Infographics: Thinking about design Infographics sessions Day 4.
Symantec infographics
-
Upload
nick-ekonomou -
Category
Documents
-
view
226 -
download
3
description
Transcript of Symantec infographics
Attackers TargetBoth Large andSmall BusinessesLike thrown paint on a blank canvas, attacks against businesses–both large and small–are indiscriminate.If there is profit to be made, attackers strike at will.
Spear-Phishing Attacksby Size of Targeted Organization
The last five years have shown asteady increase in attacks targetingbusinesses with less than 250 employees.
Medium-Size Businesses 251 to 2,500Large Enterprises 2,500+
Small Businesses (SMBs) 1 to 250
Number of Employees
0
100%
2011 2012 2013
2015
2014 2015
20142013
50%
32%
18%
50%
19%
31%
39%
31%
30%
41%
25%
34%
35%
22%
43%
Risk Ratioas %
2.2 2.1
Risk Ratio of Spear-Phishing Attacksby Organization Size
1 in 2.7 1 in 6.8 1 in 40.5Risk Ratio
Attacksper Org
15% 3%
20153.6
38%
1,305+55%
841
Cyber attackers are playing the long game against large companies, but all businesses of all sizes are vulnerable to targeted attacks. In fact, spear-phishing campaigns targeting employees increased 55% in 2015.
779+91% +8%
50%
32%
18%
50%
19%
31%
39%
31%
30%
41%
25%
34%
35%
22%
43%
555-283-4972
Get a verification code on my phone: ****555
Receive via:
Account Help
a text message (SMS)
an automated phone call
Continue
1An attacker obtains a victim’s email address and phone number—both of which are usually publicly available.
2The attacker poses as the victim and requests a password reset from Google.
Google sends the code to the victim.
3The attacker then texts the victim with a message similar to:
4
The attacker resets the password–and once he has what he wants or has set up forwarding— informs the victim (posing as Google) of the new temporary password, leaving the victim none the wiser.
6
“Google has detected unusual activity on your account. Please respond with the code sent to your mobile device to stop unauthorized activity.”
5
The victim therefore expects the password-reset verification code that Google sends out and passes it on to the attacker.
483829
new password
483829
How the Gmail Scam Works
Peek into the Future:The Risk of ThingsInternet-connected things
Numbers in billions(p red i c ted )
2014 2015 2016 2020
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
1 20.8 billion
The insecurity of things
1 6.4 billion
1 3.9 billion
1 4.9 billion
1 Source: gartner.com/newsroom/id/3165317
1 Today in the USA, there are
25 connecteddevices per
100 inhabitants
Cars. Fiat Chrysler recalled 1.4 million vehicles after researchers demonstrated a proof-of-concept attack where they managed to take control of the vehicle remotely. In the UK, thieves hacked keyless entry systems to steal cars.
Smart TVs. Hundreds of millions of Internet-connected TVs are potentially vulnerable to click fraud, botnets, data theft and even ransomware, according to Symantec research.
Medical devices. Researchers have found potentially deadly vulnerabilities in dozens of devices such as insulin pumps and implantable defibrillators.
These numbers are likely higher, as many companies are choosing not to reveal the full extent of their data breaches.
Total ReportedIdentities Exposed
+85%
2014
2015
61113
Million*500
*estimated
2013
2014
2015 429 +23%
-37%348552
numbers in millions
REPORTED IDENTITIES EXPOSED
78 millionpatient recordswere exposed
at Anthem
22 millionpersonal records were exposed at
Office of PersonnelManagement
UNREPORTED IDENTITIES EXPOSED
Despite companies’ choicenot to report the truenumber of records exposed,hundreds of millions more peoplemay have been compromised.
?
IdentitiesExposed4
120 Incidents
of informationexposed were
medical records
36% 39%
The largest number of breaches took place within the Health Services sub-sector, which actually comprised 39 percentof all breaches in the year.This comes as no surprise, given the strict rules within the healthcare industry regarding reporting of databreaches. Million
Most of an iceberg is submerged underwater, hiding a great ice mass. The number of reported identities exposed in data breaches are justthe tip of the iceberg. What remains hidden?
Over Half a Billion Personal Information Records Stolen or Lost in 2015 and more companies than ever not reporting
the full extent of their data breaches
Given the facts, it is possible that
identities wereexposed
2015 Stats
Incidentsthat did notreport identitiesexposed in 2015
Hacker discoversvulnerability
Exploit createdto leverage
vulnerability
Attack islaunched
Public and vendorbecome aware
Vendor builds patch
Window of Opportunity
Patch isdistributed
Zero-Day Timeline
from discovery to patch
1
2
4
5
6
3
2symantec.com/connect/blogs/third-adobe-flash-zero-day-exploit-cve-2015-5123-leaked-hacking-team-cache
1 on average, based on 54 vulnerabilities
2015 Zero-Day Not-So-Fun Facts
023 24
2013 2014
542015
*(+4%)*(+125%)
17%attackedAdobeFlash
zero-days found in 2015
of exploited zero-days 4 out of 5
10
Web Browsers,Mozilla Firefox and Google Chrome
No Longer Supports
The End Is Nigh for Adobe Flash
DAYIT admininstalls patch7
new vulnerabilitiesused to exploit
open sourcesoftware
11
known vulnerabilitiestargeting a varietyof manufacturers
and devices
72400GB
of sensitiveinformation stolen bythe “Hacking Team”
Total Zero-DayVulnerabilities
7 Days Total Time of Exposure
1 Day Average Time to Patch
in 2015
*% change as comparedto previous year
A New Zero-DayVulnerability Discovered1Every Week in 2015
Advanced attack groups continue to profit from previously undiscovered flaws in browsers and website plugins.In 2015, 54 zero-day vulnerabilities were discovered.
The breach is believed to be the work of a well-resourced cyberespionage group, which Symantec calls Black Vine. They appear to have access to a wide variety of resources to let it conduct multiple, simultaneous attacks over a sustained period of time. They used:
attacker-owned infrastructurezero-day exploitscustom-developed malware
Three variants are named:
detected as Trojan.Sakurel Backdoor.Mivast
1) Hurix, 2) Sakurel, and 3) Mivast
Open a pipe back door
All variants have the following capabilities:
Execute files& commands
Delete, modify, andcreate registry keys
Gather and transmitinformation about theinfected computer
Facts about theAttack on Anthem On January 26, 2015
78 Millionpatient records were exposed.
Top 10 Sub-Sectors Breached by Number of Incidents
Healthcare
Business
Education
Insurance
Hotels
120
20
20
17
14
10
99
86
Wholesale Trade
Eating and Drinking Places
Executive, Legislative, & General
Depository Institutions
Social Services