Priyanka Aash, profile picture
Uploaded byPriyanka Aash
PDF, PPTX180 views

The malware monetization machine

The document discusses the business operations of a company involved in malware monetization, highlighting growth metrics, software distribution, and an overview of Q4's performance. It emphasizes the increasing complexity of security threats, particularly ransomware and mobile malware, while outlining strategies for combating these risks. Additionally, it mentions the importance of secure practices and offers recommendations for ransomware defense.

Embed presentation

Download as PDF, PPTX
SESSION ID:SESSION ID: #RSAC Tony Anscombe The Malware Monetization Machine SPO2-R11 VP and Senior Security Evangelist Avast @TonyAtAVG
The Malware Monetization Machine Tony Anscombe ***********
#RSAC Malware Inc. The Business 3
#RSAC Malware Inc. The Business 4 30 employees Healthcare, vacation, lunch, gym membership Goal: grow distribution and use of software increasing LTV and ROI 2 offices located anywhere Revenue 2015 - $25m 2016 - $1bn 2017 - >2x growth?
#RSAC Malware Inc. Products and Services 5 Software distribution Data storage and encryption Data collection and sales Support services
#RSAC Malware Inc. Software Distribution Q4 Recap 6 Q4 software distribution campaigns Email delivery • 20m emails delivered to 12m unique users • Open rate • Execution of the software package • Conversion rates to paying customer
#RSAC Malware Inc. Software Distribution Q4 Recap 7 Q4 software distribution campaigns Hosted website downloads • Automated - drive by download • Unique users vs actual delivery/installation • User initiated - click jacking • CTR - Click Through Rate 0.5%
#RSAC Malware Inc. Q4 Data Business 8 Q4 data collection Mobile App distribution Collected from 3rd parties Service redirection Email campaigns
#RSAC Malware Inc. Bonus Payments Over achievement on goals Revenue exceeded target All staff will receive a 110% bonus We shutdown for the holidays early, congratulations! 9
#RSAC Malware Inc. Bonus Payments Over achievement on goals Revenue exceeded target All staff will receive a 110% bonus We shutdown for the holidays early, congratulations! 10 January 17, 2017 Locky down as cybercrime takes a brief December holiday
#RSAC Malware Inc. Q1 Target Markets 11
#RSAC Malware Inc. Q1 Target Markets High monetizing countries 12
#RSAC Malware Inc. Q1 Initiatives 13 A/B testing of offer screens
#RSAC Malware Inc. Q1 Testing Payment Methods 14
#RSAC Malware Inc. Q1 Translation 15 12 Languages to be offered
#RSAC Malware Inc. Q1 Time Sensitive Offers 16 Early purchase discounts
#RSAC Malware Inc. Q1 Detecting Fraud 17
#RSAC Malware Inc. Q1 Legacy Customers 18
#RSAC Malware Inc. Q1 Software Sales 19 Product sales security software
#RSAC Malware Inc. Q1 Identity Duplication 20 Stealing login details
#RSAC Malware Inc. Q1 Identity Duplication 21 X
#RSAC Malware Inc. Q1 Mobile 22
#RSAC Malware Inc. EOL Products 23 Banking Trojans Premium rate SMS
#RSAC Affiliate/Partner Sales Victims Affiliates The boss 24
#RSAC Malware Inc. Q1 Outsourced Engineering 25 Bot nets/herders Exploit writers Malware writers Infrastructure/tool providers
#RSAC Malware Inc. The Competition 26
How do we combat?
#RSAC Overall security threat is growing in complexity Mobile threats are also accelerating People’s Security Needs are Growing Total malware threats, millions (Cumulative malware threat attacks, million) 2010 2011 2012 2013 2014 2015 47 65 470 183 100 326 0.35 1.01 4.26 10.6 585 2016 17.0 30 Mobile malware threats, millions (Cumulative malware threat attacks, million)
#RSAC Probability of Attack - The Americas 31
#RSAC Probability of Attack - The Americas 32 CA: 15% US: 14% MX: 21% BR: 20% PE: 27% FR: 16% PT: 18% MA: 29% SN: 28% …
#RSAC Probability of Attack - Most of ROW 33
#RSAC Probability of Attack - Most of ROW 34 CZ: 27% EG: 25% RU: 25% ET: 41% KZ: 27% SA: 14% TZ: 23% IN: 28% LK: 29% …
#RSAC How do we combat? 35 Incidents per day 23.7 million
#RSAC How do we combat? 36 Incidents - rolling 30 687.0 million
#RSAC Where do threats hide?
#RSAC Ransomware - 2016 #1 Threat 150 new strains of ransomware 128,108,948 x $500 = (detections) (average ransom)
#RSAC Ransomware - 2016 #1 Threat 150 new strains of ransomware 128,108,948 x $500 = $ 64,054,474,000 105% growth year on year (detections) (average ransom)
#RSAC Ransomware Hotspots 1. US 2. Brazil 3. Russia 4. UK 5. Mexico 6. Italy 7. Spain 8. Canada 9. Poland 10. Australia 11. India 40
#RSAC Combatting Ransomware Many different forms Scareware, screen lockers, crypto lockers, Doxingware Ransomware is detected on every protection layer, including behavioral analysis 14 ‘Free’ decryption tools available Decryption is a last resort Not Decryptable , 0.565 Decryptable , 0.3785 Plausible Decryption , 0.0565 41
#RSAC Connected devices estimated to reach up to 50 billion by 2020 Source: Cisco IBSG Report 42 Internet of Things is Exploding Avast Confidential
#RSAC Enslaved IoT Devices IoT attacks more frequent: • DDoS attack on Dyn • 900,000 Telekom routers attacked • 2016: from more than 4.3 million routers scanned, 48% had some security vulnerability • More than 50% of all home routers use default passwords • 2 out of 5 people are unaware that their router has an administrative interface where they can log in to view and change their settings • 1 out of 7 log into their router’s admin interface weekly or monthly to check for updates43
#RSAC Avast Confidential 44 Over 400M endpoints acting as sensors. Allow us to detect and neutralize threats fast. Largest, most sophisticated, most geographically dispersed threat detection network. World’s largest security-centric machine-learning network. About Avast Leveraging data analytics to improve customers online lifestyle. 8,524 virtual, 2,527 physical and 443 AWS servers 82,600 simultaneous VPN connections 2.1m DNS requests (normal and secure) per second 3.6tr URLs processed per year 45.8m concurrent connections Pushed 110pb of data in last three months
#RSAC Best Practices for a Ransomware Defense: 45 Ensure your systems, applications and devices are fully updated and patched Ensure you have strong layered anti-malware security solution Educate employees not to open suspicious attachments Disable Microsoft Office macros by default as a policy Keep recent backup copies, disconnected and offsite
#RSAC Summary 46 Anti-Malware is a passionate business Malware is a business X
#RSAC Tony Anscombe tony.anscombe@avast.com

More Related Content

PDF
Supply Chain Attack Backdooring Your Networks
byBangladesh Network Operators Group
 
PPTX
NormShield Cyber Threat & Vulnerability Orchestration Overview
byNormShield, Inc.
 
PPTX
Fle f04 mishra-v0.9
byMinatee Mishra
 
PDF
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
byPriyanka Aash
 
PDF
Upwardly Mobile: Looking at Evolving Cybercrime Tactics in Mobile Malware
byPriyanka Aash
 
PDF
StealthWatch & Point-of-Sale (POS) Malware
byLancope, Inc.
 
PPTX
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
bymichaelbasoah
 
PPTX
The Threat Landscape in the Era of Directed Attacks - Webinar
byKaspersky
 
Supply Chain Attack Backdooring Your Networks
byBangladesh Network Operators Group
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
byNormShield, Inc.
 
Fle f04 mishra-v0.9
byMinatee Mishra
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
byPriyanka Aash
 
Upwardly Mobile: Looking at Evolving Cybercrime Tactics in Mobile Malware
byPriyanka Aash
 
StealthWatch & Point-of-Sale (POS) Malware
byLancope, Inc.
 
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
bymichaelbasoah
 
The Threat Landscape in the Era of Directed Attacks - Webinar
byKaspersky
 

What's hot

PPTX
3rd Party Cyber Security: Manage your ecosystem!
byNormShield, Inc.
 
PPTX
Ascendiendo a la GEN V de Cyber Security
byCristian Garcia G.
 
PDF
Enterprise Security featuring UBA
bySplunk
 
PPTX
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
byCristian Garcia G.
 
PDF
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
bySymantec
 
PPTX
160415 lan and-wan-ctap
byLan & Wan Solutions
 
PPTX
State of the Internet: Mirai, IOT and History of Botnets
byRahul Neel Mani
 
PPTX
LSI Spring Agent Open House 2014
byAshlie Steele
 
PDF
Understanding Advanced Threats and How to Prevent Them
byMarketingArrowECS_CZ
 
PPTX
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
byCristian Garcia G.
 
PDF
DON'T Use Two-Factor Authentication...Unless You Need It!
byPriyanka Aash
 
PDF
Pactera - Cloud, Application, Cyber Security Trend 2016
byKyle Lai
 
PDF
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
byKaspersky
 
PDF
Attacks on Critical Infrastructure: Insights from the “Big Board”
byPriyanka Aash
 
PDF
Surviving the Ransomware Plague
byMarketingArrowECS_CZ
 
PDF
The Motives, Means and Methods of Cyber-Adversaries
byKaspersky
 
PPTX
Open Source Insight: Heartbleed Results in £100,000 fine, WannaCry Hits Japan...
byBlack Duck by Synopsys
 
PDF
Smart Megalopolises. How Safe and Reliable Is Your Data?
byPriyanka Aash
 
PPTX
Next-generation Zero Trust Cybersecurity for the Space Age
byBlock Armour
 
PPTX
Disección de amenazas en entornos de nube
byCristian Garcia G.
 
3rd Party Cyber Security: Manage your ecosystem!
byNormShield, Inc.
 
Ascendiendo a la GEN V de Cyber Security
byCristian Garcia G.
 
Enterprise Security featuring UBA
bySplunk
 
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
byCristian Garcia G.
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
bySymantec
 
160415 lan and-wan-ctap
byLan & Wan Solutions
 
State of the Internet: Mirai, IOT and History of Botnets
byRahul Neel Mani
 
LSI Spring Agent Open House 2014
byAshlie Steele
 
Understanding Advanced Threats and How to Prevent Them
byMarketingArrowECS_CZ
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
byCristian Garcia G.
 
DON'T Use Two-Factor Authentication...Unless You Need It!
byPriyanka Aash
 
Pactera - Cloud, Application, Cyber Security Trend 2016
byKyle Lai
 
Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...
byKaspersky
 
Attacks on Critical Infrastructure: Insights from the “Big Board”
byPriyanka Aash
 
Surviving the Ransomware Plague
byMarketingArrowECS_CZ
 
The Motives, Means and Methods of Cyber-Adversaries
byKaspersky
 
Open Source Insight: Heartbleed Results in £100,000 fine, WannaCry Hits Japan...
byBlack Duck by Synopsys
 
Smart Megalopolises. How Safe and Reliable Is Your Data?
byPriyanka Aash
 
Next-generation Zero Trust Cybersecurity for the Space Age
byBlock Armour
 
Disección de amenazas en entornos de nube
byCristian Garcia G.
 

Similar to The malware monetization machine

PDF
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
bySounil Yu
 
PDF
The Unexpected Attack Vector: Software Updaters
byPriyanka Aash
 
PPT
Paul Henry’s 2011 Malware Trends
byLumension
 
PPTX
Cyber Defense Matrix: Reloaded
bySounil Yu
 
PPTX
Cybersecurity model and top cloud security controls for product development e...
byJames DeLuccia IV
 
PDF
Security in the App Economy: How to Ride the Wave Without Wiping Out!
byCA Technologies
 
PDF
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
byPriyanka Aash
 
PDF
A Vision for Shared, Central Intelligence to Ebb a Growing Flood of Alerts
byPriyanka Aash
 
PPTX
EverSec + Cyphort: Big Trends in Cybersecurity
byCyphort
 
PDF
RSA ASIA 2014 - Internet of Things
byWolfgang Kandek
 
PDF
What Is Next-Generation Endpoint Security and Why Do You Need It?
byPriyanka Aash
 
PDF
Exploring the Real-World Application Security Top 10
byPriyanka Aash
 
PPTX
RSA USA 2015 - Getting a Jump on Hackers
byWolfgang Kandek
 
PDF
Fighting malware - keeping your Intellectual Property safe
byPrayukth K V
 
PDF
Maximize Computer Security With Limited Ressources
bySecunia
 
PPTX
Tenzin thiley bhutia
byTenzin Thiley
 
PDF
3. Ransomware (cyber awareness series)
byIsaac Feliciano
 
PDF
Introducing a Security Program to Large Scale Legacy Products
byPriyanka Aash
 
PDF
Modern Lessons in Security Monitoring
byAnton Goncharov
 
PPTX
Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...
byAdrian Sanabria
 
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...
bySounil Yu
 
The Unexpected Attack Vector: Software Updaters
byPriyanka Aash
 
Paul Henry’s 2011 Malware Trends
byLumension
 
Cyber Defense Matrix: Reloaded
bySounil Yu
 
Cybersecurity model and top cloud security controls for product development e...
byJames DeLuccia IV
 
Security in the App Economy: How to Ride the Wave Without Wiping Out!
byCA Technologies
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
byPriyanka Aash
 
A Vision for Shared, Central Intelligence to Ebb a Growing Flood of Alerts
byPriyanka Aash
 
EverSec + Cyphort: Big Trends in Cybersecurity
byCyphort
 
RSA ASIA 2014 - Internet of Things
byWolfgang Kandek
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
byPriyanka Aash
 
Exploring the Real-World Application Security Top 10
byPriyanka Aash
 
RSA USA 2015 - Getting a Jump on Hackers
byWolfgang Kandek
 
Fighting malware - keeping your Intellectual Property safe
byPrayukth K V
 
Maximize Computer Security With Limited Ressources
bySecunia
 
Tenzin thiley bhutia
byTenzin Thiley
 
3. Ransomware (cyber awareness series)
byIsaac Feliciano
 
Introducing a Security Program to Large Scale Legacy Products
byPriyanka Aash
 
Modern Lessons in Security Monitoring
byAnton Goncharov
 
Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...
byAdrian Sanabria
 

More from Priyanka Aash

PDF
Cyber Defense Matrix Workshop - RSA Conference
byPriyanka Aash
 
PDF
Techniques for Automatic Device Identification and Network Assignment.pdf
byPriyanka Aash
 
PDF
Coordinated Disclosure for ML - What's Different and What's the Same.pdf
byPriyanka Aash
 
PDF
Cracking the Code - Unveiling Synergies Between Open Source Security and AI.pdf
byPriyanka Aash
 
PDF
Redefining Cybersecurity with AI Capabilities
byPriyanka Aash
 
PDF
From Chatbot to Destroyer of Endpoints - Can ChatGPT Automate EDR Bypasses (1...
byPriyanka Aash
 
PDF
Securing AI - There Is No Try, Only Do!.pdf
byPriyanka Aash
 
PDF
Lessons Learned from Developing Secure AI Workflows.pdf
byPriyanka Aash
 
PDF
10 Key Challenges for AI within the EU Data Protection Framework.pdf
byPriyanka Aash
 
PDF
A Constitutional Quagmire - Ethical Minefields of AI, Cyber, and Privacy.pdf
byPriyanka Aash
 
PDF
GenAI Opportunities and Challenges - Where 370 Enterprises Are Focusing Now.pdf
byPriyanka Aash
 
PDF
Oh, the Possibilities - Balancing Innovation and Risk with Generative AI.pdf
byPriyanka Aash
 
PDF
Finetuning GenAI For Hacking and Defending
byPriyanka Aash
 
PPTX
AI Code Generation Risks (Ramkumar Dilli, CIO, Myridius)
byPriyanka Aash
 
PDF
Keynote : AI & Future Of Offensive Security
byPriyanka Aash
 
PDF
Keynote : Presentation on SASE Technology
byPriyanka Aash
 
PDF
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
byPriyanka Aash
 
PDF
Demystifying Neural Networks And Building Cybersecurity Applications
byPriyanka Aash
 
PDF
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
byPriyanka Aash
 
PDF
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
byPriyanka Aash
 
Cyber Defense Matrix Workshop - RSA Conference
byPriyanka Aash
 
Techniques for Automatic Device Identification and Network Assignment.pdf
byPriyanka Aash
 
Coordinated Disclosure for ML - What's Different and What's the Same.pdf
byPriyanka Aash
 
Cracking the Code - Unveiling Synergies Between Open Source Security and AI.pdf
byPriyanka Aash
 
Redefining Cybersecurity with AI Capabilities
byPriyanka Aash
 
From Chatbot to Destroyer of Endpoints - Can ChatGPT Automate EDR Bypasses (1...
byPriyanka Aash
 
Securing AI - There Is No Try, Only Do!.pdf
byPriyanka Aash
 
Lessons Learned from Developing Secure AI Workflows.pdf
byPriyanka Aash
 
10 Key Challenges for AI within the EU Data Protection Framework.pdf
byPriyanka Aash
 
A Constitutional Quagmire - Ethical Minefields of AI, Cyber, and Privacy.pdf
byPriyanka Aash
 
GenAI Opportunities and Challenges - Where 370 Enterprises Are Focusing Now.pdf
byPriyanka Aash
 
Oh, the Possibilities - Balancing Innovation and Risk with Generative AI.pdf
byPriyanka Aash
 
Finetuning GenAI For Hacking and Defending
byPriyanka Aash
 
AI Code Generation Risks (Ramkumar Dilli, CIO, Myridius)
byPriyanka Aash
 
Keynote : AI & Future Of Offensive Security
byPriyanka Aash
 
Keynote : Presentation on SASE Technology
byPriyanka Aash
 
(CISOPlatform Summit & SACON 2024) Kids Cyber Security .pdf
byPriyanka Aash
 
Demystifying Neural Networks And Building Cybersecurity Applications
byPriyanka Aash
 
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
byPriyanka Aash
 
(CISOPlatform Summit & SACON 2024) Regulation & Response In Banks.pdf
byPriyanka Aash
 

Recently uploaded

PPTX
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
PDF
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
PPTX
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
PDF
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
PDF
January Patch Tuesday
byIvanti
 
PDF
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
PDF
Best 10 Dedicated Servers in Amsterdam, Netherlands (2026 Enterprise Edition)...
byAtal Networks
 
PDF
Why Enterprises Are Moving to Dedicated Servers in the Netherlands
byAtal Networks
 
PDF
Hart, Inc. M&A Data Transition Checklist
byHart, Inc.
 
PPTX
Robot Vacuums are Cleaning Up. The global robot vacuum segment has high marke...
byRobert March
 
PDF
2006 IEEE International Solid-State Circuits Conference
bySlide_N
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
PDF
Mercury Computer Systems & The Cell Broadband Engine
bySlide_N
 
PDF
Implementing A Data Lakehouse Using Iceberg & Spark
byAnass Nabil
 
PPTX
Microsoft Azure News - January 2026 - BAUG
byDaniel Toomey
 
PDF
Just Eat Data Scraping For Restaurant Reviews And Pricing.pdf
byfusiondata2026
 
PDF
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
PDF
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
PDF
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
PDF
Philippine Agricultural Engineering Standard_Hand Tractor .pdf
by6xfrnmdp4b
 
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
January Patch Tuesday
byIvanti
 
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
Best 10 Dedicated Servers in Amsterdam, Netherlands (2026 Enterprise Edition)...
byAtal Networks
 
Why Enterprises Are Moving to Dedicated Servers in the Netherlands
byAtal Networks
 
Hart, Inc. M&A Data Transition Checklist
byHart, Inc.
 
Robot Vacuums are Cleaning Up. The global robot vacuum segment has high marke...
byRobert March
 
2006 IEEE International Solid-State Circuits Conference
bySlide_N
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
Mercury Computer Systems & The Cell Broadband Engine
bySlide_N
 
Implementing A Data Lakehouse Using Iceberg & Spark
byAnass Nabil
 
Microsoft Azure News - January 2026 - BAUG
byDaniel Toomey
 
Just Eat Data Scraping For Restaurant Reviews And Pricing.pdf
byfusiondata2026
 
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
Philippine Agricultural Engineering Standard_Hand Tractor .pdf
by6xfrnmdp4b
 

The malware monetization machine

  • 1.
    SESSION ID:SESSION ID: #RSAC TonyAnscombe The Malware Monetization Machine SPO2-R11 VP and Senior Security Evangelist Avast @TonyAtAVG
  • 2.
  • 3.
  • 4.
    #RSAC Malware Inc. TheBusiness 4 30 employees Healthcare, vacation, lunch, gym membership Goal: grow distribution and use of software increasing LTV and ROI 2 offices located anywhere Revenue 2015 - $25m 2016 - $1bn 2017 - >2x growth?
  • 5.
    #RSAC Malware Inc. Productsand Services 5 Software distribution Data storage and encryption Data collection and sales Support services
  • 6.
    #RSAC Malware Inc. SoftwareDistribution Q4 Recap 6 Q4 software distribution campaigns Email delivery • 20m emails delivered to 12m unique users • Open rate • Execution of the software package • Conversion rates to paying customer
  • 7.
    #RSAC Malware Inc. SoftwareDistribution Q4 Recap 7 Q4 software distribution campaigns Hosted website downloads • Automated - drive by download • Unique users vs actual delivery/installation • User initiated - click jacking • CTR - Click Through Rate 0.5%
  • 8.
    #RSAC Malware Inc. Q4Data Business 8 Q4 data collection Mobile App distribution Collected from 3rd parties Service redirection Email campaigns
  • 9.
    #RSAC Malware Inc. BonusPayments Over achievement on goals Revenue exceeded target All staff will receive a 110% bonus We shutdown for the holidays early, congratulations! 9
  • 10.
    #RSAC Malware Inc. BonusPayments Over achievement on goals Revenue exceeded target All staff will receive a 110% bonus We shutdown for the holidays early, congratulations! 10 January 17, 2017 Locky down as cybercrime takes a brief December holiday
  • 11.
    #RSAC Malware Inc. Q1Target Markets 11
  • 12.
    #RSAC Malware Inc. Q1Target Markets High monetizing countries 12
  • 13.
    #RSAC Malware Inc. Q1Initiatives 13 A/B testing of offer screens
  • 14.
    #RSAC Malware Inc. Q1Testing Payment Methods 14
  • 15.
    #RSAC Malware Inc. Q1Translation 15 12 Languages to be offered
  • 16.
    #RSAC Malware Inc. Q1Time Sensitive Offers 16 Early purchase discounts
  • 17.
    #RSAC Malware Inc. Q1Detecting Fraud 17
  • 18.
    #RSAC Malware Inc. Q1Legacy Customers 18
  • 19.
    #RSAC Malware Inc. Q1Software Sales 19 Product sales security software
  • 20.
    #RSAC Malware Inc. Q1Identity Duplication 20 Stealing login details
  • 21.
    #RSAC Malware Inc. Q1Identity Duplication 21 X
  • 22.
  • 23.
    #RSAC Malware Inc. EOLProducts 23 Banking Trojans Premium rate SMS
  • 24.
  • 25.
    #RSAC Malware Inc. Q1Outsourced Engineering 25 Bot nets/herders Exploit writers Malware writers Infrastructure/tool providers
  • 26.
    #RSAC Malware Inc. TheCompetition 26
  • 29.
    How do wecombat?
  • 30.
    #RSAC Overall security threat isgrowing in complexity Mobile threats are also accelerating People’s Security Needs are Growing Total malware threats, millions (Cumulative malware threat attacks, million) 2010 2011 2012 2013 2014 2015 47 65 470 183 100 326 0.35 1.01 4.26 10.6 585 2016 17.0 30 Mobile malware threats, millions (Cumulative malware threat attacks, million)
  • 31.
    #RSAC Probability of Attack- The Americas 31
  • 32.
    #RSAC Probability of Attack- The Americas 32 CA: 15% US: 14% MX: 21% BR: 20% PE: 27% FR: 16% PT: 18% MA: 29% SN: 28% …
  • 33.
  • 34.
    #RSAC Probability of Attack- Most of ROW 34 CZ: 27% EG: 25% RU: 25% ET: 41% KZ: 27% SA: 14% TZ: 23% IN: 28% LK: 29% …
  • 35.
    #RSAC How do wecombat? 35 Incidents per day 23.7 million
  • 36.
    #RSAC How do wecombat? 36 Incidents - rolling 30 687.0 million
  • 37.
  • 38.
    #RSAC Ransomware - 2016 #1Threat 150 new strains of ransomware 128,108,948 x $500 = (detections) (average ransom)
  • 39.
    #RSAC Ransomware - 2016 #1Threat 150 new strains of ransomware 128,108,948 x $500 = $ 64,054,474,000 105% growth year on year (detections) (average ransom)
  • 40.
    #RSAC Ransomware Hotspots 1. US 2.Brazil 3. Russia 4. UK 5. Mexico 6. Italy 7. Spain 8. Canada 9. Poland 10. Australia 11. India 40
  • 41.
    #RSAC Combatting Ransomware Many differentforms Scareware, screen lockers, crypto lockers, Doxingware Ransomware is detected on every protection layer, including behavioral analysis 14 ‘Free’ decryption tools available Decryption is a last resort Not Decryptable , 0.565 Decryptable , 0.3785 Plausible Decryption , 0.0565 41
  • 42.
    #RSAC Connected devices estimatedto reach up to 50 billion by 2020 Source: Cisco IBSG Report 42 Internet of Things is Exploding Avast Confidential
  • 43.
    #RSAC Enslaved IoT Devices IoTattacks more frequent: • DDoS attack on Dyn • 900,000 Telekom routers attacked • 2016: from more than 4.3 million routers scanned, 48% had some security vulnerability • More than 50% of all home routers use default passwords • 2 out of 5 people are unaware that their router has an administrative interface where they can log in to view and change their settings • 1 out of 7 log into their router’s admin interface weekly or monthly to check for updates43
  • 44.
    #RSAC Avast Confidential 44 Over 400Mendpoints acting as sensors. Allow us to detect and neutralize threats fast. Largest, most sophisticated, most geographically dispersed threat detection network. World’s largest security-centric machine-learning network. About Avast Leveraging data analytics to improve customers online lifestyle. 8,524 virtual, 2,527 physical and 443 AWS servers 82,600 simultaneous VPN connections 2.1m DNS requests (normal and secure) per second 3.6tr URLs processed per year 45.8m concurrent connections Pushed 110pb of data in last three months
  • 45.
    #RSAC Best Practices fora Ransomware Defense: 45 Ensure your systems, applications and devices are fully updated and patched Ensure you have strong layered anti-malware security solution Educate employees not to open suspicious attachments Disable Microsoft Office macros by default as a policy Keep recent backup copies, disconnected and offsite
  • 46.
    #RSAC Summary 46 Anti-Malware is a passionatebusiness Malware is a business X
  • 47.