware Trends of 2013INFOGRAPHIC: 5 Most Dangerous Malware Trends of 2013
INFOGRAPHIC: 5 Most Dangerous Malware Trends of 2013IBM Security
 
IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:
IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:
IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:Nancy Nimmegeers
 
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...
Resolution - Security - Cisco Advanced Malware Protection for Endpoints - Fea...Jacob Tranter
 
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin KleczynskiKaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin KleczynskiKaseya
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
Vulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionVulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionJonathan Cran
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicBlue Coat
 
Patches Arrren't Just for Pirates
Patches Arrren't Just for PiratesPatches Arrren't Just for Pirates
Patches Arrren't Just for Pirateswebnowires
 
Lookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysisLookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysisAndrey Apuhtin
 
What is Ransomware? How You Can Protect Your System
What is Ransomware? How You Can Protect Your SystemWhat is Ransomware? How You Can Protect Your System
What is Ransomware? How You Can Protect Your SystemClickSSL
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous MalwareHTS Hosting
 
The Malware Menace
The Malware MenaceThe Malware Menace
The Malware MenaceTami Brass
 
Bug Bounty Basics
Bug Bounty BasicsBug Bounty Basics
Bug Bounty BasicsHackerOne
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Ransomware - Information And Protection Guide - Executive Summary
Ransomware - Information And Protection Guide - Executive SummaryRansomware - Information And Protection Guide - Executive Summary
Ransomware - Information And Protection Guide - Executive SummaryBright Technology
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
pegasus spyware
pegasus spywarepegasus spyware
pegasus spywarenational forensic science university
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of RansomwareUnitrends
 
ANTI - VIRUS
ANTI - VIRUSANTI - VIRUS
ANTI - VIRUSAnanth Thilak
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMohsin Dahar
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomwareOsirium Limited
 
Mc afee conectando las piezas
Mc afee conectando las piezasMc afee conectando las piezas
Mc afee conectando las piezasSoftware Guru
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasuresNoushin Ahson
 
Rp threat-predictions-2013
Rp threat-predictions-2013Rp threat-predictions-2013
Rp threat-predictions-2013Комсс Файквэе
 
The Modern Malware Review March 2013
The Modern Malware Review March 2013The Modern Malware Review March 2013
The Modern Malware Review March 2013- Mark - Fullbright
 

More Related Content

What's hot

seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
Vulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionVulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionJonathan Cran
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicBlue Coat
 
Patches Arrren't Just for Pirates
Patches Arrren't Just for PiratesPatches Arrren't Just for Pirates
Patches Arrren't Just for Pirateswebnowires
 
Lookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysisLookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysisAndrey Apuhtin
 
What is Ransomware? How You Can Protect Your System
What is Ransomware? How You Can Protect Your SystemWhat is Ransomware? How You Can Protect Your System
What is Ransomware? How You Can Protect Your SystemClickSSL
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous MalwareHTS Hosting
 
The Malware Menace
The Malware MenaceThe Malware Menace
The Malware MenaceTami Brass
 
Bug Bounty Basics
Bug Bounty BasicsBug Bounty Basics
Bug Bounty BasicsHackerOne
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Ransomware - Information And Protection Guide - Executive Summary
Ransomware - Information And Protection Guide - Executive SummaryRansomware - Information And Protection Guide - Executive Summary
Ransomware - Information And Protection Guide - Executive SummaryBright Technology
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of RansomwareUnitrends
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMohsin Dahar
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomwareOsirium Limited
 
Mc afee conectando las piezas
Mc afee conectando las piezasMc afee conectando las piezas
Mc afee conectando las piezasSoftware Guru
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasuresNoushin Ahson
 

What's hot (20)

seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomware
 
Vulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionVulnerability Prioritization and Prediction
Vulnerability Prioritization and Prediction
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle Infographic
 
Patches Arrren't Just for Pirates
Patches Arrren't Just for PiratesPatches Arrren't Just for Pirates
Patches Arrren't Just for Pirates
 
Lookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysisLookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysis
 
What is Ransomware? How You Can Protect Your System
What is Ransomware? How You Can Protect Your SystemWhat is Ransomware? How You Can Protect Your System
What is Ransomware? How You Can Protect Your System
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous Malware
 
The Malware Menace
The Malware MenaceThe Malware Menace
The Malware Menace
 
Bug Bounty Basics
Bug Bounty BasicsBug Bounty Basics
Bug Bounty Basics
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
 
Ransomware - Information And Protection Guide - Executive Summary
Ransomware - Information And Protection Guide - Executive SummaryRansomware - Information And Protection Guide - Executive Summary
Ransomware - Information And Protection Guide - Executive Summary
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpoint
 
pegasus spyware
pegasus spywarepegasus spyware
pegasus spyware
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA Compliance
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of Ransomware
 
ANTI - VIRUS
ANTI - VIRUSANTI - VIRUS
ANTI - VIRUS
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpur
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomware
 
Mc afee conectando las piezas
Mc afee conectando las piezasMc afee conectando las piezas
Mc afee conectando las piezas
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasures
 

Similar to Presentatie Kaspersky over Malware trends en statistieken, 26062015

The Modern Malware Review March 2013
The Modern Malware Review March 2013The Modern Malware Review March 2013
The Modern Malware Review March 2013- Mark - Fullbright
 
Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...Deb Birch
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionBitglass
 
En msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurityEn msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurityOnline Business
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky
 
Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareTeodoro Cipresso
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOKBoris Loukanov
 
Check point 2015-securityreport
Check point 2015-securityreportCheck point 2015-securityreport
Check point 2015-securityreportEIINSTITUT
 
State of Application Security Vol. 4
State of Application Security Vol. 4State of Application Security Vol. 4
State of Application Security Vol. 4IBM Security
 
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceHow to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceSparkCognition
 
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]AngelGomezRomero
 
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Security
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
Protect Your Enterprise - Check Point SandBlast Mobile
Protect Your Enterprise - Check Point SandBlast MobileProtect Your Enterprise - Check Point SandBlast Mobile
Protect Your Enterprise - Check Point SandBlast MobileMarketingArrowECS_CZ
 
McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013- Mark - Fullbright
 

Similar to Presentatie Kaspersky over Malware trends en statistieken, 26062015 (20)

Rp threat-predictions-2013
Rp threat-predictions-2013Rp threat-predictions-2013
Rp threat-predictions-2013
 
The Modern Malware Review March 2013
The Modern Malware Review March 2013The Modern Malware Review March 2013
The Modern Malware Review March 2013
 
The modern-malware-review-march-2013
The modern-malware-review-march-2013 The modern-malware-review-march-2013
The modern-malware-review-march-2013
 
Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
 
En msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurityEn msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurity
 
2016 Trends in Security
2016 Trends in Security 2016 Trends in Security
2016 Trends in Security
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
 
Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting Malware
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK
 
Check point 2015-securityreport
Check point 2015-securityreportCheck point 2015-securityreport
Check point 2015-securityreport
 
State of Application Security Vol. 4
State of Application Security Vol. 4State of Application Security Vol. 4
State of Application Security Vol. 4
 
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceHow to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
 
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
OpenSouthCode '19 - Application Security Fundamentals [2019-May-25]
 
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion Guide
 
Malware
MalwareMalware
Malware
 
Malware
MalwareMalware
Malware
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 
Protect Your Enterprise - Check Point SandBlast Mobile
Protect Your Enterprise - Check Point SandBlast MobileProtect Your Enterprise - Check Point SandBlast Mobile
Protect Your Enterprise - Check Point SandBlast Mobile
 
McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013
 

More from SLBdiensten

INFORMATIEBEVEILIGING EN PRIVACY IN HET ONDERWIJS
INFORMATIEBEVEILIGING EN PRIVACY IN HET ONDERWIJSINFORMATIEBEVEILIGING EN PRIVACY IN HET ONDERWIJS
INFORMATIEBEVEILIGING EN PRIVACY IN HET ONDERWIJSSLBdiensten
 
21E EEUWSE VAARDIGHEDEN MET ADOBE
21E EEUWSE VAARDIGHEDEN MET ADOBE21E EEUWSE VAARDIGHEDEN MET ADOBE
21E EEUWSE VAARDIGHEDEN MET ADOBESLBdiensten
 
VERGROOT DE ICT-VAARDIGHEDEN VAN UW LEERLINGEN MET MICROSOFT OFFICE SPECIALIS...
VERGROOT DE ICT-VAARDIGHEDEN VAN UW LEERLINGEN MET MICROSOFT OFFICE SPECIALIS...VERGROOT DE ICT-VAARDIGHEDEN VAN UW LEERLINGEN MET MICROSOFT OFFICE SPECIALIS...
VERGROOT DE ICT-VAARDIGHEDEN VAN UW LEERLINGEN MET MICROSOFT OFFICE SPECIALIS...SLBdiensten
 
Presentatie eduard beck
Presentatie eduard beckPresentatie eduard beck
Presentatie eduard beckSLBdiensten
 
Office 365 in de Klas
Office 365 in de KlasOffice 365 in de Klas
Office 365 in de KlasSLBdiensten
 
Digital transformation & Education
Digital transformation & EducationDigital transformation & Education
Digital transformation & EducationSLBdiensten
 
Presentatie Breinwave Microsoft cloudportfolio
Presentatie Breinwave Microsoft cloudportfolioPresentatie Breinwave Microsoft cloudportfolio
Presentatie Breinwave Microsoft cloudportfolioSLBdiensten
 
SketchUp Pro Educatief, 4 oktober 2016
SketchUp Pro Educatief, 4 oktober 2016SketchUp Pro Educatief, 4 oktober 2016
SketchUp Pro Educatief, 4 oktober 2016SLBdiensten
 
Referentiecase Office 365 op het Pius X College
Referentiecase Office 365 op het Pius X College Referentiecase Office 365 op het Pius X College
Referentiecase Office 365 op het Pius X College SLBdiensten
 
Presentatie BeveiligMij over ICT beveiliging
Presentatie BeveiligMij over ICT beveiligingPresentatie BeveiligMij over ICT beveiliging
Presentatie BeveiligMij over ICT beveiligingSLBdiensten
 
Presentatie over meldplicht datalekken en ecryptie door Sophos
Presentatie over meldplicht datalekken en ecryptie door SophosPresentatie over meldplicht datalekken en ecryptie door Sophos
Presentatie over meldplicht datalekken en ecryptie door SophosSLBdiensten
 
Presentatie Kennisnet over informatiebeveiliging in mbo en vo
Presentatie Kennisnet over informatiebeveiliging in mbo en vo Presentatie Kennisnet over informatiebeveiliging in mbo en vo
Presentatie Kennisnet over informatiebeveiliging in mbo en vo SLBdiensten
 
Presentatie Jabra door Glenn Tjebbes op 10 maartr 2016
Presentatie Jabra door Glenn Tjebbes op 10 maartr 2016Presentatie Jabra door Glenn Tjebbes op 10 maartr 2016
Presentatie Jabra door Glenn Tjebbes op 10 maartr 2016SLBdiensten
 
Presentatie MBO Utrecht over Skype implementatie vs Jabra
Presentatie MBO Utrecht over Skype implementatie vs Jabra Presentatie MBO Utrecht over Skype implementatie vs Jabra
Presentatie MBO Utrecht over Skype implementatie vs Jabra SLBdiensten
 
Presentatie adobe informatiesessie ipon
Presentatie adobe informatiesessie iponPresentatie adobe informatiesessie ipon
Presentatie adobe informatiesessie iponSLBdiensten
 
Van laptopkar tot laptopklas, lessen uit het Surface PROject
Van laptopkar tot laptopklas, lessen uit het Surface PROjectVan laptopkar tot laptopklas, lessen uit het Surface PROject
Van laptopkar tot laptopklas, lessen uit het Surface PROjectSLBdiensten
 
Privacy goed geregeld
Privacy goed geregeldPrivacy goed geregeld
Privacy goed geregeldSLBdiensten
 
Onderwijs maken met Office 365
Onderwijs maken met Office 365Onderwijs maken met Office 365
Onderwijs maken met Office 365SLBdiensten
 
Internet of Things, Coderen in de klas en 3D printing
Internet of Things, Coderen in de klas en 3D printingInternet of Things, Coderen in de klas en 3D printing
Internet of Things, Coderen in de klas en 3D printingSLBdiensten
 

More from SLBdiensten (20)

INFORMATIEBEVEILIGING EN PRIVACY IN HET ONDERWIJS
INFORMATIEBEVEILIGING EN PRIVACY IN HET ONDERWIJSINFORMATIEBEVEILIGING EN PRIVACY IN HET ONDERWIJS
INFORMATIEBEVEILIGING EN PRIVACY IN HET ONDERWIJS
 
21E EEUWSE VAARDIGHEDEN MET ADOBE
21E EEUWSE VAARDIGHEDEN MET ADOBE21E EEUWSE VAARDIGHEDEN MET ADOBE
21E EEUWSE VAARDIGHEDEN MET ADOBE
 
VERGROOT DE ICT-VAARDIGHEDEN VAN UW LEERLINGEN MET MICROSOFT OFFICE SPECIALIS...
VERGROOT DE ICT-VAARDIGHEDEN VAN UW LEERLINGEN MET MICROSOFT OFFICE SPECIALIS...VERGROOT DE ICT-VAARDIGHEDEN VAN UW LEERLINGEN MET MICROSOFT OFFICE SPECIALIS...
VERGROOT DE ICT-VAARDIGHEDEN VAN UW LEERLINGEN MET MICROSOFT OFFICE SPECIALIS...
 
Presentatie eduard beck
Presentatie eduard beckPresentatie eduard beck
Presentatie eduard beck
 
Office 365 in de Klas
Office 365 in de KlasOffice 365 in de Klas
Office 365 in de Klas
 
Digital transformation & Education
Digital transformation & EducationDigital transformation & Education
Digital transformation & Education
 
Presentatie Breinwave Microsoft cloudportfolio
Presentatie Breinwave Microsoft cloudportfolioPresentatie Breinwave Microsoft cloudportfolio
Presentatie Breinwave Microsoft cloudportfolio
 
SketchUp Pro Educatief, 4 oktober 2016
SketchUp Pro Educatief, 4 oktober 2016SketchUp Pro Educatief, 4 oktober 2016
SketchUp Pro Educatief, 4 oktober 2016
 
Referentiecase Office 365 op het Pius X College
Referentiecase Office 365 op het Pius X College Referentiecase Office 365 op het Pius X College
Referentiecase Office 365 op het Pius X College
 
Presentatie BeveiligMij over ICT beveiliging
Presentatie BeveiligMij over ICT beveiligingPresentatie BeveiligMij over ICT beveiliging
Presentatie BeveiligMij over ICT beveiliging
 
Presentatie over meldplicht datalekken en ecryptie door Sophos
Presentatie over meldplicht datalekken en ecryptie door SophosPresentatie over meldplicht datalekken en ecryptie door Sophos
Presentatie over meldplicht datalekken en ecryptie door Sophos
 
Presentatie Kennisnet over informatiebeveiliging in mbo en vo
Presentatie Kennisnet over informatiebeveiliging in mbo en vo Presentatie Kennisnet over informatiebeveiliging in mbo en vo
Presentatie Kennisnet over informatiebeveiliging in mbo en vo
 
Survey
SurveySurvey
Survey
 
Presentatie Jabra door Glenn Tjebbes op 10 maartr 2016
Presentatie Jabra door Glenn Tjebbes op 10 maartr 2016Presentatie Jabra door Glenn Tjebbes op 10 maartr 2016
Presentatie Jabra door Glenn Tjebbes op 10 maartr 2016
 
Presentatie MBO Utrecht over Skype implementatie vs Jabra
Presentatie MBO Utrecht over Skype implementatie vs Jabra Presentatie MBO Utrecht over Skype implementatie vs Jabra
Presentatie MBO Utrecht over Skype implementatie vs Jabra
 
Presentatie adobe informatiesessie ipon
Presentatie adobe informatiesessie iponPresentatie adobe informatiesessie ipon
Presentatie adobe informatiesessie ipon
 
Van laptopkar tot laptopklas, lessen uit het Surface PROject
Van laptopkar tot laptopklas, lessen uit het Surface PROjectVan laptopkar tot laptopklas, lessen uit het Surface PROject
Van laptopkar tot laptopklas, lessen uit het Surface PROject
 
Privacy goed geregeld
Privacy goed geregeldPrivacy goed geregeld
Privacy goed geregeld
 
Onderwijs maken met Office 365
Onderwijs maken met Office 365Onderwijs maken met Office 365
Onderwijs maken met Office 365
 
Internet of Things, Coderen in de klas en 3D printing
Internet of Things, Coderen in de klas en 3D printingInternet of Things, Coderen in de klas en 3D printing
Internet of Things, Coderen in de klas en 3D printing
 

Recently uploaded

Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 

Recently uploaded (20)

Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 

Presentatie Kaspersky over Malware trends en statistieken, 26062015

  • 1. NEW MOTIVES, NEW THREATS: HOW TO PROTECT YOURSELF FROM TARGETED ATTACKS Jornt v.d. Wiel Global Research and Analysis Team
  • 2. THE SCALE OF THE THREAT 1 NEW VIRUS EVERY HOUR 1994 1 NEW VIRUS EVERY MINUTE 2006 1 NEW VIRUS EVERY SECOND 2011 325,000 NEW SAMPLES EVERY DAY 2014 The evolving threat landscape2
  • 3. 0.1% 9.9% 90% THE NATURE OF THE THREAT The evolving threat landscape3 Traditional cybercrime Targeted threats to organisations Cyber-weapons
  • 5. Exploit kits Social networks WEB-BASED THREATS The evolving threat landscape5 Exploit kits Social networks Kaspersky Lab discovered almost 1.4 billion web attacks in 2014 38 attacks per second 3.8 million attacks per day 159.000 attacks per hour 2.663 attacks per minute ATTACKS IN 2014
  • 6. INFECTION: WHERE & WHAT 6 The Evolving Threat Landscape
  • 7. ADVANCED PERSISTENT THREATS (APT) Facts Classification Detection Time Active Since Gauss Espionage program July 2012 Aug / Sep 2011 • Sophisticated toolkit for cyber- espionage • Implemented by creators of the Flame platform • Modules perform a variety of functions Flame Espionage program May 2012 2007 • Complex set of operations • Downloads extra modules to victim computers • 20 extension modules detected • Sophisticated toolkit Duqu Espionage program September 2011 2010 • Destroys all traces of activity • Core module never detected • No modifications discovered since Feb 2012 miniFlame Espionage program October 2012 October 2012 • Miniature fully- fledged spyware module • Used for highly targeted attacks against select victims • Stand-alone malware or as a plug-in for Flame Wiper Destroyer Never Detected April 2012 • Destroyed dozens of database and computer systems • Majority of targets were organisations in Iran’s oil industry • Malware still unknown to this day The evolving threat landscape7
  • 8. CYBER-WEAPONS: NUMBER OF VICTIMS OVER 100K OVER 300K 2,500 10K 700 5-6K 20 50-60 10-20 50-60 Stuxnet Gauss Flame Duqu miniFlame Known number of incidents Additional number of incidents (approximate) 300K 100K 10K 1K 50 20 The evolving threat landscape8 Source: Kaspersky Lab
  • 9. ENERGETIC BEAR – CROUCHING YETI Recent APT Targets: Educational (32); Research(14); IT(10); Geography: 99 different countries Interesting facts: No 0-days used, slightly modified metasploit exploits used How does it work? Three different infection methods Spear-phishing Trojanized software installers Watering hole attacks Upon infection 4 different backdoors + additional tools are installed The evolving threat landscape9 June 2014 2010 Classification: Detection time: Active since: Espionage program
  • 10. PAGE 10 | Source: Kaspersky Lab 0 2000 4000 6000 8000 10000 12000 14000 16000 18000 20000 MOBILE MALWARE 2014 Growth The evolving threat landscape10
  • 11. WHY TARGET MOBILE DEVICES? Mobile devices contain a lot of ‘interesting’ things: incoming and outgoing SMS messages work emails business contacts personal photos GPS coordinates online banking credentials various installed apps calendar The evolving threat landscape11
  • 12. MOBILE MALWARE: TARGETED PLATFORMS Mostly Android! 98.05% Android 1.55% 0.27% 0.13% Others Symbian J2ME The evolving threat landscape12
  • 13. FUTURE IT THREATS The evolving threat landscape13 CYBER WEAPONS will be tailor-made for specific cases. Cyber criminals will increasingly use simpler tools to destroy data at a required time MULTIPLE ATTACKS ON GOVERNMENT institutions and businesses will be carried out all over the world. ‘Hacktivism’ may also be used to conceal other types of attacks MALWARE will be uploaded to official app stores. Mobile espionage will become widespread including stealing data from mobile phones and tracking people using their phones ATTACKS ON ONLINE BANKING SYSTEMS will become one of the most widespread methods of stealing money from users THE NUMBER OF TARGETED ATTACKS will continue to grow. Cybercriminals will start using new infection methods. The range of targeted businesses under threat will expand CYBER CRIMINALS will write mobile malware increasingly attacking Google Android
  • 14. MINIMISING YOUR RISK OF INFECTION The evolving threat landscape14 A GReAT tip: Raise Awareness Cybercriminals are increasingly using public data to launch targeted attacks against businesses. Tell your colleagues about the risks associated with sharing personal and business information online.
  • 15. MINIMISING YOUR RISK OF INFECTION The evolving threat landscape15 A GReAT tip: Keep your software up to date Prevention is better than the cure. Often malware does not use 0- days but known vulnerabilities. Keeping your software up to date mitigates the attack vector considerably. This holds especially for: • Operating System • PDF reader • MS Office • Java • Browser • Flash
  • 16. MINIMISING YOUR RISK OF INFECTION The evolving threat landscape16 A GReAT tip: Apply whitelisting Having a pre-defined list of benign applications prevents malware from executing applications on your system.
  • 17. MINIMISING YOUR RISK OF INFECTION The evolving threat landscape17 A GReAT tip: Choose good and different passwords Passwords up to 8 characters can be easily cracked. Therefore passwords of more than 16 characters are recommended. Also, choosing an unique password for each account is advised. In case one account gets compromised, your other accounts are still safe. A password manager can help you with this.
  • 18. AND IN THE CASE THAT IT GOES WRONG…. The evolving threat landscape18 A GReAT tip: Create backups Backups are always good. If you get infected with, for example, ransomware, then you haven’t lost all of your files. You can backup to the version prior to your infection and you are safe again. Backups are also great for data loss (e.g. due to failing hardware).

Editor's Notes

  1. 8
  2. 10