Home >Documents >Symantec infographics

Symantec infographics

Date post:31-Jul-2016
Category:
View:222 times
Download:3 times
Share this document with a friend
Description:
 
Transcript:
  • Attackers TargetBoth Large andSmall BusinessesLike thrown paint on a blank canvas, attacks against businessesboth large and smallare indiscriminate.If there is profit to be made, attackers strike at will.

    Spear-Phishing Attacksby Size of Targeted Organization

    The last five years have shown asteady increase in attacks targetingbusinesses with less than 250 employees.

    Medium-Size Businesses 251 to 2,500Large Enterprises 2,500+

    Small Businesses (SMBs) 1 to 250

    Number of Employees

    0

    100%

    2011 2012 2013

    2015

    2014 2015

    20142013

    50%

    32%

    18%

    50%

    19%

    31%

    39%

    31%

    30%

    41%

    25%

    34%

    35%

    22%

    43%

    Risk Ratioas %

    2.2 2.1

    Risk Ratio of Spear-Phishing Attacksby Organization Size

    1 in 2.7 1 in 6.8 1 in 40.5Risk Ratio

    Attacksper Org

    15% 3%

    20153.6

    38%1,305+55%

    841

    Cyber attackers are playing the long game against large companies, but all businesses of all sizes are vulnerable to targeted attacks. In fact, spear-phishing campaigns targeting employees increased 55% in 2015.

    779+91% +8%

    50%

    32%

    18%

    50%

    19%

    31%

    39%

    31%

    30%

    41%

    25%

    34%

    35%

    22%

    43%

  • 555-283-4972

    [email protected]

    [email protected] Doe

    Get a verification code on my phone: ****555

    Receive via:

    Account Help

    a text message (SMS)

    an automated phone call

    Continue

    1An attacker obtains a victims email address and phone numberboth of which are usually publicly available.

    2The attacker poses as the victim and requests a password reset from Google.

    Google sends the code to the victim.

    3The attacker then texts the victim with a message similar to:

    4

    The attacker resets the passwordand once he has what he wants or has set up forwarding informs the victim (posing as Google) of the new temporary password, leaving the victim none the wiser.

    6

    Google has detected unusual activity on your account. Please respond with the code sent to your mobile device to stop unauthorized activity.

    5

    The victim therefore expects the password-reset verification code that Google sends out and passes it on to the attacker.

    483829

    new password

    483829

    How the Gmail Scam Works

  • Peek into the Future:The Risk of ThingsInternet-connected things

    Numbers in billions(p red i c ted )

    2014 2015 2016 2020

    1

    2

    3

    4

    5

    6

    7

    8

    9

    10

    11

    12

    13

    14

    15

    16

    17

    18

    19

    20

    1 20.8 billion

    The insecurity of things

    1 6.4 billion

    1 3.9 billion

    1 4.9 billion

    1 Source: gartner.com/newsroom/id/3165317

    1 Today in the USA, there are

    25 connecteddevices per

    100 inhabitants

    Cars. Fiat Chrysler recalled 1.4 million vehicles after researchers demonstrated a proof-of-concept attack where they managed to take control of the vehicle remotely. In the UK, thieves hacked keyless entry systems to steal cars.

    Smart TVs. Hundreds of millions of Internet-connected TVs are potentially vulnerable to click fraud, botnets, data theft and even ransomware, according to Symantec research.

    Medical devices. Researchers have found potentially deadly vulnerabilities in dozens of devices such as insulin pumps and implantable defibrillators.

  • These numbers are likely higher, as many companies are choosing not to reveal the full extent of their data breaches.

    Total ReportedIdentities Exposed

    +85%

    2014

    2015

    61113

    Million*500

    *estimated

    2013

    2014

    2015 429 +23%-37%348

    552

    numbers in millions

    REPORTED IDENTITIES EXPOSED

    78 millionpatient recordswere exposed

    at Anthem

    22 millionpersonal records were exposed at

    Office of PersonnelManagement

    UNREPORTED IDENTITIES EXPOSED

    Despite companies choicenot to report the truenumber of records exposed,hundreds of millions more peoplemay have been compromised.

    ?

    IdentitiesExposed4

    120 Incidentsof informationexposed were

    medical records

    36% 39%The largest number of breaches took place within the Health Services sub-sector, which actually comprised 39 percentof all breaches in the year.This comes as no surprise, given the strict rules within the healthcare industry regarding reporting of databreaches. Million

    Most of an iceberg is submerged underwater, hiding a great ice mass. The number of reported identities exposed in data breaches are justthe tip of the iceberg. What remains hidden?

    Over Half a Billion Personal Information Records Stolen or Lost in 2015 and more companies than ever not reportingthe full extent of their data breaches

    Given the facts, it is possible that

    identities wereexposed

    2015 Stats

    Incidentsthat did notreport identitiesexposed in 2015

  • Hacker discoversvulnerability

    Exploit createdto leverage

    vulnerability

    Attack islaunched

    Public and vendorbecome aware

    Vendor builds patch

    Window of Opportunity

    Patch isdistributed

    Zero-D

    ay Timelin

    e

    from d

    iscovery

    to patch

    1

    2

    4

    5

    6

    3

    2symantec.com/connect/blogs/third-adobe-flash-zero-day-exploit-cve-2015-5123-leaked-hacking-team-cache

    1 on average, based on 54 vulnerabilities

    2015 Zero-Day Not-So-Fun Facts

    023 24

    2013 2014

    542015

    *(+4%)*(+125%)

    17%attackedAdobeFlash

    zero-days found in 2015

    of exploited zero-days 4 out of 5

    10

    Web Browsers,Mozilla Firefox and Google Chrome

    No Longer Supports

    The End Is Nigh

    for Adobe Flash

    DAYIT admininstalls patch7

    new vulnerabilitiesused to exploit

    open sourcesoftware

    11

    known vulnerabilitiestargeting a varietyof manufacturers

    and devices

    72400GB

    of sensitiveinformation stolen bythe Hacking Team

    Total Zero-DayVulnerabilities

    7 Days Total Time of Exposure1 Day Average Time to Patchin 2015

    *% change as comparedto previous year

    A New Zero-DayVulnerability Discovered1Every Week in 2015

    Advanced attack groups continue to profit from previously undiscovered flaws in browsers and website plugins.In 2015, 54 zero-day vulnerabilities were discovered.

  • The breach is believed to be the work of a well-resourced cyberespionage group, which Symantec calls Black Vine. They appear to have access to a wide variety of resources to let it conduct multiple, simultaneous attacks over a sustained period of time. They used:

    attacker-owned infrastructurezero-day exploitscustom-developed malware

    Three variants are named:

    detected as Trojan.Sakurel Backdoor.Mivast

    1) Hurix, 2) Sakurel, and 3) Mivast

    Open a pipe back door

    All variants have the following capabilities:

    Execute files& commands

    Delete, modify, andcreate registry keys

    Gather and transmitinformation about theinfected computer

    Facts about theAttack on Anthem On January 26, 2015

    78 Millionpatient records were exposed.

    Top 10 Sub-Sectors Breached by Number of Incidents

    Healthcare

    Business

    Education

    Insurance

    Hotels

    120

    20

    20

    17

    14

    10

    99

    86

    Wholesale Trade

    Eating and Drinking Places

    Executive, Legislative, & General

    Depository Institutions

    Social Services

    IG_Attackers_Strike_Large_Business.pdf (p.1)IG_How_Gmail_Scam_Work.pdf (p.2)IG_IoT.pdf (p.3)IG_Reporting_Breaches_or_Not.pdf (p.4)IG_ZERO-DAY.pdf (p.5)IG_Anthem_Breach.pdf (p.6)

Click here to load reader

Embed Size (px)
Recommended