SlideShare una empresa de Scribd logo

Why do THEY want your digital devices?

Descargar como PPTX, PDF
ESET
ESET

Security expert Stephen Cobb looks at the goals and motives of criminal hackers, and how to mitigate the two main avenues of attack using smart scanning and strong authentication.

Tecnología
1 de 17
Why THEY want your digital devices Stephen Cobb, CISSP Security Evangelist
To own your network?
36 ways to abuse hacked devices • Phishing site • Spam zombie • Malware download site • DDoS extortion zombie • Warez piracy server Web Botnet • Click fraud zombie • Child porn server server activity • Anonymization proxy • Spam site • CAPTCHA solving zombie • Harvest email contacts • eBay/PayPal fake auctions • Harvest associated accounts • Online gaming credentials • Access to corporate email Email Account • Website FTP credentials • Webmail spam attacks credentials • Skype/VoIP credentials • Stranded abroad scams • Encryption certificates • Online gaming characters • Bank account data • Online gaming goods/$$$ Virtual Financial • Credit card data • PC game license keys goods credentials • Stock and 401K accounts • OS license key • Wire transfer data • Facebook • Fake antivirus • Twitter Reputation Hostage • Ransomware • LinkedIn hijacking attacks • Email account ransom • Google+ • Webcam image extortion Based on original work by Brian Krebs: krebsonsecurity.com
MONEY ADVANTAGE IMPACT CREDENTIALS
720 breaches by size of organization (employees) Over 100,000 10,001 to 100,000 1,001 to 10,000 101 to 1,000 11 to 100 1 to 10 SMBs 0 100 200 300 400 500 600 Verizon 2012 Data Breach Investigations Report
The SMB sweet spot for the cyber- criminally inclined Big enterprise Assets SMB “sweet spot” worth looting Consumers Level of protection
How do they get to your devices? 1. Malware involved in 69% of breaches 2. Hacking* used in 81% of breaches Breaches combining malware and hacking: 61% *80% of hacking is passwords: default, missing, guessed, stolen, cracked Verizon 2012 Data Breach Investigations Report
Tools of the trade
Thriving markets for credentials
Hot markets for hacked devices
All driven by proven business strategies
So how do you defend your devices? Two main attacks…. …and defenses Malware Scanning Hacking Authentication
Scanning requires proper implementation Measures in use at a sample of healthcare facilities Require AV on mobile devices Scan devices prior to connection Scan devices while connected 0% 10% 20% 30% 40% Ponemon Institute Third Annual Benchmark Study on Patient Privacy & Data Security
Authentication requires more than passwords Passwords exposed in 2012: 75,000,000 And those are just the ones we know about Need to add a second factor to authentication
The defenses you need Malware SMART Scanning Hacking STRONG Authentication Plus polices and training to implement effectively
Thank you! Stephen Cobb  stephen.cobb@eset.com WeLiveSecurity.com

Recomendados

Enjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsEnjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsStephen Cobb
 
Any Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan BreachAny Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan BreachCBIZ Risk & Advisory Services
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionShane Rice
 
10 Fun Short IT Horror Stories
10 Fun Short IT Horror Stories10 Fun Short IT Horror Stories
10 Fun Short IT Horror StoriesStu Sjouwerman
 
Phishing-Updated
Phishing-UpdatedPhishing-Updated
Phishing-UpdatedJayaseelan Vejayon
 
Awareness of Sim Swap Attack
Awareness of Sim Swap AttackAwareness of Sim Swap Attack
Awareness of Sim Swap Attackijtsrd
 
Sim swapping
Sim swappingSim swapping
Sim swappinglalakis2001
 
Tips for safe purchasing on the web
Tips for safe purchasing on the webTips for safe purchasing on the web
Tips for safe purchasing on the webKeynectis
 

Recomendados

Enjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsEnjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsStephen Cobb
 
Any Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan BreachAny Information Can be Valuable and Other Lessons from the JP Morgan Breach
Any Information Can be Valuable and Other Lessons from the JP Morgan BreachCBIZ Risk & Advisory Services
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionShane Rice
 
10 Fun Short IT Horror Stories
10 Fun Short IT Horror Stories10 Fun Short IT Horror Stories
10 Fun Short IT Horror StoriesStu Sjouwerman
 
Phishing-Updated
Phishing-UpdatedPhishing-Updated
Phishing-UpdatedJayaseelan Vejayon
 
Awareness of Sim Swap Attack
Awareness of Sim Swap AttackAwareness of Sim Swap Attack
Awareness of Sim Swap Attackijtsrd
 
Sim swapping
Sim swappingSim swapping
Sim swappinglalakis2001
 
Tips for safe purchasing on the web
Tips for safe purchasing on the webTips for safe purchasing on the web
Tips for safe purchasing on the webKeynectis
 
Phishing
PhishingPhishing
PhishingNaval OPSEC
 
Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Sooraj Maurya
 
E business internet fraud
E business internet fraudE business internet fraud
E business internet fraudRadiant Minds
 
Online Scams and Frauds
Online Scams and FraudsOnline Scams and Frauds
Online Scams and FraudsQuick Heal Technologies Ltd.
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeDurban Chamber of Commerce and Industry
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenVidaB
 
Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment SystemsDomenico Catalano
 
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki... Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...ArielMcCurdy
 
Mr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingMr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingJacqueline Fick
 
E commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B AhmedE commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B AhmedVidaB
 
Identity theft pp presentation
Identity theft pp presentationIdentity theft pp presentation
Identity theft pp presentationYusuf Qadir
 
Identity Theft: Evolving with Technology
Identity Theft: Evolving with TechnologyIdentity Theft: Evolving with Technology
Identity Theft: Evolving with Technology- Mark - Fullbright
 
Cyber safe girl e book
Cyber safe girl e bookCyber safe girl e book
Cyber safe girl e bookMukarram Dhorajiwala
 
ELECTRONIC FRAUD TACTICS
ELECTRONIC FRAUD TACTICS ELECTRONIC FRAUD TACTICS
ELECTRONIC FRAUD TACTICS ICFAI Business School
 
Cyber fraud in banks
Cyber fraud in banksCyber fraud in banks
Cyber fraud in banksNetwork Intelligence India
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationNick Chandi
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Telesign impermium webinar deck-121312
Telesign impermium webinar deck-121312Telesign impermium webinar deck-121312
Telesign impermium webinar deck-121312Dean Nicolls
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Management Insights LLC
 

Más contenido relacionado

La actualidad más candente

Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Sooraj Maurya
 
E business internet fraud
E business internet fraudE business internet fraud
E business internet fraudRadiant Minds
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenVidaB
 
Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment SystemsDomenico Catalano
 
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki... Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...ArielMcCurdy
 
Mr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingMr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingJacqueline Fick
 
E commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B AhmedE commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B AhmedVidaB
 
Identity theft pp presentation
Identity theft pp presentationIdentity theft pp presentation
Identity theft pp presentationYusuf Qadir
 
Identity Theft: Evolving with Technology
Identity Theft: Evolving with TechnologyIdentity Theft: Evolving with Technology
Identity Theft: Evolving with Technology- Mark - Fullbright
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 

La actualidad más candente (17)

Phishing
PhishingPhishing
Phishing
 
Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER Cybercrime IN INDIA , LAW AND ORDER
Cybercrime IN INDIA , LAW AND ORDER
 
E business internet fraud
E business internet fraudE business internet fraud
E business internet fraud
 
Online Scams and Frauds
Online Scams and FraudsOnline Scams and Frauds
Online Scams and Frauds
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerce
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce Jen
 
Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment Systems
 
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki... Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
 
Mr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingMr SIM Swap Gone Phishing
Mr SIM Swap Gone Phishing
 
E commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B AhmedE commerce fraud chapter 17 B Ahmed
E commerce fraud chapter 17 B Ahmed
 
Identity theft pp presentation
Identity theft pp presentationIdentity theft pp presentation
Identity theft pp presentation
 
Identity Theft: Evolving with Technology
Identity Theft: Evolving with TechnologyIdentity Theft: Evolving with Technology
Identity Theft: Evolving with Technology
 
Cyber safe girl e book
Cyber safe girl e bookCyber safe girl e book
Cyber safe girl e book
 
ELECTRONIC FRAUD TACTICS
ELECTRONIC FRAUD TACTICS ELECTRONIC FRAUD TACTICS
ELECTRONIC FRAUD TACTICS
 
Cyber fraud in banks
Cyber fraud in banksCyber fraud in banks
Cyber fraud in banks
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual Report
 

Similar a Why do THEY want your digital devices?

Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationNick Chandi
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Telesign impermium webinar deck-121312
Telesign impermium webinar deck-121312Telesign impermium webinar deck-121312
Telesign impermium webinar deck-121312Dean Nicolls
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Management Insights LLC
 
Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Creus Moreira Carlos
 
User Authentication for Government
User Authentication for GovernmentUser Authentication for Government
User Authentication for GovernmentCarahsoft
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKeshab Nath
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 
Web Application Security with PHP
Web Application Security with PHPWeb Application Security with PHP
Web Application Security with PHPjikbal
 
Owasp e crime-london-2012-final
Owasp e crime-london-2012-finalOwasp e crime-london-2012-final
Owasp e crime-london-2012-finalMarco Morana
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Amazon Web Services
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyFirst Atlantic Commerce
 
Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Keynectis
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 
What is-flame-miniflame
What is-flame-miniflameWhat is-flame-miniflame
What is-flame-miniflameVenafi
 
Identity Theft
Identity TheftIdentity Theft
Identity TheftSimpletel
 

Similar a Why do THEY want your digital devices? (20)

Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and Response
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigation
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Telesign impermium webinar deck-121312
Telesign impermium webinar deck-121312Telesign impermium webinar deck-121312
Telesign impermium webinar deck-121312
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2
 
Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012
 
User Authentication for Government
User Authentication for GovernmentUser Authentication for Government
User Authentication for Government
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise Applications
 
Web Application Security with PHP
Web Application Security with PHPWeb Application Security with PHP
Web Application Security with PHP
 
Owasp e crime-london-2012-final
Owasp e crime-london-2012-finalOwasp e crime-london-2012-final
Owasp e crime-london-2012-final
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
 
Stu w25 a
Stu w25 aStu w25 a
Stu w25 a
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your Enemy
 
Taveau cartes2012 speaker
Taveau cartes2012 speakerTaveau cartes2012 speaker
Taveau cartes2012 speaker
 
Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
 
What is-flame-miniflame
What is-flame-miniflameWhat is-flame-miniflame
What is-flame-miniflame
 
Identity Theft
Identity TheftIdentity Theft
Identity Theft
 
NEDMA18 Keynote: Cyber Security – what you need to know, what you need to do
NEDMA18 Keynote: Cyber Security – what you need to know, what you need to doNEDMA18 Keynote: Cyber Security – what you need to know, what you need to do
NEDMA18 Keynote: Cyber Security – what you need to know, what you need to do
 

Más de ESET

ESET Cybersecurity students
ESET Cybersecurity studentsESET Cybersecurity students
ESET Cybersecurity studentsESET
 
ESET Cybersecurity training
ESET Cybersecurity trainingESET Cybersecurity training
ESET Cybersecurity trainingESET
 
How to implement a robust information security management system?
How to implement a robust information security management system?How to implement a robust information security management system?
How to implement a robust information security management system?ESET
 
#AntimalwareDay: The ESET Celebration of the Origins of Computer Defense in N...
#AntimalwareDay: The ESET Celebration of the Origins of Computer Defense in N...#AntimalwareDay: The ESET Celebration of the Origins of Computer Defense in N...
#AntimalwareDay: The ESET Celebration of the Origins of Computer Defense in N...ESET
 
Visiting the Bear Den
Visiting the Bear DenVisiting the Bear Den
Visiting the Bear DenESET
 
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...ESET
 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET
 
Bootkits: Past, Present & Future - Virus Bulletin
Bootkits: Past, Present & Future - Virus BulletinBootkits: Past, Present & Future - Virus Bulletin
Bootkits: Past, Present & Future - Virus BulletinESET
 
Operation Buhtrap - AVAR 2015
Operation Buhtrap - AVAR 2015Operation Buhtrap - AVAR 2015
Operation Buhtrap - AVAR 2015ESET
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent ThreatsESET
 
Shopping Online
Shopping OnlineShopping Online
Shopping OnlineESET
 
Banking Online
Banking OnlineBanking Online
Banking OnlineESET
 
Is Anti-Virus Dead?
Is Anti-Virus Dead?Is Anti-Virus Dead?
Is Anti-Virus Dead?ESET
 
Is Linux/Moose endangered or extinct?
Is Linux/Moose endangered or extinct? Is Linux/Moose endangered or extinct?
Is Linux/Moose endangered or extinct? ESET
 
Unpack your troubles*: .NET packer tricks and countermeasures
Unpack your troubles*: .NET packer tricks and countermeasuresUnpack your troubles*: .NET packer tricks and countermeasures
Unpack your troubles*: .NET packer tricks and countermeasuresESET
 
ESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET
 
ESET: Delivering Benefits to Enterprises
ESET: Delivering Benefits to EnterprisesESET: Delivering Benefits to Enterprises
ESET: Delivering Benefits to EnterprisesESET
 
ESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large BusinessesESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large BusinessesESET
 
#DoMore with ESET
#DoMore with ESET#DoMore with ESET
#DoMore with ESETESET
 
2014: Mid-Year Threat Review
2014: Mid-Year Threat Review2014: Mid-Year Threat Review
2014: Mid-Year Threat ReviewESET
 

Más de ESET (20)

ESET Cybersecurity students
ESET Cybersecurity studentsESET Cybersecurity students
ESET Cybersecurity students
 
ESET Cybersecurity training
ESET Cybersecurity trainingESET Cybersecurity training
ESET Cybersecurity training
 
How to implement a robust information security management system?
How to implement a robust information security management system?How to implement a robust information security management system?
How to implement a robust information security management system?
 
#AntimalwareDay: The ESET Celebration of the Origins of Computer Defense in N...
#AntimalwareDay: The ESET Celebration of the Origins of Computer Defense in N...#AntimalwareDay: The ESET Celebration of the Origins of Computer Defense in N...
#AntimalwareDay: The ESET Celebration of the Origins of Computer Defense in N...
 
Visiting the Bear Den
Visiting the Bear DenVisiting the Bear Den
Visiting the Bear Den
 
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
AVAR Sydney 2014: Lemming Aid and Kool Aid: Helping the Community to Help Its...
 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection Regulation
 
Bootkits: Past, Present & Future - Virus Bulletin
Bootkits: Past, Present & Future - Virus BulletinBootkits: Past, Present & Future - Virus Bulletin
Bootkits: Past, Present & Future - Virus Bulletin
 
Operation Buhtrap - AVAR 2015
Operation Buhtrap - AVAR 2015Operation Buhtrap - AVAR 2015
Operation Buhtrap - AVAR 2015
 
Advanced Persistent Threats
Advanced Persistent ThreatsAdvanced Persistent Threats
Advanced Persistent Threats
 
Shopping Online
Shopping OnlineShopping Online
Shopping Online
 
Banking Online
Banking OnlineBanking Online
Banking Online
 
Is Anti-Virus Dead?
Is Anti-Virus Dead?Is Anti-Virus Dead?
Is Anti-Virus Dead?
 
Is Linux/Moose endangered or extinct?
Is Linux/Moose endangered or extinct? Is Linux/Moose endangered or extinct?
Is Linux/Moose endangered or extinct?
 
Unpack your troubles*: .NET packer tricks and countermeasures
Unpack your troubles*: .NET packer tricks and countermeasuresUnpack your troubles*: .NET packer tricks and countermeasures
Unpack your troubles*: .NET packer tricks and countermeasures
 
ESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business Products
 
ESET: Delivering Benefits to Enterprises
ESET: Delivering Benefits to EnterprisesESET: Delivering Benefits to Enterprises
ESET: Delivering Benefits to Enterprises
 
ESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large BusinessesESET: Delivering Benefits to Medium and Large Businesses
ESET: Delivering Benefits to Medium and Large Businesses
 
#DoMore with ESET
#DoMore with ESET#DoMore with ESET
#DoMore with ESET
 
2014: Mid-Year Threat Review
2014: Mid-Year Threat Review2014: Mid-Year Threat Review
2014: Mid-Year Threat Review
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 

Último (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 

Why do THEY want your digital devices?

  • 1. Why THEY want your digital devices Stephen Cobb, CISSP Security Evangelist
  • 3. 36 ways to abuse hacked devices • Phishing site • Spam zombie • Malware download site • DDoS extortion zombie • Warez piracy server Web Botnet • Click fraud zombie • Child porn server server activity • Anonymization proxy • Spam site • CAPTCHA solving zombie • Harvest email contacts • eBay/PayPal fake auctions • Harvest associated accounts • Online gaming credentials • Access to corporate email Email Account • Website FTP credentials • Webmail spam attacks credentials • Skype/VoIP credentials • Stranded abroad scams • Encryption certificates • Online gaming characters • Bank account data • Online gaming goods/$$$ Virtual Financial • Credit card data • PC game license keys goods credentials • Stock and 401K accounts • OS license key • Wire transfer data • Facebook • Fake antivirus • Twitter Reputation Hostage • Ransomware • LinkedIn hijacking attacks • Email account ransom • Google+ • Webcam image extortion Based on original work by Brian Krebs: krebsonsecurity.com
  • 4. MONEY ADVANTAGE IMPACT CREDENTIALS
  • 5. 720 breaches by size of organization (employees) Over 100,000 10,001 to 100,000 1,001 to 10,000 101 to 1,000 11 to 100 1 to 10 SMBs 0 100 200 300 400 500 600 Verizon 2012 Data Breach Investigations Report
  • 6. The SMB sweet spot for the cyber- criminally inclined Big enterprise Assets SMB “sweet spot” worth looting Consumers Level of protection
  • 7. How do they get to your devices? 1. Malware involved in 69% of breaches 2. Hacking* used in 81% of breaches Breaches combining malware and hacking: 61% *80% of hacking is passwords: default, missing, guessed, stolen, cracked Verizon 2012 Data Breach Investigations Report
  • 8. Tools of the trade
  • 9.
  • 10. Thriving markets for credentials
  • 11. Hot markets for hacked devices
  • 12. All driven by proven business strategies
  • 13. So how do you defend your devices? Two main attacks…. …and defenses Malware Scanning Hacking Authentication
  • 14. Scanning requires proper implementation Measures in use at a sample of healthcare facilities Require AV on mobile devices Scan devices prior to connection Scan devices while connected 0% 10% 20% 30% 40% Ponemon Institute Third Annual Benchmark Study on Patient Privacy & Data Security
  • 15. Authentication requires more than passwords Passwords exposed in 2012: 75,000,000 And those are just the ones we know about Need to add a second factor to authentication
  • 16. The defenses you need Malware SMART Scanning Hacking STRONG Authentication Plus polices and training to implement effectively
  • 17. Thank you! Stephen Cobb  stephen.cobb@eset.com WeLiveSecurity.com

Notas del editor

  1. Money + Access + Kicks = Credentials