Embed Size (px)
DESCRIPTION
It’s not news that threats are growing across the IT security landscape. Today’s malware imposes significant business risks due to the highly organized nature of attacks – applications, web sites, and social networks are all subject to attacks and vulnerabilities. Hackers are highly organized professionals with vast networks who are able to precisely target an unsuspecting victim, including many small businesses and their employees. Users may not even realize his/her machine has been compromised for days, weeks, or even months due to the nature of these attacks. During this talk, Mark Villinski will examine what this means for business owners and what IT managers need to look for to stay on top of these threats. Mark Villinski, Kaspersky Mark Villinski brings more than 12 years of technology sales and marketing experience to Kaspersky. Mark leads Field Marketing efforts for the East Coast and is responsible for increasing awareness and demand for Kaspersky’s Open Space Security Produce Line. Prior to joining Kaspersky, Mark served as Director of Worldwide Channel Operations for Enterasys Networks, where he was responsible for the strategy and day-to- day operation of the Secure Advantage Partner Program. Prior to that role he held a number of channel and field marketing roles at Enterasys and Cabletron Systems. He started his high tech career in sales at Cabletron Systems.
Citation preview
Protecting Against Cyber-threats That Matter to Your Business
Mark VillinskiManager- Field Marketing
September , 2010
04/08/2023
Copyright 2010. All Rights Reserved.2
Agenda• Good sites gone bad
o Web under siege (designer malware, drive-by downloads)o The un-patched Windows ecosystemo Legitimate sites launching attacks
• Revenge of the recently departedo The insider on the outsideo Managing orphaned accounts
• Friend or fraudo The good/bad of Web 2.0o Exploiting trust on social networkso Recommendations
Compliance vs. SecurityThe World of “Check Boxes”
Kaspersky’s Global PerceptionThe Growing Malware Threat
3,200,000
2,800,000
2,400,000
2,000,000
1,600,000
1,200,000
800,000
400,000
01998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009
30,000
3,500+
1,115
3,312,682
New threats per day
New signatures per day
Mobile Malware Signatures
as of December 2009
Total as of December 2009
04/08/2023
5 Copyright 2010. All Rights Reserved.
Designer Malware
• Professionally targeted to weakest links―Poorly configured Web servers―Vulnerable publishing platforms―Un-patched Internet-facing databases
• Obfuscated JavaScript code inserted on hacked Web pages
―Redirects to remote server hosting exploits―Serves custom malware based on Windows OS
version, browser version, patch level, vulnerable third party apps
―Fires exploits simultaneously at IE, WinZip, Java, QuickTime, ActiveX controls, even Firefox … until exploit hits target
• Payload: Backdoor Trojans, password stealers, banker Trojans, spam bots
―This is the work of highly skilled, well-organized cyber criminals
Your Organization is Under Siege
The Web Under Permanent Siege
• Hacked Web sites deliver drive-by downloads―It’s no longer just “dirty” Web sites
―77 percent of Web sites with malicious code are legitimate sites that have been compromised
• Vulnerabilities/exploits are ready-made, publicly available
• The (un-patched) state of Windows―Secunia PSI statistics: Only 2% of Windows computers fully
patched―ActiveX control vulnerabilities hard to find, fix―The Adobe Acrobat/PDF, Flash, RealPlayer, WinZip and
QuickTime monocultures―Browser flaws everywhere: IE, Firefox, Safari, Opera―Browser plug-ins: A bigger nightmare
The Web under permanent siege
Examples of Malicious Adobe PDF FileClient Side Application Vulnerability
MAC ATTACKS On The Rise
• Mac users now make up 10% of the marketplace
• They are now more attractive to cybercriminals – worth the trouble due to the numbers
• Major AV Vendors have or are releasing AV products for the Mac
• An Example– MacCinema:
Popularity Makes MAC a Growing Target
Good Sites Gone Bad
Revenge of the Recently Departed
Revenge of the Recently Departed• Insider on the outside
o Failure to disable passwords and accountso Relaxed rules for the return of company equipmento Exploiting shared passwords in multiple-user accounts
• Questions to ponder around orphaned accountso Where’s the data? Who has access to it?o Are you logging all access to that data?o Can you spot unusual data traffic? o Does your password policy cover ex-employees?
Revenge of the recently departed• Symark international surveyed 850 security, IT, HR and C-level
executives across all industries. Here’s what they found:o42% of businesses do not know how many orphaned
accounts exist within their organizationo30% have no procedure in place to locate orphaned accountso27% said that more than 20 orphaned accounts currently
exist within their organizationoMore than 30% said it takes longer than three days to
terminate an account after an employee or contractor leaves the company, while 12 percent said it takes longer than one month
o38% said that they had no way of determining whether a current or former employee used an orphaned account to access information
The Perils of Social MediaThe Endpoint is the New Perimeter
Facebook Examples
• Net-Worm.Win32.Koobfaceo Created in July 2008o Variants still squirming in 2009
• Net-worm that exploits trust on Facebook and Myspace
A Facebook Attack in Action
Top Facebook Scams
• The Friendly 419 Scan
• Hidden Fee Apps
• Fake Login Pages
• Malware Links
• Facebook Apps that are Malware
• Reset Password Email
Multiple Attack Vectors
Anyone can p
ublish
anythin
g
A Digg Attack In Action
Exploiting Trust in Social Networks
Recommendations• Be proactive about security:
―Patch! Patch! Patch!―Identify commonly exploited third-party apps (
http://microsoft.com/sir) and keep those updated as a priority. Stay away from programs without auto-update mechanisms
―Your web site can be an exploit site! Stay on top of high-priority patches for Web servers and all components
• Shut off all unnecessary network services and block employees/students from social networks
―Hackers prey on the "trusted" nature of these networks to trick users into installing malware on endpoints. If certain employees don't need Internet access, don't provide it
• Implement strong malware protection throughout your organization!!
Premium Protection at Every LevelEndpoints, Mail Servers, Internet Gateways
04/08/2023
Copyright 2010. All Rights Reserved.26
The Most Immediate ProtectionSmall Updates for the Best Protection and User Experience
Microsoft
Symantec
Trend Micro
CA
McAfee
Updates per Month
0 100 200 300 400 500 600 700
24
28
32
33
138
664
04/08/2023
Copyright 2010. All Rights Reserved.27
Fastest Response Time to New Threats
Eset
Sophos
AVG
Symantec
McAfee
Hours0 2 4 6 8
4 to 8 hours
4 to 6 hours
4 to 6 hours
2 to 4 hours
2 to 4 hours
< 2 hours
Rated the Best in Detection
04/08/2023
Copyright 2010. All Rights Reserved.29
World-Class Customer Care
Short Hold Times
ProactiveDedicated Engineers
High-touch
Free Standard SupportMultiple Languages
04/08/2023
Copyright 2010. All Rights Reserved.30
Kaspersky Premium ProtectionPremium Protection Where Your Business Happens
Trusted by the Leaders in the Industry
Top-Rated Malware Detection Rates
Fastest to Respond to New Threats
Built for the Best Possible User Experience
Intuitive & Easy to Deploy and Manage
World-Class Quality Support
