IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:
-
Upload
nancy-nimmegeers -
Category
Internet
-
view
43 -
download
1
Transcript of IMPAKT: Verdediging aangaan t.o.v. (on)bekende ransomware:
Looking Back: 20 Years of Malware Evolution
MALWARE EVOLUTION
2 The evolving threat landscape
THE SCALE OF THE THREAT
1NEW VIRUS EVERY HOUR
19941NEW VIRUS EVERY MINUTE
20061NEW VIRUS EVERY SECOND
2011310,000NEW SAMPLES EVERY DAY
2016
Main Figures and Statistics
IT THREAT EVOLUTION: Q1 2016
4
MAIN STATISTICS Q1 2016Kaspersky Lab solutions repelled 228,420,754 attacks launched from online resources located all over the world.
74,001,808 unique URLs were recognized as malicious by web antivirus components.
Crypto ransomware attacks were blocked on 372,602 computers of unique users.
Kaspersky Lab mobile security products detected:
2,045,323 installation packages
4,146 new malicious ransomware trojans
2,896 mobile banking Trojans
5
VULNERABLE APPLICATIONS USED BY CYBERCRIMINALSThe top position in the Q1 2015 rankings was occupied by the Browsers category (64%), which includes exploits targeting Web Browsers. This category was also at the top of the rankings in the last three quarters of 2015.
In Q1 2016, exploits for Adobe Flash Player remained popular. During the reporting period two new vulnerabilities in this software were detected: CVE-2015-8651 CVE-2016-1001The first exploit pack to add support for these vulnerabilities was Angler.
One notable event in the first quarter was the use of an exploit for Silverlight - CVE-2016-0034. At the time of publication, this vulnerability is used by the Angler and RIG exploit packs.
Main Figures and Statistics
MOBILE THREATS: Q1 2016
7
MOBILE THREATS – MAIN STATISTICS Q1 2016Kaspersky Lab detected 2,045,323 malicious installation packages – this is 11 times greater than in Q4 2015, and 1.2 times more than in Q3 2015.
8
MOBILE THREATS – MAIN STATISTICS Q1 2016In Q1 2016, adware programs continued to top the rating of detected malicious objects for mobile devices. The share of adware programs grew 13 p.p. compared to Q4 2015, and reached 42.7%. Notably, this is lower than in Q3 2015 (52.5%).
9
MOBILE BANKING TROJANSOver the reporting period, we detected 4,146 mobile banking Trojans, which is 1.7 times more than in the previous quarter. (percentage of all users attacked)
Current Topics
MALWARE INCIDENTS
11
KASPERSKY SECURITY FOR MOBILEProactieve beveiligings-, beheer- en controlelagen voor mobiele endpoints
Mobile Security• Meerlaagse
anti-malware• Web Protection• Detectie van
rooting/jailbreak
Mobile DeviceManagement• Exchange
ActiveSync• iOS MDM • Samsung
KNOX
Mobile Application
Management• App wrapping• App Control• Selective Wipe
Diefstalbescherming
• Vergrendelen/wissen
• Opsporen/Waarschu-wen/Foto
• SIM Watch
Self Service Portal
• BYOD mogelijk• Certificaten
ophalen• Diefstalbescherm
ing
Gecentraliseerd beheer
• Alle grote mobiele platforms
• Andere IT-beveiligingsdomeinen
12
RANSOMWARE – PROBLEM OF THE YEAR?2016 has only just got underway, but the first three months have already seen the same amount of cyber-security events that just a few years ago would have seemed normal for a whole year. The main underlying trends remained the same, while there was significant growth in trends related to traditional cybercrime, especially mobile threats and global ransomware epidemics.
Ransomware became the main theme of the quarter after knocking targeted attacks from the top of the most popular threat rating. Unfortunately, this is a situation that will continue to evolve, and those behind the extortion could well end up being named "problem of the year".
13
RANSOMWAREThe overall number of encryptor modifications in our Virus Collection to date is at least 15,000. Nine new encryptor families and 2,900 new modifications were detected in Q1.
In Q1 2016, 372,602 unique users were attacked by encryptors, which is 30% more than in the previous quarter. Approximately 17% of those attacked were in the corporate sector.
Number of ransomware samples in our collection Number of users attacked by ransomware
14
APPLICATION CONTROL - WHITELISTING
Application Startup Control
Application Privilege Control
Controle op vulnerability
Gedrags- analyse
CLOUD Whitelists
Lokale Whitelists
15
TELEWERKEN
Organisaties die telewerken toestaan, behoren een beleid uit te vaardigen dat de voorwaarden en beperkingen definieert voor het telewerken.
DeviceControl
ApplicationControl
WebControl
16
BEHANDELEN VAN MEDIAUw organisatie dient procedures te hebben voor het beheer van verwijderbare media waarop persoonsgegevens worden opgeslagen en die de beveiligingsperimeter van uw organisatie kunnen verlaten. Denk hierbij ook aan de verwijderbare media in apparatuur zoals multifunctionele printers en copiers.
Uw organisatie moet de nodige maatregelen bepalen om fysieke media (inclusief papieren documenten) die persoonsgegevens bevatten tijdens het transport te beschermen tegen onbevoegde toegang, misbruik of corruptie.
17
BESCHERMING TEGEN MALWARE
Ter bescherming tegen malware (voorkomen, ontdekken en verwijderen/herstellen) behoort uw informaticadienst anti-malware en herstelsoftware te installeren en regelmatig te updaten, waarbij computers en media als voorzorgsmaatregel of routematig worden gescand.
De uitgevoerde scan behoort onder meer:
alle bestanden die via netwerken of via elke vorm van opslagmedium zijn ontvangen, vóór gebruik op malware te scannen; bijlagen en downloads vóór gebruik. Op malware te scannen en dit op verschillende cruciale plaatsen in uw netwerkconfiguratie (mailservers, computers, netwerktoegang...);internetpagina’s op malware te scannen. Nauwkeurige en informatieve waarschuwingsberichten in het geval van een reële bedreiging kunnen het bewustzijn van de gebruikers vergroten
MOST TESTED. MOST AWARDED. KASPERSKY LAB PROTECTION.*
18
20 40 60 80 1000%
20%
40%
60%
80%
100%
N of independent tests/reviews
Scor
e of
TO
P 3
plac
es
Bitdefender
Sophos
G DATA
Symantec
F-Secure Intel Security (McAfee)
Trend Micro
Avira
Avast
AVG
ESET
Quick Heal
MicrosoftPanda Security
In 2015 Kaspersky Lab products participated in 94 independent tests and reviews. Our products were awarded 60 firsts and achieved 77 top-three finishes. Kaspersky Lab
1st places – 60Participation in 94
tests/reviewsTOP 3 = 82%
BullGuard
* Notes:• According to summary results of independent tests
in 2015 for corporate, consumer and mobile products.
• Summary includes independent tests conducted by : AV-Comparatives, AV-Test, Dennis Technology Labs, MRG Effitas, NSS Labs, PC Security Labs, VirusBulletin.
• Tests performed in these programs assess all protection technologies against known, unknown and advanced threats.
• The size of the bubble reflects the number of 1st places achieved.
19
IN DETAILWeb Collaboration MailTOTAL
Vulnerability Assesment
Inventories & License Control
Software Distribution
Patch Management OS Deployment
Data Protection / Encryptie
ADVANCED
Mobile Application Management
MobileDevice Management
DeviceControl
ApplicationControl
WebControl
Beveiliging van file servers
Mobile Endpoint SecuritySELECT
Anti-malware + firewall
Kaspersky SecurityCenter
CORE
Cloudondersteuning via hetKaspersky Security Network
(KSN) Endpoint Management Infrastructuu
r