31
Cyber Security Predictions 2016 Threat Research & Response Team Quick Heal Technologies Ltd.

Cyber Security Predictions 2016

Embed Size (px)

Citation preview

Page 1: Cyber Security Predictions 2016

Cyber Security Predictions 2016

Threat Research & Response TeamQuick Heal Technologies Ltd.

Page 2: Cyber Security Predictions 2016

Agenda• 2015 Review – A Look Back• Ransomware • The Evolution of Money Making Malware• Potentially Unwanted Applications (PUA)• Advanced Persistent Threats• Exploit Kits• Android Malware• Rise of Internet of Things (IoT)

Page 3: Cyber Security Predictions 2016

2015 Review – A Look BackQuarter-wise Malware Detection Statistics

Page 4: Cyber Security Predictions 2016

2015 Review – A Look BackCategory-wise Malware Detection Statistics

Page 5: Cyber Security Predictions 2016

2015 Review – A Look BackOperating System Distribution of Quick Heal Users

Page 6: Cyber Security Predictions 2016

Unpatched Software is the Silent Killer!

• Operating System• Web Browsers• Microsoft Office, Java, Adobe Reader and Flash• CVE-2012-0158 – Microsoft Office vulnerability exploited in wild

Page 7: Cyber Security Predictions 2016

Ransomware – Locks Down User’s Machines

Page 8: Cyber Security Predictions 2016

Ransomware – Locks Down User’s Machines• Continued dominance as the most destructive malware in 2015• Ransomware-as-a-Service (RaaS)• Commoditized the creation of ransomware• To develop and distribute customized ransomware

• Crowti, CryptoWall and TeslaCrypt - The consistent performers• Chimera brings in data extortion techniques

Page 9: Cyber Security Predictions 2016

SURVEY 1• Do you have a defined data backup policy and process in place?• Yes / No

• What type of data backup do you undertake? • Online / Offline / Both / No

• What is the frequency of your data backup?• Incremental / Daily / Weekly / Never

Page 10: Cyber Security Predictions 2016

The Evolution of Money Making Malware

Adware

Spyware

Rogueware

Ransomware

Extortionware

Banking Trojan

POS Malware

Page 11: Cyber Security Predictions 2016

Extortionware• Hackers hold Hollywood Presbyterian Medical Centersystems for ransom• Hospital is down for a week and all services are stopped • Demand 9,000 bitcoin ( $3.6 million ) for a ransomware key

Page 12: Cyber Security Predictions 2016

Ransomware – Predictions for 2016• Ransomware will continue to be a challenge in 2016• Encrypting Ransomware samples will also have data theft capability• Targeting Android and iOS platforms• They are expected to get highly targeted in nature• They will use extortion tactics with threats to make stolen data public• It is highly advised to implement backup policies and processes with

high-end encryption

Page 13: Cyber Security Predictions 2016

Potentially Unwanted Applications (PUA)• Come as Downloaders, Installers or Bundlers for free applications• Modify web browser settings like

• Default search engine and home page • Add extensions to web browser

• Show advertisements • Collect personal data and browsing habits used for targeted marketing• Download other malicious components

• Exponential growth of digitally signed malware in recent years

Page 14: Cyber Security Predictions 2016

Potentially Unwanted Applications (PUA)

Page 15: Cyber Security Predictions 2016

Potentially Unwanted Applications (PUA)• Be alert when downloading and installing only intended applications• Read License Agreement carefully • especially privacy policy and risks involved

• Avoid downloading from fake links displayed as advertisements• Recommended to use Quick Heal AntiMalware • To detect and remove some tricky PUA’s

Page 16: Cyber Security Predictions 2016

Quick Heal AntiMalware

Page 17: Cyber Security Predictions 2016

Advanced Persistent Threats• Objective is different from other malware • Advanced • Spear Phishing, steals confidential and critical data • Targets sectors with high value information – national defense, manufacturing

and financial industry

• Persistent • Stays undetected for long duration of period

• Famous APT examples • Stuxnet – discovered in August 2010, targeting Iran’s Nuclear Plants• Duqu, Flame, Dark Hotel

Page 18: Cyber Security Predictions 2016

Advanced Persistent ThreatsAdvanced Persistent Threats Detection Statistics

Page 19: Cyber Security Predictions 2016

Advanced Persistent ThreatsEquipped with functionalities like• Steal personal information • Listing all drives and files• Enumerating running processes and terminating specific process • Downloading file from specified links • Uploading files to remote server • Executing specified file • Taking desktop snapshots and Keylogging • Stealing saved login credentials

Page 20: Cyber Security Predictions 2016

Advanced Persistent Threats – Predictions for 2016• Spear-phishing and social engineering to remain prominent infection

vectors • Evolving encryption and obfuscation methods to evade traditional

security detections • Adoption of Anti-Sandbox and Anti-VM techniques to bypass sandbox-

based security solutions

Page 21: Cyber Security Predictions 2016

Exploit KitsTop Exploit Kits Distribution

Page 22: Cyber Security Predictions 2016

Android Malware 2015 ReviewCategory-wise Android Malware Detection Statistics

Page 23: Cyber Security Predictions 2016

Android Malware 2015 Review• Third-Party app stores from China and Russian contributing to

Android malware growth• New Android malware in 2015• 803 malware families and 757 variants• 28 Ransomware variants • 21 banking Trojans

• Android Ransomware• LockerPin – modifies infected device’s PIN

Page 24: Cyber Security Predictions 2016

Android Malware 2015 ReviewAndroid OS Distribution Statistics

Page 25: Cyber Security Predictions 2016

Android Malware 2015 ReviewAndroid Security Vulnerability Statistics

Source: http://www.cvedetails.com

Page 26: Cyber Security Predictions 2016

Android Malware – Predictions for 2016• Malware exploiting ad networks• Rise of malware exploiting Android vulnerabilities for auto root• 130 Android vulnerabilities discovered in 2015• Segmented Android distribution• Most times OS updates are not available from vendors

• More money! More malware!• Targeting new mobile payment technologies• Mobile wallets, in-app purchases etc.

Page 27: Cyber Security Predictions 2016

Rise of Internet of Things (IoT) – A Look Ahead• Limited processing power of connected devices inhibits encryption

and other robust security measures• Upatre exploiting routers with known default root passwords • Challenges: • Ubiquitous data collection• Potential for unexpected uses of consumer data• Heightened privacy & security risks

Page 28: Cyber Security Predictions 2016

IoT - SMART TV• SMART TV features• Voice Recognition• Gesture Controls • Facial Recognition• Fitness Services

• Samsung warns customers about discussing personal information in front of smart TV• Read Privacy Policy at• https://www.samsung.com/uk/info/privacy-SmartTV.html

Page 29: Cyber Security Predictions 2016

CONCLUSION• Unpatched OS and applications are open invitation for infection• Ransomware will continue to grow with targeted reach• PUAs are on the rise• APTs will become more common• Exploit Kits integrating zero day vulnerabilities faster• Android malware will take advantage newly discovered vulnerabilities • IoT Security will add new dimension to Cyber Security

Page 30: Cyber Security Predictions 2016

Got any queries regarding this webinar?

Write to us at:• [email protected]

Follow us on:• Facebook: www.facebook.com/quickhealav• Twitter: www.twitter.com/quickheal• Google Plus: bit.ly/QuickHealGooglePlus• YouTube:www.youtube.com/quickheal• SlideShare: http://www.slideshare.net/QuickHealPPTs

Visit us:• Website: www.quickheal.com• Official Blog: blogs.quickheal.com

Page 31: Cyber Security Predictions 2016

Thank You!Threat Research & Response Team