2009 Kl Cybercrime Kaspersky

Cybercrime & solutions for

Home users and Small

Businesses

Copyright by Kaspersky Lab

BusinessesEddy Willems

Security EvangelistEICAR Director Information & Press

[email protected]

Agenda

� About Kaspersky Lab

� History

� Cyber Crime ...


� Cyber Crime ...

� Future

About Kaspersky Lab

� International leader in internet security, visionary part

Gartner quadrant

� Advanced antivirus, antispyware, antispam and firewall

� More than 250 million protected users worldwide

� 10 R&D and virus labs worldwide


� 10 R&D and virus labs worldwide

� Over 1400 employees, 450 developers & engineers

� Local sales, marketing and technical support

� Local virus detection by Benelux virus lab

� Fast reaction time and automatic hourly updates

Leading IT security players worldwide


Have Chosen Kaspersky Lab TechnologyHave Chosen Kaspersky Lab Technology

Antivirus experts and virus analysts

� AVIEN (Anti-Virus Information

Exchange Network)

� CARO (Computer Antivirus

Research Organization)

� ICSA (International Computer

The Kaspersky Virus Lab The Kaspersky Virus Lab -- sharing knowledge through malware researchsharing knowledge through malware research

� Industry-leading knowledge resource – http://www.viruslist.com

� Our team of virus analysts is active in


� ICSA (International Computer

Security Association)

� AVAR (Association of Antivirus

Asia Researchers)

� IMPACT (international partnership

dedicated to combating terrorist

activities in the area of information

technology)

� EICAR (European Institute for

Computer AntiVirus Research)

TIME


TIME

Some History: The old days !


SPAM

Some years ago ...

Virus


SPAM

Worm

Trojan

SPAM

Today’s Threats …

Virus

Spyware

AdwareBot R

emo

te

Co

ntro

l Ag

ent

Root-kitsPhishing


Trojan

Worm

Bot

Zombie

Pharming

Keystroke

logger

Rem

ote-

Co

ntro

l Ag

ent

Screen

grabberPassword

grabber

Premium-

Rate Dialer

What are the real threats ?

VirusesWorms Spyware

PeerToPeer

attacks

Data Theft


Bad StuffAdware

Exploits

User Phishing

Spam

attacks

DoS

Identity Theft

DDoS Mailers

External

HackerInternal

Hacker

Vulnerabilities

The end of global epidemics

10

15

20

25Epidemics


Source: Kaspersky Lab

0

5

10

Quarters

Epidemics

2002 2003 2004 2005 2006 2007

Increasing Numbers

1.000.000

1.200.000

1.400.000

1.600.000KL records


0

200.000

400.000

600.000

800.000

1.000.000


98 99 00 01 02 03 04 05 06 07 08

� Types of malware in daily updates

Cyber crime

300

400

500 Cyber vandalism

Petty fraud

Cyber crime



0

100

200

300

1998 1999 2000 2001 2002 2003 2004 2005 2006 2007

The Ecosystem

VictimsE-Criminals


Police ITTP Industry

The Rogues’ Gallery – The Script Kiddies


Jeffrey Lee Parson Jeffrey Lee Parson ––1818 –– (USA)(USA)Arrested August Arrested August 2929,, 2003 2003

for the Lovesanfor the Lovesan..b virusb virus

Sven Jaschan Sven Jaschan –– 18 18 ––(Germany)(Germany)Arrested May Arrested May 77,, 2004 2004 for for

NetSkyNetSky andand Sasser virusesSasser viruses

Chen IngChen Ing--Hau Hau –– 24 24 (Taiwan)(Taiwan)Arrested September Arrested September 2121,,

2000 2000 for the CIH virusfor the CIH virus

The Rogues’ Gallery – Binary Thieves


Jeanson James Jeanson James Ancheta Ancheta –– 2020 (USA)(USA)Arrested November Arrested November 33,, 2005 2005

for creating zombie for creating zombie

networksnetworks and leasing them and leasing them

for spam mailing and DDoS for spam mailing and DDoS

attacks on websitesattacks on websites

Farid Essebar Farid Essebar --18 (Morocco), Atilla Ekici 18 (Morocco), Atilla Ekici –– 21 21 (Turkey)(Turkey)Arrested on August Arrested on August 2626,, 2005 2005 for creating zombie for creating zombie

networksnetworks using Mytob andusing Mytob and Zotob Zotob ((BozoriBozori)) wormsworms

Today we are fighting these!


� Jeremy Jaynes

Millionaire,

and a spammer

� Jay Echouafni

CEO,

and a DDoS attacker

� Andrew Schwarmkoff

Member of Russian

mob, and a phisher

One of the big problems: Botnets


One of the big problems: Botnets

What is a botnet ? part 1






What can you see ?


Using botnet

� DDoS for fun and glory

� Sending spam, making spamlists

� Phishing

� Stealing private data


� Stealing private data

� Ransoming

� Botnet renting

New territories: Social Networking

�Blogs, forums

�Wiki

�MySpace, YouTube

�Other online communities:


Who’s on Facebook?

�� ProfitabilityProfitability

�� Easy to doEasy to do

((technically and morallytechnically and morally))

CyberCrime is Big Business


�� Low risk businessLow risk business

�� New services that are New services that are

profitable to attackprofitable to attack

Today’s Networks Lack Clear, Crisp Boundaries

� Internal/External network

� Individual Users connect from

multiple locations

� Managed/Unmanaged devicesCCCCoooonnnnttttrrrraaaacccc

TelecommTelecommTelecommTelecomm

utersutersutersuters


Internet

� Managed/Unmanaged devices

� Individual devices operate both

inside the network, and on public

networks

� New Devices on the Network

eg. SmartPhones, etc ….

CCCCoooonnnnttttrrrraaaacccc

Mobile Mobile Mobile Mobile

UsersUsersUsersUsers

Network

WirelessWirelessWirelessWireless

UsersUsersUsersUsers

Top 10: Safe Internet Security Tips

� 1. Make backups

� 2. Update software regularly and check this

� 3. Use upgraded anti-virus/spyware software and update regularly and

check this

� 4. Use a personal desktop firewall


� 5. Use difficult passwords

� 6. Be very carefull with unknown files or programs

� 7. Surf sure and browse logically

� 8. Thnik twice when leaving personal data somewhere

� 9. do not react on SPAM

� 10. Use common sense

What do we really need ?

VirusesWorms Spyware

PeerToPeer

attacks

Data Theft


Bad StuffAdware

Exploits

User Phishing

Spam

attacks

DoS

Identity Theft

DDoS Mailers

External

HackerInternal

Hacker

Vulnerabilities

Thank you


KOSS


KOSS

Kaspersky Open Space Security


A perfect combination of ….� Legendary good detection with very quick reaction time� New improved scanning engine with rootkit cleaning

� Improved Heuristic scanner

(emulation+sandbox)

So what do we have?


(emulation+sandbox)

� Behaviour blocker + HIPS

(proactive detection)

� An easy firewall

� Anti-Spam� Vulnerability Scanner

� Web control and Device control

� Within one easy package !!!

Don’t forget


KMS

Kaspersky Anti-Virus Mobile

� On-access monitor intercepts all data channels

� On-demand monitor for manual scan

� SMS spam filtering and other value-add features

� Firewall

� Anti-theft: SMS Block, SMS Clean, SIM Watch : Unique feature


� Anti-theft: SMS Block, SMS Clean, SIM Watch : Unique feature

� Digitally signed updates via WAP, HTTP or from PC folder

� Minimal amount of system resources used

� Flexible customization options for OEMs, mobile operators, device vendors and content providers

� Supports all popular devices, including SonyEricsson, NOKIA, Siemens, Samsung, Panasonic, Sendo and other vendors

� Available for Symbian, Windows Mobile

A different view ...


KHSS

KasperskyKaspersky

Hosted Mail Hosted Mail

SecuritySecurity

KasperskyKaspersky

Hosted Web Hosted Web

Security Security

KasperskyKaspersky

Hosted IM Hosted IM

Security Security

Cascaded Virus Cascaded Virus protectionprotection

Comprehensive Spam Comprehensive Spam protectionprotection

What do we offer?

Virus Virus protectionprotection

Content Content ControlControl

URLURL--FilterFilter

Virus Virus protectionprotection

SPIM SPIM protectionprotection



protectionprotection


InboundInbound andand OutboundOutbound

ScalableScalable

ReportingReporting

ScalableScalable

ReportingReporting

ScalableScalable

ReportingReporting

Consumer v2009


KAV & KIS

New Technologies in v2009KAV / KIS v2009 (8.0) : AV signatures + PDM + Emulator +

Improved Heuristics

- Behaviour control {Security Rating, WhiteListing, Rules

engine} => Improved HIPS

- Vulnerability Checker

- Virtual Keyboard

- In-the Cloud protection: Kaspersky Security Network


- In-the Cloud protection: Kaspersky Security Network

- Online Check + Rescue Disk Image

- Improved Anti-Rootkit

- Improved Firewall

- Improved Parental Control

- Easier Wizards

� First Hybrid Technology Product in the world

Automatic Classification of Applications


Avantages : Each

application is

automatically

categorized based on

criteria managed by KIS

2009

Much less user

interaction needed while

less false postives


Thank you !

Questions ?


Eddy Willems

[email protected]

Date post:	14-May-2015
Category:	Technology
Upload:	ictloketbe
View:	1,099 times
Download:	1 times