SlideShare una empresa de Scribd logo

Raimund genes from traditional malware to targeted attacks

Graeme Wood
Graeme Wood
Noticias y políticaTecnología
1 de 36
Descargar para leer sin conexión
From Traditional Malware to Targeted Attacks Raimund Genes Chief Technology Officer Trend Micro
Internet PC PC PC Internet Gateway Exchange Server 150 infected Mails
CRIMEWARE DamagecausedbyCybercrime 2001 2003 2004 2005 2007 2010 Vulnerabilities W orm Outbreaks Spam Mass Mailers Spyware Intelligent Botnets Web Threats Evolution to Cybercrime 2011+ Targeted Attacks Mobile Attacks
Trustwave 2013 Global Security Report: Average time from initial breach to detection was 210 days, more than 35 days longer than in 2011.
Malware / Bot / APT Behavior Comparison Table APT Bot Malware Distribution With organized planning Mass distribution over regions Mass distribution over regions Services interruption No No Yes Attack Pattern Targeted (only a few groups/organizations) Not targeted (large area spread- out) Not targeted (large area spread- out) Target Audience Particular Organization/Company Individual credentials including online banking account information Random Frequency of attacks Many times Once Once Weapon -Zero-day exploit -Drop embedded RAT -Dropper or Backdoor Multiple-Exploits,All in one By Malware design Detection Rate Lower than 10% within one month Around 86% within one month Around 99% within one month
Some Documented Advanced Persistent Threat Campaigns (Real-world Examples) • LURID – threat actors launched around 300 campaigns targeting different industries in different countries • Luckycat – threat actors used diverse infrastructure (from throwaway free hosting to dedicated VPSs) • Taidoor – threat actors primarily targeted government organizations located in Taiwan • IXESHE – threat actors used compromised computers inside the network to evade network detection
Advanced Persistent Threat Targeted Attacks
The attacker knows what he’s looking for!
South Korea – Hacktivism, Cyber Sabotage, or Cyberterrorism?
Sometimes an “unusual” targets
Typical Industrial Control System (ICS)
• In a small city in US with 8000 citizens • It has to look like a real system • And by “accident” the system has a link to the Internet Let’s simulate a Water Pressure Control station
Building a SCADA Honeypot…
Attacks from US, 9 LAOS, 6 UK, 4 CHINA, 17 NETHERLANDS, 1 JAPAN, 1 BRAZIL, 2 POLAND, 1 VIETNAM, 1 RUSSIA, 3 PALESTINE, 1 CHILE, 1 CROATIA, 1 NORTH KOREA, 1
What to expect next?
Your phone as your wallet
Android Malware 120,000 350,000
Vehicle past and now TOYOTA'S Vehicle(1955) TOYOTA'S Hybrid Vehicle(2011) None of computers included over 70 of computers included
Tire Pressure Monitoring System UNAUTHORIZED APPS, Multimedia File Smartphone, USB Immobilizer Cutter DOOR LOCKS Smart Key CHAdeMO : Quick charging method for battery powered electric vehicles KEY FOB TELEMATICS SYSTEM OBDII , CAN, ECU Vehicle Area Network
iVehicle
Embedded OS selected by car industry SELECTED IVI Standard Organization
Security Assessment Kernel > 2.6.35.3 Gain Privilege > 18
• All the ECU turned into Fail-Safe-Mode. • Engine fan and headlamp kept working. • Meter(e.g. speed) needle keeps wobbling Overflow attack to CAN bus
If someone wants to get in, he get’s in!
So do we do a lot of stuff just to satisfy the auditors?
LATIN AMERICA EUROPE APAC NORTH AMERICA GLOBAL
Thank You

Recomendados

The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
Spy Programs
Spy ProgramsSpy Programs
Spy ProgramsHHSome
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksMichael Davis
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYSahil Vashishtha
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesJose L. Quiñones-Borrero
 
Cyber threats landscape and defense
Cyber threats landscape and defenseCyber threats landscape and defense
Cyber threats landscape and defensefantaghost
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityMarketingArrowECS_CZ
 

Recomendados

The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
Spy Programs
Spy ProgramsSpy Programs
Spy ProgramsHHSome
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksMichael Davis
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYSahil Vashishtha
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesJose L. Quiñones-Borrero
 
Cyber threats landscape and defense
Cyber threats landscape and defenseCyber threats landscape and defense
Cyber threats landscape and defensefantaghost
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityMarketingArrowECS_CZ
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for androidKazi Sarwar Hossain
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKeshab Nath
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsGoutama Bachtiar
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101Lookout
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismRaheela Patel
 
Hot Cyber Security Technologies
Hot Cyber Security TechnologiesHot Cyber Security Technologies
Hot Cyber Security TechnologiesRuchikaSachdeva4
 
Security models of modern mobile systems
Security models of modern mobile systemsSecurity models of modern mobile systems
Security models of modern mobile systemsDivya Raval
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCommonwealth Telecommunications Organisation
 
Attacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell PhonesAttacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell PhonesFaizan Shaikh
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM Tejesh Dhaypule
 
Why Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You ThinkWhy Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You ThinkBlue Coat
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and ToolsKaran Bhandari
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber AttacksVenafi
 
Digital Security
Digital Security Digital Security
Digital Security MCMAUP01
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device securityCAS
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
NormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ckNarinrit Prem-apiwathanokul
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 

Más contenido relacionado

La actualidad más candente

Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for androidKazi Sarwar Hossain
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKeshab Nath
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsGoutama Bachtiar
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101Lookout
 
Hot Cyber Security Technologies
Hot Cyber Security TechnologiesHot Cyber Security Technologies
Hot Cyber Security TechnologiesRuchikaSachdeva4
 
Security models of modern mobile systems
Security models of modern mobile systemsSecurity models of modern mobile systems
Security models of modern mobile systemsDivya Raval
 
Attacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell PhonesAttacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell PhonesFaizan Shaikh
 
Why Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You ThinkWhy Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You ThinkBlue Coat
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and ToolsKaran Bhandari
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber AttacksVenafi
 
Digital Security
Digital Security Digital Security
Digital Security MCMAUP01
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device securityCAS
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsJim Kaplan CIA CFE
 
NormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield
 

La actualidad más candente (20)

Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for android
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and Solutions
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Hot Cyber Security Technologies
Hot Cyber Security TechnologiesHot Cyber Security Technologies
Hot Cyber Security Technologies
 
Security models of modern mobile systems
Security models of modern mobile systemsSecurity models of modern mobile systems
Security models of modern mobile systems
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David Turahi
 
Attacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell PhonesAttacks on Mobiles\Cell Phones
Attacks on Mobiles\Cell Phones
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
 
Why Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You ThinkWhy Your Mobile Device Isn’t As Secure As You Think
Why Your Mobile Device Isn’t As Secure As You Think
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and Tools
 
Mobile security
Mobile securityMobile security
Mobile security
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber Attacks
 
Digital Security
Digital Security Digital Security
Digital Security
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
 
Cybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal AuditorsCybersecurity Series - Cyber Defense for Internal Auditors
Cybersecurity Series - Cyber Defense for Internal Auditors
 
NormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk Brief
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ck
 

Similar a Raimund genes from traditional malware to targeted attacks

7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsFidelis Cybersecurity
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial SectorLIFARS
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?Samvel Gevorgyan
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityLumension
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation♟Sergej Epp
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1Abdelfatah hegazy
 
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Denis Gorchakov
 
TC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbragaTC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbragaGeorge Braga
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with aiBurhan Ahmed
 
External threats-to-information-system
External threats-to-information-systemExternal threats-to-information-system
External threats-to-information-systemSouman Guha
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxarnoldmeredith47041
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 

Similar a Raimund genes from traditional malware to targeted attacks (20)

7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
 
APT in the Financial Sector
APT in the Financial SectorAPT in the Financial Sector
APT in the Financial Sector
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and Response
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
 
C3
C3C3
C3
 
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
 
Brooks18
Brooks18Brooks18
Brooks18
 
TC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbragaTC160_PowerPoint_presentation_gbraga
TC160_PowerPoint_presentation_gbraga
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
 
External threats-to-information-system
External threats-to-information-systemExternal threats-to-information-system
External threats-to-information-system
 
Malware
MalwareMalware
Malware
 
Information security
Information securityInformation security
Information security
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
 
Netop Remote Control Embedded Devices
Netop Remote Control Embedded DevicesNetop Remote Control Embedded Devices
Netop Remote Control Embedded Devices
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 

Más de Graeme Wood

TechCatalyst free assessment
TechCatalyst free assessment TechCatalyst free assessment
TechCatalyst free assessment Graeme Wood
 
TechCatalyst Corporate Overview
TechCatalyst Corporate Overview TechCatalyst Corporate Overview
TechCatalyst Corporate Overview Graeme Wood
 
How does semantic technology work?
How does semantic technology work? How does semantic technology work?
How does semantic technology work? Graeme Wood
 
AI and the Financial Service Segment
AI and the Financial Service SegmentAI and the Financial Service Segment
AI and the Financial Service SegmentGraeme Wood
 
Ai and Legal Industy - Executive Overview
Ai and Legal Industy - Executive OverviewAi and Legal Industy - Executive Overview
Ai and Legal Industy - Executive OverviewGraeme Wood
 
Semantic Computing Executive Briefing
Semantic Computing Executive Briefing Semantic Computing Executive Briefing
Semantic Computing Executive Briefing Graeme Wood
 
Introduction to Semantic Computing
Introduction to Semantic ComputingIntroduction to Semantic Computing
Introduction to Semantic ComputingGraeme Wood
 
AIIA_DataAnalytics_Project_External_20160721
AIIA_DataAnalytics_Project_External_20160721AIIA_DataAnalytics_Project_External_20160721
AIIA_DataAnalytics_Project_External_20160721Graeme Wood
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David RossGraeme Wood
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Graeme Wood
 
andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013Graeme Wood
 
Anz campaign creative 11 sept 2010
Anz campaign creative 11 sept 2010Anz campaign creative 11 sept 2010
Anz campaign creative 11 sept 2010Graeme Wood
 
Anz cloud thought leadership 16 mar
Anz cloud thought leadership 16 marAnz cloud thought leadership 16 mar
Anz cloud thought leadership 16 marGraeme Wood
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroGraeme Wood
 
Trend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationTrend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationGraeme Wood
 

Más de Graeme Wood (15)

TechCatalyst free assessment
TechCatalyst free assessment TechCatalyst free assessment
TechCatalyst free assessment
 
TechCatalyst Corporate Overview
TechCatalyst Corporate Overview TechCatalyst Corporate Overview
TechCatalyst Corporate Overview
 
How does semantic technology work?
How does semantic technology work? How does semantic technology work?
How does semantic technology work?
 
AI and the Financial Service Segment
AI and the Financial Service SegmentAI and the Financial Service Segment
AI and the Financial Service Segment
 
Ai and Legal Industy - Executive Overview
Ai and Legal Industy - Executive OverviewAi and Legal Industy - Executive Overview
Ai and Legal Industy - Executive Overview
 
Semantic Computing Executive Briefing
Semantic Computing Executive Briefing Semantic Computing Executive Briefing
Semantic Computing Executive Briefing
 
Introduction to Semantic Computing
Introduction to Semantic ComputingIntroduction to Semantic Computing
Introduction to Semantic Computing
 
AIIA_DataAnalytics_Project_External_20160721
AIIA_DataAnalytics_Project_External_20160721AIIA_DataAnalytics_Project_External_20160721
AIIA_DataAnalytics_Project_External_20160721
 
CSA Introduction 2013 David Ross
CSA Introduction 2013 David RossCSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
 
andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013
 
Anz campaign creative 11 sept 2010
Anz campaign creative 11 sept 2010Anz campaign creative 11 sept 2010
Anz campaign creative 11 sept 2010
 
Anz cloud thought leadership 16 mar
Anz cloud thought leadership 16 marAnz cloud thought leadership 16 mar
Anz cloud thought leadership 16 mar
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend Micro
 
Trend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning PresentationTrend Micro VForum Agentless Scanning Presentation
Trend Micro VForum Agentless Scanning Presentation
 

Último

04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdf04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdfFIRST INDIA
 
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...IT Industry
 
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...anjanibaddipudi1
 
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...Andy (Avraham) Blumenthal
 
06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdf06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdfFIRST INDIA
 
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...srinuseo15
 
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 48 (Gurgaon)
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 48 (Gurgaon)Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 48 (Gurgaon)
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 48 (Gurgaon)Delhi Call girls
 
Gujarat-SEBCs.pdf pfpkoopapriorjfperjreie
Gujarat-SEBCs.pdf pfpkoopapriorjfperjreieGujarat-SEBCs.pdf pfpkoopapriorjfperjreie
Gujarat-SEBCs.pdf pfpkoopapriorjfperjreiebhavenpr
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls
 
China's soft power in 21st century .pptx
China's soft power in 21st century .pptxChina's soft power in 21st century .pptx
China's soft power in 21st century .pptxYasinAhmad20
 
Busty Desi⚡Call Girls in Sector 62 Noida Escorts >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Sector 62 Noida Escorts >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Sector 62 Noida Escorts >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Sector 62 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdf422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdflambardar420420
 
Politician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full DetailsPolitician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full DetailsVoterMood
 
Powerful Love Spells in Phoenix, AZ (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Phoenix, AZ (310) 882-6330 Bring Back Lost LoverPowerful Love Spells in Phoenix, AZ (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Phoenix, AZ (310) 882-6330 Bring Back Lost LoverPsychicRuben LoveSpells
 
declarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdfdeclarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdfssuser5750e1
 
Group_5_US-China Trade War to understand the trade
Group_5_US-China Trade War to understand the tradeGroup_5_US-China Trade War to understand the trade
Group_5_US-China Trade War to understand the tradeRahatulAshafeen
 
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...hyt3577
 
WhatsApp 📞 8448380779 ✅Call Girls In Chaura Sector 22 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Chaura Sector 22 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Chaura Sector 22 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Chaura Sector 22 ( Noida)Delhi Call girls
 
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 46 (Gurgaon)
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 46 (Gurgaon)Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 46 (Gurgaon)
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 46 (Gurgaon)Delhi Call girls
 
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...Faga1939
 

Último (20)

04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdf04052024_First India Newspaper Jaipur.pdf
04052024_First India Newspaper Jaipur.pdf
 
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
KING VISHNU BHAGWANON KA BHAGWAN PARAMATMONKA PARATOMIC PARAMANU KASARVAMANVA...
 
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
*Navigating Electoral Terrain: TDP's Performance under N Chandrababu Naidu's ...
 
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
America Is the Target; Israel Is the Front Line _ Andy Blumenthal _ The Blogs...
 
06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdf06052024_First India Newspaper Jaipur.pdf
06052024_First India Newspaper Jaipur.pdf
 
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
Transformative Leadership: N Chandrababu Naidu and TDP's Vision for Innovatio...
 
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 48 (Gurgaon)
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 48 (Gurgaon)Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 48 (Gurgaon)
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 48 (Gurgaon)
 
Gujarat-SEBCs.pdf pfpkoopapriorjfperjreie
Gujarat-SEBCs.pdf pfpkoopapriorjfperjreieGujarat-SEBCs.pdf pfpkoopapriorjfperjreie
Gujarat-SEBCs.pdf pfpkoopapriorjfperjreie
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
China's soft power in 21st century .pptx
China's soft power in 21st century .pptxChina's soft power in 21st century .pptx
China's soft power in 21st century .pptx
 
Busty Desi⚡Call Girls in Sector 62 Noida Escorts >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Sector 62 Noida Escorts >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Sector 62 Noida Escorts >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Sector 62 Noida Escorts >༒8448380779 Escort Service
 
422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdf422524114-Patriarchy-Kamla-Bhasin gg.pdf
422524114-Patriarchy-Kamla-Bhasin gg.pdf
 
Politician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full DetailsPolitician uddhav thackeray biography- Full Details
Politician uddhav thackeray biography- Full Details
 
Powerful Love Spells in Phoenix, AZ (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Phoenix, AZ (310) 882-6330 Bring Back Lost LoverPowerful Love Spells in Phoenix, AZ (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Phoenix, AZ (310) 882-6330 Bring Back Lost Lover
 
declarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdfdeclarationleaders_sd_re_greens_theleft_5.pdf
declarationleaders_sd_re_greens_theleft_5.pdf
 
Group_5_US-China Trade War to understand the trade
Group_5_US-China Trade War to understand the tradeGroup_5_US-China Trade War to understand the trade
Group_5_US-China Trade War to understand the trade
 
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
{Qatar{^🚀^(+971558539980**}})Abortion Pills for Sale in Dubai. .abu dhabi, sh...
 
WhatsApp 📞 8448380779 ✅Call Girls In Chaura Sector 22 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Chaura Sector 22 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Chaura Sector 22 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Chaura Sector 22 ( Noida)
 
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 46 (Gurgaon)
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 46 (Gurgaon)Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 46 (Gurgaon)
Enjoy Night ≽ 8448380779 ≼ Call Girls In Gurgaon Sector 46 (Gurgaon)
 
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
THE OBSTACLES THAT IMPEDE THE DEVELOPMENT OF BRAZIL IN THE CONTEMPORARY ERA A...
 

Raimund genes from traditional malware to targeted attacks

  • 1. From Traditional Malware to Targeted Attacks Raimund Genes Chief Technology Officer Trend Micro
  • 2.
  • 4. CRIMEWARE DamagecausedbyCybercrime 2001 2003 2004 2005 2007 2010 Vulnerabilities W orm Outbreaks Spam Mass Mailers Spyware Intelligent Botnets Web Threats Evolution to Cybercrime 2011+ Targeted Attacks Mobile Attacks
  • 5. Trustwave 2013 Global Security Report: Average time from initial breach to detection was 210 days, more than 35 days longer than in 2011.
  • 6. Malware / Bot / APT Behavior Comparison Table APT Bot Malware Distribution With organized planning Mass distribution over regions Mass distribution over regions Services interruption No No Yes Attack Pattern Targeted (only a few groups/organizations) Not targeted (large area spread- out) Not targeted (large area spread- out) Target Audience Particular Organization/Company Individual credentials including online banking account information Random Frequency of attacks Many times Once Once Weapon -Zero-day exploit -Drop embedded RAT -Dropper or Backdoor Multiple-Exploits,All in one By Malware design Detection Rate Lower than 10% within one month Around 86% within one month Around 99% within one month
  • 7. Some Documented Advanced Persistent Threat Campaigns (Real-world Examples) • LURID – threat actors launched around 300 campaigns targeting different industries in different countries • Luckycat – threat actors used diverse infrastructure (from throwaway free hosting to dedicated VPSs) • Taidoor – threat actors primarily targeted government organizations located in Taiwan • IXESHE – threat actors used compromised computers inside the network to evade network detection
  • 9. The attacker knows what he’s looking for!
  • 10. South Korea – Hacktivism, Cyber Sabotage, or Cyberterrorism?
  • 13. • In a small city in US with 8000 citizens • It has to look like a real system • And by “accident” the system has a link to the Internet Let’s simulate a Water Pressure Control station
  • 14. Building a SCADA Honeypot…
  • 15.
  • 16. Attacks from US, 9 LAOS, 6 UK, 4 CHINA, 17 NETHERLANDS, 1 JAPAN, 1 BRAZIL, 2 POLAND, 1 VIETNAM, 1 RUSSIA, 3 PALESTINE, 1 CHILE, 1 CROATIA, 1 NORTH KOREA, 1
  • 17.
  • 18. What to expect next?
  • 19.
  • 20. Your phone as your wallet
  • 22. Vehicle past and now TOYOTA'S Vehicle(1955) TOYOTA'S Hybrid Vehicle(2011) None of computers included over 70 of computers included
  • 23. Tire Pressure Monitoring System UNAUTHORIZED APPS, Multimedia File Smartphone, USB Immobilizer Cutter DOOR LOCKS Smart Key CHAdeMO : Quick charging method for battery powered electric vehicles KEY FOB TELEMATICS SYSTEM OBDII , CAN, ECU Vehicle Area Network
  • 24.
  • 26. Embedded OS selected by car industry SELECTED IVI Standard Organization
  • 27. Security Assessment Kernel > 2.6.35.3 Gain Privilege > 18
  • 28. • All the ECU turned into Fail-Safe-Mode. • Engine fan and headlamp kept working. • Meter(e.g. speed) needle keeps wobbling Overflow attack to CAN bus
  • 29.
  • 30. If someone wants to get in, he get’s in!
  • 31.
  • 32. So do we do a lot of stuff just to satisfy the auditors?
  • 33.
  • 34.