8. AULDLANG SYNEAULDLANG SYNE
• 42% increase in targeted attacks in 2012.
• 31% of all targeted attacks aimed at businesses with less than 250 employees.
• 1 waterhole attack infected 500 organizations in a single day.
• 14 zero-day vulnerabilities.
• 32% of all mobile threats steal information.
• 1 threat infected 600,000 Macs in 2012.
• Spam volume continued to decrease, with 69% of all email being spam.
• The number of phishing sites spoofing social networking sites increased 125%.
• Web-based attacks increased 30%.
• 5,291 new vulnerabilities discovered in 2012, 415 on mobile O/S.
Symantec Global Intelligence Report 2012
9. ““To a man with a hammer, everything looks like a nail”.To a man with a hammer, everything looks like a nail”.
12. 10 DATA RANSOMATTACKS10 DATA RANSOMATTACKS
• Originated with Russian Organised Crime
• Now popular with Asian, Latin American & African
hackers
• Starts with a DDoS, drop database servers to default, take
admin access rights, encrypt data, send email ransom , 48
hours to Paypal
• Medical and financial records popular targets
• Malware version rapidly on the rise
14. 8 MODEMATTACKS8 MODEMATTACKS
• “Phreaking” still works!
• Every server has a modem port!
• 23% of all external attacks are
traced back to previously
unidentified modems
• For every 1000 lines = average of
50 undetected/unprotected
modems/ports
16. 7 SOCIALENGINEERING7 SOCIALENGINEERING
Accessing a system through a user
1. Identify the target
2. Conduct your research
3. Develop a rapport & trust
4. Exploit the trust for information
5. Use information to access the system.
17. 6 MALWAREATTACKS6 MALWAREATTACKS
• Can retrieve whatever they are
programmed to find such as:
files, folders, address books, log
on IDs, passwords…
• Can execute whatever functions
it’s programmed to execute:
connections, downloads, off/on,
find folder: encrypt, copy, delete,
save as….
• Only limited to the creativity of
the writer
25. 2 DATA BASEATTACKS2 DATA BASEATTACKS
•AKA: “The Mother Load”
•One stop shopping for your
all your identity theft needs
•These are the big money
hacks…
26. CHATUPLINE#18CHATUPLINE#18
In one week, the average person living in Britain has
3,254 pieces of personal information stored about him
or her in databases.*
*Evening Standard Survey August 2008
29. NUMBER1: YOUNUMBER1: YOU
The overwhelming majority of security
incidents are originated by “insiders”
• IP Theft, Financial Fraud, Procurement
Fraud, Insider Trading, Misuse….
• Unauthorised applications
• Unauthorised output devices
• Unauthorised connections
• Unauthorised behaviour
• Removable media
30. CHATUPLINE#24CHATUPLINE#24
“7 out of 10 persons arrested for cyber crime are
employees of the company prosecuting them”
Federal Bureau of Investigation 2008Federal Bureau of Investigation 2008