Kaseya is proud to present a webinar by Kaspersky Lab on the latest changes in the cybercrime threatscape and what we have to fear most from today’s cyber criminals.
Join us and you’ll learn:
The biggest threats in cybercrime today
What you should worry about most
Ten tips towards better Internet safety
How to serve up the best security information
Kaspersky is one of the top antivirus companies in the world, with the team of virus analysts who first broke Stuxnet and Flame, two of the biggest cyber threats in history. Kaspersky AV protects over 350 million end points with a presence in over 20 different countries.
Axa Assurance Maroc - Insurer Innovation Award 2024
Cybercrime Threats in 2012 - What You Need to Know
1. Kaseya and Kaspersky Lab
Cybercrime Threats in 2012: What You
Need to Know
Cynthia James,
Director Business Development, CISSP
September 2012
2. Agenda
Kaspersky Lab
Today’s Threatscape & Top Threats
10 Internet Safety Tips
Sources
PAGE 2 | Kaspersky Lab Presentation | September 26, 2012
3. About Kaspersky Lab
Founded in 1997; largest private anti-malware company – 100%
focused on anti-malware
Over $600M annual revenues
Presence in 19 countries: CEO is Russian; incorporated in the UK;
new to US market in 2005
#1 vendor in Germany, France, Spain, Eastern Europe
America’s distribution: 12,000 outlets; top two vendors (revenue
& units shipping)
Top supplier to OEMs/ISVs of anti-malware worldwide
Aggressively protecting businesses
PAGE 3 | Kaspersky Lab Presentation | September 26, 2012
4. Cybercrime threatscape: malware growth
Recent years have seen exponential growth in malware.
200k unique malware samples were identified in 2006; 2M in
2007, over 15 million by 2009…50 million this past year.
Now it is the quality of malware that improves annually.
PAGE 4 | Kaspersky Lab Presentation | September 26, 2012
5. Top Security Threats of 2012: backdrop
Cybercriminals earn over $100 billion annually!
Cybercrime markets are now very organized and
sophisticated everything has a price, most data
has some value
Affiliate programs pay hackers to distribute malware
“Rented” botnets & malware kits for sale
Code re-use: there’s no such thing
as “old news” in cybercrime
Trickle down effect (of tactics)
PAGE 5 | Kaspersky Lab Presentation | September 26, 2012
6. The power of botnets
Kido (aka Conficker) botnet in May 2009 (peak)
GFLOPS
When the Kido botnet reached its peak in May 2009 it contained about
6 mln. zombie machines
Botnet = an on-line army for rent
PAGE 6 | Kaspersky Lab Presentation | September 26, 2012
7. How infection occurs
Infection vectors
Delivered via email spam
• Malware link: evil website masquerading as legit
Legit website that’s been infected
“Exploit” – the entry mechanism
Trojans – the tool
bot + bot + bot = botnet
Botherder C&C (command & control)
PAGE 7 | Kaspersky Lab Presentation | September 26, 2012
8. On-line bank robberies
Clampi Trojan
$100M in 2010 from SMB, SLED
Goal: steal login and password
for on-line bank accounts
Database of over 4500 different
financially related sites
Learn about users’ on-line banking activity (times, dates)
Wait for a break in bank contact
Recruit money mules
Transfer money out in sums of under $10K
Money mule transfers out of the country
PAGE 8 | Kaspersky Lab Presentation | September 26, 2012
9. Top Security Threats 2012
Named viruses:
Stuxnet, Flame, APTs
– Enterprises
Clampi – SMB
Hacktivism – good or bad?
Accelerated discovery of multi-year operations
(Mac botnet, Flame, etc.)
What companies or individuals are infected today
who will only know about it years from now?
PAGE 9 | Kaspersky Lab Presentation | September 26, 2012
10. Biggest Issue in Security 2012 (as always)
Human beings!
(impatient, proud, busy, curious…) – RSA’s $71M
man
For consumers: save yourself from yourself…
The blurry boundaries between
work, home, school – BYOD
Who else are you jeopardizing?
Who else is jeopardizing you?
Best solution: forced patching & AV
PAGE 10 | Kaspersky Lab Presentation | September 26, 2012
11. 10 Tips to Better Internet Safety
1. Your AV is your friend – be patient
2. Use the best AV possible (not the free
stuff!)
3. Always patch when prompted
4. Never click a link offered by any email
without checking where it goes (you are
looking for …marriott.com/ )
5. Try to get everyone you work or play
with to follow the same rules!
PAGE 11 | Kaspersky Lab Presentation | September 26, 2012
12. 10 Tips to Internet Safety
6. On-line banking:
Take the extra security!
Log on after your AV updates and before
going to any other websites
7. Write down passwords (be complex)
8. Make sure your Macs are protected
too
9. Let strange mail get “stale”
10. Check suspicious email or links via
phone (or not at all)
PAGE 12 | Kaspersky Lab Presentation | September 26, 2012
13. What Kaspersky Delivers!
Fastest response to threats
Cracks more archives and file types
Consistently rated “the best” by independent
test organizations
www.av-test.org
www.av-comparatives.org
www.virusbtn.com
PAGE 13 | Kaspersky Lab Presentation | September 26, 2012
14. Fast Response Ensures the Shortest ‘Window of Opportunity’
PAGE 14 | Kaspersky Lab Presentation | September 26, 2012
15. Useful security links!
KLAB Digest - a proactive security news push:
KLAB Digest – email me to subscribe: security
news highlights monthly
cynthia.james@kaspersky.com
www.securelist.com
The more technical version
www.threatpost.com
Generic security information - “the first stop for
security on the web”
Email me for a free copy of Kaspersky PURE!
PAGE 15 | Kaspersky Lab Presentation | September 26, 2012
16. Thank You
Kaseya & Kaspersky Lab
What You Need to Know about Cyber Security in 2012
Cynthia James, Director Business Development, CISSP, Kaspersky Lab
Global Business Development
September 2012
17. Speakers
Jeff Keyes Scott Brackett
Product Marketing Product Manager
19. Show Me How Easy it is to Manage
All My Patches
20. KAV 1.4 - New Features
• Kaseya Anti-Virus 1.4 additions:
1. Manageability
2. Manageability
3. Manageability
4. File Share for updates / installs of endpoints
dependent upon VSA 6.3
• Requires VSA 6.2 or higher
• Kaspersky 6.0.4 server & workstation
– can continue managing existing AV 2010
21. KAV 1.4 Key Points
• LAN Cache Support – for installs and updates; 6.3 required
• Detections – filter and add to quarantine
• Column Sets - definitions out of date/ reboot required/profile compliance issue
• New Status Flags – 5 from “have active threats” to “reboot required”
• Advanced Installation Options
– Select server and workstation
– Remove competing product
– Reboot if needed
– Prompt user for approval
– Skip if offline
– Endpoint password for uninstall and change options
• Profile Visibility
• Profile Configuration – BIGGEST addition The biggest/most requested change
• License Management-
– Separate pools workstation & server
– Licensed from point of time install; not purchase
• Reporting
• Alerts
22. Show Me How Easy it is to Manage
Kaspersky AntiVirus
24. Patch Management Valu Prop
• Schedule scans
• Manage the Patch status on all machines
or groups of machines
• Apply policies to individual or groups of
machines
– Logical Segmentation
– Operating System Type
• Test Patches on groups before applying to
others
• Alert and patch status
Notas del editor
Points to make here: Even when presenting in a more educational (product free) format, we should say – this a slide to make you feel comfortable with who Kaspersky is today and give you confidence in the fact that we have the expertise to educate you on cybercrime. It’s also a good primer on how to pick any AV company whose product you use. Most importantly they should have a worldwide focus and millions of end points, because most cybercriminals test and tune their malware before they mass distribute it. So if we can catch it when it first appears, you’ll be protected by the time it reaches you. You can see that Kaspersky has: Millions of end pointsWW presence (for sampling and solutions) And: Kaspersky began distributing in the US only since 2005, but that was after rising to the top of every other AV market in the world. We’ve progressed quickly. Many people haven’t kept up with our growth because it’s been so rapid. When I started 5 years ago we were in the $100 million revenue range; today we have over $600M in revenues. Revenues do matter because a significant amount of that money goes back into our R&D, and they help us hire our worldwide staff – right now that’s about 2500 employees and a huge number of those are actively engaged in creating solutions to malware. We’re proud to be the leaders in providing technology to OEMs and ISVs (define what OEM means if your audience is unlikely to know). Overwhelmingly we are selected by companies like (list any which are not competitive). These OEMs and ISVs have very stringent technical requirements and are able to choose among all vendors. In fact our first ever deal back in 1997 involved licensing the technology to a company who sold to other businesses. Of course we credit the fact we are selected most often to the superiority of our solution.
This is a visual representation of what I’m talking about. Kaspersky has a unique genealogy in the anti-malware community because we started out doing technology licensing deals. (Describe OEM briefly.) We licensed our technology to a company who then used it to protect other companies. This matters because in those days – back in the late 1990’s – home users who even had internet connections were still forcing a connection. It wasn’t even close to being “always on”, and getting updates every 48 hours was fine. But businesses were on the leading edge – they came on-line fastest with websites and customer interactivity, etc. So the technical requirement for protecting them was much more stringent than it was for home users. Serving the very demanding segment of business users forced us to compress the vulnerability window as much as possible and become really efficient about delivering the smallest updates possible.