Security @ WorksSyware, Adware, Everyware! Are you aware?
Wong Joon HoongCountry Sales Manager
Trend Micro Inc.
Copyright 2002-2003, Trend Micro, Inc. 2
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Agenda
• Ever Changing Network• Today’s Security Top Concern
- Virus- Spam- Adware/Spyware- Phishing
• Summary • Q & A
Copyright 2002-2003, Trend Micro, Inc. 3
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Ever changing network
� Broadband adoption� Wireless Network� Integrated communication devices� Information Island -> LAN -> MAN -> WAN� Internet ->Intranet -> Extranet-> Internet commerce
Copyright 2002-2003, Trend Micro, Inc. 4
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Goal of Security
Previous :
Security is to prevent losses, protect against confidentiality breaches
Today:
The goal of Security is enabling e-Business, e-e-Government
Copyright 2002-2003, Trend Micro, Inc. 5
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineVirus attack and mail spamming are the most common types of security breaches
experienced
49
3731
27
1916
15
1411
82
4
83
50
49
87
Types of security breach(es) experienced before%
Virus attackMail spamming
Employee's abuse: Downloading pornographyEmployee's abuse: Inappropriate use of e-mail system
Employee's abuse: Downloading pirated softwareDenial of service
Theft: Hardware/ ComputerHack threat/ system penetration
CDs/ Diskette stolenWebsite unauthorized access/ misuse
Sabotage of data or networkTheft: proprietary information
Website vandalismFinancial fraudActive wire tap
None of the aboveBase : All organisations 100
NISER 2003 Survey
Copyright 2002-2003, Trend Micro, Inc. 6
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineMalware, Virus Attacks GaloreAttacks Becoming More Rampant and Destructive
SasserInfected over 1 million
computers in only 2 days. The Sasser worm was so
effective it was able to infect computers even if no-
one was using it!
Copyright 2002-2003, Trend Micro, Inc. 7
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineCommon Source Of Attacks: Non-Compliant Users
What were the most common sources of automated network worm attacks?
42%
38%
31%
27%
9%
9%
0% 5% 10% 15% 20% 25% 30% 35% 40% 45%
Carried in on a laptop of an employee
Directly from Internet through the firewall
Carried in on a laptop of a non-employee
Through a VPN-connected home system
Don't know
Other
Source: Enterprise Strategy Group Survey (250 US responses), Jan 2005
Non-Complaint Users Must Be Blocked And Redirected
Copyright 2002-2003, Trend Micro, Inc. 8
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineTHE PROBLEM: OUTBREAKS STOP BUSINESS CONTINUITY
• Network Worm Outbreaks Have Been Severe� Estimated $3.5B1 in damages from Sasser alone� Infamous Examples: Code Red, Nimda, Slammer, Blaster, Nachi, Sasser � Estimated 1000+ Network Worms, Variants, and Exploits (as of 10/01/04)2
Sources: CNN.com, BBC.com 1- Computer Economics; 2- TrendLabs
Copyright 2002-2003, Trend Micro, Inc. 9
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Evolution of Viruses
Copyright 2002-2003, Trend Micro, Inc. 10
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
How do their multiply ?
• File Infection• Mass mailing• Shared folders /
network drives• Internet Relay Chat
(IRC)• Instant Messaging (IM)• Peer-to-peer (PSP)
connection
Copyright 2002-2003, Trend Micro, Inc. 11
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
What is Spam?
Censored!!!!
Spam “Spam” is unsolicited, commercial email.
Tends to fall into the following categories…
�Financial (“Get Rich Quick”) – Make Money Fast
� Commercial Offer
�Sexual Content - Porn
�Bulk – General spam
�“Hate” - Racial
Copyright 2002-2003, Trend Micro, Inc. 12
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineSpam can kill businesses
Copyright 2002-2003, Trend Micro, Inc. 13
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
• Virus� infect files� Corrupt files� Delete directories, hard disk� Damage motherboard
• Worm� Do not infect file� Self Propagate via email or network� Make PC hang, intermittent, and/or
reboot
• Adware� Usually load with your permission� Watch your surfing habit� Pop-up advertisement (which appeal
to you) when you surf
Malicious Software (Malware)What are they and what they do?
• Trojan� Show 1 thing do another� Hide in your computer� Launch virus, worm, spyware, adware,
keystrokes logger, password stealer, mass mailing worm, backdoor, joke
� Launch attacks such as DOS (denial of service) on other computers
� Hacking
• Joke� Make fun of other computer users,
e.g. jerking screen, uncontrollable cursor, moving OK button
� No infection, No direct damage� Difficult to halt or terminate
• Spyware� Tracks your actions and/or your
Internet use. � Capture what you type on your
keyword, including passwords, and send it to the spyware creator
� Can allow control of PC by remote party.
Copyright 2002-2003, Trend Micro, Inc. 14
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
What is Phishing ?
• Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as � credit card details� account usernames� passwords� ATM PIN, etc.
Copyright 2002-2003, Trend Micro, Inc. 15
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 linePhishing (Pronounced as “fishing”)
Why is this phishing problem receiving increased attention
from both the private sector and governments in recent months?
Simple! For those who phish, it is lucrative and relatively easy way
to make money from it !
Copyright 2002-2003, Trend Micro, Inc. 16
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineSome reports on Phishing
Copyright 2002-2003, Trend Micro, Inc. 17
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineWhere does Phishing attack comes from ?
Source: AntiPhishing Working Group
Copyright 2002-2003, Trend Micro, Inc. 18
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineHow is Phishing like ?
Source: AntiPhishing Working Group
Copyright 2002-2003, Trend Micro, Inc. 19
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Happened to eBay as well
Source: AntiPhishing Working Group
Copyright 2002-2003, Trend Micro, Inc. 20
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Spyware Adware Everyware
Spyware/Adware is a major public concern as
it violates the privacy on the Internet user
Copyright 2002-2003, Trend Micro, Inc. 21
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineHow Many Are There In Your Computer ?
EarthLink found that each of the 1 million subscribers scanned is infected with more
than than 29.5 million spyware
The US National Cyber Security Alliance estimates that 91% of all
PCs are infected with Spyware
Copyright 2002-2003, Trend Micro, Inc. 22
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Spyware is a software that monitors a user’s keyboard activities and transmits this information back to the spyware creator without the user’s knowledge.
This is a major cause for public concern as it violates the privacy on the Internet user
What is a Spyware ?
Spyware
Backdoor KeystrokeLogger
PasswordStealer
Copyright 2002-2003, Trend Micro, Inc. 23
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
SERIOUS IMPACT FROM SPYWARE
• Loss of confidential personal or corporate information• Lower computer system performance • More frequent system- and browser-related crashes • Loss of network bandwidth• Increased remote access costs • Decreased employee productivity• Higher risk of legal liability
Copyright 2002-2003, Trend Micro, Inc. 24
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Summary
• Network and security landscape ever changing
• Virus/Worn and Spam making use of social engineering delivery mixed threat attack, traditional way of handling virus/spam is no longer effective
• Antispam : 2/3 of today spam email is 1st time spam and hybrid behaviour. Need heuristic antispam approach and integration of AV + Content Filtering + Antispam as solution.
• Internal : Enforce Security policy, practice secure computing, Management involvement and support in IT security decision
• External : Deployed proactive, centrally managed, precise security mixed threat defense solution instead of point product or suite product
• Let the security system work for you instead!
Copyright 2002-2003, Trend Micro, Inc. 25
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Fastest growing antivirus vendor in the world.*
� Founded in the US in 1988. Corporate headquarters in Tokyo, Japan. Publicly traded on NASDAQ and NIKKEI exchanges
� Antivirus and content security software and services provider toenterprise, small and medium business, and consumer segments
� Transnational company with 1800+ employees across 30 business units worldwide
� First and only security solution provider pioneering end-to-end proactive outbreak life cycle management
*Antivirus Software 2002: A Segmentation of the Market (IDC)
Trend Micro Overview
Copyright 2002-2003, Trend Micro, Inc. 26
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 lineArchitectural Evolution - From the Server to the
Network Access Point
���������� �������������
WANRouter
����� ��� ��
L3Switch
L3Switch
��� �� ��
eMailServers
FileServers
�� � �
Internet/ISP
�� � �
����������� �� �
� �
� ������
� ���� ���
� ��� ����� �� �
� ��
� ��� ��
� � � � � �
! ������
����
Manage and Coordinate Outbreak Security Actions
Outbreak Prevention
Virus Response
Assessment and Restoration
VulnerabilityPrevention
��"#� �
$ %%���� ���&�����
THANK YOU
www.trendmicro.com
Top Related