SlideShare una empresa de Scribd logo

MID_Modern_Threats_Landscape_GTI_Alex_de_Graaf_EN

Vladyslav Radetsky
Vladyslav Radetsky

Презентация доклада директора по продажам компании McAfee, Алекса де Граафа. Доклад проходил на конференции McAfee&Intel DAY 15 октября в Киеве.

TecnologíaNoticias y política
1 de 14
Descargar para leer sin conexión
Modern Threats Landscape & GTI Alex de Graaf Director, Pre-Sales McAfee, Emerging Markets EMEA
Q2-2013 Key Trends • The Dark Seoul attack against banks and media companies in South Korea • Backdoor Trojans and banking malware were the most popular mobile threats this quarter • Ransomware, which holds a computer hostage until the victim pays to free it, is getting worse. • Spam levels are bouncing back 2
Q2-2013 Key Trend: The Dark Seoul Attack • The forensic data indicates that Dark Seoul was actually just the latest attack to emerge from a malware development project that has been named Operation Troy. • McAfee Labs investigation into the Dark Seoul incident uncovered a longterm attempt at domestic spying, based on code that originated in 2009, against military targets in South Korea. • McAfee Labs research learned that the Dark Seoul attack was preceded by years of attempted cyberespionage. • For details, read the McAfee Labs report “Dissecting Operation Troy: Cyberespionage in South Korea”. 3
Q2-2013 Key Trend: Backdoor Trojans and Banking Malware • Backdoor” Trojans, which steal data without the victim’s knowledge, and malware that goes after banking login information have made up the largest portion of all new mobile malware families. • Halfway through 2013 McAfee Labs already collected almost as many mobile malware samples as in all of 2012. • In Q2 2013 we added more than 17,000 Android samples to our database. • Malware shows no sign of changing its steady growth, which has risen steeply during the last three quarters. At the end of this quarter we now have more than 147 million samples in our malware “zoo.” 4
Q2-2013 Key Trend: Ransomware is getting worse! • Ransomware has become an increasing problem during the last several quarters, and the situation continues to worsen. • The number of new, unique samples this quarter is greater than 320,000, more than twice as many as last quarter. • During the past two quarters we have catalogued more ransomware than in all previous periods combined. • Reason for ransomware’s growth: • It’s a very efficient means for criminals to earn money because they use various anonymous payment services. This method of cash collection is superior to that used by fake AV products, for example, which must process credit card orders for the fake software. • An underground ecosystem is already in place to help with services such as pay-perinstall on computers that are infected by other malware, such as Citadel, and easy-touse crime packs are available in the underground market. These advantages mean that the problem of ransomware will not disappear anytime soon. 5
Q2-2013 Key Trend: Spam levels are bouncing back • This quarter volume reached 2 trillion messages in April, the highest figure we’ve seen since 2010. • We continue to report on the variety of spam subjects and botnet prevalence in selected countries around the world. • Examining results by country, our statistics show marked differences from quarter to quarter. Ukraine and Belarus are the most dramatic examples; each had an increase of greater than 200 percent this period. 6
Interested in the latest threats? http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q2-2013.pdf
Malware Tsunami McAfee Labs discovers over 100,000 samples every day 2000 2001 2002 2003 2004 2005 2006 2011 2013 McAfee Confidential—Internal Use Only
Explosion of IP Devices 95% are unprotected 1 BILLION DEVICES 50 BILLION CONNECTED DEVICES McAfee Confidential—Internal Use Only
Malware Tsunami (100.000 Threats) * (50 Billion Devices)= X 2000 2001 2002 2003 2004 2005 2006 2013 McAfee Confidential—Internal Use Only
Rethink Security—a New Paradigm THE CONCEPT OF SIGNATURES IS BROKEN AMOUNT OF SAMPLES PER DAY AND TIME TO PROTECTION ZERO-DAY EXPLOITS KERNEL BASED ATTACKS 1997 2007 2013 (YTD) 50,000 known Threat Samples 450,000 known Threat Samples 147 million known Threat Samples 30 days to cross the office Minutes around the Globe THE NEW NATURE OF ATTACKS The future? Seconds around the Globe Milliseconds??? McAfee Confidential—Internal Use Only
What it Takes to Make Your Organization Safe GLOBAL THREAT INTELLIGENCE THREAT REPUTATION Network Activity Affiliations Geo-location Application Domain Data Activity Ports/Protocol IP Address Web Reputation URL Web Activity Network IPS Firewall 300M IPS attacks/mo. 300M IPS attacks/mo. File Reputation DNS Server Sender Reputation Mail Activity Email Address Web Gateway Mail Gateway Host AV Host IPS 3rd Party Feed 2B botnet C&C IP reputation queries/mo. 20B message reputation queries/mo. 2.5B malware reputation queries/mo. 300M IPS attacks/mo. Geo location feeds McAfee Confidential—Internal Use Only
What it Takes to Make Your Organization Safe GLOBAL THREAT INTELLIGENCE THREAT REPUTATION 10–30% Detection Improvement Average 5.3 Day Reduction in Time to Protection Protection will rely on the cloud increasingly in the future GTI can be used for both new detections and false alarm avoidance Network IPS Firewall 300M IPS attacks/mo. 300M IPS attacks/mo. Web Gateway Mail Gateway Host AV Host IPS 3rd Party Feed 2B botnet C&C IP reputation queries/mo. 20B message reputation queries/mo. 2.5B malware reputation queries/mo. 300M IPS attacks/mo. Geo location feeds McAfee Confidential—Internal Use Only
MID_Modern_Threats_Landscape_GTI_Alex_de_Graaf_EN

Recomendados

Ivanti Threat Thursday for December 2019
Ivanti Threat Thursday for December 2019Ivanti Threat Thursday for December 2019
Ivanti Threat Thursday for December 2019
Ivanti
 
China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqi...
China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqi...China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqi...
China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqi...
APNIC
 
Malware propagation in large scale networks
Malware propagation in large scale networksMalware propagation in large scale networks
Malware propagation in large scale networks
ieeepondy
 
1358619756 cyber terrorism
1358619756 cyber terrorism1358619756 cyber terrorism
1358619756 cyber terrorism
Gayatri Aryasomayajula
 
PALO ALTO -NETWORKS Application Usage & Threat Report 2014
PALO ALTO -NETWORKS Application Usage & Threat Report 2014PALO ALTO -NETWORKS Application Usage & Threat Report 2014
PALO ALTO -NETWORKS Application Usage & Threat Report 2014
Marcello Marchesini
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
Accenture
 
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
Symantec
 
Combatting cyberterrorism
Combatting cyberterrorismCombatting cyberterrorism
Combatting cyberterrorism
kelvingg
 

Recomendados

Ivanti Threat Thursday for December 2019
Ivanti Threat Thursday for December 2019Ivanti Threat Thursday for December 2019
Ivanti Threat Thursday for December 2019
Ivanti
 
China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqi...
China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqi...China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqi...
China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqi...
APNIC
 
Malware propagation in large scale networks
Malware propagation in large scale networksMalware propagation in large scale networks
Malware propagation in large scale networks
ieeepondy
 
1358619756 cyber terrorism
1358619756 cyber terrorism1358619756 cyber terrorism
1358619756 cyber terrorism
Gayatri Aryasomayajula
 
PALO ALTO -NETWORKS Application Usage & Threat Report 2014
PALO ALTO -NETWORKS Application Usage & Threat Report 2014PALO ALTO -NETWORKS Application Usage & Threat Report 2014
PALO ALTO -NETWORKS Application Usage & Threat Report 2014
Marcello Marchesini
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
Accenture
 
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
Symantec
 
Combatting cyberterrorism
Combatting cyberterrorismCombatting cyberterrorism
Combatting cyberterrorism
kelvingg
 
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
Tejesh Dhaypule
 
Internet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareInternet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshare
Youngjun Chang
 
Malware propagation in large scale networks
Malware propagation in large scale networksMalware propagation in large scale networks
Malware propagation in large scale networks
Shakas Technologies
 
Infographic Economic Impact of Cybercrime
Infographic Economic Impact of CybercrimeInfographic Economic Impact of Cybercrime
Infographic Economic Impact of Cybercrime
Jeferson Propheta
 
Malware propagation in large scale networks
Malware propagation in large scale networksMalware propagation in large scale networks
Malware propagation in large scale networks
Pvrtechnologies Nellore
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfare
VedangiBrahmbhatt
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1
100688767-barrett
 
David Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwareDavid Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer Malware
Pro Mrkt
 
5 main trends in cyber security for 2020
5 main trends in cyber security for 20205 main trends in cyber security for 2020
5 main trends in cyber security for 2020
Agnieszka Guźniczak-Beim
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management Process
Bill Ross
 
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
Symantec
 
McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019 McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019
BAKOTECH
 
ISTR Volume 18
ISTR Volume 18ISTR Volume 18
ISTR Volume 18
Symantec
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
Gohar Sokhakyan
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
Shivam Lohiya
 
Computer Vandalism
Computer VandalismComputer Vandalism
Computer Vandalism
Aditya Singh
 
SecurityInfographic
SecurityInfographicSecurityInfographic
SecurityInfographic
Emerald Technology
 
Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_training
Youngjun Chang
 
Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012
Комсс Файквэе
 
MID_Security_Connected_Jan_van_Vliet_EN
MID_Security_Connected_Jan_van_Vliet_ENMID_Security_Connected_Jan_van_Vliet_EN
MID_Security_Connected_Jan_van_Vliet_EN
Vladyslav Radetsky
 
Kerio Corporate Solutions - Technical Training
Kerio Corporate Solutions - Technical TrainingKerio Corporate Solutions - Technical Training
Kerio Corporate Solutions - Technical Training
Vladyslav Radetsky
 

Más contenido relacionado

La actualidad más candente

Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_training
Youngjun Chang
 

La actualidad más candente (20)

Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
 
Internet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareInternet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshare
 
Malware propagation in large scale networks
Malware propagation in large scale networksMalware propagation in large scale networks
Malware propagation in large scale networks
 
Infographic Economic Impact of Cybercrime
Infographic Economic Impact of CybercrimeInfographic Economic Impact of Cybercrime
Infographic Economic Impact of Cybercrime
 
Malware propagation in large scale networks
Malware propagation in large scale networksMalware propagation in large scale networks
Malware propagation in large scale networks
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfare
 
Cyberterrorismv1
Cyberterrorismv1Cyberterrorismv1
Cyberterrorismv1
 
David Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer MalwareDavid Emm | The What, How, Who and Why of Computer Malware
David Emm | The What, How, Who and Why of Computer Malware
 
5 main trends in cyber security for 2020
5 main trends in cyber security for 20205 main trends in cyber security for 2020
5 main trends in cyber security for 2020
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management Process
 
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
 
McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019 McAfee Labs Threats Report, August 2019
McAfee Labs Threats Report, August 2019
 
ISTR Volume 18
ISTR Volume 18ISTR Volume 18
ISTR Volume 18
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
Computer Vandalism
Computer VandalismComputer Vandalism
Computer Vandalism
 
SecurityInfographic
SecurityInfographicSecurityInfographic
SecurityInfographic
 
Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_training
 
Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012
 

Destacado

Afro-Bolivian Fun Facts
Afro-Bolivian Fun Facts Afro-Bolivian Fun Facts
Afro-Bolivian Fun Facts
le_davis
 
2 d gameplaytutorial
2 d gameplaytutorial2 d gameplaytutorial
2 d gameplaytutorial
unityshare
 

Destacado (7)

MID_Security_Connected_Jan_van_Vliet_EN
MID_Security_Connected_Jan_van_Vliet_ENMID_Security_Connected_Jan_van_Vliet_EN
MID_Security_Connected_Jan_van_Vliet_EN
 
Kerio Corporate Solutions - Technical Training
Kerio Corporate Solutions - Technical TrainingKerio Corporate Solutions - Technical Training
Kerio Corporate Solutions - Technical Training
 
Afro-Bolivian Fun Facts
Afro-Bolivian Fun Facts Afro-Bolivian Fun Facts
Afro-Bolivian Fun Facts
 
MID_McAfee_DLP_Vlad_Radetskiy_RU
MID_McAfee_DLP_Vlad_Radetskiy_RUMID_McAfee_DLP_Vlad_Radetskiy_RU
MID_McAfee_DLP_Vlad_Radetskiy_RU
 
MID_Endpoint_Protection_Suites_Ruslans_Barbasins_RU
MID_Endpoint_Protection_Suites_Ruslans_Barbasins_RUMID_Endpoint_Protection_Suites_Ruslans_Barbasins_RU
MID_Endpoint_Protection_Suites_Ruslans_Barbasins_RU
 
MID_AppChangeContol_Andrey_Bezverkhiy_RU
MID_AppChangeContol_Andrey_Bezverkhiy_RUMID_AppChangeContol_Andrey_Bezverkhiy_RU
MID_AppChangeContol_Andrey_Bezverkhiy_RU
 
2 d gameplaytutorial
2 d gameplaytutorial2 d gameplaytutorial
2 d gameplaytutorial
 

Similar a MID_Modern_Threats_Landscape_GTI_Alex_de_Graaf_EN

MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence
Cyphort
 
Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014
Symantec
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
HackIT Ukraine
 
Sophos security-threat-report-2014-na
Sophos security-threat-report-2014-naSophos security-threat-report-2014-na
Sophos security-threat-report-2014-na
Andreas Hiller
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
Zscaler
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
Microsoft Asia
 

Similar a MID_Modern_Threats_Landscape_GTI_Alex_de_Graaf_EN (20)

McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013McAFEE LABS THREATS REPORT - Fourth Quarter 2013
McAFEE LABS THREATS REPORT - Fourth Quarter 2013
 
MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
 
Kaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst SummitKaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst Summit
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
 
Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012
 
Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014Symantec Intelligence Report November 2014
Symantec Intelligence Report November 2014
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
 
Sophos security-threat-report-2014-na
Sophos security-threat-report-2014-naSophos security-threat-report-2014-na
Sophos security-threat-report-2014-na
 
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version externalRansomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
 
Ransomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptxRansomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptx
 
Brooks18
Brooks18Brooks18
Brooks18
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Avast Q1 Security Report 2015
Avast Q1 Security Report 2015Avast Q1 Security Report 2015
Avast Q1 Security Report 2015
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
 
Ransomware (1).pdf
Ransomware (1).pdfRansomware (1).pdf
Ransomware (1).pdf
 
Network Insights of Dyre and Dridex Trojan Bankers
Network Insights of Dyre and Dridex Trojan BankersNetwork Insights of Dyre and Dridex Trojan Bankers
Network Insights of Dyre and Dridex Trojan Bankers
 
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
Francesca Bosco, Cybercrimes - Bicocca 31.03.2011
 

Más de Vladyslav Radetsky

Сам собі sandbox або як перевіряти файли
Сам собі sandbox або як перевіряти файлиСам собі sandbox або як перевіряти файли
Сам собі sandbox або як перевіряти файли
Vladyslav Radetsky
 
Cybersecurity during real WAR [English version]
Cybersecurity during real WAR [English version]Cybersecurity during real WAR [English version]
Cybersecurity during real WAR [English version]
Vladyslav Radetsky
 
Кіберзахист в умовах війни
Кіберзахист в умовах війниКіберзахист в умовах війни
Кіберзахист в умовах війни
Vladyslav Radetsky
 
"Мистецтво захисту бар'єрів"
"Мистецтво захисту бар'єрів""Мистецтво захисту бар'єрів"
"Мистецтво захисту бар'єрів"
Vladyslav Radetsky
 
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
Vladyslav Radetsky
 

Más de Vladyslav Radetsky (20)

Сам собі sandbox або як перевіряти файли
Сам собі sandbox або як перевіряти файлиСам собі sandbox або як перевіряти файли
Сам собі sandbox або як перевіряти файли
 
2й фактор для телефону
2й фактор для телефону2й фактор для телефону
2й фактор для телефону
 
Безпека телефонів для ЗСУ, ТРО та волонтерів
Безпека телефонів для ЗСУ, ТРО та волонтерівБезпека телефонів для ЗСУ, ТРО та волонтерів
Безпека телефонів для ЗСУ, ТРО та волонтерів
 
Cybersecurity during real WAR [English version]
Cybersecurity during real WAR [English version]Cybersecurity during real WAR [English version]
Cybersecurity during real WAR [English version]
 
Кіберзахист в умовах війни
Кіберзахист в умовах війниКіберзахист в умовах війни
Кіберзахист в умовах війни
 
"Мистецтво захисту бар'єрів"
"Мистецтво захисту бар'єрів""Мистецтво захисту бар'єрів"
"Мистецтво захисту бар'єрів"
 
Практичні рецепти захисту
Практичні рецепти захистуПрактичні рецепти захисту
Практичні рецепти захисту
 
McAfee – конструктор Lego для ІБ
McAfee – конструктор Lego для ІБMcAfee – конструктор Lego для ІБ
McAfee – конструктор Lego для ІБ
 
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threatBasic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
Basic detection tests of McAfee ENS + MVISION Insights usage for SunBurst threat
 
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
Перевірка роботи McAfee ENS. MVISION Insights SUNBURST.
 
Як не стати жертвою ?
Як не стати жертвою ?Як не стати жертвою ?
Як не стати жертвою ?
 
Логи (анти)вірусних війн 2019-2020
Логи (анти)вірусних війн 2019-2020Логи (анти)вірусних війн 2019-2020
Логи (анти)вірусних війн 2019-2020
 
McAfee ENS 10.7 - що нового ?
McAfee ENS 10.7 - що нового ?McAfee ENS 10.7 - що нового ?
McAfee ENS 10.7 - що нового ?
 
Типові помилки при впровадженні DLP #2
Типові помилки при впровадженні DLP #2Типові помилки при впровадженні DLP #2
Типові помилки при впровадженні DLP #2
 
Типові помилки при впровадженні DLP
Типові помилки при впровадженні DLPТипові помилки при впровадженні DLP
Типові помилки при впровадженні DLP
 
Невивчені уроки або логи антивірусних війн
Невивчені уроки або логи антивірусних війнНевивчені уроки або логи антивірусних війн
Невивчені уроки або логи антивірусних війн
 
NSP та MWG - захист мережевого трафіку
NSP та MWG - захист мережевого трафікуNSP та MWG - захист мережевого трафіку
NSP та MWG - захист мережевого трафіку
 
Робота із malware. McAfee ATD+TIE+DXL/OpenDXL
Робота із malware. McAfee ATD+TIE+DXL/OpenDXLРобота із malware. McAfee ATD+TIE+DXL/OpenDXL
Робота із malware. McAfee ATD+TIE+DXL/OpenDXL
 
Історії з практики. Боротьба із malware.
Історії з практики. Боротьба із malware. Історії з практики. Боротьба із malware.
Історії з практики. Боротьба із malware.
 
Практики застосування рішень McAfee. Історії успіху.
Практики застосування рішень McAfee. Історії успіху.Практики застосування рішень McAfee. Історії успіху.
Практики застосування рішень McAfee. Історії успіху.
 

Último

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

MID_Modern_Threats_Landscape_GTI_Alex_de_Graaf_EN

  • 1. Modern Threats Landscape & GTI Alex de Graaf Director, Pre-Sales McAfee, Emerging Markets EMEA
  • 2. Q2-2013 Key Trends • The Dark Seoul attack against banks and media companies in South Korea • Backdoor Trojans and banking malware were the most popular mobile threats this quarter • Ransomware, which holds a computer hostage until the victim pays to free it, is getting worse. • Spam levels are bouncing back 2
  • 3. Q2-2013 Key Trend: The Dark Seoul Attack • The forensic data indicates that Dark Seoul was actually just the latest attack to emerge from a malware development project that has been named Operation Troy. • McAfee Labs investigation into the Dark Seoul incident uncovered a longterm attempt at domestic spying, based on code that originated in 2009, against military targets in South Korea. • McAfee Labs research learned that the Dark Seoul attack was preceded by years of attempted cyberespionage. • For details, read the McAfee Labs report “Dissecting Operation Troy: Cyberespionage in South Korea”. 3
  • 4. Q2-2013 Key Trend: Backdoor Trojans and Banking Malware • Backdoor” Trojans, which steal data without the victim’s knowledge, and malware that goes after banking login information have made up the largest portion of all new mobile malware families. • Halfway through 2013 McAfee Labs already collected almost as many mobile malware samples as in all of 2012. • In Q2 2013 we added more than 17,000 Android samples to our database. • Malware shows no sign of changing its steady growth, which has risen steeply during the last three quarters. At the end of this quarter we now have more than 147 million samples in our malware “zoo.” 4
  • 5. Q2-2013 Key Trend: Ransomware is getting worse! • Ransomware has become an increasing problem during the last several quarters, and the situation continues to worsen. • The number of new, unique samples this quarter is greater than 320,000, more than twice as many as last quarter. • During the past two quarters we have catalogued more ransomware than in all previous periods combined. • Reason for ransomware’s growth: • It’s a very efficient means for criminals to earn money because they use various anonymous payment services. This method of cash collection is superior to that used by fake AV products, for example, which must process credit card orders for the fake software. • An underground ecosystem is already in place to help with services such as pay-perinstall on computers that are infected by other malware, such as Citadel, and easy-touse crime packs are available in the underground market. These advantages mean that the problem of ransomware will not disappear anytime soon. 5
  • 6. Q2-2013 Key Trend: Spam levels are bouncing back • This quarter volume reached 2 trillion messages in April, the highest figure we’ve seen since 2010. • We continue to report on the variety of spam subjects and botnet prevalence in selected countries around the world. • Examining results by country, our statistics show marked differences from quarter to quarter. Ukraine and Belarus are the most dramatic examples; each had an increase of greater than 200 percent this period. 6
  • 7. Interested in the latest threats? http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q2-2013.pdf
  • 8. Malware Tsunami McAfee Labs discovers over 100,000 samples every day 2000 2001 2002 2003 2004 2005 2006 2011 2013 McAfee Confidential—Internal Use Only
  • 9. Explosion of IP Devices 95% are unprotected 1 BILLION DEVICES 50 BILLION CONNECTED DEVICES McAfee Confidential—Internal Use Only
  • 10. Malware Tsunami (100.000 Threats) * (50 Billion Devices)= X 2000 2001 2002 2003 2004 2005 2006 2013 McAfee Confidential—Internal Use Only
  • 11. Rethink Security—a New Paradigm THE CONCEPT OF SIGNATURES IS BROKEN AMOUNT OF SAMPLES PER DAY AND TIME TO PROTECTION ZERO-DAY EXPLOITS KERNEL BASED ATTACKS 1997 2007 2013 (YTD) 50,000 known Threat Samples 450,000 known Threat Samples 147 million known Threat Samples 30 days to cross the office Minutes around the Globe THE NEW NATURE OF ATTACKS The future? Seconds around the Globe Milliseconds??? McAfee Confidential—Internal Use Only
  • 12. What it Takes to Make Your Organization Safe GLOBAL THREAT INTELLIGENCE THREAT REPUTATION Network Activity Affiliations Geo-location Application Domain Data Activity Ports/Protocol IP Address Web Reputation URL Web Activity Network IPS Firewall 300M IPS attacks/mo. 300M IPS attacks/mo. File Reputation DNS Server Sender Reputation Mail Activity Email Address Web Gateway Mail Gateway Host AV Host IPS 3rd Party Feed 2B botnet C&C IP reputation queries/mo. 20B message reputation queries/mo. 2.5B malware reputation queries/mo. 300M IPS attacks/mo. Geo location feeds McAfee Confidential—Internal Use Only
  • 13. What it Takes to Make Your Organization Safe GLOBAL THREAT INTELLIGENCE THREAT REPUTATION 10–30% Detection Improvement Average 5.3 Day Reduction in Time to Protection Protection will rely on the cloud increasingly in the future GTI can be used for both new detections and false alarm avoidance Network IPS Firewall 300M IPS attacks/mo. 300M IPS attacks/mo. Web Gateway Mail Gateway Host AV Host IPS 3rd Party Feed 2B botnet C&C IP reputation queries/mo. 20B message reputation queries/mo. 2.5B malware reputation queries/mo. 300M IPS attacks/mo. Geo location feeds McAfee Confidential—Internal Use Only