Symantec Website Security Threat Report - Insights
-
date post
19-Oct-2014 -
Category
Technology
-
view
1.661 -
download
2
description
Transcript of Symantec Website Security Threat Report - Insights
Symantec Website Security Threat Report12 June 2013
Alistair Johnson, Mike Smart, Andrew Horbury
1
Welcome
The WSTR is a subset of the annual Symantec ISTR – To complement this
webinar we have put together:• Video• Infographics• Podcasts• And much more…
www.symantec.com/threatreport
2
Agenda
Introduction to report1
Targeted attacks2
Vulnerabilities3
Watering hole attacks4
Malware and the emergence of Ransomware5
3
• 69 million sensors• 157 countries• 51,644 recorded vulnerabilities
(spanning two decades)• 3 billion emails processed each
day• 1.5 Million websites scanned
Information sources
4
Targeted Attacks
5
Targeted attacks up 42% in 2012
6
Targeted attacks by company size
7
Top 10 Industries attacked in 2012• Manufacturing
moved to top position in 2012
• But all industries are targeted
8
Targeted attack by job function
0%
5%
10%
15%
20%
25%
30% R&D27%
Senior12%
C-Level17%
Sales24%
Shared Mailbox
13%
Recruitment4% Media
3% PA1%
• Attacks may start with the ultimate target but often look for any entry into a company
9
Spear phishing Watering hole attack
Send target a relevantemail message
Infect the website and then lie in wait for the target
• Targeted attacks predominately start with as spear phishing attacks• In 2012 we saw the emergence of Watering hole attacks
http://bit.ly/Elderwood
10
How effective is a watering hole attack?
1 Watering Hole Attack in 2012
infected500 companies
All within 24 hours
• Watering Hole attacks target specific groups and sites• They can capture a large number of victims in a short space of
time
11
Watering Hole attacked targeting iOS Developers
• An example of a Watering Hole• The attackers were looking for iOS developers
12
Recent Examples of Water Hole Attack
• In 2013 we predict this type of attack will become more widely used
• In February this year several high profile companies fell victim to this type of attack
13
Malware and Vulnerabilities
14
Zero-Day Vulnerabilities
2006 2007 2008 2009 2010 2011 20120
2
4
6
8
10
12
14
16
13
15
9
12
14
8
14
Total Volume
15
Zero-Day Vulnerabilities
2006 2007 2008 2009 2010 2011 20120
5
10
15
20
25
13 15
912
14
8
14
42
3 4
Total VolumeElderwoodStuxnet
• One group can significantly affect yearly numbers• The Elderwood gang drove the rise in zero day vulnerabilities
16
All vulnerabilities
2006 2007 2008 2009 2010 2011 20120
1000
2000
3000
4000
5000
6000
7000
4842 4644
5562
4814
6253
49895291
• No significant rise or fall in discovery of new vulnerabilities in last six years
17
2010 2011 20120
10,000
20,000
30,000
40,000
50,000
60,000
70,000
80,000
74,000
55,000
43,000
New unique malicious web domains
DecreaseIn new malicious domains
18
Our websites are being used against us
• 53% of legitimate websites have unpatched vulnerabilities
•24% have critical vulnerabilities unpatched
•61% of malicious websites are legitimate
19
Our own websites are being used against us• In 2012 one threat (LizaMoon) infected more than 1 million
websites• Operating on legitimate webpages it sends users to a fake
antivirus alert site, warning them that their computer may be infected.
20
21
• 16 Number of criminal gangs involved in this cybercrime
• 5M USD estimated amount extorted from victims in 2012
• 500,000 average number of attacks seen from one threat in 18 day period
22
How Symantec can help (Print Screen) Symantec technology What it does How it can help
Symantec Extended Validation SSL Certificates
Encrypts confidential information, such as credit card data, between the browser and your servers. Also confirms the identity of the website in the browser address bar.
• Powerful encryption• Visible security• Authenticates the website• Greater customer trust• Increased conversions.
Web Site Malware Scanning Scans websites for malware infections. Reduces the risk of warnings and blocking by search engines and the risk of reputation damage when a site infects its visitors.
Symantec Managed PKI for SSL Lets website managers keep track of all their SSL certificates from a web-hosted management console.
Reduce the risk of accidental certificate expiry and credibility-damaging certificate warnings.
Always-on SSL with Symantec Secure Site Pro SSL Certificates
Always-on SSL is used by sites such as Google, Facebook and LinkedIn to protect all the user’s interactions with the site.
Build trust and encourage user interaction by making sure that it is all encrypted and secure.
The Norton™ Secured Seal Shows customers that you value their trust and that your site is secure because it has been scanned weekly for malware and vulnerabilities.
The Norton™ Secured Seal is the most recognised trust mark on the Internet
Symantec Seal-in-Search™ Displays the widely-recognised Norton Secured Seal trust mark in web search results.
Increase search trafficIncrease customer trust and confidence.
AdVantage Real-time detection, notification, and analysis of malvertisement incidents through the cloud from Symantec.
Comprehensive static & dynamic malvertisement detection technologiesInstant notification of malvertisement activity
23
Stay informed
• Follow us on twitter @nortonsecured @threatintel• www.symantec.com/threatreport • go.symantec.com/ssl• Blogs
www.symantec.com/connect/blogs/website-security-solutions
24
Email: [email protected]
25
Thank you!
Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Andrew Horbury Email: [email protected] SmartAlistair Johnson
26