2015 cemented the saying “No one is immune to hacking” and the high profile breaches of Ashley Madison, LastPass and others was proof of that. Quick Heal detected close to 1.4 billion malware samples in 2015 and this number simply shows how widespread and lucrative cyber-attacks have now become. In this webinar, we will look back at some of the notable highlights from malware attacks in 2015, and then chart the way forward for 2016 and provide our listeners with a heads up on what kind of malware threats to expect. The webinar will cover the following points:
1. Malware detection statistics and highlights from 2015
2. Platform statistics for Windows and Android vulnerabilities
3. Insight into Ransomware and Exploit Kits in 2015
4. A look ahead at the cyber security predictions for 2016 and how we can help you
2. Agenda
• 2015 Review – A Look Back
• Ransomware
• The Evolution of Money Making Malware
• Potentially Unwanted Applications (PUA)
• Advanced Persistent Threats
• Exploit Kits
• Android Malware
• Rise of Internet of Things (IoT)
3. 2015 Review – A Look Back
Quarter-wise Malware Detection Statistics
4. 2015 Review – A Look Back
Category-wise Malware Detection Statistics
5. 2015 Review – A Look Back
Operating System Distribution of Quick Heal Users
6. Unpatched Software is the Silent Killer!
• Operating System
• Web Browsers
• Microsoft Office, Java, Adobe Reader and Flash
• CVE-2012-0158 – Microsoft Office vulnerability exploited in wild
8. Ransomware – Locks Down User’s Machines
• Continued dominance as the most destructive malware in 2015
• Ransomware-as-a-Service (RaaS)
• Commoditized the creation of ransomware
• To develop and distribute customized ransomware
• Crowti, CryptoWall and TeslaCrypt - The consistent performers
• Chimera brings in data extortion techniques
9. SURVEY 1
• Do you have a defined data backup policy and process in place?
• Yes / No
• What type of data backup do you undertake?
• Online / Offline / Both / No
• What is the frequency of your data backup?
• Incremental / Daily / Weekly / Never
10. The Evolution of Money Making Malware
Adware
Spyware
Rogueware
Ransomware
Extortionware
Banking Trojan
POS Malware
11. Extortionware
• Hackers hold Hollywood Presbyterian Medical Center
systems for ransom
• Hospital is down for a week and all services are stopped
• Demand 9,000 bitcoin ( $3.6 million ) for a ransomware key
12. Ransomware – Predictions for 2016
• Ransomware will continue to be a challenge in 2016
• Encrypting Ransomware samples will also have data theft capability
• Targeting Android and iOS platforms
• They are expected to get highly targeted in nature
• They will use extortion tactics with threats to make stolen data public
• It is highly advised to implement backup policies and processes with
high-end encryption
13. Potentially Unwanted Applications (PUA)
• Come as Downloaders, Installers or Bundlers for free applications
• Modify web browser settings like
• Default search engine and home page
• Add extensions to web browser
• Show advertisements
• Collect personal data and browsing habits used for targeted marketing
• Download other malicious components
• Exponential growth of digitally signed malware in recent years
15. Potentially Unwanted Applications (PUA)
• Be alert when downloading and installing only intended applications
• Read License Agreement carefully
• especially privacy policy and risks involved
• Avoid downloading from fake links displayed as advertisements
• Recommended to use Quick Heal AntiMalware
• To detect and remove some tricky PUA’s
17. Advanced Persistent Threats
• Objective is different from other malware
• Advanced
• Spear Phishing, steals confidential and critical data
• Targets sectors with high value information – national defense, manufacturing
and financial industry
• Persistent
• Stays undetected for long duration of period
• Famous APT examples
• Stuxnet – discovered in August 2010, targeting Iran’s Nuclear Plants
• Duqu, Flame, Dark Hotel
19. Advanced Persistent Threats
Equipped with functionalities like
• Steal personal information
• Listing all drives and files
• Enumerating running processes and terminating specific process
• Downloading file from specified links
• Uploading files to remote server
• Executing specified file
• Taking desktop snapshots and Keylogging
• Stealing saved login credentials
20. Advanced Persistent Threats – Predictions for
2016
• Spear-phishing and social engineering to remain prominent infection
vectors
• Evolving encryption and obfuscation methods to evade traditional
security detections
• Adoption of Anti-Sandbox and Anti-VM techniques to bypass
sandbox-based security solutions
26. Android Malware – Predictions for 2016
• Malware exploiting ad networks
• Rise of malware exploiting Android vulnerabilities for auto root
• 130 Android vulnerabilities discovered in 2015
• Segmented Android distribution
• Most times OS updates are not available from vendors
• More money! More malware!
• Targeting new mobile payment technologies
• Mobile wallets, in-app purchases etc.
27. Rise of Internet of Things (IoT) – A Look Ahead
• Limited processing power of connected devices inhibits encryption
and other robust security measures
• Upatre exploiting routers with known default root passwords
• Challenges:
• Ubiquitous data collection
• Potential for unexpected uses of consumer data
• Heightened privacy & security risks
28. IoT - SMART TV
• SMART TV features
• Voice Recognition
• Gesture Controls
• Facial Recognition
• Fitness Services
• Samsung warns customers about discussing personal information in
front of smart TV
• Read Privacy Policy at
• https://www.samsung.com/uk/info/privacy-SmartTV.html
29. CONCLUSION
• Unpatched OS and applications are open invitation for infection
• Ransomware will continue to grow with targeted reach
• PUAs are on the rise
• APTs will become more common
• Exploit Kits integrating zero day vulnerabilities faster
• Android malware will take advantage newly discovered vulnerabilities
• IoT Security will add new dimension to Cyber Security
30. Got any queries regarding this webinar?
Write to us at:
• CorporateCommunications@quickheal.co.in
Follow us on:
• Facebook: www.facebook.com/quickhealav
• Twitter: www.twitter.com/quickheal
• Google Plus: bit.ly/QuickHealGooglePlus
• YouTube: www.youtube.com/quickheal
• SlideShare: http://www.slideshare.net/QuickHealPPTs
Visit us:
• Website: www.quickheal.com
• Official Blog: blogs.quickheal.com
Windows XP
Windows XP support has ended
As of April 8, 2014, support and updates for Windows XP are no longer available. Don't let your PC go unprotected.
What happens if I continue to use Windows XP?
If you continue to use Windows XP now that support has ended, your computer will still work but it might become more vulnerable to security risks and viruses. Internet Explorer 8 is also no longer supported, so if your Windows XP PC is connected to the Internet and you use Internet Explorer 8 to surf the web, you might be exposing your PC to additional threats. Also, as more software and hardware manufacturers continue to optimize for more recent versions of Windows, you can expect to encounter more apps and devices that do not work with Windows XP.
rat – Remote Access Tools
apt30 – APT 30 campaign
mso – Operation IndiaIT News
other – remaining APT detections
crypt – cryptors used APT
script – AutoIT, Javascript, and ZXShell
bncc – bncc attack