©2015 Check Point Software Technologies Ltd. 1
Отчет по
информационной
безопасности 2015
©2015 Check Point Software Technologies Ltd. 2
©2015 Check Point Software Technologies Ltd. 3[Restricted] ONLY for designated groups and individuals
2015 Security Report Sources:
16,000+ Organizations
Over 300,000 monitoring
hours1,300 Security Checkup Reports
1 Million Smartphones
3,000 Security Gateways122 Countries and Various
Industries
©2015 Check Point Software Technologies Ltd. 4
c
MALWARE IS EVOLVING
EVOLVINGAND SO ARE THE TYPES OF THREATS
©2015 Check Point Software Technologies Ltd. 5
2014A YEAR OF…
UNPRECEDENTED BREACHES
EXPLODING RATES OF NEW MALWARE
DDoS ATTACKS DOUBLING IN VOLUME
©2015 Check Point Software Technologies Ltd. 6
2014KEY FINDINGS
UNKNOWN MALWARE
KNOWN MALWARE
MOBILITY
HIGH-RISK APPLICATIONS
DATA LOSS
©2015 Check Point Software Technologies Ltd. 7[Restricted] ONLY for designated groups and individuals
2014
2013
2012
2011
2010
2009
142M
83M
34M
18.5M
18M
12M
142MNew Malware in 2014 and a
71% increase versus 2013
2015 Security Report Statistics
©2015 Check Point Software Technologies Ltd. 8[Restricted] ONLY for designated groups and individuals
Malware Downloads
63%of organizations
34Unknown malware
is downloaded
sec
6Known malware is
downloaded
min
©2015 Check Point Software Technologies Ltd. 9[Restricted] ONLY for designated groups and individuals
Unknown Known
©2015 Check Point Software Technologies Ltd. 10[Restricted] ONLY for designated groups and individuals
41%of organizations downloaded
at least one unknown malware
34 secunknown malware
is downloaded
Unknown Malware
©2015 Check Point Software Technologies Ltd. 11[Restricted] ONLY for designated groups and individuals
Bots
1Command and
Control
min
Infected organizations
201373%
201483%
Known Malware
©2015 Check Point Software Technologies Ltd. 12[Restricted] ONLY for designated groups and individuals
DDoS
Known Malware
2014 2013
TOP ATTACK VECTORS
30 DDoS attackmin
©2015 Check Point Software Technologies Ltd. 13[Restricted] ONLY for designated groups and individuals
Known Malware: Top IPS Events
Percent of Total
60%
40%
CLIENT
SERVER
NO ONE TO BLAME BUT OURSELVES
©2015 Check Point Software Technologies Ltd. 14[Restricted] ONLY for designated groups and individuals
Known Malware: EndpointVulnerabilities and Misconfigurations
©2015 Check Point Software Technologies Ltd. 15[Restricted] ONLY for designated groups and individuals
Mobility: Corporate Data at Risk
©2015 Check Point Software Technologies Ltd. 16[Restricted] ONLY for designated groups and individuals
Mobile Threat Research
60%
40%
ANDROID
iOS
SURVEY: 500K+ Android and
400K iOS devices in 100+ countries
42%Suffered mobile security incidents
costing more than $250,000
©2015 Check Point Software Technologies Ltd. 17[Restricted] ONLY for designated groups and individuals
Mobile Threat Research
20+ Malware variants
18 MRAT families found
©2015 Check Point Software Technologies Ltd. 18[Restricted] ONLY for designated groups and individuals
201375%
201477%
P2P File Sharing Applications
©2015 Check Point Software Technologies Ltd. 19[Restricted] ONLY for designated groups and individuals
305x per day,
Once every
5 mins
High-risk
Applications used
201356%
201462%
Anonymizer Proxy Applications
©2015 Check Point Software Technologies Ltd. 20[Restricted] ONLY for designated groups and individuals
Data Loss
36sensitive data sent
min
201388%
201481%
©2015 Check Point Software Technologies Ltd. 21[Restricted] ONLY for designated groups and individuals
sent credit card
data
30%sent sensitive
personal information
25%
Data Sent Outside Organization byEmployees
% of Organizations
©2015 Check Point Software Technologies Ltd. 22[Restricted] ONLY for designated groups and individuals
EVERY 24 SECONDSa host accesses
a malicious website
EVERY 34 SECONDSan unknown malware
is downloaded
EVERY 1 MINUTEa bot communicates with its
command and control center
EVERY 5 MINUTESa high risk
application is used
EVERY 6 MINUTESa known malware
is downloaded
EVERY 36 MINUTESsensitive data is sent
outside the organization
AN AVERAGE DAY
©2015 Check Point Software Technologies Ltd. 23[Restricted] ONLY for designated groups and individuals
SummarySecurity Statistics in 2014
• New malware increased 71%
• 106 downloads of unknown malware occurred per hour
• 86% of organizations accessed a malicious site
• 83% of organizations had existing bot infections
©2015 Check Point Software Technologies Ltd. 24[Restricted] ONLY for designated groups and individuals
SummarySecurity Statistics in 2014
• 42% of businesses suffered mobile security incidents costing more than $250,000 to remediate
• 96% of organizations used at least one high-risk application
• 81% of organizations suffered a data loss incident
• Loss of proprietary information increased 71% over the past three years
©2015 Check Point Software Technologies Ltd.
WHAT DO WE DO ABOUT IT?
©2015 Check Point Software Technologies Ltd. 33
Check Points Closes the Gaps
Catches known or old malwareOf known malware, 71 in 1000 are not caught
IPS, ANTIVIRUS & ANTI-BOT
Detects new and unknown malwareWith both OS and CPU level prevention
OS- AND CPU-LEVEL ZERO-DAY PROTECTION
Complete threat removalReconstruct malware-free documents
THREAT EXTRACTION
©2015 Check Point Software Technologies Ltd. 34
• Segments reduce the size of the challenge
• Limit the scope of a breach
Segmentation
©2015 Check Point Software Technologies Ltd. 35
Weaponized PDFThreat Emulation (CPU and
OS level) / Threat Extraction
Command and Control Anti - Bot
Malware infestation IPS and Anti-Malware
Multi-Layered Threat Prevention
©2015 Check Point Software Technologies Ltd. 36
High-Risk ApplicationsApplication Control /
Mobile Threat Prevention
Malicious WebsitesURL Filtering / Mobile
Threat Prevention
Data LossDLP and Data/
Document Security
Access Control & Data Protection
©2015 Check Point Software Technologies Ltd. 37
Integrated, real-time event
management
Unified policies across all
protections
Change automation and
orchestration
Management and Visibility
©2015 Check Point Software Technologies Ltd. 38
Management Layer
Integrates security with
Business process
Control Layer
Delivers real-time protections
To the enforcement points
Enforcement Layer
Inspects traffic and enforces
Protection in well-defined segments
Software-Defined Protection
©2015 Check Point Software Technologies Ltd. 39
ADVANCED
THREATS
WILL CONTINUE
The CYBER WAR IS RAGING ON
CHECK POINT
SECURITYWILL PROTECT YOU
©2015 Check Point Software Technologies Ltd. 40
TOGETHER
WE
SECURE
THE
FUTURE
©2015 Check Point Software Technologies Ltd. 41
WE SECURETHE FUTURE
Download the
2015 Security Report at:
www.checkpoint.com
©2015 Check Point Software Technologies Ltd. 42
Виклов АнатолийИнженер по безопасности
Email: [email protected]
Спасибо за внимание!Более подробную информацию
можно получить: