The threat Landscape From cybercrime to cyber-war
description
Transcript of The threat Landscape From cybercrime to cyber-war
![Page 1: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/1.jpg)
THE THREAT LANDSCAPEFROM CYBERCRIME TO CYBER-WAR
David EmmGlobal Research and Analysis Team
![Page 2: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/2.jpg)
2
CONTENTS
What kind of malware?
Who’s writing it and why?What do we do about it?3
2
1
![Page 3: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/3.jpg)
THE SCALE OF THE THREAT
1NEW VIRUS EVERY HOUR
19941NEW VIRUS EVERY MINUTE
20061NEW VIRUS EVERY SECOND
2011315,000NEW SAMPLES EVERY DAY
2013
![Page 4: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/4.jpg)
THE GROWING MALWARE THREAT
![Page 5: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/5.jpg)
5
HOW MALWARE SPREADS
People
Technology
… and how people use it
![Page 6: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/6.jpg)
6
VULNERABILITIES AND EXPLOITS
90.52%
2.6%
2.49%2.01% 1.32%0.53%0.5%Oracle JavaWindows componentsAndroidAdobe Acrobat ReaderIEAdobe Flash PlayerMS Office
![Page 7: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/7.jpg)
7
VULNERABILITIES AND EXPLOITS
![Page 8: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/8.jpg)
8
‘DRIVE-BY DOWNLOADS’
![Page 9: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/9.jpg)
9
SOCIAL NETWORKS
![Page 10: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/10.jpg)
10
![Page 11: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/11.jpg)
11
REMOVABLE MEDIA
![Page 12: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/12.jpg)
12
DIGITAL CERTIFICATES
![Page 13: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/13.jpg)
13
SOPHISTICATED THREATS
Code obfuscation
Rootkits
Hide changes made by malware
• Installed files• Running processes• Registry changes
Advanced technologies£k1_ s”+gr!pl;7&
![Page 14: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/14.jpg)
14
NEW TACTICS
All kinds of information
Not just bank data
Steal everything!
Sophisticated
Carefully selected targets
Well-defined aims
Targeted attacks
![Page 15: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/15.jpg)
0.1%
9.9%
90%
THE NATURE OF THE THREAT
Traditional cybercrime
Targeted threats to organisations
Cyber-weapons
![Page 16: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/16.jpg)
POLITICAL, SOCIAL OR ECONOMIC PROTEST
![Page 17: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/17.jpg)
THEFT OF SENSITIVE DATA
“There’s no such thing as ‘secure’ any more. The most sophisticated adversaries are going to go unnoticed on our networks. We have to build our systems on the assumption that adversaries will get in. We have to, again, assume that all the components of our system are not safe, and make sure we’re adjusting accordingly.” Debora Plunkett, NSA DirectorQuoted in “NSA Switches to Assuming Security Has Always Been Compromised”
![Page 18: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/18.jpg)
CYBER-WEAPONS
“… cyber weapons are: a) effective; b) much cheaper than traditional weapons; c) difficult to detect; d) difficult to attribute to a particular attacker …; e) difficult to protect against …; f) can be replicated at no extra cost. What’s more, the seemingly harmless nature of these weapons means their owners have few qualms about unleashing them, with little thought for the consequences.Eugene KasperskyJune 2012http://eugene.kaspersky.com/2012/06/14/the-flame-that-changed-the-world/
![Page 19: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/19.jpg)
CYBER-WEAPONS: NUMBER OF VICTIMS
OVER 100K
OVER 300K
2,500
10K
700
5-6K
2050-60
10-2050-60
Stuxnet Gauss Flame Duqu miniFlameKnown number of incidents Additional number of incidents (approximate)
300K
100K
10K
1K
5020
Source: Kaspersky Lab
![Page 20: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/20.jpg)
20
TARGETED ATTACKS
RSA
Lockheed Martin
Sony
Comodo
DigiNotar
Some of the victims:Saudi Aramco
Adobe
Syrian Ministry of Foreign Affairs
The New York Times
Tibetan activitists
![Page 21: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/21.jpg)
![Page 22: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/22.jpg)
22
MOBILE MALWARE
0
50000
100000
150000
200000
250000
10,000,509 unique installation packs
![Page 23: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/23.jpg)
23 The evolving threat landscape
WHY TARGET MOBILE DEVICES?Mobile devices contain lots of interesting data:
SMS messages
Business e-mail
Business contacts
Personal photos
GPS co-ordinates
Banking credentials
Installed apps
Calendar
![Page 24: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/24.jpg)
24
PLATFORMS
98.05%
1.55% 0.40%
AndroidJ2MEOthers
![Page 25: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/25.jpg)
25
WHAT SORT OF MALWARE?
33.5%
20.6%
19.4%
7.1%6%
5.8% 4% 3.6%
Trojan-SMSBackdoorTrojanAdwareRiskToolTrojan-Down-loader
![Page 26: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/26.jpg)
26
THE GEOGRAPHY OF MOBILE MALWARE
![Page 27: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/27.jpg)
27
MOBILE DEVICES AND TARGETED ATTACKS
![Page 28: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/28.jpg)
28
WHAT DO WE DO ABOUT IT?
![Page 29: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/29.jpg)
29
WHAT DO WE DO ABOUT IT?
![Page 30: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/30.jpg)
30
WHAT DO WE DO ABOUT IT?
![Page 31: The threat Landscape From cybercrime to cyber-war](https://reader036.fdocuments.net/reader036/viewer/2022062410/568161e3550346895dd1fd14/html5/thumbnails/31.jpg)
QUESTIONSDavid EmmGlobal Research and Analysis Team