THREAT LANDSCAPE IN THE ERA OF DIRECTED ATTACKS#ThreatTalk

THESE SLIDES ARE AN EXCERPTFROM A LIVE KASPERSKY WEBINAR

BROADCAST ON 6TH MAY 2014TO ACCESS THE WEBINAR PLEASE VISIT

HTTP://OW.LY/WHFAR

ROEL SCHOUWENBERGPRINCIPAL SECURITY RESEARCHER GLOBAL RESEARCH & ANALYSIS TEAMKASPERSKY LAB

HEARTBLEED – CVE-2014-0160

4

Back to the fundamentals

Triaging is painful

Keys to the kingdom?

5

Significant portion of the market still running XP

First ‘eternal zero-day’ discovered

IE Zero-day different to recent flash Zero-day

END OF XP

ACTORS AND MOTIVES HAVE CHANGED

NEW PLATFORMS AND TECHNOLOGIES

Attack surface keeps increasing

Diversification / BYOD

Mobile payments

METHOD OF ENTRY

8

Phishing

Web browsing – watering holes

NON-TARGETED MALWARE

9

Financial/ID theft malware

Ransomware

May not run in virtual environment

ESPIONAGE

Zero day needed?

Widening platform support

Targeting supply chain

More and more verticals affected

More actors involved

SABOTAGE

11

DDoS attacks have become a major problem

BCP 38/84

Wiper attacks as seen in cyberweapons

THE FUTURE

12

Will CNE and CNA converge?

INCREASED FOCUS ON VIRTUAL ENVIRONMENTS

Back to the fundamental

VM SPECIFIC THREAT SCENARIOS

EoP / Escape to Host

Network traffic sniffing

Modifying master virtual disks

Lost audit trails

Hyper-visor level attacks

ERIK DEVINECHIEF SECURITY OFFICERINFORMATION SERVICESRIVERSIDE MEDICAL CENTER

CorporationEmployees

Cloud Services

Data Loss

Malware and Vulnerabilities

Business Associates

Mobile Devices/

Employees

Hackers

MITIGATING THE TOP 7 THREATS

WHY IT’S MOVING AND CHANGINGGovernment regulations changing

Privacy

Security

Technical and operational control

Environment changing

Electronic transmission of data

BYOD

Technology changes (virtualization, OS, patient portals, physician portals, vendor portals)

Threats are changing

Malware

Hackers internal/external

NOW HOW DO WE MITIGATE…

Policy and Procedures Education Technical Controls

Monitoring and Logging

Audit and Risk Assessment

What are your Security Initiatives?Know your data, network, endpoints and users, then apply the rules!

CONCLUSIONS AND TAKEAWAYS

New technologies present new opportunities and challenges

All platforms need protecting in an era of targeted attacks

Prioritise which assets to protect most and then segregate them

Data integrity attacks on the horizon

FOR MORE INFORMATION WATCH THE ON DEMAND WEBINAR REGISTER HERE: HTTP://OW.LY/WHFAR

FEEL FREE TO ASK QUESTIONS:@KASPERSKYLABB2B#THREATTALK

MORE INFO ON SECURITY FOR BUSINESS WWW.KASPERSKY.COM//BUSINESS

B2B BLOGHTTP://BUSINESS.KASPERSKY.COM

THANK YOU!