72
Social Media Gone Wild Generously sponsored by: ISSA Web Conference June 26, 2012 Start Time: 9 AM US Pacific, Noon US Eastern, 5 pm London

Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

  • Upload
    others

  • View
    1

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Gone Wild

Generously sponsored by:

ISSA Web Conference June 26, 2012

Start Time: 9 AM US Pacific, Noon US Eastern, 5 pm London

Page 2: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Welcome Conference Moderator

Mathieu Gorge ISSA Web Conference

Committee

2

Page 3: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Agenda

Speakers

• Jean Pawluk- Consultant and Former Chief Architect, Visa

• Rebecca Herold, CIPP, CISSP, CISA, CISM, FLMI

• Aaron Sheridan- Senior Systems Security Engineer at FireEye

Open Panel with Audience Q&A

Closing Remarks

3

Page 4: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Gone Wild Is A Perfect Storm is Brewing ?

Jean Pawluk

June 2012

4

Insert

Photo

Here

Page 5: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

A Perfect Storm is Brewing

Social interaction has blurred the work / life boundary

Users find many new ways to share data

Page 6: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Factor 1 - Social Media - Amazing Growth

Big Five – Facebook (901M - Feb 2012) – Twitter (500M users – March 2012) – LinkedIn (161M users – March 2012) – Google+ (170M users – April 2012) – Windows Live (330M users – June 2009)

• Non US – Qzone (536M user – Dec 2011) – Tencent Weibo (310M users – Sept 2011) – Sina Weibo (250M users – Sept 2011) – Habbo (230M users – Sept 2011)

• Personal – Foursquare (15M users – Feb 2012) – Pinterest (10.5M users – Feb 2012) – Tumblr (42M users – Feb 2012)

• Corporate – Yammer (~ 5M users – April 2012) – Jive (~3000 firms – Sept 2011) – Chatter (~ 5M users ? – April 2012) – SharePoint (~ 20 M users – Oct 2009)

6

Page 7: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Factor 2 - Easy to use & Hard to control

• BYOD

• Apps permission - Users just say yes – Links to unknown sites

– Data captures by accident or intent by 3rd parties

– Often coded with “ask forgiveness” mindset and little testing

• Geo-location

• Cross – app linking – Think mashups

• Twitter feeds -> LinkedIn

• Photo recognition and geo location tracking – > Foursquare x LinkedIn x Facebook x latest favorite app

Page 8: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Factor 3 - Data Quarrying

• Deep tracking is not just science fiction.

• In reality: – No difference between public and private content

– Online personal and professional content is integrating

– Can harm you and others

• Data and reputation may never “go away”

• Freedom of speech doesn’t mean every thought should be posted (sex-texting)

• Eye-opening reads: – WSJ series “What they Know”

– Time’s “Data Mining: How Companies Now Know Everything About You

Illustration by Joe Zeff

Time Magazine

Page 9: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Factor 4 – Increased Attack Surfaces

More – Users spending time on social media

– Social media apps and sites under constant attack

– Users bring your own devices

– New hardware, new uses

– Single Sign On and ID’s shared across social media

– Widespread use of shortened URL links

Social Media designed for sharing – Data is mobile & accessible anywhere

– More sites available for targeted attacks and to spread viruses and malware.

9

Page 10: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

What me ? Worry ? Business are waking up to social media security issues

• Information leaks

• Intrusions

• Viruses and malware

• Spear Phishing

• Loss of IP, corporate plans, market data, customer data

• Brand Damage

• Fear that employees wasting time at work

• Span of control issues with employees, customers and rivals

• Fear competitors trolling for info or creating misinformation to discredit the business.

• Liability and laws that differ around world.

Page 11: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Examples

• Tricking users by friending them and then using them to spread malware – Easier to social engineer and leverage

– Koobface spread between Facebook and Twitter via social users

– Torpig used Twitter topics to create random domains to send victims to pick up malware and spread it further.

• Fake social media posts and updates from your “friends”

• Social Engineering of business - Completive Intelligence - RSA Secure ID hack used fake recruitment plan entry point

• Defrauding friends and relatives with scams asking for emergency funds

• Massive password thefts from social media sites

11

Page 12: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Think about - Legal and Regulatory

• Who has legal liability?

• Who has device ownership ?

• Who owns the data content ?

• Who controls access to content ? – Approval mechanism

– What about censorship ? • Corporate

• Government

• Rogue system creation and use – Do you know what going in your company?

– Internal vs. Competitors

Page 13: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Think about - User awareness, policy & tools

• Content & security levels ?

Create

View / Read

Edit / Delete

• Community use

Open - anyone

Restricted – limited public use

Private – members only

Page 14: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Think about - User Behavior

Who do you trust ?

Users at work:

- Does social media affect work ?

Internal vs. External Content Use ?

Is Social Media (ever) secure ?

How much security is too much ? Courtesy Kexino.com

Page 15: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

User Tips

Think before you click ! think before you post !

Think twice about giving apps permission to your data

Beware

– shortened URL's

– interactive upgrade requests

– mobile apps and use of geo-location

Use an up-to-date browser

15

Page 16: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

User Tips Continued

Use unique logins and password for every site you use to limit exposure (Yep it a pain)

Verify domains

-check that the URL shows a legitimate website & not into a fake look a like site.

Be cautious of messages, emails, links & posts that seem suspicious.

Make sure security is up to date - patches on, anti-virus/spyware, firewall's, monitors & web advisory tools

16

Page 17: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

17

Page 18: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Question and Answer

Jean Pawluk Consultant and Former Chief Architect, Visa

Page 19: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Gone Wild Rebecca Herold

CIPP, CISSP, CISA, CISM, FLMI

Benefits, Dangers &

Information Security and Privacy Policies

19

Page 20: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 20

© Rebecca Herold. All rights reserved.

Agenda

• What Is Social Media?

• A Few Social Media Facts

• Benefits...

• But Be Aware Of The Dangers...

• Using Social Media Apps

• Posting Photos and Videos

• Common Risks and Scams

• Topics/Issues to Cover Within Social Media Policies

• What to Tell Workers

Page 21: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

What is “social media”? Just a few examples of the most commonly used types of social media sites:

• Blogs such as TypePad, WordPress, etc.

• Collaboration sites, such as wikis (e.g., Wikipedia, Delicious) and social news (e.g., Digg)

• Livecasting and meeting sites such as Skype, Livestream, etc.

• Microblogs such as Twitter

• Photography and art sharing sites such as Photobucket, Flickr, Picasa, VineMe, etc..

• Presentation sharing sites, such as Scribd, Slideshare, etc.

• Product reviews sites such as Epinions.com, MouthShut.com, etc.

• People reviews sites such as RateMDs.com, Healthgrades.com, etc.

• Social networks such as Facebook, LinkedIn, Google+, Pinterest, etc.

• Video sharing sites such as YouTube, Vimeo, etc.

• Virtual worlds such as Second Life, Maple Story, etc

Page 21

© Rebecca Herold. All

rights reserved.

Page 22: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 22

© Rebecca Herold. All rights reserved.

A Few Social Media Facts (1/2) • Twitter has over 555 million users and over 200 million

tweets per day

• Facebook has over 901 million users, 50% of which log in daily

• Over 150 million people use LinkedIn

• Google+ has over 170 million users

• Pinterest has over 11.7 million users

• Over 40% of all Internet traffic is video

• YouTube has 107 million unique visitors each month and 10.3 million followers on Twitter

• The number of social media sites is unlimited

Page 23: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

A Few Social Media Facts (2/2)

• Everyone is impacted by social media sites

• What happens on social media sites stays online forever

Page 23

© Rebecca Herold. All

rights reserved.

Page 24: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Benefits • Customer Service

• Knowledge Sharing and Collaboration

• Patient Health Education

• Customer Awareness

• Learning

• Marketing

• New Contacts

• News/World Events

• Patient Care

• Research

• Crisis Management

Page 24

© Rebecca Herold. All

rights reserved.

Page 25: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Dangers • Damage Reputations

• Leaking Information (e.g., PHI, employee info, etc.)

• Network Slow-Downs and Stand-stills

• Personal Relationships Damaged

• Physical Dangers

• Potentially Be Seen By Everyone

• For frequent hacks

• Spread Malware

• Keyloggers

• Time Bandits

• Used As Evidence in Investigations

• Misinterpreted Information

• Violate Laws

• Result in Civil Lawsuits

Page 25

© Rebecca Herold. All

rights reserved.

Page 26: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Using Apps & Other Software

• Spotify

• Foursquare

• Farmville

• Instagram

• TribeHR

• Etc.

Page 26

© Rebecca Herold. All

rights reserved.

Page 27: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Activities from Personal Networks/Devices • Don’t post about work

• Don’t post about co-workers

• Don’t post about customers, patients, etc.

• Don’t sync or share files between personally-owned computers and computers/systems

Page 27

© Rebecca Herold. All

rights reserved.

Page 28: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Risks Posting Photos & Videos

• About workplace, patients, customers and co-workers

• Personal photos

• Patient/customer/consumer photos

• Obtaining consent

Page 28

© Rebecca Herold. All

rights reserved.

Page 29: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Common Social Media Risks and Scams

• Spear phishing

• Social engineering

• Spoofing

• Malware

• Keyloggers

• Denial of Service (DoS)

Page 29

© Rebecca Herold. All

rights reserved.

Page 30: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (1/11)

Appropriate use of social networks (Facebook, LinkedIn, YouTube and Twitter in particular)

• From the networks

• From the company-owned computing devices

• From networks using personally-owned computing devices

• From staff-owned computing devices and/or networks

• From public computers/networks

Page 30

© Rebecca Herold. All

rights reserved.

Page 31: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (2/11)

Blogging

• Content of posts

• References to co-workers, customers, patients, the business, etc.

Page 31

© Rebecca Herold. All

rights reserved.

Page 32: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (3/11)

Wikis (e.g., Wikipedia, GeniusWiki, Brainkeeper, Zwiki)

• Those (if any) acceptable to use for business purposes

• Those unacceptable to use for business purposes

• Acceptable activities for the wikis

Page 32

© Rebecca Herold. All

rights reserved.

Page 33: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (4/11)

Information that should not be posted from any type of location/computer

• PHI, PII, SPI, etc.

• Co-worker information

• Confidential business information

Page 33

© Rebecca Herold. All

rights reserved.

Page 34: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (5/11)

Marketing

requirements/guidelines

• Positions/departments authorized to

post

• Types of information acceptable to post

• Type of information that should not be

posted

• Do not take personal information from

sites to use for business (e.g.,

marketing, etc.)

Page 34

© Rebecca Herold. All

rights reserved.

Page 35: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (6/11)

Security controls that need to be in place

• Anti-malware

• Firewalls (including personal firewalls)

• Spam prevention

• DLP

Page 35

© Rebecca Herold. All

rights reserved.

Page 36: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (7/11)

Time spent on social networks while at work

• Not while with customers or patients

• Only for short periods of time

• Only during breaks

Page 36

© Rebecca Herold. All

rights reserved.

Page 37: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (8/11) Linking/friending/etc. with customers, patients and co-workers

• Don’t ask for worker passwords

• Only authorized personnel can participate from accounts established for personnel

• Don’t link/friend/etc. from your personal accounts that list as your employer

• Examples of how to respond to request: – “Thank you very much for your invitation! However, it is against

our policies to link with or friend patients in social network sites.”

Page 37

© Rebecca Herold. All

rights reserved.

Page 38: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (9/11)

Posting photos & videos

• Patient/customer posting (e.g., that patients/customers want to take with staff) – Ask that they only post images that include staff with the staff’s

knowledge

– Ask that they don’t include others within their images

• Staff posting – No posting of patient/customer images unless approved by the

Privacy Office or with written consent of patient

– No posting of images showing facility entries or other staff unless approved by the Privacy Office

Page 38

© Rebecca Herold. All

rights reserved.

Page 39: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (10/11)

Reacting to posts about and staff

• Don’t respond directly to negative posts

• Report the negative posts to the PR Office

• Don’t argue, defame, or otherwise act negatively in communications with others online

Page 39

© Rebecca Herold. All

rights reserved.

Page 40: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Policies Topics (11/11)

Donor searches (e.g., kidney, etc.)

• Only authorized personnel can post messages for such searches

• Only authorized personnel can post replies to posts offering organs

Page 40

© Rebecca Herold. All

rights reserved.

Page 41: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 41

© Rebecca Herold. All rights reserved.

Before Posting Think (1)…

Are you posting anything you, or your friends, family, co-workers, employers, patients or guests don’t want the entire world to see?

– Internet-based social media sites are public, even many that say they are “private”

– Social media sites on “closed” networks have more controls

Page 42: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 42

© Rebecca Herold. All rights reserved.

Do you want that post to be seen forever?

– Once posted on the Internet information is virtually impossible to remove

– Information posted on internal networks are easier to control

Before Posting Think (2)…

Page 43: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 43

© Rebecca Herold. All rights reserved.

What are the consequences of your posts being used out of context?

– Your Internet posts can be copied, altered, reposted

– Will your hard work be used inappropriately by someone else?

Before Posting Think (3)…

Page 44: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 44

© Rebecca Herold. All rights reserved.

Could your post put you, or your family, friends, co-workers, customers or patients in danger?

– Criminals like to see posts stating when people will be at specific locations, away from their home, etc.

– We are a litigious society

Before Posting Think (4)…

Page 45: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 45

© Rebecca Herold. All rights reserved.

Are you violating any laws?

– Are you violating any healthcare, financial, or other federal, state or international laws?

– Are you committing copyright or licensing infringement with the information you post?

– Are you stating something as fact that really isn’t?

Before Posting Think (5)…

Page 46: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 46

© Rebecca Herold. All rights reserved.

Is your message clear?

– Be sure you are not unintentionally breaking cultural norms or putting out something unintentionally offensive.

– Meet the expectations of company communications for internal sharing.

Before Posting Think (6)…

Page 47: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 47

© Rebecca Herold. All rights reserved.

Remember…

Questions?

Page 48: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Page 48

© Rebecca Herold. All rights reserved.

Contact Information

Rebecca Herold & Associates, LLC “The Privacy Professor”®

1408 Quail Ridge Avenue

Van Meter, Iowa 50261

Phone 515-996-2199

Web site: www.theprivacyprofessor.com

Blog: www.privacyguidance.com/blog

[email protected]

TwitterID: http://twitter.com/PrivacyProf

Page 49: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Question and Answer

Rebecca Herold & Associates, LLC “The Privacy Professor”®

[email protected]

Page 50: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Gone Wild Using Social Media for Spear Phishing &

Advanced Targeted Attacks

50

Insert

Photo

Here

Aaron Sheridan, Sr. Security Systems Engineer, FireEye

Page 51: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Connects Us More Than Ever

51

(Google image search for “Social Media”)

Page 52: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Content is Accessed and Updated Constantly

52

Ch

eck

ou

t th

is v

ideo

!

That post was hilarious!

Page 53: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Advanced Targeted Attacks Using Social Media

53

Source: http://www.theregister.co.uk/2012/06/20/syrian_skype_trojan/

• Targeting Syrian activists Skype accounts

• Latest attack installs Blackshades Trojan

masked as video file

• When opened on Windows silently drops

a key logger and begins data theft

• Other recent attacks included targeting

the Youtube or Twitter credentials of high

profile Syrian opposition

• Remote Desktop Viewing, Webcam

spying and audio-eavesdropping

Page 54: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Advanced Malware Attack Lifecycle

54

Page 55: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Poison Ivy Trojan spreading via Skype

55

Source: http://infosecisland.com/blogview/21340-Skype-Malware-Campaign-Spreading-Poison-Ivy-Trojan.html

Page 56: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Another Example in the News…

56

Page 57: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

The Information Was Used to Craft an Email…

57

Page 58: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media and the Attack on RSA

58

Page 59: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media and the Attack on RSA

59

Page 60: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

A very effective way to find targets

60

Page 61: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Carefully Crafted Email and Attachment

61

Page 62: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

62

“…an all too real cyber espionage threat.”

Sourced from: http://www.theregister.co.uk/2011/05/27/lockheed_securid_hack_flap/

Page 63: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Social Media Sites Can Be Used To Store Malware

63

Page 64: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Malware Retrieves .rtf Exploit Stored on Free Blog

64

Page 65: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

How To Prevent Targeted Spear Phishing Emails

65

• Support large range of file

types (PDF, Office formats, ZIP,

etc.)

• Attachment analysis

• URL analysis

• Correlates malicious URLs to

emails at the CMS

REQUIREMENTS

• Protect against spear phishing and blended attacks

• Analyze all emails for malicious attachments and URLs

• Perform In-line MTA active security or SPAN/BCC for monitoring

• Provide Brute-force analysis of all Email attachments in VX Engine

• Web MPS integration for malicious URL analysis/blocking

• Web MPS integration for blocking of newly discovered callback channels

Page 66: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

The Virtual Execution Engine

66

PHASE 1

Multi-Protocol Object Capture

PHASE 2

Virtual Execution Environments

(Dynamic Analysis)

PHASE 1: WEB MPS

• Aggressive Capture

• Web Object Filter

PHASE 1: E-MAIL MPS

• Email Attachments

• URL Analysis

PHASE 1: FILE MPS

• Network File Shares

PHASE 1: MAS

• Human Driven via

GUI/CLI/SSH

Feedback

Loop

DYNAMIC,

REAL-TIME ANALYSIS

• Exploit detection

• Malware binary analysis

• Cross-matrix of OS/apps

• Originating URL

• Subsequent URLs

• OS modification report

• C&C protocol descriptors

Map to Target

OS and

Applications

Targ

eted

Th

reat

Inte

llig

ence

Page 67: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

The Malware Protection System

67

• Pace of advanced targeted attacks is

accelerating, affecting all verticals and

all segments

• Traditional defenses (NGFW, IPS, AV,

and gateways) no longer stop these

attacks

• Real-time, integrated, signature-less

solution is required across Web, email

and file attack vectors

• Advanced threat protection to

supplement traditional defenses and

stop advanced targeted attacks

Complete Protection Against

Advanced Targeted Attacks

Web

Malware

Protection

System

Email

Malware

Protection

System

File

Malware

Protection

System

Register for a free threat assessment at:

www.fireeye.com/stopthreats

Page 68: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

5 Criteria for Advanced Threat Protection

68

1. Dynamic, signature-less engine to detect & block zero-

day and targeted inbound attacks (as used by APT

actors, crimeware actors, and Hacktivists)

2. Real-time protection to stop data exfiltration

3. Integrated, cross-protocol Web & Email inbound infection

and outbound callback protection

4. Accurate, no tuning, and very low false positive rate

5. Global malware intelligence for sharing threat indicators

to block zero-day malware & latest callback channels

Page 69: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Question and Answer

Aaron Sheridan Senior Security Systems Engineer, FireEye

[email protected]

Page 70: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

Open Panel with Audience Q&A

• Jean Pawluk- Consultant and Former Chief Architect, Visa

• Rebecca Herold, CIPP, CISSP, CISA, CISM, FLMI

• Aaron Sheridan- Senior Systems Security Engineer at FireEye Technologies, Inc.

70

Page 71: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

71

Closing Remarks

Online Meetings Made Easy

Thank you to Citrix for donating this Webcast service

Thank you to our Sponsor

Page 72: Social Media Gone Wild · –Users spending time on social media –Social media apps and sites under constant attack –Users bring your own devices –New hardware, new uses –Single

CPE Credit

• Within 24 hours of the conclusion of this webcast, you will receive a link via email to a post Web Conference quiz.

• After the successful completion of the quiz you will be given an opportunity to PRINT a certificate of attendance to use for the submission of CPE credits.

72