0926182320 Sophos[1]
Post on 18-May-2015
423 Views
Preview:
DESCRIPTION
Transcript
Security Threat Report 2008:What you need to know
Christopher Vernon
Senior Sales Engineer, Sophos
2
Agenda
Malware – The size and shape of the problem
Spam – China and beyond
Phishing – Socializing
Web – The threat to your reputation
Not just a Microsoft problem
Summary
3
Malware – The Size and Shape
20,000 new suspicious files sent to SophosLabs every day -
that’s 1 every 4 seconds
Most are Trojans designed to silent steal information, or
compromise PCs
AV-Test.org estimates that there are over 11 million unique
samples of malware in existence
The web is clearly the major vector for attack
One new infected webpage discovered every 5 seconds - over
90% are legitimate websites that have been hit by attacks such
as SQL Injection
4
Shift in Delivery
Only 1 in 2500 emails
have malware
attachments
Down from 1 in 332 in
same 2007 period
Shifted to ‘links in email’
Long tail of ‘Old’ malware
PushDo – new malware,
old technique
5
Spam – China and Beyond
96.5% of email is spam - only one in 28 business emails is
legitimate
New spam web page every 20 seconds
Moving to Chinese domains
Harder to get information
Easier to register
Backscatter
Non-delivery reports of spamDo you click on spam?
1 in every 530 page requests were to spam
URLs
6
Pump and Dump Done?
Volumes have dropped from 30+ % of all spam to less than 1%
Very few stock symbols being ‘spamvertised’
Market slowdown? SEC crackdown?
Moving to “short selling”
“Amazon having troubles”
7
Phishing - Socializing
Not just financial
Banks
Tax payers
Auction
Payment sites
Also Social
8
Social Targets
Social networking sites increasingly targeted
Spam
Scam
Adware
9
Spear Phishing
Very targeted activity
Use Facebook, LinkedIn, etc. to identify
targets
University of Waterloo
Oak Ridge National Lab
University of Minnesota
Can also be used to target malware
Subpoena CEO = Install keylogger
Remember Phishing
works on all platforms!
10
Web – The Threat to Your Reputation
16,173 new malicious web pages a day!
Major brands affected
Euro 2008 soccer tournament
UK broadcaster ITV
Cambridge University Press
Lawn Tennis Association
Trend Micro
Sony PlayStation
11
SQL Injection Attacks
Mal/BadSrc – 29% of infections in June ’08
Simple attack method
Search for vulnerable servers
Target attack
Inserts iframe snippets into every page
Variety of payloads
Including ‘scareware’
12
Not Just a Microsoft Problem
Nearly 60% of compromised web sites
are running Apache
Websites must be properly
“hardened” to prevent
hackers from taking
advantage
13
What about Apple?
Small amount of malware being written for Apple Macs
Increasingly Mac malware is financially-motivated
The Hovdy Trojan turned off security, firewalls, and gave remote
access to hackers
High level of complacency amongst Mac users may make
Apple Macs a “soft target” in the future
Record sales of Apple hardware, mean its marketshare is
growing
14
What about Mobile?
Malware – Very Low Threat
No single platform, and mostly written by enthusiasts
A single proof-of-concept Apple iPhone Trojan was found
Spam
Internet-enabled phones like the iPhone are vulnerable to
phishing attacks
SMS text message spam is limited in the West, but..
353.8 Billion ‘spam’ messages sent via SMS in China - 600 a
year for every mobile phone owner
438,668 complaints in one month alone
15
What About Linux?
70% of attacks on Linux honeypot,
infected with a 6 year old virus
Linux servers used as command
and control for botnets
Analysis shows RST-B is a global
problem, with thousands of
compromised servers
16
SophosLabs global network of expertsSophosLabs™ Knows Threats Better Than Anyone
17
Summary
Malware growth continuesProactive detection is critical
Financial motivation for most threats including spamSpam still makes money!
Web represents biggest threatTo users, and your corporate reputation
Don’t forget other platformsMac increasingly targeted
Linux could be your ‘typhoid Mary’
18
Staying ahead of the curve
Get the latest breaking news about new malware, spam,
security threats, and arrests straight to your desktop at
www.sophos.com/feeds
Get daily updates from SophosLabs Blog, which provides
insight into the most interesting and widespread threats
www.sophos.com/blog
19
Thank you
Call Worldwide:
+ 44 1235 55 9933
Sales@sophos.com
top related