Symantec ISTR v24 - LANCom · Symantec ISTR v24 Lancom @ Rogla, 09.10.2019. Davor Kodrnja ... Coat and Symantec threat data-lakes stopping 500K new threats per day Symantec launches

Symantec ISTR v24

Lancom @ Rogla, 09.10.2019.

Davor KodrnjaRegional Sales Manager Adriatics

Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY

A History of Industry LeadershipSymantec:

Symantec is founded by Gary Hendrix with a focus on artificial intelligence

1 9 8 2

Symantecachieves profitability

Symantec acquires Peter Norton Computing

John Thompson is hired to become CEO of Symantec

Acquisition of Vontu is completed to enter into the data protection space

1 9 8 9 1 9 9 0 1 9 9 9 2 0 0 7

Symantec enters the Antivirus market with a focus on Macintoshcomputers

1 9 8 8

NASDAQ IPO of Symantec

Symantec launches Norton Antivirus

Symantec acquires Veritas and Brightmailto enter into storage and email security

Verisign Identity and Authentication Business acquired by Symantec

1 9 8 9 1 9 9 1 2 0 0 4 2 0 1 0


Symantec Acquires Blue Coat and appoints Greg Clark as CEO

AUGUST 2016

Symantec integrates Blue Coat and Symantec threat data-lakes stopping 500K new threats per day

Symantec launches industry innovation with SEP14

Symantec acquires Fireglass and Skycure

Symantec acquires Javelin Networks

SEPTEMBER 2016 NOVEMBER 2016 JULY 2017 AUGUST 2018

Symantec divests Veritas business as it begins a pure focus on security

JANUARY 2016

Symantec launches Cloud Generation Data Protection with DLP and Blue Coat CASB integration

Symantec acquires Lifelock protecting the identity information of millions

Symantec takes leadership position in 5 Magic Quadrants – EPP, DLP, MSS, SWG, and CASB

Symantec launches Integrated Cyber Defence Platform (ICDX)

OCTOBER 2016 FEBRUARY 2017 JANUARY 2018 APRIL 2019

Celebrating The Past Three ++ Years of Advanced InnovationSymantec:

The New Threat

Landscape


2018 At A Glance: Big Numbers

WEB ATTACKS

• Web attacks up by 56%

• 1 in 10 URLs analyzed by Symantec were identified as malicious in 2018

FORMJACKING

• On average 4,800 websites were compromised by formjacking attacks every month in 2018

• Symantec blocked 3.7M formjacking attacks in 2018 on endpoint devices

RANSOMWARE

• Enterprise ransomware infections up 12%

• Mobile ransomware infections increased by 33%

• Overall ransomware infections were down by 20% as attackers moved to more lucrative activities

TARGETED ATTACKS

• Attack groups target an average of 55 organizations each

• The number of attack groups using destructive malware grew by 25% in 2018

CRYPTOJACKING

• Symantec blocked 4 times as many cryptojacking events in 2018 compared to 2017

• Cryptojacking activity remains at high levels with Symantec blocking 3.5 million events in December 2018

• Over the course of 2018, total cryptojackingevents dropped by 52% as cyptocurrencyprices dropped by almost 90%

LIVING OFF THE LAND ANDSUPPLY CHAIN ATTACKS

• Use of malicious Powershell scripts increased by 1000%

• Office files accounted for 48% of malicious email attachments, up from 5% in 2017

• Supply Chain Attacks increased by 78%

ISTR | INTERNET SECURITY THREAT REPORT | Volume 24 | February 2019 5

Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 9ISTR | INTERNET SECURITY THREAT REPORT | Volume 24 | February 2019

CRYPTOJACKING&

RANSOMWARE


The Diminishing Returns Of Cryptojacking



Ransomware Narrows in on Enterprises

Why the shift to enterprise?

11ISTR | INTERNET SECURITY THREAT REPORT | Volume 24 | February 2019

12% growth in ransomware attacks against enterprises in 2018

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

2016 2017 2018

Consumer Enterprise

Ransomware detections by marketo Ransomware primarily spreads through office

attachments in emailo Consumers less affected by email-based threatso Consumers more likely to have data backed up in

the cloudo Bigger payouts from enterprise ransomware

infectionso Increasing number of targeted ransomware

families: SamSam, Ryuk, Crysiso Some enterprises continue to see residual

WannaCry and Petya infections

20% drop in overall ransomware infections



ENTERPRISE

2018CONSUMER19% of all

attacks


attacks


attacks




12% Growth in Attacks Against Enterprises


Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 14ISTR | INTERNET SECURITY THREAT REPORT | Volume 24 | February 2019 14

IoTINTERNET OF THINGS

Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 15ISTR | INTERNET SECURITY THREAT REPORT | Volume 24 | February 2019 15

IoT devices experience an average of 5,200 attacks per monthAttacks involving connected cameras up from 3.5% in 2017 to 15% in 2018

5G connectivity will change the landscape with more directly connected devices


The Dangers of Infected Routers

Display spoofedwebsites Hide source

of attack

Common Threats

DDoS

VPNFilter Introduces

Redirect trafficBreak signatures

Collect all network traffic

Hijacks for major cryptomining

Stealscredentials

DestroyDevice

16ISTR | INTERNET SECURITY THREAT REPORT | Volume 24 | February 2019 16

Stay residenton device

Attack localdevices

Click fraud

Network scans

Copyright © 2019 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLYISTR | INTERNET SECURITY THREAT REPORT | Volume 24 | February 2019 20


The Great Privacy Awakening

Trump Campaign Consultants Cambridge Analytica Found Guilty of Breaking Data Laws

Dutch Petition Against Google's Location Tracking Gets 50,000 Signatures

Smart gadgets open door to stalking and abuse, say police

Security News This Week: Employees May Have Snooped On Ring Security Camera Feeds

Apple FaceTime bug lets people eavesdrop on your iPhone or Mac without your knowledge



Smartphones Are Arguably the Greatest Spying Devices Ever Created

Types of personally identifiable information (PII) shared with apps

Emailaddress

Phonenumber

Username

Address

9%

12%

48%

33%

4%

44%

30%

5%

Analysis of top 100 free apps for iOS and Android



Tracklocation

Accesscamera

Recordaudio

Read phoneCall log

Read SMSmessages

Smartphones Are Arguably the Greatest Spying Devices Ever Created

45%

25%

46%

25%

25%

9%

10%

15%

Not available on iOS

Not available on iOS

89%

39%

Risky permissions broken down by type and OS



Risky Permissions




Dridex Gang - Number of Known Spam Runs Per Day

2016 Internet Security Threat Report Volume 21 27

Internet Security Threat Report Volume 23 | Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY

Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY29

Delivering Protection in The Cloud Generation

Endpoint Requirements

Best in Class Protection

Machine Learning / Artificial Intelligence

Single Agent / Efficient Architecture

Cloud Aware / Enabled

Supports all Endpoints

PROXY

EMAIL

CLOUD APPS

ENDPOINTENDPOINT


Proxy Requirements

ENDPOINT

PROXY

EMAIL

CLOUD APPS

Best in Class

Strong Encrypted Traffic Management

Integrated CASB

Network Browser Isolation

Cloud, On-Premise & Virtual Form Factors



Email Requirements

Flexible Form Factor

Protects Intra-Company, Outbound & Inbound

Integrated Content Isolation

Best-In-Class Spam and Malware Defense

Machine Learning / Artificial Intelligence

ENDPOINT

PROXY

EMAIL

CLOUD APPS



Cloud ApplicationRequirements

ENDPOINT

PROXY

EMAIL

CLOUD APPS

Visibility Over Cloud User Behavior

Control Across all Cloud Applications

User and User-Action Based Authentication

Protections Against Malicious Content

Extends Data Protection to the Cloud




• Open Interface to Symantec and Third Party Technologies

• Structures and Unifies Telemetry

• Control of Event Information for Regulatory Adherence

• Long-Term Correlation of Event and Telemetry Data

• Provides Automated Actions for Control Points

• Integration Point for External Control Structures

• MSP• Artificial Intelligence / Machine Learning• Orchestration

INTEGRATED CYBER DEFENSE EXCHANGE (ICDx)

ICDx


ADVANCED THREAT PREVENTION

Content Analysis

Sandboxing

Endpoint Detection & Response

Full Packet Capture and MetadataICDx

Delivering Technology Services in The Cloud Generation


INFORMATION PROTECTION

DLP

Multifactor Authentication

Encryption

Information Centric Analytics

Discovery and ComplianceICDx

Delivering Technology Services in The Cloud Generation



ADVANCED THREAT PREVENTION

COMPLIANCE ENFORCEMENT

INFORMATION PROTECTION

ANALYTICS

ENCRYPTED TRAFFIC MANAGEMENT

ICDx


INTEGRATED CYBER DEFENSE PLATFORM


Massive Global Threat Telemetry

State of The Art Security Analysis

Best-in-Class Global Cyberwarriors

Automated Threat Intel Fed to Platform

THREATRESEARCH


600+ PARTNERS INQUIRIES 95+ TECHNOLOGY PARTNERS 180+ INTEGRATIONS

Integrated Cyber Defense Platform


Davor [email protected]

Documents

Symantec ISTR v24 - LANCom · Symantec ISTR v24 Lancom @ Rogla, 09.10.2019. Davor Kodrnja ... Coat and Symantec threat data-lakes stopping 500K new threats per day Symantec launches