The “Business” of Malware IT Security PresentationThe “Business” of Malware IT Security Presentation Secure South West – Plymouth University Thursday 20th September 2012

21/09/2012

1

www.eset.co.uk we protect your digital worlds

The “Business” of Malware IT Security Presentation

Secure South West – Plymouth University Thursday 20th September 2012

Presented by:

Alan Thake – Head of Sales – ESET UK


Today’s Topics

• The “Business” of malware

• How is it being dealt with ?

• ESET pedigree, our customers, our awards

• Q & A and discussions

21/09/2012

2


The “Business” of malware

• What’s changed ?

• Who are they ?

• What are they doing ?

• Why are they doing it ?

• Where do they come from ?

• How do we combat it ?

• What are the possible consequences of inadequate protection ?


21/09/2012

3



• Brazil & E Europe – Phishing – Banking specialists

• China – Military Espionage, Key logging

• Russian Mafia – Botnets and DOS

• West Africa – advanced fee fraud (“419” scams)

• Global forums and sites – Darkmarket

http://www.eastcoastrecruitment.co.uk/IMAGES/CV.jpg

21/09/2012

4



http://www.ebay.co.uk/



21/09/2012

5



The virus, “ACAD/Medre.A”, has stolen tens of thousands of blueprints from companies mostly based in Peru, said ESET, a computer security firm. It targeted software called AutoCAD, which is very widely used by industrial designers and architects. The stolen drawings were surreptitiously sent to email accounts provided by two Chinese internet firms, 163.com and qq.com

21/09/2012

6


Why are they doing it? • Mainly Financially driven (Data Theft)

• Politically driven (Russia/China/ME

• Intellectual Property Rights theft

• Follow the money !


How is it combated ? J. Keith Mularski, Supervisory Special Agent, Cyber Division went deep undercover and infiltrated “DarkMarket”, an English speaking Cybercrime forum, under the alias “Master Splyntr”, eventually leading to 60 arrests worldwide

21/09/2012

7


How do we combat it ?

► ESET vs the Russians in a game of futuristic “tennis”


ESET’s Virus Labs in Slovakia Tens of thousands of new “malware” samples daily

Employing top talent – So do the

malware producers !

21/09/2012

8


Possible consequences of inadequate protection • Can you put a value on down time ? Here's a cost analysis with the sample cost impact of

network downtime.

• Additional hidden costs can also result from lost revenue when no orders placed during downtime.

• If the network goes down once a year, the cost is high. If several times a year the cost can escalate quickly.

Cost Type No of Users

Cost per

hour

Downtime Cost in HR

Estimated Annual Cost 3 hours downtime per year

Average Personnel

500 £9 £4,500 £13,500

IT Technical Support

5 £40 £200 £600

Total Company 505 N/A £4,700 £14,100


St. Bartholomews (Barts) Hospital, together with The Royal

London Hospital and The London Chest Hospital, form this

trust. They were collectively hit by the MyTob Worm which

took down all three hospitals networks over a two day

period.

This was not an “unknown” threat !

http://www.bartsandthelondon.nhs.uk/

21/09/2012

9


What can you do ?

Ensure you are using best of breed protection – Technology

will protect you, not “brand” names. Research a products

pedigree. Whilst they may shout “look how well we did in

this latest test”, how do they perform consistently ? Look at

awards and certifications – Price should not be a deciding

factor !

Be aware and be circumspect – Encourage it with your

employees as well.


ESET NOD32 ANTIVIRUS HAS RECEIVED MORE VB100 AWARDS THAN ANY OTHER SINGLE PRODUCT

Virus Bulletin Test Results – May 1998 to June 2012

0

10

20

30

40

50

60

70

80

ESETNOD32

Symantec Kaspersky Sophos Norman McAfee BitDefender Trend AVG Panda

1 5

19

17

22 21

10 8

22

3

74

56 59 60

50 47

33

16

42

1

Tests Failed

VB100 Awards

21/09/2012

10


Only product to never miss “In the Wild” Viruses Viruses missed by other products – May 1998 to August 2012 – Virus Bulletin testing


The ESET pedigree – Company quick-facts

Over 20 years of experience in protecting digital worlds

ESET established in 1992 – ESET’s NOD32 “Flagship” product released 1998

Pioneered and continues to lead the industry in proactive threat detection

Global head quarters in Bratislava. Regional centres in San Diego, Singapore, Buenos Aires

R&D centres in Bratislava, Cracow, Moscow, Singapore, Prague, Montreal, San Diego, Buenos Aires

Distribution presence in more than 180 countries worldwide

2860% growth over the past 5 years

Over 130 million users worldwide and rapidly increasing

Included in Gartner’s Magic Quadrant for Endpoint Protection Platforms

Recipient of the most Virus Bulletin 100 awards since May 1998 when first submitted for testing

Received the highest number of ADVANCED+ AV-Comparatives awards in retrospective/proactive detection testing over the last 7 years

ESET NOD32 – The ONLY antivirus product to have never missed an “in the wild” virus in the prestigious Virus Bulletin testing in over 14 years

https://gpc.eset.com/gpc/filebrowser/file/304

21/09/2012

11


Trusted by Global customers


Trusted by UK customers

http://www.google.co.uk/imgres?imgurl=http://www.myfootballfacts.com/Milton_Keynes_Dons_logo.jpg&imgrefurl=http://www.myfootballfacts.com/SpursvMiltonKeynesDons.html&h=320&w=320&sz=57&tbnid=UwiZ2OdWgemtbM:&tbnh=118&tbnw=118&prev=/images?q=mk+dons+logo&zoom=1&q=mk+dons+logo&usg=__yrik-iQj63OexRdN7d00KmG6Q8w=&sa=X&ei=MUBITfOcIpGP4Aao5KzfBQ&ved=0CDQQ9QEwAw

http://www.dorset.police.uk/default.aspx?page=0

http://images.google.co.uk/imgres?imgurl=http://www.helpandcare.org.uk/cms/site/images/Dorset-CC.jpg&imgrefurl=http://www.helpandcare.org.uk/cms/site/news/carers-rights-day-events-in-dorset.aspx&usg=__K1WX6KO01EiZRld2gzxOUPjG4o0=&h=120&w=170&sz=17&hl=en&start=1&um=1&itbs=1&tbnid=MhE68FnoENJA2M:&tbnh=70&tbnw=99&prev=/images?q=Dorset+County+Council&hl=en&um=1

http://images.google.co.uk/imgres?imgurl=http://pomepeople.files.wordpress.com/2009/01/royalmint.png&imgrefurl=http://pomepeople.wordpress.com/2009/01/13/design-the-2012-olympic-50p-piece/&usg=__VESOcVXeLCj8Z4oiN5ieSw1IbYQ=&h=105&w=201&sz=20&hl=en&start=1&um=1&itbs=1&tbnid=9kwCn2L0fLzrmM:&tbnh=54&tbnw=104&prev=/images?q=Royal+mint+logo&hl=en&um=1

http://images.google.co.uk/imgres?imgurl=http://nickbaines.files.wordpress.com/2009/08/nhs-sign1.jpg&imgrefurl=http://nickbaines.wordpress.com/2009/08/16/nhs-vs-usa/&usg=__KjcaUYoIeuIr-dcctYC_Lg9GKk0=&h=275&w=415&sz=17&hl=en&start=1&itbs=1&tbnid=lQ3EkelWbWDUqM:&tbnh=83&tbnw=125&prev=/images?q=NHS&gbv=2&hl=en

http://images.google.co.uk/imgres?imgurl=http://www.bpfleet.net/_images/bplogo.jpg&imgrefurl=http://www.bpfleet.net/&usg=__LvNmvXh054oHQuA6fceLBzt4ypo=&h=244&w=254&sz=33&hl=en&start=32&um=1&itbs=1&tbnid=d1frNMrxhAzTnM:&tbnh=107&tbnw=111&prev=/images?q=BP+Shipping+Ltd&gbv=2&ndsp=18&hl=en&sa=N&start=18&um=1

http://www.stockton.gov.uk/

http://images.google.co.uk/imgres?imgurl=http://www.perfectladiesnight.co.uk/assets/images/ann_summers_logo.jpg&imgrefurl=http://www.perfectladiesnight.co.uk/&usg=__sANKWArkJl0rSTC672n8otGrAOQ=&h=300&w=400&sz=44&hl=en&start=1&um=1&itbs=1&tbnid=nW3W5wufTB4NCM:&tbnh=93&tbnw=124&prev=/images?q=anne+summers+logo&gbv=2&hl=en&um=1

21/09/2012

12


ESET Awards/Certification

ICSA Labs 1st !


ESET Smart Security 5 was awarded "Best Usability" from the AV-TEST Institute for its low false positives ratio and low impact on system performance.

According to AV-Comparatives' Summary Report 2011, ESET Smart Security 5 was recognized as "Top Rated Product 2011".

In Summary Report 2011 from AV-Comparatives, ESET was rated as the product offering the best overall performance with the lowest system footprint.

ESET was voted as Winner of SC Magazine's Reader Trust Award in the category of "Best Anti-Malware Management".

http://www.eset.com/company/Eset-1-16-05.pdf

http://www.eset.com/company/Eset-2-16-05.pdf






http://www.av-test.org/en/home/



http://www.av-test.org/en/tests/test-reports/

http://www.av-comparatives.org/en/comparativesreviews/summary-reports


http://www.av-comparatives.org/en/comparativesreviews/summary-reports

http://awards.scmagazine.com/eset-eset-smart-security

21/09/2012

13


Commit Charge (Memory Consumption) Source – PassMark (independent testing JUNE 2010)

ESET Smart Security combines small system footprint with exceptionally secure

configuration defaults.


Memory Consumption during System Idle Source – PassMark (independent testing September 2011)

21/09/2012

14


Commit Charge (Memory Consumption) Source – PassMark (independent testing AUGUST 2012)


Full System Scan Source – PassMark (independent testing AUGUST 2012)

21/09/2012

15


Memory Usage During Full System Scan Source – PassMark (independent testing AUGUST 2012)


Daily Network Traffic Source – PassMark (independent testing AUGUST 2012)

21/09/2012

16


Server Memory Usage During System Idle Source – PassMark (independent testing AUGUST 2012)


Server Memory Usage During On Demand Scan Source – PassMark (independent testing AUGUST 2012)

21/09/2012

17


Slowdown caused by Antivirus solutions Source – AV-Test.org May 2011


PassMark ratings in full Source – PassMark Labs independent testing – June 2010


21/09/2012

18


PassMark ratings in full Source – PassMark Labs independent testing – August 2012


Technical Support

• UK based Technical support available 7 days a week

• Mon-Fri 08:00-20:00

• Sat-Sun 09:00-17:00

21/09/2012

19


QUESTIONS & ANSWERS?

Q & A – General discussion


Thank You

Documents

The “Business” of Malware IT Security PresentationThe “Business” of Malware IT Security Presentation Secure South West – Plymouth University Thursday 20th September 2012