2013-2014: Cyber-Espionage - Trends and Implications for Businesses
-
Upload
kaspersky-lab -
Category
Internet
-
view
1.297 -
download
3
description
Transcript of 2013-2014: Cyber-Espionage - Trends and Implications for Businesses
2013-2014: CYBER-ESPIONAGA — TRENDS AND IMPLICATIONS FOR BUSINESS Kurt Baumgartner Principal Security Researcher, Global Research and Analysis Team (GReAT) @k_sec
WE ARE HERE TO SAVE THE WORLD
ELITE THREAT RESEARCH GROUP
35+ MEMBERS IN 16 COUNTRIES
FOCUS: APTS, CRITICAL INFRASTRUCTURE THREATS, BANKING THREATS, SOPHISTICATED ATTACKS
ABOUT KASPERSKY GREAT
STUXNET
DUQU
2011 2010 2012 2013 2014
FLAME
GAUSS
MINIFLAME
TEAMSPY MINIDUKE
REDOCTOBER
WINNTI NETRAVELER
ICEFOG KIMSUKI
THE MASK
HIGH PROFILE APT ATTACKS
EPIC TURLA
COSMICDUKE
CROUCHING YETI/ ENERGETIC BEAR
MULTIYEAR, BROAD OPERATIONS, HIGH INVESTMENT
CROSSOVER OF COMMERCIAL, AND GEOPOLITICAL INTERESTS I.E. FINANCIAL CENTERS
iPHONE, ANDROID, BLACKBERRY, WINMOBILE, NOKIA, WINTEL, OSX, CISCO
RED OCTOBER APT
RED OCTOBER APT
INTERESTS
GLOBAL FINANCIAL CENTERS ENERGY – OIL, GAS, NUCLEAR MANUFACTURING, AEROSPACE, MILITARY SUBCONTRACTORS
IMPLICATIONS
WHAT’S YOUR BYOD? NETWORK AWARENESS SPEARPHISHING TOLERANCE
INTERESTS AND IMPLICATIONS
MULTIYEAR, FOCUSED OPERATIONS, MEDIUM INVESTMENT
GLOBAL GAMING INDUSTRY POPPED – FUN AND $$$
WINDOWS, LINUX, CUSTOM PLUGX VARIANTS, BROAD 2ND STAGE AND INCREDIBLE LATERAL MOVEMENT
WINNTI APT
WINNTI APT
INTERESTS
MASSIVE GAMING ASSETS – CODE SIGNING DIGITAL CERTIFICATES MMORPG SOURCE CODE AND SERVER ACCESS MASSIVE SOFTWARE DEVELOPMENT AND OPERATIONS
IMPLICATIONS
ENDPOINT AND SERVER PROTECTION ASSET CLASSIFICATION, SEGMENTATION, TOLERANCE HEIGHTENED SCRUTINY FOR DEVELOPMENT ENVIRONMENTS
INTERESTS AND IMPLICATIONS
MULTIYEAR, HIGHLY FOCUSED AND SUCCESSFUL, MED-HIGH INVESTMENT
WINDOWS, LINUX, OSX
0-DAY, 0-DAY, 0-DAY
CUSTOM PLUGX VARIANTS, SCRIPTS, DEVELOPMENT AGILITY
PLAYFUL DRAGON/ WHITECOMMENTS APT
PLAYFUL DRAGON APT
INTERESTS
BIG SOFTWARE ASSETS – DIGITAL CERTIFICATES, BIG DATA CONTENT VARIOUS SOCIAL NETWORKS MASSIVE SOFTWARE DEVELOPMENT AND OPERATIONS
IMPLICATIONS
READINESS TO HANDLE ANY BREACH DATA ACCESS VISIBILITY AND STRICT PROTECTION
INTERESTS AND IMPLICATIONS
MULTIYEAR, BROAD OPERATIONS, HIGH INVESTMENT
WINDOWS FOCUSED
WORLDWIDE COMMERCIAL AND TECHNOLOGY INTERESTS
NETTRAVELER APT
NETTRAVELER APT
INTERESTS
HIGH TECH – NANOTECHNOLOGY, LASERS, EXTREME MANUFACTURING NUCLEAR POWER CELLS, AEROSPACE, RADIO WAVE WEAPONS SUSPECTED ACTIVISTS, MUCH MORE…
IMPLICATIONS
EXFILTRATION MONITORING SPEARPHISHING PROTECTION PATCH MANAGEMENT
INTERESTS AND IMPLICATIONS
PROJECT DRIVEN, AGILE, PRECISE, SMALL CYBER-MERCENARY, LOW INVESTMENT
WINDOWS, OSX, UNCOMMON EXPLOITS - HANGUL, SEA DISTRIBUTED OPERATIONS
GLOBAL SUPPLY CHAIN
ICEFOG APT
ICEFOG APT
INTERESTS
ENERGY – OIL, GAS HIGH TECH RESEARCH TELECOMS OPERATIONS AND CONTENT MEDIA
IMPLICATIONS
INCREASED REGULATIONS UNDERSTANDING YOUR VALUE AND RELEVANCE DEFENDING DIVERSE ENVIRONMENTS NEAR INTRACTABLE CONTRACTUAL AND LOGISTICAL ISSUES
INTERESTS AND IMPLICATIONS
ONE OF THE MOST ADVANCED THREATS TO DATE, TECHNOLOGY AND OPERATIONS
LINUX, OSX, WINDOWS, (IPHONE AND ANDROID)
GOVERNMENT, ENERGY, ACTIVISTS, FINANCIAL
NATION STATE BACKED
CARETO – “THE MASK” ART
CARETO - “THE MASK” APT
INTERESTS
PRIVATE EQUITY HIGH TECH RESEARCH ENERGY - OIL, GAS
IMPLICATIONS
COMMERCIAL GOVERNMENT TARGET EXTENSIVE CROSS-PLATFORM BOOTKIT AND ROOTKIT PROTECTION TAKING DOWN DEFENSES
INTERESTS AND IMPLICATIONS
THE NEED FOR INTELLIGENCE SHARING
INCIDENT ANALYSIS, GROUP CORRELATION
PRIVATE REPORTS
FOR INQUIRIES, PLEASE CONTACT INTELREPOR [email protected]
CUSTOM APT INVESTIGATIONS
AVAILABLE FOR TOP APTS PRIVATE REPORTS
COST OF ENTRY DECREASING, VOLUME AND PRECISION OF ATTACKS INCREASING
CRITICAL INFRASTRUCTURE, GLOBAL SUPPLY, MUCH COMMERCIAL CROSSOVER
LOW SENSITIVITY TO “COLLATERAL DAMAGE”
“WIPERS”, CYBER-SABOTAGE
APT TRENDS
THANK YOU
WWW.KASPERSKY.COM
WWW.SECURELIST.COM
TWITTER @K_SEC