IC B01: Internet Security Threat Report: How to Stay Protected

Similar documents
Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd

EM L01 Introduction to Mobile

CloudSOC and Security.cloud for Microsoft Office 365

Piero DePaoli, Director, Product Marketing Scott Sawoya, Senior Manager, Product Management. SR B19: Symantec Endpoint Protection 12 Customer Panel

Top 10 Global Threat Rank by Source

Evolution of Spear Phishing. White Paper

CRITICAL INFRASTRUCTURE AND CYBER THREAT CRITICAL INFRASTRUCTURE AND CYBER THREAT

Robert Potter Vice President Americas Symantec. Copyright 2016, Symantec Corporation

Prevent and Detect Malware with Symantec Advanced Threat Protection: Network

Automated Context and Incident Response

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Symantec Endpoint Protection 12

ISACA January 2016 Cybersecurity Snapshot US Results. Number of respondents (n) = 862

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Cyber Crime Update. Mark Brett Programme Director February 2016

IBM Security Network Protection Solutions

BRING SPEAR PHISHING PROTECTION TO THE MASSES

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

Mobile App Security and Malware in Mobile Platform

Office 365 Buyers Guide: Best Practices for Securing Office 365

IBM Security Systems IBM X-Force 2012 Annual Trend and Risk Report

Symantec Ransomware Protection

June 2 nd, 2016 Security Awareness

Security & Phishing

Endpoint Protection : Last line of defense?

The Scenes of Cyber Crime

TREND MICRO SMART PROTECTION SUITES

KnowBe4 is the world s largest integrated platform for awareness training combined with simulated phishing attacks.

Securing the Modern Data Center with Trend Micro Deep Security

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

Symantec Security.cloud

HP Device as a Service (DaaS)

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

Mobile Experience and Security - A Delicate Balance. Jeff Keller, CISA, CIA, CFSA SVP/Senior Audit Director, Technology, Projects, Due Diligence

Cybercrime e minacce informatiche: trend emergenti e soluzioni innovative u

Governance Ideas Exchange

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

This Online Gaming Company Didn t Want to Roll the Dice on Security That s Why it Worked with BlackBerry

with Advanced Protection

Angelo Gentili Head of Business Development, EMEA Region, PartnerNET

CIS 5373 Systems Security

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

Caught in the Crosshairs of Evolving Endpoints and Malware Sophistication Moderator: Kari Ann Sewell

Seqrite Endpoint Security

DIGITAL ACCOUNTANCY FORUM CYBER SESSION. Sheila Pancholi Partner, Technology Risk Assurance

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Combating Cyber Risk in the Supply Chain

SYMANTEC INTELLIGENCE REPORT NOVEMBER 2015

Say Goodbye to Enterprise IT: Welcome to the Mobile First World. Sean Ginevan, Senior Director, Strategy Infosecurity Europe

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Panda Security 2010 Page 1

Potential business impact of cybercrime on small and medium enterprises (SMEs) in 2016 Survey report USA. October, 2016

DIGITAL LIFE E-GUIDE. A Guide to 2013 New Year s Resolutions

Too Little Too Late: Top Reasons Why You Got Hacked

Multilayered technology, machine learning and human expertise working together to provide comprehensive security for all platforms.

What is a mobile protection product?

Cyber risk no business too big or too small

2018 Edition. Security and Compliance for Office 365

Legal Foundation and Enforcement: Promoting Cybersecurity

9 Steps to Protect Against Ransomware

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Kaspersky Security. The Power to Protect Your Organization

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

Sophos Central for partners and customers: overview and new features. Jonathan Shaw Senior Product Manager, Sophos Central

Q WEB APPLICATION ATTACK STATISTICS

Enterprise Ready. Sean Yarger. Sr. Manager, Mobility and Identity. Making Android Enterprise Ready 1

Protecting Virtual Environments

Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches

Personal Cybersecurity

TREND MICRO SMART PROTECTION SUITES

Multilayered technology, machine learning and human expertise working together to provide comprehensive security for all platforms.

How technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011

Protect your business in today s fast-changing security and risk environment.

EBOOK. Stopping Fraud. How Proofpoint Helps Protect Your Organization from Impostors, Phishers and Other Non-Malware Threats.

A Guide to Closing All Potential VDI Security Gaps

Ransomware A case study of the impact, recovery and remediation events

Defensible and Beyond

Security and Compliance for Office 365

CIP-014. JEA Compliance Approach. FRCC Fall Compliance Workshop Presenter Daniel Mishra

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Synchronized Security

Symantec Protection Suite Add-On for Hosted Security

EM L05 Symantec Mobile Management Managing ios and Android Devices

Best Practices in Securing a Multicloud World

Challenges and. Opportunities. MSPs are Facing in Security

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Changing face of endpoint security

trend micro smart Protection suites

The Rise of the CSO Welcome

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

Transcription:

IC B01: Internet Security Threat Report: How to Stay Protected Piero DePaoli Director, Product Marketing IC B01: Internet Security Threat Report: How to Stay Protected 1

Topics 1 Targeted Attacks 2 Spam Trends 3 Vulnerabilities 4 Mobile Trends 5 Mac Malware 2

TARGETED ATTACKS 3

Targeted Attacks in 2012 IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 4

Targeted Attacks by Industry Manufacturing Finance, Insurance & Real Estate 19% 24% Services Non-Traditional 17% Government 12% Energy/Utilities 10% Services Professional 8% Wholesale Retail Aerospace Transportation, Communications, Electric, Gas 2% 2% 2% 1% Manufacturing moved to top position in 2012 But all industries are targeted 0% 5% 10% 15% 20% 25% 30% 5

Targeted Attacks by Company Size 50% 2,501+ 50% 1 to 2,500 Employees 2,501+ 9% 2% 3% 5% 1,501 to 2,500 1,001 to 1,500 501 to 1,000 251 to 500 50% 31% 1 to 250 18% in 2011 Greatest growth in 2012 is at companies with <250 employees 6

Targeted Attacks by Job Function 30% 25% R&D 27% Sales 24% 20% 15% Senior 12% C-Level 17% Shared Mailbox 13% 10% 5% 0% Recruitment 4% Media 3% PA 1% Attacks may start with the ultimate target but often look opportunistically for any entry into a company 7

Spear Phishing Watering Hole Attack Send an email to a person of interest Infect a website and lie in wait for them Targeted Attacks predominantly start as spear phishing attacks In 2012, Watering Hole Attacks emerged (Popularized by the Elderwood Gang) 8

Effectiveness of Watering Hole Attacks Watering Hole Attack in 2012 Infected 500 Companies All Within 24 Hours Watering Hole attacks are targeted at specific groups Can capture a large number of victims in a very short time 9

Recent Example of Watering Hole Attack In 2013 this type of attack will become widely used Several high profile companies fell victim to just such an attack 10

Watering Hole Targeted ios Developers In 2013 this type of attack will become widely used Several high profile companies fell victim to just such an attack 11

Thwarting Targeted Attacks: Defense Security Intelligence Holistic Security Monitoring Removable Media Device Control Email & Web Gateway Filtering Data Loss Prevention Encryption DeepSight Managed Security Services Endpoint Protection, Critical System Protection Email Security.cloud, Messaging Gateway Web Security.cloud, Web Gateway Data Loss Prevention Encryption Incident Preparedness & Response IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 12

SPAM TRENDS Do I still need to worry about spam? 13 13

Spam Decline 90% 79% January 2011 Global Spam Rates 2011-2012 69% October 2012 80% 70% 60% 50% 40% 30% 20% 10% 0% Jan- 11 Apr Jul Oct Jan- 12 Apr Jul Oct Spam has declined for second year in a row (as % of email) Botnet takedowns continue to have an affect IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 14

Pharmaceutical Spam Decline 70% Pharmaceutical Spam Rates 2011-2012 60% 50% 40% 30% 20% 10% 0% Jan- 11 Apr Jul Oct Jan- 12 Apr Jul Oct IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 15

The Risk of Spam Continues 1 in 414 Emails are a phishing attack 1 in 283 Emails are a malware attack of all email is spam IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 16

Thwarting Spam-borne Attacks: Defense Security Intelligence Email & Web Gateway Filtering Advanced Reputation Security Layered Endpoint Protection Holistic Network Monitoring & Layered Defenses DeepSight Messaging Gateway, Email Security.cloud Web Gateway, Web Security.cloud Endpoint Protection, Web Gateway Messaging Gateway, Email Security.cloud Endpoint Protection, Critical System Protection Managed Security Services, Web Gateway, Critical System Protection Security Awareness Training IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 17

VULNERABILITIES 18 18

Zero-Day Vulnerabilities 16 14 12 10 8 6 13 15 9 12 14 2 8 14 Total Volume Stuxnet Elderwood 4 2 4 3 4 0 2006 2007 2008 2009 2010 2011 2012 One group can significantly affect yearly numbers Elderwood Gang drove the rise in zero-day vulnerabilities 19

All Vulnerabilities 7,000 6,000 6,253 5,000 4,000 4,842 4,644 5,562 4,814 4,989 5,291 3,000 2,000 1,000 0 2006 2007 2008 2009 2010 2011 2012 No significant rise or fall in discovery of new vulnerabilities in last 6 years 20

30% Increase in web attacks blocked 247,350 190,370 2011 2012 21

Our Websites are Being Used Against Us 61% 53% of legitimate websites have unpatched vulnerabilities of web sites serving malware are legitimate sites 25% have critical vulnerabilities unpatched 22

Our Websites are Being Used Against Us In 2012, one threat infected more than 1 million websites Its payload was FakeAV The next time it s likely to be ransomware Internet Security Threat Report 2013 :: Volume 18 SYMANTEC VISION 2013 23

24

SYMANTEC VISION 2013 25

Ransomware Number of criminal gangs involved in this cybercrime Estimated amount extorted from victims in 2012 Average number of attacks seen from one threat in 18 day period 26

Protecting Against Vulnerabilities: Defense Vulnerability Management Program Configuration & Patch Management Program Application Virtualization Advanced Reputation Security Layered Endpoint Protection Website Security Solutions, Managed Security Services, Control Compliance Suite, Endpoint Management Endpoint Management Workspace Virtualization Mobile Management Suite Endpoint Protection, Web Gateway Messaging Gateway, Email Security.cloud Endpoint Protection, Critical System Protection Layered Network Protection Web Gateway, Web Security.cloud IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 27

MOBILE TRENDS 28 28

Android Malware Growth 200 5,000 180 4,500 160 4,000 140 3,500 120 3,000 100 2,500 80 2,000 60 1,500 40 1,000 20 500 0 Jan '11 Apr Jul Oct Jan '12 Apr Jul Oct 0 Cumulative Android Families 2011-2012 Cumulative Android Variants 2011-2012 Internet Security Threat Report 2013 :: Volume 18 SYMANTEC VISION 2013 29

Vulnerabilities & Mobile Malware Platform Vulnerabilities Device Type # of Threats Apple ios 387 Android 13 Blackberry 13 Windows Mobile 2 Apple ios Malware 1 Android Malware 103 Symbian Malware 3 Windows Malware 1 Today there is no significant link between mobile OS vulnerabilities and exploitation by malware In the future that may change 30

What Does Mobile Malware Do? Mobile Threats by Type Steal Information 32% Traditional Threats 25% Track User Send Content 13% 15% Adware/Annoyance Reconfigure device 8% 8% 0% 5% 10% 15% 20% 25% 30% 35% 31

Information Stealing Malware Android.Sumzand 1. User received email with link to download app 2. Steals contact information 3. Sends email promoting app to all contacts IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 32

Mitigating Mobile Threats Device Management Mobile Management Suite Device Security Mobile Management Suite Content Security Mobile Management Suite Identity & Access Mobile Application Management Validation & Identity Protection Service Mobile Management Suite 33

MAC MALWARE IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 34

Mac Malware Trend 10 new Mac families of malware in 2012 6 3 4 3 1 2007 2008 2009 2010 2011 2012 35

Mac Malware Only 2.5% of threats found on Macs are Mac malware 36

Flashback But in 2012 1 Mac Threat infected 600,000 Machines. 37

Thwarting Mac Attacks: Defense Advanced Reputation Security Endpoint Protection Layered Endpoint Protection Layered Network Protection Endpoint Protection Critical System Protection, Web Gateway, Managed Security Services Security Awareness Training Configuration & Patch Management Program Endpoint Management IC B01: Internet Security Threat Report: How to Stay Protected SYMANTEC VISION 2013 38

Summary TARGETED ATTACKS SPAM VULNERABILITIES MOBILE MALWARE MAC MALWARE 39

Upcoming Sessions You Won t Want To Miss: User Authentication & Beyond VIP: Citrix Today: 3:45pm Room 114 Best Practices for Server Protection: Ford & UHG Today: 5:00pm Room 114 Scaling the Information Security Program Maturity Curve: PwC & AARP Tomorrow: 9:00am Room 112 Symantec s Mobility Strategy & Roadmap Tomorrow: 9:00am Room 111 Roadmap: Symantec Endpoint Protection Tomorrow: 11:30am Room 119 Help! I Think I ve Been Hit with Malware Tomorrow: 1:00pm Room 112 40

Thank you! Piero DePaoli piero_depaoli@symantec.com @pierodepaoli +1 415 203 5991 http://go.symantec.com/istr Copyright 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. IC B01: Internet Security Threat Report: How to Stay Protected 41

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback