Post on 30-May-2018
transcript
8/14/2019 Sophos Midyear Threat Report July08 p1of1
1/20
Mid Year Report : Malware, Spam and
Web Threats 2008
Mark HarrisDirector of SophosLabs
8/14/2019 Sophos Midyear Threat Report July08 p1of1
2/20
2
Agenda
Malware The size and shape of the problem
Spam China and beyond
Phishing Socializing
Web The threat to your reputation
Not just a Microsoft problem
Summary
8/14/2019 Sophos Midyear Threat Report July08 p1of1
3/20
3
Malware The Size and Shape
Up to 20,000 samples per day!
Automation and proactive detection is key
June 2008
158 updates
781 identities
60% were Trojans
10% Behavioral Genotype
8/14/2019 Sophos Midyear Threat Report July08 p1of1
4/20
4
Malware Return of the Virus
Complex viruses becoming more common
Infects files
Harder to remove
Continuously developed
Sality
First seen in 2003
Kuku = Hide and seekCurrently on version 5.04 (Exp)
8/14/2019 Sophos Midyear Threat Report July08 p1of1
5/20
5
Shift in Delivery
Only 1 in 2500 emails
have malware
attachments
Down from 1 in 332 in
same 2007 period
Shifted to links in email
Long tail of Old malware
PushDo new malware,
old technique
8/14/2019 Sophos Midyear Threat Report July08 p1of1
6/20
6
Spam China and Beyond
96.5% of email is spam
New spam web page every 20 seconds
Moving to Chinese domains
Harder to get information
Easier to register
Backscatter
Non-delivery reports of spam
Do you click on spam?1 in every 530 page
requests were to spam
URLs
8/14/2019 Sophos Midyear Threat Report July08 p1of1
7/20
7
Pump and Dump Done?
Volumes have dropped from 30+ % of all spam to less than 1%
Very few stock symbols being spamvertised
Market slowdown? SEC crackdown?
Moving to short selling
Amazon having troubles
8/14/2019 Sophos Midyear Threat Report July08 p1of1
8/20
8
Phishing - Socializing
Not just financial
Banks
Tax payers
Auction
Payment sites
Also Social
8/14/2019 Sophos Midyear Threat Report July08 p1of1
9/20
9
Social Targets
Social networking sites increasingly targeted
Spam
Scam
Adware
8/14/2019 Sophos Midyear Threat Report July08 p1of1
10/20
10
Spear Phishing
Very targeted activity
Use Facebook, LinkedIn, etc. to identify targets
University of Waterloo
Oak Ridge National LabUniversity of Minnesota
Can also be used to target malware
Subpoena CEO = Install keylogger
Remember Phishing
works on allplatforms!
8/14/2019 Sophos Midyear Threat Report July08 p1of1
11/20
11
Web The Threat to Your Reputation
16,173 new malicious web pages a day!
One every 5 seconds
1 in 2000 page requests were to malicious sites
Over 90% are hacked sites
Major brands affected
Euro 2008 soccer tournament
UK broadcaster ITV
Cambridge University Press
Lawn Tennis Association
Trend Micro
Sony PlayStation
8/14/2019 Sophos Midyear Threat Report July08 p1of1
12/20
12
SQL Injection Attacks
Mal/BadSrc 29% of infections in June 08
Simple attack method
Search for vulnerable servers
Target attack
Inserts iframe snippets into every page
Variety of payloads
Including scareware
8/14/2019 Sophos Midyear Threat Report July08 p1of1
13/20
13
Not Just a Microsoft Problem
Nearly 60% compromised web sites
running Apache
Growing market share of Mac makes
malware worthwhile
Poisoned ads scareware
Mac Trojans
8/14/2019 Sophos Midyear Threat Report July08 p1of1
14/20
14
What about Mobile?
Malware Very Low Threat
No single platform, but .
iPhone update was Trojanized
Spam
Txt message spam.
Limited in the West, but .
353.8 Billion spam messages in China438,668 complaints
Many are simply advertising 36%
Also fraudulent 39%
8/14/2019 Sophos Midyear Threat Report July08 p1of1
15/20
15
What About Linux?
Not Just Web Servers
70% of attacks on Linux honeypot,
infected with a 6 year old virus
Linux servers used as command and
control for botnets
Rst-B analysis shows global problem
Thousands of compromised servers
8/14/2019 Sophos Midyear Threat Report July08 p1of1
16/20
16
SophosLabs global network of expertsSophosLabs Knows Threats Better
Than Anyone
8/14/2019 Sophos Midyear Threat Report July08 p1of1
17/20
17
Sophos Security and Control Solutions
8/14/2019 Sophos Midyear Threat Report July08 p1of1
18/20
18
Summary
Malware growth continues
Proactive detection is critical
Financial motivation for most threats including spam
Spam still makes money!
Web represents biggest threat
To users, and your corporate reputation
Dont forget other platforms
Mac increasingly targeted
Linux could be your typhoid Mary
8/14/2019 Sophos Midyear Threat Report July08 p1of1
19/20
19
Staying ahead of the curve
Get the latest breaking news about new malware, spam,
security threats, and arrests straight to your desktop at
www.sophos.com/feeds
Get daily updates from SophosLabsTM Blog, which provides
insight into the most interesting and widespread threats
www.sophos.com/blog
8/14/2019 Sophos Midyear Threat Report July08 p1of1
20/20
20
Thank you
US and Canada:
1-866-866-2802
NASales@sophos.com
UK and Worldwide:
+ 44 1235 55 9933
Sales@sophos.com
mailto:NASales@sophos.commailto:Sales@sophos.commailto:Sales@sophos.commailto:NASales@sophos.com