Anatomy of an attack Smarter, Shadier, Stealthier Malware · Malware Myth #3: So what? I have...
Transcript of Anatomy of an attack Smarter, Shadier, Stealthier Malware · Malware Myth #3: So what? I have...
‹#›
Nick Ross Sales Engineering [email protected]
Cybercrime What you need to know to keep your data safe
‹#›
8 new internet users added every second Pingdom
‹#›
7 Billion People Current best estimates
‹#›
4
‹#›
‹#›
Why protect the data?
No longer a nice to have, it’s a must have!
1. It’s the lifeblood of most organizations
1. Compliance regulations require it be protected
1. Customers are demanding their personal data is secure
‹#›
CyberCrime – illegal activities undertaken by criminals for financial gain Cabinet office
‹#›
Mal ware icious Soft
‹#›
All Time Number of Unique Malware Samples
79,000,000
‹#›
60 – 70% of malware is directly monetized US Federal Board of Trade
‹#›
‹#›
‹#›
• Your computing power
• Your personal and corporate information
• Your online identity
What is the target?
‹#›
• Social engineering
• Links to malicious sites
• Data stealing forms
‹#›
• A new malicious URL every 2 -3 seconds
• User actively looking for something
• Silent ‘drive-by’ downloads
Web
‹#›
350,000 new malicious URLs are detected every day, and 80% are legitimate
SophosLabs
‹#›
What’s Trending?
‹#›
Browse via search engine
Browse direct
Compromised Website
‹#›
‹#›
• www.sophos.com
• nakedsecurity.sophos.com
Want to know more?
‹#›
Malware Myth #1: I’m too small to be a target
• Large organizations often work with a supply chain of smaller companies
• Fewer IT resources = easier to target
• Malware used in APTs targeting specific organizations/industries has appeared years later
‹#›
Malware Myth #2: I have no data worth stealing
• What about your competitors?
• Do you deal with data on behalf of others?
○ You may have liability for other people’s data
○ You certainly have liability for your own employee’s data
‹#›
Malware Myth #3: So what? I have desktop AV
• Protecting the desktop is a good start
• Macs aren’t immune
• Need to assess and where necessary, block, incoming and outgoing traffic
• The web is the no. 1 source of malware
• 70% of email traffic is spam but not all is harmless
‹#›
Do the Basics
Do the Basics
Educate your users
Enforce the right
policies
Patching
Layered Protection
Desktop anti-malware no
longer enough on its own
Protect at the
gateway as well as the endpoint
Protect your online assets
Make sure your
website is secure
Think about your social media
presence
Mobile Security
Install AV
Manage
Don’t allow Jailbreaking or
rooting
Stick to Google Play store
So what can I do?
‹#›
Do the Basics
Do the Basics
Educate your users
Enforce the right
policies
Patching
• Think about physical security
• Don’t plug in strange USB drives / CDs
• Think before clicking links / attachments
• Implement and enforce good passwords
• Only allow access to the data that’s required
• Remove old users
• Limit the amount of software installed
• Keep it up to date and patched
• ENCRYPT YOUR DATA
So what can I do?
‹#›
• Desktop AV is a must
• This includes Macs, and Android Mobile
• Keep it up to date, monitor it.
• The gateway is the first point of entry to the network and should be controlled
• A basic firewall isn’t enough
• Invest in a security device that can also scan into traffic in depth – Unified Threat Management
• Filter Spam and web traffic
Layered Protection
Desktop anti-malware no
longer enough on its own
Protect at the
gateway as well as the endpoint
So what can I do?
‹#›
• Who needs mobile access?
• Android is vulnerable – use AV
• Use a proper MDM or EMM solution
• Enforce policies on Jailbreaking and Rooting
Control Apps
• Think about network access in the office
• Consider how you make use of public WiFi
Mobile Security
Install AV
Manage
Don’t allow Jailbreaking or
rooting
Stick to Google Play store
So what can I do?
‹#›
• Who hosts your website?
• Think also about things like Outlook Anywhere and SharePoint
• Use a Web Application Firewall
• Use 2FA for remote access
• Who has access to the corporate Facebook/Twitter accounts?
Protect your online assets
Make sure your
website is secure
Think about your social media
presence
So what can I do?
‹#›
Today’s security approach is falling behind
INCOMPLETE Always one more thing to deploy and manage
COMPLICATED Too hard to configure, too much to monitor
INEFFECTIVE Not keeping up with advanced threats
‹#›
Complex solutions aren’t solutions. We make security for the real world.
Simple security is better security
Kris Hagerman, CEO Sophos
‹#›
AT HOME AND ON THE MOVE
Mobile Control Endpoint Security SafeGuard Encryption
HEADQUARTERS
Endpoint Security SafeGuard Encryption
REMOTE OFFICE 1
NextGen Firewall
Secure Wi-Fi
Endpoint Security SafeGuard Encryption
Secure Wi-Fi
Secure VPN Client
Mobile Control
Reputation Data • Active Protection SophosLabs Correlated intelligence • Content Classification
Administration
SOPHOS CLOUD
Web Application Firewall
Secure Email Gateway
Secure Web Gateway
Mobile Control
Network Storage Antivirus Server Security
Guest Wi-Fi
UTM NextGen Firewall
Secure Web Gateway Secure Email Gateway
Web Application Firewall
REMOTE OFFICE 2
Secure Wi-Fi
Endpoint Security SafeGuard Encryption
Mobile Control
Secure VPN RED
‹#›
36
‹#› © Sophos Ltd. All rights reserved.