+ All Categories
Home > Internet > 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

2013-2014: Cyber-Espionage - Trends and Implications for Businesses

Date post: 18-Dec-2014
Category:

Internet
Upload: kaspersky-lab
View: 1,297 times
Download: 3 times
Download Report this document
Share this document with a friend
Description:
Kurt Baumgartner, Principal Security Researcher at Kaspersky Lab, presented analysis of the world of advanced persistent threats (APTs). He provided an overview of some of the recent cyberespionage campaigns – Red October, Icefog, Winnti, Careto/the Mask – and offered predictions for the future. While stating the trends of small cyber-mercenaries groups emerging and being available for hire to perform surgical hit and run operations, the decrease of cost of every new cyber-campaign, supply chain attacks, Kurt stressed the importance of understanding that no high profile entity or enterprise should feel totally safe nowadays. Find more into: www.kaspersky.com/business-security cybersecurity.kaspersky.com securelist.com Follow: @k_sec @KasperskyLabB2B #EnterpriseSec
20
2013-2014: CYBER-ESPIONAGA — TRENDS AND IMPLICATIONS FOR BUSINESS Kurt Baumgartner Principal Security Researcher, Global Research and Analysis Team (GReAT) @k_sec
Transcript
Page 1: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

2013-2014: CYBER-ESPIONAGA — TRENDS AND IMPLICATIONS FOR BUSINESS Kurt Baumgartner Principal Security Researcher, Global Research and Analysis Team (GReAT) @k_sec

Page 2: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

WE ARE HERE TO SAVE THE WORLD

ELITE THREAT RESEARCH GROUP

35+ MEMBERS IN 16 COUNTRIES

FOCUS: APTS, CRITICAL INFRASTRUCTURE THREATS, BANKING THREATS, SOPHISTICATED ATTACKS

ABOUT KASPERSKY GREAT

Page 3: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

STUXNET

DUQU

2011 2010 2012 2013 2014

FLAME

GAUSS

MINIFLAME

TEAMSPY MINIDUKE

REDOCTOBER

WINNTI NETRAVELER

ICEFOG KIMSUKI

THE MASK

HIGH PROFILE APT ATTACKS

EPIC TURLA

COSMICDUKE

CROUCHING YETI/ ENERGETIC BEAR

Page 4: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

MULTIYEAR, BROAD OPERATIONS, HIGH INVESTMENT

CROSSOVER OF COMMERCIAL, AND GEOPOLITICAL INTERESTS I.E. FINANCIAL CENTERS

iPHONE, ANDROID, BLACKBERRY, WINMOBILE, NOKIA, WINTEL, OSX, CISCO

RED OCTOBER APT

Page 5: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

RED OCTOBER APT

INTERESTS

GLOBAL FINANCIAL CENTERS ENERGY – OIL, GAS, NUCLEAR MANUFACTURING, AEROSPACE, MILITARY SUBCONTRACTORS

IMPLICATIONS

WHAT’S YOUR BYOD? NETWORK AWARENESS SPEARPHISHING TOLERANCE

INTERESTS AND IMPLICATIONS

Page 6: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

MULTIYEAR, FOCUSED OPERATIONS, MEDIUM INVESTMENT

GLOBAL GAMING INDUSTRY POPPED – FUN AND $$$

WINDOWS, LINUX, CUSTOM PLUGX VARIANTS, BROAD 2ND STAGE AND INCREDIBLE LATERAL MOVEMENT

WINNTI APT

Page 7: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

WINNTI APT

INTERESTS

MASSIVE GAMING ASSETS – CODE SIGNING DIGITAL CERTIFICATES MMORPG SOURCE CODE AND SERVER ACCESS MASSIVE SOFTWARE DEVELOPMENT AND OPERATIONS

IMPLICATIONS

ENDPOINT AND SERVER PROTECTION ASSET CLASSIFICATION, SEGMENTATION, TOLERANCE HEIGHTENED SCRUTINY FOR DEVELOPMENT ENVIRONMENTS

INTERESTS AND IMPLICATIONS

Page 8: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

MULTIYEAR, HIGHLY FOCUSED AND SUCCESSFUL, MED-HIGH INVESTMENT

WINDOWS, LINUX, OSX

0-DAY, 0-DAY, 0-DAY

CUSTOM PLUGX VARIANTS, SCRIPTS, DEVELOPMENT AGILITY

PLAYFUL DRAGON/ WHITECOMMENTS APT

Page 9: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

PLAYFUL DRAGON APT

INTERESTS

BIG SOFTWARE ASSETS – DIGITAL CERTIFICATES, BIG DATA CONTENT VARIOUS SOCIAL NETWORKS MASSIVE SOFTWARE DEVELOPMENT AND OPERATIONS

IMPLICATIONS

READINESS TO HANDLE ANY BREACH DATA ACCESS VISIBILITY AND STRICT PROTECTION

INTERESTS AND IMPLICATIONS

Page 10: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

MULTIYEAR, BROAD OPERATIONS, HIGH INVESTMENT

WINDOWS FOCUSED

WORLDWIDE COMMERCIAL AND TECHNOLOGY INTERESTS

NETTRAVELER APT

Page 11: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

NETTRAVELER APT

INTERESTS

HIGH TECH – NANOTECHNOLOGY, LASERS, EXTREME MANUFACTURING NUCLEAR POWER CELLS, AEROSPACE, RADIO WAVE WEAPONS SUSPECTED ACTIVISTS, MUCH MORE…

IMPLICATIONS

EXFILTRATION MONITORING SPEARPHISHING PROTECTION PATCH MANAGEMENT

INTERESTS AND IMPLICATIONS

Page 12: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

PROJECT DRIVEN, AGILE, PRECISE, SMALL CYBER-MERCENARY, LOW INVESTMENT

WINDOWS, OSX, UNCOMMON EXPLOITS - HANGUL, SEA DISTRIBUTED OPERATIONS

GLOBAL SUPPLY CHAIN

ICEFOG APT

Page 13: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

ICEFOG APT

INTERESTS

ENERGY – OIL, GAS HIGH TECH RESEARCH TELECOMS OPERATIONS AND CONTENT MEDIA

IMPLICATIONS

INCREASED REGULATIONS UNDERSTANDING YOUR VALUE AND RELEVANCE DEFENDING DIVERSE ENVIRONMENTS NEAR INTRACTABLE CONTRACTUAL AND LOGISTICAL ISSUES

INTERESTS AND IMPLICATIONS

Page 14: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

ONE OF THE MOST ADVANCED THREATS TO DATE, TECHNOLOGY AND OPERATIONS

LINUX, OSX, WINDOWS, (IPHONE AND ANDROID)

GOVERNMENT, ENERGY, ACTIVISTS, FINANCIAL

NATION STATE BACKED

CARETO – “THE MASK” ART

Page 15: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

CARETO - “THE MASK” APT

INTERESTS

PRIVATE EQUITY HIGH TECH RESEARCH ENERGY - OIL, GAS

IMPLICATIONS

COMMERCIAL GOVERNMENT TARGET EXTENSIVE CROSS-PLATFORM BOOTKIT AND ROOTKIT PROTECTION TAKING DOWN DEFENSES

INTERESTS AND IMPLICATIONS

Page 16: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

THE NEED FOR INTELLIGENCE SHARING

Page 17: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

INCIDENT ANALYSIS, GROUP CORRELATION

PRIVATE REPORTS

FOR INQUIRIES, PLEASE CONTACT INTELREPOR [email protected]

CUSTOM APT INVESTIGATIONS

Page 18: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

AVAILABLE FOR TOP APTS PRIVATE REPORTS

Page 19: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

COST OF ENTRY DECREASING, VOLUME AND PRECISION OF ATTACKS INCREASING

CRITICAL INFRASTRUCTURE, GLOBAL SUPPLY, MUCH COMMERCIAL CROSSOVER

LOW SENSITIVITY TO “COLLATERAL DAMAGE”

“WIPERS”, CYBER-SABOTAGE

APT TRENDS

Page 20: 2013-2014: Cyber-Espionage - Trends and Implications for Businesses

THANK YOU

WWW.KASPERSKY.COM

WWW.SECURELIST.COM

TWITTER @K_SEC


Recommended
Kaspersky Cyber Espionage Whitepaper

Kaspersky Cyber Espionage Whitepaper

Documents

Dissecting the Kraken - Seebug€¦ · cebit cellphone chat cloud cms cobra coding conference credit card cve cyber espionage cyber espionage; malware cyper espionage. targattacks

Dissecting the Kraken - Seebug€¦ · cebit cellphone chat cloud cms cobra coding conference credit card cve cyber espionage cyber espionage; malware cyper espionage. targattacks

Documents

The Evolution of Cyber Espionage - Jessica Bourquin

The Evolution of Cyber Espionage - Jessica Bourquin

Documents

Us Aers Cyber Espionage 07292011

Us Aers Cyber Espionage 07292011

Documents

The Red October Campaign - An Advanced Cyber Espionage … · 2016. 8. 26. · The "Red October" Campaign - An Advanced Cyber Espionage Network Targeting Diplomatic and Government

The Red October Campaign - An Advanced Cyber Espionage … · 2016. 8. 26. · The "Red October" Campaign - An Advanced Cyber Espionage Network Targeting Diplomatic and Government

Documents

Chinese Cyber Economic Espionage: Motivations and Responses

Chinese Cyber Economic Espionage: Motivations and Responses

Documents

The Cyber Espionage Blueprint by RSA Security

The Cyber Espionage Blueprint by RSA Security

Technology

Masquerading for Cyber Espionage and Fraudulent Transactions · Cyber Espionage Case Study: Iran’s Newscaster Cyber criminals, for financial and espionage purposes, are us-ing SNSs

Masquerading for Cyber Espionage and Fraudulent Transactions · Cyber Espionage Case Study: Iran’s Newscaster Cyber criminals, for financial and espionage purposes, are us-ing SNSs

Documents

Cyber espionage Against Georgia

Cyber espionage Against Georgia

Documents

Russian Cyber Espionage Campaign - SandwormTeam...SandwormCampaign - Attribution Russian Cyber Espionage Proprietary and Confidential Information. © Copyright 2014, iSIGHT Partners,

Russian Cyber Espionage Campaign - SandwormTeam...SandwormCampaign - Attribution Russian Cyber Espionage Proprietary and Confidential Information. © Copyright 2014, iSIGHT Partners,

Documents

Cyber espionage nation state-apt_attacks_on_the_rise

Cyber espionage nation state-apt_attacks_on_the_rise

Technology

COMMUNIST CHINESE CYBER–ATTACKS, CYBER–ESPIONAGE …

COMMUNIST CHINESE CYBER–ATTACKS, CYBER–ESPIONAGE …

Documents

Cyber Economic Espionage: Corporate Theft and the New ...

Cyber Economic Espionage: Corporate Theft and the New ...

Documents

New trends on cyber security - Cyber Espionage & Identity theft

New trends on cyber security - Cyber Espionage & Identity theft

Documents

Operation Iron Tiger: Exploring Chinese Cyber-Espionage Attacks ...

Operation Iron Tiger: Exploring Chinese Cyber-Espionage Attacks ...

Documents

The economic impact of cybercrime and cyber espionage

The economic impact of cybercrime and cyber espionage

Technology

Cyber espionage sabotaging government Long term Strategy

Cyber espionage sabotaging government Long term Strategy

Government & Nonprofit

Cyber espionage - Tinker, taylor, soldier, spy

Cyber espionage - Tinker, taylor, soldier, spy

Technology