2. Cateva stiri
2011-04
• SpyEye/mTAN: "Die Seriennummer des Zertifikats: 88689-1299F"
2011-03
• RSA –2011 Recruitment plan.xls
“Our investigation has led us to believe that the attack is in the category of an
Advanced Persistent Threat (APT). […]. Some of that information is specifically
related to RSA's SecurID two-factor authentication products”
2011-03
• Ministère de l’Economie et des Finances
“«Ceux qui ont agi sont des professionnels déterminés et organisés. C’est
la première attaque contre l’Etat français de cette ampleur et à cette
échelle»”
2011-02
• European Union Emissions Trading System
“cyber-attackers are successfully breaching electronic trading systems not
merely for the purpose of stealing funds, but to actively «spread panic
among markets and destabilize western financial institutions. »”
2
3. Numiti virusul!
1999
Efectul grafic din stanga
era afisat de catre virusul:
a) CodeRed
b) Melissa
c) Happy99
d) Cascade
4. Numiti virusul!
2003
Cum se numeste virusul de mai sus?
a) MyDoom b) MyTob
c) Rbot d) Blaster/Lovesan
5. Numiti virusul!
2010
Cum se numeste virusul de mai sus?
a) BumBoom b) Ayran
c) Robotz d) Stuxnet
PAGE 5 | | 08 April 2011
9. Sitting on a time bomb
Retelele de tip botnet reprezinta
adevarate mine de aur pentru furtul
de informatie
• Cantitatea de informatie expusa la
riscul de a deveni publica este
ingrijoratoare
Utilizatorul de rand nu realizeaza
posibilele consecinte ale folosirii unui
calculator infectat
• E infectat, dar imi fac treaba cu el!
• Malware-ul clasic poate fi convertit
oricand in scopuri de furt de
informatie
10. Cifre ingrijoratoare
Kaspersky Lab proceseaza mai mult de 70.000 de programe periculoase
(virusi, troieni, viermi, adware, etc) in fiecare zi
25,000,000
22,500,000
20,000,000
17,500,000 2006: Un virus nou in fiecare minut
15,000,000
12,500,000 2011: Un virus nou in fiecare secunda
10,000,000
7,500,000
5,000,000
2,500,000
0
2004 2005 2006 2007 2008 2009 2010
Sursa: Kaspersky Lab
11. Malware dedicat furtului de date
2009 vs. 2010 vs. 2011
120000 2009 vs. 2010
- 87% crestere in data stealing malware
100000 - 135% crestere in familia Trojan-Spy
80000 2010 a fost primul an in care am adaugat
mai mult de 100.000 de semnaturi
60000
pentru malware-ul dedicat furtului de date.
40000
20000
0
2006 2007 2008 2009 2010
Sursa: Kaspersky Lab Trojan-Banker Trojan-PSW Trojan-Spy
12. Malware
Number of signatures
Amenintarile la adresa smartphone-urilor sunt in crestere
Numarul total de semnaturi pentru mobile malware la 15 februarie 2011: 1990
Sursa: Kaspersky Lab
14. Back to basics
Protectia endpoint-ului devine vitala
Ce inseamna endpoint in ziua de azi:
• Desktop
• Laptop
Endpoint-urile din ce in ce mai
• Smartphone mobile aduc o noua provocare:
• Tablet protejarea perimetrelor deschise
• ?
Protectia endpoint-ului devine vitala:
• Retele securizate, cu politici stricte, dar cu utilizatori mobili
• Adoptia accelerata a smartphone-urilor, o noua problema pentru managerii IT
15. Kaspersky Open Space Security
Protecție complexă
Linia de produse Kaspersky Open Space Security a fost dezvoltată
pentru a proteja rețelele de tip corporate împotriva celor mai noi
tipuri de amenințări indiferent de dimensiune și complexitate.
| 08 April 2011
17. Kaspersky Work Space Security
Kaspersky Anti-Virus for Windows Workstations
Kaspersky Anti-Virus for Linux Workstation
Kaspersky Endpoint Security for Mac Nou!
Kaspersky Endpoint Security for Smartphone Nou!
Kaspersky Open Space Security Essentials | 08 April 2011
18. Kaspersky Business Space Security
Kaspersky Work Space Security components
Kaspersky Anti-Virus for Windows Servers
Kaspersky Anti-Virus for Linux File Server Nou!
Kaspersky Anti-Virus for Novell NetWare
Kaspersky Anti-Virus for Windows Servers EE Nou!
Kaspersky Open Space Security Essentials | 08 April 2011
19. Kaspersky Enterprise Space Security
Kaspersky Business Space Security components
Kaspersky Security 8.0 for Microsoft Exchange Servers Nou!
Kaspersky Security for Microsoft Exchange Server 2003
Kaspersky Anti-Virus for Linux Mail Server
Kaspersky Anti-Virus 8.0 for IBM Lotus Domino Nou!
Platforme
suportate
Microsoft Exchange Linux
Servers 2003/2007/2010 Lotus/Domino
Mail Server
Kaspersky Open Space Security Essentials | 08 April 2011
20. Total Space Security
Componente Kaspersky Enterprise Space Security
Kaspersky Anti-Virus for Microsoft ISA Server and Forefront
TMG Standard EditionNou!
Kaspersky Anti-Virus for Microsoft ISA Server
Kaspersky Anti-Virus for Proxy Server
Kaspersky Anti-Spam
Kaspersky Mail Gateway
Platforme Microsoft Proxy
suportate ISA / TMG Servers
Server
Kaspersky Open Space Security Essentials | 08 April 2011
21. Perspective
Securitatea este un process nu
un produs
Adoptarea de noi tehnologii este
urmata si de cresterea potentialului
de criminalitate informatica
Revizuiti-va riscurile de securitate in perimetrele deschise
Unde va sunt datele, si cum sunt ele accesate?
Exista riscuri si asupra afacerii dvs?
On August 29, 2003, Jeffrey Lee Parson, an 18-year-old from Hopkins, Minnesota was arrested for creating the B variant of the Blaster worm; he admitted responsibility and was sentenced to an 18-month prison term in January 2005.[2]
Transformareaunui calculator intr-unzombi cu ajutorulunuitroian
While highly customized malware is being used in sophisticated targeted attacks to gain access inside corporate or governmental networks, the potential dangers of classic malware infections are being massively overlooked by the security industry. Right now, cybercriminals are inadvertently sitting on a goldmine of information in the PCs they have already infected and added to their botnets.
But let’s move back down to Earth just a little bit and realize that for every major information leakage incident that’s making headlines out there right now there are thousands of average users’ computers getting infected and creating a much bigger risk.
InApril 2007, Kaspersky Lab launchedthesimilarlynamedfamilyofproducts – Kaspersky Open Space Security, whichmeettheaboverequirementsinpractice.Thefamilyincludesfourproducts. Dependingonthesizeandcomplexityofanetworkaswellasthecustomer'sneeds, thecustomershoulduseanyoftheproductsfromOpen Space.Theintroductorystageproduct – Kaspersky Work Space Securityonlyprotectsworkstationsandmobiledevicessuchasnotebooksandsmartphones.Ifacustomeralsorequirestheprotectionoffileservers, thenthecustomerneedsKaspersky Business Space Security.TheproductKaspersky Enterprise Space Security protectscorporateemailserversinadditiontoworkstationsandfileservers.WhileKaspersky Total Space Securitygenerallyprotectseverything, includingInternetgatewayssuchasMicrosoft ISA-Server, Linux Proxy Server orCheck-Point Firewall.
AsfortheantivirusprotectionofInternetgateways, Kaspersky Laboratoriesoffersthefollowingrangeofproducts:Kaspersky antivirusforvariousversionsofMicrosoft ISA server: ISA server 2000, 2004 and 2006 Standard andEnterprise Edition.antivirusforProxy server. AllpopulartypesofProxy serversaresupported, forinstance: Squid (with ICAP protocol), Blue Coat SG Appliance, NetApp/Blue Coat NetCache, Cisco ACNS Content Engine, appliedontheGNU/LinuxOSAllantivirusesforInternetgatewaysutilizeasimilarprinciple: Internetgatewayserver (software) receivestheincomingdatastream, thenittransfersthedatathroughitssoftwareinterfacetotheantiviruskernelforchecking. Thenthekerneltakestheobjectsfromthetrafficandchecksthem. Whennecessary, itgrabsthemaliciousobjectsandreturnstheprocessedandcleanedflowbacktotheInternetgateway.
AsfortheantivirusprotectionofInternetgateways, Kaspersky Laboratoriesoffersthefollowingrangeofproducts:Kaspersky antivirusforvariousversionsofMicrosoft ISA server: ISA server 2000, 2004 and 2006 Standard andEnterprise Edition.antivirusforProxy server. AllpopulartypesofProxy serversaresupported, forinstance: Squid (with ICAP protocol), Blue Coat SG Appliance, NetApp/Blue Coat NetCache, Cisco ACNS Content Engine, appliedontheGNU/LinuxOSAllantivirusesforInternetgatewaysutilizeasimilarprinciple: Internetgatewayserver (software) receivestheincomingdatastream, thenittransfersthedatathroughitssoftwareinterfacetotheantiviruskernelforchecking. Thenthekerneltakestheobjectsfromthetrafficandchecksthem. Whennecessary, itgrabsthemaliciousobjectsandreturnstheprocessedandcleanedflowbacktotheInternetgateway.
Let'sbeginwithmailprotection.WeprotectalltypesofExchange servers. Exchange 2000 and 2003 areprotectedbyKAV forMS Exchange 2000/2003.Also, thereisanapplicationforExchange 2003 calledKaspersky Security forMS Exchange Server 2003thatprotectsagainstvirusesandspam.ThereisalsoaproductforMS Exchange 2007 calledKaspersky Security, butitonlyprotectsfromvirusesandhasnointegratedanti-spamfunction, anditprobablywon'tbeintegratedalthoughitwasinitiallyplanned.ThereisalsoanantivirusforIBMLotus Domino, butonlyforWindows.ThereareantivirusesforUNIX systemsthatprotectmailservicesbasedonSendmail, Qmail, Postfix, and Exim. (Forfurtherinformation, seesystemrequirements).UNIX systemsrequireaseparateKaspersky Antispam installation.ThereistheKaspersky Mail-Gateway application, designedforasinglecomputerthatchecksallmailtrafficformaliciouscodeandspam.
AsfortheantivirusprotectionofInternetgateways, Kaspersky Laboratoriesoffersthefollowingrangeofproducts:Kaspersky antivirusforvariousversionsofMicrosoft ISA server: ISA server 2000, 2004 and 2006 Standard andEnterprise Edition.antivirusforProxy server. AllpopulartypesofProxy serversaresupported, forinstance: Squid (with ICAP protocol), Blue Coat SG Appliance, NetApp/Blue Coat NetCache, Cisco ACNS Content Engine, appliedontheGNU/LinuxOSAllantivirusesforInternetgatewaysutilizeasimilarprinciple: Internetgatewayserver (software) receivestheincomingdatastream, thenittransfersthedatathroughitssoftwareinterfacetotheantiviruskernelforchecking. Thenthekerneltakestheobjectsfromthetrafficandchecksthem. Whennecessary, itgrabsthemaliciousobjectsandreturnstheprocessedandcleanedflowbacktotheInternetgateway.