THREAT LANDSCAPE IN THE ERA OF DIRECTED ATTACKS#ThreatTalk
THESE SLIDES ARE AN EXCERPTFROM A LIVE KASPERSKY WEBINAR
BROADCAST ON 6TH MAY 2014TO ACCESS THE WEBINAR PLEASE VISIT
HTTP://OW.LY/WHFAR
ROEL SCHOUWENBERGPRINCIPAL SECURITY RESEARCHER GLOBAL RESEARCH & ANALYSIS TEAMKASPERSKY LAB
HEARTBLEED – CVE-2014-0160
4
Back to the fundamentals
Triaging is painful
Keys to the kingdom?
5
Significant portion of the market still running XP
First ‘eternal zero-day’ discovered
IE Zero-day different to recent flash Zero-day
END OF XP
ACTORS AND MOTIVES HAVE CHANGED
NEW PLATFORMS AND TECHNOLOGIES
Attack surface keeps increasing
Diversification / BYOD
Mobile payments
METHOD OF ENTRY
8
Phishing
Web browsing – watering holes
NON-TARGETED MALWARE
9
Financial/ID theft malware
Ransomware
May not run in virtual environment
ESPIONAGE
Zero day needed?
Widening platform support
Targeting supply chain
More and more verticals affected
More actors involved
SABOTAGE
11
DDoS attacks have become a major problem
BCP 38/84
Wiper attacks as seen in cyberweapons
THE FUTURE
12
Will CNE and CNA converge?
INCREASED FOCUS ON VIRTUAL ENVIRONMENTS
Back to the fundamental
VM SPECIFIC THREAT SCENARIOS
EoP / Escape to Host
Network traffic sniffing
Modifying master virtual disks
Lost audit trails
Hyper-visor level attacks
ERIK DEVINECHIEF SECURITY OFFICERINFORMATION SERVICESRIVERSIDE MEDICAL CENTER
CorporationEmployees
Cloud Services
Data Loss
Malware and Vulnerabilities
Business Associates
Mobile Devices/
Employees
Hackers
MITIGATING THE TOP 7 THREATS
WHY IT’S MOVING AND CHANGINGGovernment regulations changing
Privacy
Security
Technical and operational control
Environment changing
Electronic transmission of data
BYOD
Technology changes (virtualization, OS, patient portals, physician portals, vendor portals)
Threats are changing
Malware
Hackers internal/external
NOW HOW DO WE MITIGATE…
Policy and Procedures Education Technical Controls
Monitoring and Logging
Audit and Risk Assessment
What are your Security Initiatives?Know your data, network, endpoints and users, then apply the rules!
CONCLUSIONS AND TAKEAWAYS
New technologies present new opportunities and challenges
All platforms need protecting in an era of targeted attacks
Prioritise which assets to protect most and then segregate them
Data integrity attacks on the horizon
FOR MORE INFORMATION WATCH THE ON DEMAND WEBINAR REGISTER HERE: HTTP://OW.LY/WHFAR
FEEL FREE TO ASK QUESTIONS:@KASPERSKYLABB2B#THREATTALK
MORE INFO ON SECURITY FOR BUSINESS WWW.KASPERSKY.COM//BUSINESS
B2B BLOGHTTP://BUSINESS.KASPERSKY.COM
THANK YOU!