SlideShare una empresa de Scribd logo

Targeted Attacks on Intellectual Property

Symantec
Symantec

The risk to confidential information continues to grow as IT executives are facing an increasing number of threats to their information from both internal and external sources. Today’s attacks are proving to be more sophisticated, well-organized and covert in nature than attacks seen in years past, thus requiring a new approach to secure and manage IT assets.

Tecnología
1 de 17
Descargar para leer sin conexión
Targeted Attacks on Intellectual Property April 13, 2010 Targeted Attacks on Intellectual Property 1
Agenda 1 Symantec’s Unique Vantage Point 2 Targeted Attacks on Intellectual Property 3 New Security Suites from Symantec Targeted Attacks on Intellectual Property 2
Building a “Community of Defense” with Businesses > Customers from businesses around the world Who > Symantec Security Leadership and Experts on Threat Research What > Ongoing discussions about the types of IT risks businesses face today > Share information about security incidents, impact assessment, and best practices to prevent Key Findings > Today’s targeted attacks characterized by organization, covert nature and patience > Strong consensus these attacks represent a significant risk to intellectual property Targeted Attacks on Intellectual Property 3
Anatomy of a Breach > Incursion > Discovery > Capture > Exfiltration Targeted Attacks on Intellectual Property 4
Dissecting Hydraq Hi, I met you at the Malware Conference last month. Wanted to let you know I got this great shot of you doing your presentation. I posted it here: Incursion Organized Organized Attacker breaks into the Criminal network by delivering targeted Criminal malware to vulnerable systems and employees Targeted Attacks on Intellectual Property 5
Dissecting Hydraq Discovery Organized Organized Hacker maps organization’s Criminal Criminal defenses from the inside and creates battle plan Targeted Attacks on Intellectual Property 6
Dissecting Hydraq Capture Organized Organized Attacker accesses data on Criminal unprotected systems and Criminal installs malware to secretly acquire crucial data Targeted Attacks on Intellectual Property 7
Dissecting Hydraq Hydraq Victim Exfiltration Organized Organized Confidential data sent back to Criminal enemy’s “home base” for Criminal exploitation and fraud Attacker 72.3.224.71:443 Targeted Attacks on Intellectual Property 8
Mass Attack vs. Targeted Attack Phase Mass Attack Targeted Attack Generic social engineering Handcrafted and personalized By-chance infection methods of delivery Examination of infected resource, Typically no discovery, assumes monitoring of user to determine content is in a predefined and other accessible resources, predictable location and network enumeration Predefined specific data or data Manual analysis and inspection of which matches a predefined pattern the data such as a credit card number Information sent to dump site often Information sent directly back to with little protection and dump site attacker and not stored in known serves as long term storage location for extended period Targeted Attacks on Intellectual Property 9
The Challenges Develop and Enforce IT Policies Protect The Information Manage Systems Protect The Infrastructure Targeted Attacks on Intellectual Property 10
Comprehensive Security Strategy is Required Risk Based and Policy Driven IT Governance, Risk and Compliance Information - Centric Information Risk Management Operationalized Infrastructure Management Well Managed Infrastructure Infrastructure Protection Targeted Attacks on Intellectual Property 11
New Security Suites Meet These Challenges Develop and > Control Compliance Suite 10.0 Enforce IT Policies Protect the > Data Loss Prevention Suite 10.5 Information Manage Systems > IT Management Suite 7.0 > Symantec Protection Center & Protect the > Symantec Protection Suite Infrastructure Enterprise Edition Family Targeted Attacks on Intellectual Property 12
Develop and > Control Compliance Suite 10.0 Enforce IT Policies Key Benefits New in Version 10.0 • Define risk and develop IT • Centralized evidence policies collection and management • Assess infrastructure and • Dynamic web-based processes dashboards • Report, monitor and • Integration with Symantec demonstrate due care Data Loss Prevention • Remediate problems • New CCS Vulnerability Manager Targeted Attacks on Intellectual Property 13
Protect the > Data Loss Prevention Suite 10.5 Information Key Benefits New in Version 10.5 • Discover where sensitive • Better visibility and control information resides of unstructured data • Monitor how data is being • Enhanced protection for used social media sites • Protect sensitive – Twitter, LinkedIn, YouTube, … information from loss • New protection for private clouds (Citrix) • New endpoint option for less complex environments Targeted Attacks on Intellectual Property 14
Manage Systems > IT Management Suite 7.0 Key Benefits New in Version 7.0 • Implement secure operating • New comprehensive suite that environments brings together all Altiris components • Distribute and enforce patch levels • Automated end to end Windows 7 migration process • Automate processes to • Intelligent software streamline efficiency management providing • Monitor and report on complete visibility system status • Process automation of complex, time-consuming IT tasks Targeted Attacks on Intellectual Property 15
> Symantec Protection Center & Protect the Symantec Protection Suite Infrastructure Enterprise Edition Family Key Benefits What’s New • Improved Visibility into • Symantec Protection Center: Security & Operations – Next generation security • Stronger Protection management solution – Simplifies management & • Accelerated Remediation improves security posture • Containment of Security • Symantec Protection Suites: Expenses – Three new suites designed to meet the needs of enterprise IT personnel in endpoint, gateway and server functions Targeted Attacks on Intellectual Property 16
Thank you! Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Targeted Attacks on Intellectual Property 17

Recomendados

Cyber attacks
Cyber attacksCyber attacks
Cyber attacksJP INTERNATIONAL SCHOOL,KANKER
 
Who\'s Next? Patterns and Trends in Targeted Attacks.
Who\'s Next? Patterns and Trends in Targeted Attacks.Who\'s Next? Patterns and Trends in Targeted Attacks.
Who\'s Next? Patterns and Trends in Targeted Attacks.martin_lee1969
 
201506 presentación enisa (versión en mano)
201506 presentación enisa (versión en mano)201506 presentación enisa (versión en mano)
201506 presentación enisa (versión en mano)Enisa. Impulso financiero a la pyme
 
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...RootedCON
 
Risk Management and Remediation
Risk Management and RemediationRisk Management and Remediation
Risk Management and RemediationCarahsoft
 
2011 Wintel Targeted Attacks and a Post-Windows Environment APT Toolset
2011 Wintel Targeted Attacks and a Post-Windows Environment APT Toolset2011 Wintel Targeted Attacks and a Post-Windows Environment APT Toolset
2011 Wintel Targeted Attacks and a Post-Windows Environment APT ToolsetKurt Baumgartner
 
Cost of a Data Breach
Cost of a Data BreachCost of a Data Breach
Cost of a Data BreachSymantec
 
SMB Information Protection Portfolio
SMB Information Protection PortfolioSMB Information Protection Portfolio
SMB Information Protection PortfolioSymantec
 

Recomendados

Cyber attacks
Cyber attacksCyber attacks
Cyber attacksJP INTERNATIONAL SCHOOL,KANKER
 
Who\'s Next? Patterns and Trends in Targeted Attacks.
Who\'s Next? Patterns and Trends in Targeted Attacks.Who\'s Next? Patterns and Trends in Targeted Attacks.
Who\'s Next? Patterns and Trends in Targeted Attacks.martin_lee1969
 
201506 presentación enisa (versión en mano)
201506 presentación enisa (versión en mano)201506 presentación enisa (versión en mano)
201506 presentación enisa (versión en mano)Enisa. Impulso financiero a la pyme
 
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...RootedCON
 
Risk Management and Remediation
Risk Management and RemediationRisk Management and Remediation
Risk Management and RemediationCarahsoft
 
2011 Wintel Targeted Attacks and a Post-Windows Environment APT Toolset
2011 Wintel Targeted Attacks and a Post-Windows Environment APT Toolset2011 Wintel Targeted Attacks and a Post-Windows Environment APT Toolset
2011 Wintel Targeted Attacks and a Post-Windows Environment APT ToolsetKurt Baumgartner
 
Cost of a Data Breach
Cost of a Data BreachCost of a Data Breach
Cost of a Data BreachSymantec
 
SMB Information Protection Portfolio
SMB Information Protection PortfolioSMB Information Protection Portfolio
SMB Information Protection PortfolioSymantec
 
go-apt-cacher/mirror
go-apt-cacher/mirrorgo-apt-cacher/mirror
go-apt-cacher/mirroryutannihilation
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesNetIQ
 
Enisa internet mapping project-20130523
Enisa internet mapping project-20130523Enisa internet mapping project-20130523
Enisa internet mapping project-20130523European Union Agency for Network and Information Security (ENISA)
 
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of CybercrimeAutomated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of CybercrimeStefan Tanase
 
Workshop on Endpoint Memory Forensics
Workshop on Endpoint Memory ForensicsWorkshop on Endpoint Memory Forensics
Workshop on Endpoint Memory ForensicsPriyanka Aash
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCPriyanka Aash
 
Thinking of choosing Sophos?
Thinking of choosing Sophos?Thinking of choosing Sophos?
Thinking of choosing Sophos?Symantec
 
Attacking and Defending Mobile Applications
Attacking and Defending Mobile ApplicationsAttacking and Defending Mobile Applications
Attacking and Defending Mobile ApplicationsJerod Brennen
 
Network Forensics and Practical Packet Analysis
Network Forensics and Practical Packet AnalysisNetwork Forensics and Practical Packet Analysis
Network Forensics and Practical Packet AnalysisPriyanka Aash
 
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Yuval Sinay, CISSP, C|CISO
 
Risk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security ControlsRisk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security ControlsPriyanka Aash
 
Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies Priyanka Aash
 
Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 

Más contenido relacionado

Destacado

Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesNetIQ
 
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of CybercrimeAutomated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of CybercrimeStefan Tanase
 
Workshop on Endpoint Memory Forensics
Workshop on Endpoint Memory ForensicsWorkshop on Endpoint Memory Forensics
Workshop on Endpoint Memory ForensicsPriyanka Aash
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCPriyanka Aash
 
Thinking of choosing Sophos?
Thinking of choosing Sophos?Thinking of choosing Sophos?
Thinking of choosing Sophos?Symantec
 
Attacking and Defending Mobile Applications
Attacking and Defending Mobile ApplicationsAttacking and Defending Mobile Applications
Attacking and Defending Mobile ApplicationsJerod Brennen
 
Network Forensics and Practical Packet Analysis
Network Forensics and Practical Packet AnalysisNetwork Forensics and Practical Packet Analysis
Network Forensics and Practical Packet AnalysisPriyanka Aash
 
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Yuval Sinay, CISSP, C|CISO
 
Risk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security ControlsRisk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security ControlsPriyanka Aash
 
Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies Priyanka Aash
 

Destacado (12)

go-apt-cacher/mirror
go-apt-cacher/mirrorgo-apt-cacher/mirror
go-apt-cacher/mirror
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
 
Enisa internet mapping project-20130523
Enisa internet mapping project-20130523Enisa internet mapping project-20130523
Enisa internet mapping project-20130523
 
Automated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of CybercrimeAutomated Targeted Attacks: The New Age of Cybercrime
Automated Targeted Attacks: The New Age of Cybercrime
 
Workshop on Endpoint Memory Forensics
Workshop on Endpoint Memory ForensicsWorkshop on Endpoint Memory Forensics
Workshop on Endpoint Memory Forensics
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOC
 
Thinking of choosing Sophos?
Thinking of choosing Sophos?Thinking of choosing Sophos?
Thinking of choosing Sophos?
 
Attacking and Defending Mobile Applications
Attacking and Defending Mobile ApplicationsAttacking and Defending Mobile Applications
Attacking and Defending Mobile Applications
 
Network Forensics and Practical Packet Analysis
Network Forensics and Practical Packet AnalysisNetwork Forensics and Practical Packet Analysis
Network Forensics and Practical Packet Analysis
 
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)
 
Risk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security ControlsRisk Analysis using open FAIR and Adoption of right Security Controls
Risk Analysis using open FAIR and Adoption of right Security Controls
 
Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies Practical Applications of Block Chain Technologies
Practical Applications of Block Chain Technologies
 

Más de Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 

Más de Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Último

TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 

Último (20)

TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 

Targeted Attacks on Intellectual Property

  • 1. Targeted Attacks on Intellectual Property April 13, 2010 Targeted Attacks on Intellectual Property 1
  • 2. Agenda 1 Symantec’s Unique Vantage Point 2 Targeted Attacks on Intellectual Property 3 New Security Suites from Symantec Targeted Attacks on Intellectual Property 2
  • 3. Building a “Community of Defense” with Businesses > Customers from businesses around the world Who > Symantec Security Leadership and Experts on Threat Research What > Ongoing discussions about the types of IT risks businesses face today > Share information about security incidents, impact assessment, and best practices to prevent Key Findings > Today’s targeted attacks characterized by organization, covert nature and patience > Strong consensus these attacks represent a significant risk to intellectual property Targeted Attacks on Intellectual Property 3
  • 4. Anatomy of a Breach > Incursion > Discovery > Capture > Exfiltration Targeted Attacks on Intellectual Property 4
  • 5. Dissecting Hydraq Hi, I met you at the Malware Conference last month. Wanted to let you know I got this great shot of you doing your presentation. I posted it here: Incursion Organized Organized Attacker breaks into the Criminal network by delivering targeted Criminal malware to vulnerable systems and employees Targeted Attacks on Intellectual Property 5
  • 6. Dissecting Hydraq Discovery Organized Organized Hacker maps organization’s Criminal Criminal defenses from the inside and creates battle plan Targeted Attacks on Intellectual Property 6
  • 7. Dissecting Hydraq Capture Organized Organized Attacker accesses data on Criminal unprotected systems and Criminal installs malware to secretly acquire crucial data Targeted Attacks on Intellectual Property 7
  • 8. Dissecting Hydraq Hydraq Victim Exfiltration Organized Organized Confidential data sent back to Criminal enemy’s “home base” for Criminal exploitation and fraud Attacker 72.3.224.71:443 Targeted Attacks on Intellectual Property 8
  • 9. Mass Attack vs. Targeted Attack Phase Mass Attack Targeted Attack Generic social engineering Handcrafted and personalized By-chance infection methods of delivery Examination of infected resource, Typically no discovery, assumes monitoring of user to determine content is in a predefined and other accessible resources, predictable location and network enumeration Predefined specific data or data Manual analysis and inspection of which matches a predefined pattern the data such as a credit card number Information sent to dump site often Information sent directly back to with little protection and dump site attacker and not stored in known serves as long term storage location for extended period Targeted Attacks on Intellectual Property 9
  • 10. The Challenges Develop and Enforce IT Policies Protect The Information Manage Systems Protect The Infrastructure Targeted Attacks on Intellectual Property 10
  • 11. Comprehensive Security Strategy is Required Risk Based and Policy Driven IT Governance, Risk and Compliance Information - Centric Information Risk Management Operationalized Infrastructure Management Well Managed Infrastructure Infrastructure Protection Targeted Attacks on Intellectual Property 11
  • 12. New Security Suites Meet These Challenges Develop and > Control Compliance Suite 10.0 Enforce IT Policies Protect the > Data Loss Prevention Suite 10.5 Information Manage Systems > IT Management Suite 7.0 > Symantec Protection Center & Protect the > Symantec Protection Suite Infrastructure Enterprise Edition Family Targeted Attacks on Intellectual Property 12
  • 13. Develop and > Control Compliance Suite 10.0 Enforce IT Policies Key Benefits New in Version 10.0 • Define risk and develop IT • Centralized evidence policies collection and management • Assess infrastructure and • Dynamic web-based processes dashboards • Report, monitor and • Integration with Symantec demonstrate due care Data Loss Prevention • Remediate problems • New CCS Vulnerability Manager Targeted Attacks on Intellectual Property 13
  • 14. Protect the > Data Loss Prevention Suite 10.5 Information Key Benefits New in Version 10.5 • Discover where sensitive • Better visibility and control information resides of unstructured data • Monitor how data is being • Enhanced protection for used social media sites • Protect sensitive – Twitter, LinkedIn, YouTube, … information from loss • New protection for private clouds (Citrix) • New endpoint option for less complex environments Targeted Attacks on Intellectual Property 14
  • 15. Manage Systems > IT Management Suite 7.0 Key Benefits New in Version 7.0 • Implement secure operating • New comprehensive suite that environments brings together all Altiris components • Distribute and enforce patch levels • Automated end to end Windows 7 migration process • Automate processes to • Intelligent software streamline efficiency management providing • Monitor and report on complete visibility system status • Process automation of complex, time-consuming IT tasks Targeted Attacks on Intellectual Property 15
  • 16. > Symantec Protection Center & Protect the Symantec Protection Suite Infrastructure Enterprise Edition Family Key Benefits What’s New • Improved Visibility into • Symantec Protection Center: Security & Operations – Next generation security • Stronger Protection management solution – Simplifies management & • Accelerated Remediation improves security posture • Containment of Security • Symantec Protection Suites: Expenses – Three new suites designed to meet the needs of enterprise IT personnel in endpoint, gateway and server functions Targeted Attacks on Intellectual Property 16
  • 17. Thank you! Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Targeted Attacks on Intellectual Property 17