Information Security Awareness

Information SecurityAccess management Internet / Email Security Mobile Device Security

A G E N D A

1

2

3

4

Username and password theft results in $800,000 loss in two days

Cyber criminals used a compromised PC to rob more than $800,000 from Hillary Machinery, according to the Dallas Morning News. From the username and password, criminals accessed the corporateaccount at Plains Capital Bank in Plano, Texas. The bank had a twofactor authentication process using hard-coded IP addresses. Cyber criminals spoofed the IP address on the desktop, defeating the security measures and transferring $800,000 over a two-day period.

Threats to Internet / Email Security

25,000

50,000

75,000

100,000

125,000

150,000

World-Wide Attack Trends

1996 1997 1998 1999 2000 2001 2002 20030

Infe

ction

Att

empt

s

*Analysis by Symantec Security Response using data from Symantec, IDC & ICSA; 2003 estimated **Source: CERT

100M

200M

300M

400M

500M

600M

700M

800M

900M

Net

wor

k In

trus

ion

Attem

pts

0

Blended Threats(CodeRed, Nimda, Slammer)

Denial of Service(Yahoo!, eBay)

Mass Mailer Viruses(Love Letter/Melissa)

Zombies

Polymorphic Viruses(Tequila)

Malicious CodeInfectionAttempts*

NetworkIntrusionAttempts**

Spam Continues to Grow and Evolve

The Bullet is Fired

At its peak, 1 out of every 12 emails was infected with MyDoom!

Code Red doubled its infection rate every37 minutes. Slammer doubled every 8.5 seconds, and infected 90%

of unprotected servers in 10 minutes!

Exploits now appearing just 5 days after the vulnerability is publicly disclosed!

Growth and Impact of Email Fraud

Cost Description Source

$60 Billion

Cost of Identity Theft in last 5 years in US FTC

600 hours

Individual time spent recovering from Identity Theft

Identity Theft Resource

Center

3.4% US Population fallen victim to Identity Theft

In Canada, 13,000 cases of Identify Theft reported

Gartner

Computer World Canada

3% Estimated number of people reporting fraud to FTC

FTC

3.5 million

Number of FDIC fraud messages caught by Brightmail in one week in January 2004

Symantec

.

Social engineering attacks are on the rise and large companies are incurring huge losses due to them, a new report has revealed.

According to a report commissioned by Check Point Software Technologies, 48 percent of large companies have been targeted with more than 25 successful social engineering attacks in the past two years.

The report, which surveyed 850 IT and security professionals with companies in North America, Europe, Australia, and New Zealand, also revealed that for each social engineering attack, companies incurred losses between $25,000 and $100,000

48% of Companies Faced Social Engineering Attacks Claims Survey

Mobile Hacking Nearly Doubled In 2011

The figures come from data collected by Symantec, which reported blocking more than 5.5 billion malicious attacks in 2011, up 81% increase from 2010, while the number of Web attacks blocked per day increased by 36% percent.

In addition, the number of unique malware variants Symantec tracked increased to 403 million.

The study also noted that approximately 1.1 million identities were stolen per data breach on average in 2011, a dramatic increase over the amount seen in any other year.