Upload
quick-heal-technologies-ltd
View
890
Download
0
Embed Size (px)
Citation preview
Cyber Security Predictions 2016
Threat Research & Response TeamQuick Heal Technologies Ltd.
Agenda• 2015 Review – A Look Back• Ransomware • The Evolution of Money Making Malware• Potentially Unwanted Applications (PUA)• Advanced Persistent Threats• Exploit Kits• Android Malware• Rise of Internet of Things (IoT)
2015 Review – A Look BackQuarter-wise Malware Detection Statistics
2015 Review – A Look BackCategory-wise Malware Detection Statistics
2015 Review – A Look BackOperating System Distribution of Quick Heal Users
Unpatched Software is the Silent Killer!
• Operating System• Web Browsers• Microsoft Office, Java, Adobe Reader and Flash• CVE-2012-0158 – Microsoft Office vulnerability exploited in wild
Ransomware – Locks Down User’s Machines
Ransomware – Locks Down User’s Machines• Continued dominance as the most destructive malware in 2015• Ransomware-as-a-Service (RaaS)• Commoditized the creation of ransomware• To develop and distribute customized ransomware
• Crowti, CryptoWall and TeslaCrypt - The consistent performers• Chimera brings in data extortion techniques
SURVEY 1• Do you have a defined data backup policy and process in place?• Yes / No
• What type of data backup do you undertake? • Online / Offline / Both / No
• What is the frequency of your data backup?• Incremental / Daily / Weekly / Never
The Evolution of Money Making Malware
Adware
Spyware
Rogueware
Ransomware
Extortionware
Banking Trojan
POS Malware
Extortionware• Hackers hold Hollywood Presbyterian Medical Centersystems for ransom• Hospital is down for a week and all services are stopped • Demand 9,000 bitcoin ( $3.6 million ) for a ransomware key
Ransomware – Predictions for 2016• Ransomware will continue to be a challenge in 2016• Encrypting Ransomware samples will also have data theft capability• Targeting Android and iOS platforms• They are expected to get highly targeted in nature• They will use extortion tactics with threats to make stolen data public• It is highly advised to implement backup policies and processes with
high-end encryption
Potentially Unwanted Applications (PUA)• Come as Downloaders, Installers or Bundlers for free applications• Modify web browser settings like
• Default search engine and home page • Add extensions to web browser
• Show advertisements • Collect personal data and browsing habits used for targeted marketing• Download other malicious components
• Exponential growth of digitally signed malware in recent years
Potentially Unwanted Applications (PUA)
Potentially Unwanted Applications (PUA)• Be alert when downloading and installing only intended applications• Read License Agreement carefully • especially privacy policy and risks involved
• Avoid downloading from fake links displayed as advertisements• Recommended to use Quick Heal AntiMalware • To detect and remove some tricky PUA’s
Quick Heal AntiMalware
Advanced Persistent Threats• Objective is different from other malware • Advanced • Spear Phishing, steals confidential and critical data • Targets sectors with high value information – national defense, manufacturing
and financial industry
• Persistent • Stays undetected for long duration of period
• Famous APT examples • Stuxnet – discovered in August 2010, targeting Iran’s Nuclear Plants• Duqu, Flame, Dark Hotel
Advanced Persistent ThreatsAdvanced Persistent Threats Detection Statistics
Advanced Persistent ThreatsEquipped with functionalities like• Steal personal information • Listing all drives and files• Enumerating running processes and terminating specific process • Downloading file from specified links • Uploading files to remote server • Executing specified file • Taking desktop snapshots and Keylogging • Stealing saved login credentials
Advanced Persistent Threats – Predictions for 2016• Spear-phishing and social engineering to remain prominent infection
vectors • Evolving encryption and obfuscation methods to evade traditional
security detections • Adoption of Anti-Sandbox and Anti-VM techniques to bypass sandbox-
based security solutions
Exploit KitsTop Exploit Kits Distribution
Android Malware 2015 ReviewCategory-wise Android Malware Detection Statistics
Android Malware 2015 Review• Third-Party app stores from China and Russian contributing to
Android malware growth• New Android malware in 2015• 803 malware families and 757 variants• 28 Ransomware variants • 21 banking Trojans
• Android Ransomware• LockerPin – modifies infected device’s PIN
Android Malware 2015 ReviewAndroid OS Distribution Statistics
Android Malware 2015 ReviewAndroid Security Vulnerability Statistics
Source: http://www.cvedetails.com
Android Malware – Predictions for 2016• Malware exploiting ad networks• Rise of malware exploiting Android vulnerabilities for auto root• 130 Android vulnerabilities discovered in 2015• Segmented Android distribution• Most times OS updates are not available from vendors
• More money! More malware!• Targeting new mobile payment technologies• Mobile wallets, in-app purchases etc.
Rise of Internet of Things (IoT) – A Look Ahead• Limited processing power of connected devices inhibits encryption
and other robust security measures• Upatre exploiting routers with known default root passwords • Challenges: • Ubiquitous data collection• Potential for unexpected uses of consumer data• Heightened privacy & security risks
IoT - SMART TV• SMART TV features• Voice Recognition• Gesture Controls • Facial Recognition• Fitness Services
• Samsung warns customers about discussing personal information in front of smart TV• Read Privacy Policy at• https://www.samsung.com/uk/info/privacy-SmartTV.html
CONCLUSION• Unpatched OS and applications are open invitation for infection• Ransomware will continue to grow with targeted reach• PUAs are on the rise• APTs will become more common• Exploit Kits integrating zero day vulnerabilities faster• Android malware will take advantage newly discovered vulnerabilities • IoT Security will add new dimension to Cyber Security
Got any queries regarding this webinar?
Write to us at:• [email protected]
Follow us on:• Facebook: www.facebook.com/quickhealav• Twitter: www.twitter.com/quickheal• Google Plus: bit.ly/QuickHealGooglePlus• YouTube:www.youtube.com/quickheal• SlideShare: http://www.slideshare.net/QuickHealPPTs
Visit us:• Website: www.quickheal.com• Official Blog: blogs.quickheal.com
Thank You!Threat Research & Response Team