Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1

Advanced Targeted Attacks — The Attack Lifecycle

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 2

Today’s Cybercriminal Profile

•  Armed with drag and drop toolkits •  Committed to multi-stage, multi-

vector plan of attack •  Goal to breach defenses to

obtain valuable information

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 3

STAGE 1: System Exploitation

•  Drive-by attacks and casual browsing •  Delivered via Web or email

•  Blended attack across multiple threat vectors

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 4

STAGE 2: Binary Payloads Downloaded, Long-Term Control Established

•  Additional malware binaries downloaded •  One exploit equals dozen of infections

on same system

•  Criminals establish long-term control mechanisms

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 5

STAGE 3: Malware Callbacks

•  Malware calls criminal servers for instruction

•  Replicates and disguises itself to avoid scans

•  Malware communications allowed through firewall

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 6

STAGE 4: Data Exfiltration

•  Acquired data staged for exfiltration •  Exfiltrated over common protocols

•  Arrives at external server controlled by criminal

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 7

STAGE 5: Malware Spreads Laterally

•  Establish long-term network control •  Malware spreads laterally

•  Conducts reconnaissance

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 8

FireEye Malware Protection System

•  Next generation, advanced threat protection •  Industry’s only fully integrated solution •  Protects against advanced attacks

across multiple vectors •  Addresses all stages of advanced

attack lifecycle •  Effective against advanced persistent

targeted attacks