SlideShare una empresa de Scribd logo

Emerging Threats & Threat Landscape: Understanding Today's Cybercrime

Descargar como PPT, PDF
Anthony Arrott
Anthony Arrott
Tecnología
1 de 34
EMERGING THREATS & THREAT LANDSCAPE Fighting Today’s Cybercrime Anthony Arrott, Trend Micro
Triple challenge to IT security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],1
Triple challenge to IT security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],disappearing network boundaries 1
Triple challenge to IT security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],disappearing network boundaries overwhelming volume of threat 1
Triple challenge to IT security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],disappearing network boundaries overwhelming volume of threat cloud-client protection networks 1
Traditional AV overwhelmed by the volume of new threats 4 > 2000 new threats per hour AV
Threats now mostly from the Internet 5 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],source: Trend Micro
Use multiple layers of reputation services 4 AV Exposure Layer inspection based on source (URL, domain) http://abc.com /xyz.exe Infection Layer inspection based on file content (code, hash) http://abc.com /xyz.exe
John Dillinger, Flamboyant Bank Robber Meyer Lansky, Quiet Mobster
John Dillinger, Flamboyant Bank Robber Meyer Lansky, Quiet Mobster ,[object Object],[object Object],[object Object]
John Dillinger, Flamboyant Bank Robber Meyer Lansky, Quiet Mobster ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
John Dillinger, Flamboyant Bank Robber Meyer Lansky, Quiet Mobster ,[object Object],[object Object],[object Object],think: VIRUS OUTBREAK ,[object Object],[object Object],[object Object]
John Dillinger, Flamboyant Bank Robber Meyer Lansky, Quiet Mobster ,[object Object],[object Object],[object Object],think: VIRUS OUTBREAK think: BOTNET SPAM ENGINE ,[object Object],[object Object],[object Object]
Popular conception of cybercrime
But like Prohibition, we’re not the main victims … … more likely, we’re unwitting accessories.
Today‘s Infection Chain Malware Writer Criminals Spyware/Trojan Downloader Web Drive By Downloader Email Spam Port Scan Vulnerabilities Infection Vector Spam & Phishing Dedicated Denial of Service Data Leakage Adware/Clickware Recruitment Activities Wait for Instructions Get Updates from Command & Control Fool the AV Host Management Host Infection HTTP IRC DNS Bot Herder Botnet Command & Controller
Canadian IP addresses generating spam
Worldwide IP addresses generating spam Q2 2009 Q3 2009 Q4 2009 Q1 2010
Breakdown of compromised IP’s Business Consumer EMAIL REPUTATION
Top 5 spam generators as of April 2009
Top 5 spam generators as of April 2009 Turkey ? #2 ?
Top 5 spam generators as of April 2009 Trend Micro begins working with Turkish ISP
Top 5 spam generators as of April 2009 Start seeing dramatic reductions
Top 5 spam generators as of April 2009 Turkey: from #2 to #21
Popular conception of cybercrime
Not just botnet spam engines
… and no small amount of money Online ad revenues of Google, Yahoo, Microsoft, & AOL are more than $8b per quarter … … click fraud is more than $5b per year.
Obscured network boundaries Where’s my data?
Deceptive information transactions Who am I sharing information with?
Disguised website identities Is this the web address I think it is?
and track cyber-criminal operations
… billions of times a day E-mail reputation queries 6.2 billion E-mail reputation blocks 4.4 billion Web reputation queries 41 billion Web reputation blocks 585 million Trend Micro Smart Protection Network Tuesday, 14 Sep. 2010
Protection from the Cloud E-mail (IP) Reputation Load 295 GB per day Web (URL) Reputation Load 1305 GB per day File (MD5) Reputation Load 334 GB per day
Trend Micro internal use only Thank You

Recomendados

Security Presentation
Security PresentationSecurity Presentation
Security Presentationjpeters_securitysnapshot
 
Security Trends to Watch in 2010 - A Mid-Year Status Check
Security Trends to Watch in 2010 - A Mid-Year Status Check Security Trends to Watch in 2010 - A Mid-Year Status Check
Security Trends to Watch in 2010 - A Mid-Year Status Check Symantec
 
Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec
 
Facebook
FacebookFacebook
FacebookPuni Hariaratnam
 
Cybercrime
CybercrimeCybercrime
CybercrimeKomal003
 
File000145
File000145File000145
File000145Desmond Devendran
 
Cybercrimes
CybercrimesCybercrimes
CybercrimesSNOW WHITE
 
How and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's BusinessHow and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's BusinessSendio
 

Recomendados

Security Presentation
Security PresentationSecurity Presentation
Security Presentationjpeters_securitysnapshot
 
Security Trends to Watch in 2010 - A Mid-Year Status Check
Security Trends to Watch in 2010 - A Mid-Year Status Check Security Trends to Watch in 2010 - A Mid-Year Status Check
Security Trends to Watch in 2010 - A Mid-Year Status Check Symantec
 
Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec
 
Facebook
FacebookFacebook
FacebookPuni Hariaratnam
 
Cybercrime
CybercrimeCybercrime
CybercrimeKomal003
 
File000145
File000145File000145
File000145Desmond Devendran
 
Cybercrimes
CybercrimesCybercrimes
CybercrimesSNOW WHITE
 
How and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's BusinessHow and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's BusinessSendio
 
Malware
MalwareMalware
Malwaregalaxy201
 
Are You a Hacker's Target?
Are You a Hacker's Target?Are You a Hacker's Target?
Are You a Hacker's Target?Blue Coat
 
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeBlue Coat
 
Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Topsec Technology
 
Hacking
HackingHacking
HackingVirus
 
Internet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceInternet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceMarian Merritt
 
Social Media & Crime
Social Media & CrimeSocial Media & Crime
Social Media & CrimeInstant Checkmate
 
Top Cyber Threats of 2009
Top Cyber Threats of 2009Top Cyber Threats of 2009
Top Cyber Threats of 2009Symantec
 
Powerpoint
PowerpointPowerpoint
PowerpointMarcelomazzocato
 
Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014Symantec
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Andrew Manoske
 
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyUnit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyErdo Deshiant Garnaby
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
Piracy
PiracyPiracy
PiracyDevraj Goswami
 
Who's watching you
Who's watching youWho's watching you
Who's watching youTrent Morrow
 
Data Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryData Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryInternational Institute for Learning
 
Malware from the Consumer Jungle
Malware from the Consumer JungleMalware from the Consumer Jungle
Malware from the Consumer JungleJason S
 
Protect the personal
Protect the personalProtect the personal
Protect the personalDurban Chamber of Commerce and Industry
 
RSA Monthly Online Fraud Report -- October 2013
RSA Monthly Online Fraud Report -- October 2013RSA Monthly Online Fraud Report -- October 2013
RSA Monthly Online Fraud Report -- October 2013EMC
 
Corso oa lezione 11 - modificate
Corso oa lezione 11 - modificateCorso oa lezione 11 - modificate
Corso oa lezione 11 - modificateAntongiulio Bua
 
Corso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseCorso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseAntongiulio Bua
 

Más contenido relacionado

La actualidad más candente

Are You a Hacker's Target?
Are You a Hacker's Target?Are You a Hacker's Target?
Are You a Hacker's Target?Blue Coat
 
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeBlue Coat
 
Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Topsec Technology
 
Hacking
HackingHacking
HackingVirus
 
Internet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceInternet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceMarian Merritt
 
Top Cyber Threats of 2009
Top Cyber Threats of 2009Top Cyber Threats of 2009
Top Cyber Threats of 2009Symantec
 
Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014Symantec
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Andrew Manoske
 
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyUnit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyErdo Deshiant Garnaby
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
Who's watching you
Who's watching youWho's watching you
Who's watching youTrent Morrow
 
Malware from the Consumer Jungle
Malware from the Consumer JungleMalware from the Consumer Jungle
Malware from the Consumer JungleJason S
 
RSA Monthly Online Fraud Report -- October 2013
RSA Monthly Online Fraud Report -- October 2013RSA Monthly Online Fraud Report -- October 2013
RSA Monthly Online Fraud Report -- October 2013EMC
 

La actualidad más candente (20)

Malware
MalwareMalware
Malware
 
Are You a Hacker's Target?
Are You a Hacker's Target?Are You a Hacker's Target?
Are You a Hacker's Target?
 
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber Crime
 
Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only
 
Hacking
HackingHacking
Hacking
 
Internet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceInternet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the Workplace
 
Social Media & Crime
Social Media & CrimeSocial Media & Crime
Social Media & Crime
 
Top Cyber Threats of 2009
Top Cyber Threats of 2009Top Cyber Threats of 2009
Top Cyber Threats of 2009
 
Powerpoint
PowerpointPowerpoint
Powerpoint
 
Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! Hack
 
Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)Modern Adversaries (Amplify Partners)
Modern Adversaries (Amplify Partners)
 
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyUnit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safety
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
 
Piracy
PiracyPiracy
Piracy
 
Who's watching you
Who's watching youWho's watching you
Who's watching you
 
Data Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryData Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples Story
 
Malware from the Consumer Jungle
Malware from the Consumer JungleMalware from the Consumer Jungle
Malware from the Consumer Jungle
 
Protect the personal
Protect the personalProtect the personal
Protect the personal
 
RSA Monthly Online Fraud Report -- October 2013
RSA Monthly Online Fraud Report -- October 2013RSA Monthly Online Fraud Report -- October 2013
RSA Monthly Online Fraud Report -- October 2013
 

Destacado

Corso oa lezione 11 - modificate
Corso oa lezione 11 - modificateCorso oa lezione 11 - modificate
Corso oa lezione 11 - modificateAntongiulio Bua
 
Corso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseCorso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseAntongiulio Bua
 
Measuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersMeasuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersAnthony Arrott
 
Volume of Threat: The AV update deployment bottleneck
Volume of Threat: The AV update deployment bottleneckVolume of Threat: The AV update deployment bottleneck
Volume of Threat: The AV update deployment bottleneckAnthony Arrott
 
Corso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazioneCorso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazioneAntongiulio Bua
 
Corso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. socialiCorso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. socialiAntongiulio Bua
 

Destacado (9)

Corso oa lezione 11 - modificate
Corso oa lezione 11 - modificateCorso oa lezione 11 - modificate
Corso oa lezione 11 - modificate
 
Corso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseCorso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di base
 
Measuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to CustomersMeasuring the Actual Security that Vendors Provide to Customers
Measuring the Actual Security that Vendors Provide to Customers
 
Volume of Threat: The AV update deployment bottleneck
Volume of Threat: The AV update deployment bottleneckVolume of Threat: The AV update deployment bottleneck
Volume of Threat: The AV update deployment bottleneck
 
Stormy Weather
Stormy WeatherStormy Weather
Stormy Weather
 
Stormy Weather
Stormy Weather Stormy Weather
Stormy Weather
 
Vivifacile
VivifacileVivifacile
Vivifacile
 
Corso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazioneCorso oa lezione 4 - motivazione
Corso oa lezione 4 - motivazione
 
Corso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. socialiCorso oa lezione 6 - var. sociali
Corso oa lezione 6 - var. sociali
 

Similar a Emerging Threats & Threat Landscape: Understanding Today's Cybercrime

Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416Anthony Arrott
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1Abdelfatah hegazy
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial SectorLIFARS
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityMuhammad Hamza
 
Top 5 Famous Cyberattacks Of The World | SOCVault
Top 5 Famous Cyberattacks Of The World | SOCVaultTop 5 Famous Cyberattacks Of The World | SOCVault
Top 5 Famous Cyberattacks Of The World | SOCVaultSOCVault
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar ReportArindam Sarkar
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityJay Moliya
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manualRoel Palmaers
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hackingsatish kumar
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityMichele Thomas
 
Today's malware aint what you think
Today's malware aint what you thinkToday's malware aint what you think
Today's malware aint what you thinkNathan Winters
 
presentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptpresentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptJatinRajput67
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats ReportMcafeeCareers
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYChaya Sorir
 

Similar a Emerging Threats & Threat Landscape: Understanding Today's Cybercrime (20)

Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial Sector
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Top 5 Famous Cyberattacks Of The World | SOCVault
Top 5 Famous Cyberattacks Of The World | SOCVaultTop 5 Famous Cyberattacks Of The World | SOCVault
Top 5 Famous Cyberattacks Of The World | SOCVault
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
 
Network security
Network securityNetwork security
Network security
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manual
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hacking
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information Security
 
Today's malware aint what you think
Today's malware aint what you thinkToday's malware aint what you think
Today's malware aint what you think
 
presentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptpresentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.ppt
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats Report
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Brooks18
Brooks18Brooks18
Brooks18
 
Cybercrime 1
Cybercrime 1Cybercrime 1
Cybercrime 1
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 

Último

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Último (20)

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Emerging Threats & Threat Landscape: Understanding Today's Cybercrime

  • 1. EMERGING THREATS & THREAT LANDSCAPE Fighting Today’s Cybercrime Anthony Arrott, Trend Micro
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. Traditional AV overwhelmed by the volume of new threats 4 > 2000 new threats per hour AV
  • 7.
  • 8. Use multiple layers of reputation services 4 AV Exposure Layer inspection based on source (URL, domain) http://abc.com /xyz.exe Infection Layer inspection based on file content (code, hash) http://abc.com /xyz.exe
  • 9. John Dillinger, Flamboyant Bank Robber Meyer Lansky, Quiet Mobster
  • 10.
  • 11.
  • 12.
  • 13.
  • 14. Popular conception of cybercrime
  • 15. But like Prohibition, we’re not the main victims … … more likely, we’re unwitting accessories.
  • 16. Today‘s Infection Chain Malware Writer Criminals Spyware/Trojan Downloader Web Drive By Downloader Email Spam Port Scan Vulnerabilities Infection Vector Spam & Phishing Dedicated Denial of Service Data Leakage Adware/Clickware Recruitment Activities Wait for Instructions Get Updates from Command & Control Fool the AV Host Management Host Infection HTTP IRC DNS Bot Herder Botnet Command & Controller
  • 17. Canadian IP addresses generating spam
  • 18. Worldwide IP addresses generating spam Q2 2009 Q3 2009 Q4 2009 Q1 2010
  • 19. Breakdown of compromised IP’s Business Consumer EMAIL REPUTATION
  • 20. Top 5 spam generators as of April 2009
  • 21. Top 5 spam generators as of April 2009 Turkey ? #2 ?
  • 22. Top 5 spam generators as of April 2009 Trend Micro begins working with Turkish ISP
  • 23. Top 5 spam generators as of April 2009 Start seeing dramatic reductions
  • 24. Top 5 spam generators as of April 2009 Turkey: from #2 to #21
  • 25. Popular conception of cybercrime
  • 26. Not just botnet spam engines
  • 27. … and no small amount of money Online ad revenues of Google, Yahoo, Microsoft, & AOL are more than $8b per quarter … … click fraud is more than $5b per year.
  • 28. Obscured network boundaries Where’s my data?
  • 29. Deceptive information transactions Who am I sharing information with?
  • 30. Disguised website identities Is this the web address I think it is?
  • 31. and track cyber-criminal operations
  • 32. … billions of times a day E-mail reputation queries 6.2 billion E-mail reputation blocks 4.4 billion Web reputation queries 41 billion Web reputation blocks 585 million Trend Micro Smart Protection Network Tuesday, 14 Sep. 2010
  • 33. Protection from the Cloud E-mail (IP) Reputation Load 295 GB per day Web (URL) Reputation Load 1305 GB per day File (MD5) Reputation Load 334 GB per day
  • 34. Trend Micro internal use only Thank You