Attackers TargetBoth Large andSmall BusinessesLike thrown paint on a blank canvas, attacks against businessesboth large and smallare indiscriminate.If there is profit to be made, attackers strike at will.
Spear-Phishing Attacksby Size of Targeted Organization
The last five years have shown asteady increase in attacks targetingbusinesses with less than 250 employees.
Medium-Size Businesses 251 to 2,500Large Enterprises 2,500+
Small Businesses (SMBs) 1 to 250
Number of Employees
2011 2012 2013
Risk Ratioas %
Risk Ratio of Spear-Phishing Attacksby Organization Size
1 in 2.7 1 in 6.8 1 in 40.5Risk Ratio
Cyber attackers are playing the long game against large companies, but all businesses of all sizes are vulnerable to targeted attacks. In fact, spear-phishing campaigns targeting employees increased 55% in 2015.
Get a verification code on my phone: ****555
a text message (SMS)
an automated phone call
1An attacker obtains a victims email address and phone numberboth of which are usually publicly available.
2The attacker poses as the victim and requests a password reset from Google.
Google sends the code to the victim.
3The attacker then texts the victim with a message similar to:
The attacker resets the passwordand once he has what he wants or has set up forwarding informs the victim (posing as Google) of the new temporary password, leaving the victim none the wiser.
Google has detected unusual activity on your account. Please respond with the code sent to your mobile device to stop unauthorized activity.
The victim therefore expects the password-reset verification code that Google sends out and passes it on to the attacker.
How the Gmail Scam Works
Peek into the Future:The Risk of ThingsInternet-connected things
Numbers in billions(p red i c ted )
2014 2015 2016 2020
1 20.8 billion
The insecurity of things
1 6.4 billion
1 3.9 billion
1 4.9 billion
1 Source: gartner.com/newsroom/id/3165317
1 Today in the USA, there are
25 connecteddevices per
Cars. Fiat Chrysler recalled 1.4 million vehicles after researchers demonstrated a proof-of-concept attack where they managed to take control of the vehicle remotely. In the UK, thieves hacked keyless entry systems to steal cars.
Smart TVs. Hundreds of millions of Internet-connected TVs are potentially vulnerable to click fraud, botnets, data theft and even ransomware, according to Symantec research.
Medical devices. Researchers have found potentially deadly vulnerabilities in dozens of devices such as insulin pumps and implantable defibrillators.
These numbers are likely higher, as many companies are choosing not to reveal the full extent of their data breaches.
Total ReportedIdentities Exposed
2015 429 +23%-37%348
numbers in millions
REPORTED IDENTITIES EXPOSED
78 millionpatient recordswere exposed
22 millionpersonal records were exposed at
Office of PersonnelManagement
UNREPORTED IDENTITIES EXPOSED
Despite companies choicenot to report the truenumber of records exposed,hundreds of millions more peoplemay have been compromised.
120 Incidentsof informationexposed were
36% 39%The largest number of breaches took place within the Health Services sub-sector, which actually comprised 39 percentof all breaches in the year.This comes as no surprise, given the strict rules within the healthcare industry regarding reporting of databreaches. Million
Most of an iceberg is submerged underwater, hiding a great ice mass. The number of reported identities exposed in data breaches are justthe tip of the iceberg. What remains hidden?
Over Half a Billion Personal Information Records Stolen or Lost in 2015 and more companies than ever not reportingthe full extent of their data breaches
Given the facts, it is possible that
Incidentsthat did notreport identitiesexposed in 2015
Exploit createdto leverage
Public and vendorbecome aware
Vendor builds patch
Window of Opportunity
1 on average, based on 54 vulnerabilities
2015 Zero-Day Not-So-Fun Facts
zero-days found in 2015
of exploited zero-days 4 out of 5
Web Browsers,Mozilla Firefox and Google Chrome
No Longer Supports
The End Is Nigh
for Adobe Flash
DAYIT admininstalls patch7
new vulnerabilitiesused to exploit
known vulnerabilitiestargeting a varietyof manufacturers
of sensitiveinformation stolen bythe Hacking Team
7 Days Total Time of Exposure1 Day Average Time to Patchin 2015
*% change as comparedto previous year
A New Zero-DayVulnerability Discovered1Every Week in 2015
Advanced attack groups continue to profit from previously undiscovered flaws in browsers and website plugins.In 2015, 54 zero-day vulnerabilities were discovered.
The breach is believed to be the work of a well-resourced cyberespionage group, which Symantec calls Black Vine. They appear to have access to a wide variety of resources to let it conduct multiple, simultaneous attacks over a sustained period of time. They used:
attacker-owned infrastructurezero-day exploitscustom-developed malware
Three variants are named:
detected as Trojan.Sakurel Backdoor.Mivast
1) Hurix, 2) Sakurel, and 3) Mivast
Open a pipe back door
All variants have the following capabilities:
Execute files& commands
Delete, modify, andcreate registry keys
Gather and transmitinformation about theinfected computer
Facts about theAttack on Anthem On January 26, 2015
78 Millionpatient records were exposed.
Top 10 Sub-Sectors Breached by Number of Incidents
Eating and Drinking Places
Executive, Legislative, & General
IG_Attackers_Strike_Large_Business.pdf (p.1)IG_How_Gmail_Scam_Work.pdf (p.2)IG_IoT.pdf (p.3)IG_Reporting_Breaches_or_Not.pdf (p.4)IG_ZERO-DAY.pdf (p.5)IG_Anthem_Breach.pdf (p.6)