The year that shook the world
-
Upload
trend-micro-emea-limited -
Category
Technology
-
view
528 -
download
0
Transcript of The year that shook the world
Copyright 2011 Trend Micro Inc.Classification 04/18/2023 1
2011 – The year that shook the worldWhat’s next?
Copyright 2009 Trend Micro Inc.
On the Radar…
APT
Consumerisation
Cloud?
Service Growth
Virtualisation
Copyright 2011 Trend Micro Inc.
Four stages of an attack
Classification 04/18/2023 5
Perimeter Security
Game we thought we’d won
Copyright 2011 Trend Micro Inc.
Four stages of an attack
Classification 04/18/2023 6
Hypothesis:If the attacker can commit enough resources they can gain entry to even the most secure organisation
Perimeter Security
Game we thought we’d won
Mass random attacks became unique, targeted and focused
But the rules changed
Copyright 2011 Trend Micro Inc.
Hands in the air….
Classification 04/18/2023 7
… put them down when you hear an attack that could affect you…
Copyright 2011 Trend Micro Inc.
Random and Common
Classification 04/18/2023 8
http://countermeasures.trendmicro.eu/facebook-419/
Source: http://en.wikipedia.org/wiki/File:PhishingTrustedBank.png
Copyright 2011 Trend Micro Inc.
In the balance
Classification 04/18/2023 9
Source: http://blog.trendmicro.com/fake-version-of-temple-run-unearthed-in-the-wild/
Copyright 2011 Trend Micro Inc.
What’s your threshold?
Classification 04/18/2023 10
LinkedIn Andy Dancer has indicated you are a Friend
I saw you attended my presentation at RSA today. I hope you found that useful and I wanted to reach out and connect in case you wanted any more information? - Andy Dancer
Accept
View invitation from Andy Dancer
WHY MIGHT CONNECTING WITH ANDY DANCER BE A GOOD IDEA?
Andy Dancer’s connections could be useful to you
After accepting Andy Dancer’s invitation, check Andy Dancer's connections to see who else you may know and who you might want an introduction to. Building these connections can create opportunities in the future.
© 2011, LinkedIn Corporation
…but what about something you were expecting…?
You wouldn’t click on a random link…
Copyright 2011 Trend Micro Inc.
What’s your threshold?
Classification 04/18/2023 11
LinkedIn Andy Dancer has indicated you are a Friend
I saw you attended my presentation at RSA today. I hope you found that useful and I wanted to reach out and connect in case you wanted any more information? - Andy Dancer
Accept
View invitation from Andy Dancer
WHY MIGHT CONNECTING WITH ANDY DANCER BE A GOOD IDEA?
Andy Dancer’s connections could be useful to you
After accepting Andy Dancer’s invitation, check Andy Dancer's connections to see who else you may know and who you might want an introduction to. Building these connections can create opportunities in the future.
© 2011, LinkedIn Corporation
…but what about something you were expecting?
You wouldn’t click on a random link…
ENTRY PHASECOMPLETE
Copyright 2011 Trend Micro Inc.
People are the weakest link
Education is essential to reduce the volume of successful attacks to a manageable level
Copyright 2012 Trend Micro Inc.
How BIG will the Android Malware be in 2012?
• 1K: End of 2011! (60% increase rate month on month)
• 10K: Middle of 2012!
• 100K: End of 2012!
http://blog.trendmicro.com/how-big-will-the-android-malware-threat-be-in-2012/
Copyright 2011 Trend Micro Inc.
Stuxnet
Classification 04/18/2023 15
Source: http://threatinfo.trendmicro.com/vinfo/web_attacks/Stuxnet%20Malware%20Targeting%20SCADA%20Systems.html
Copyright 2011 Trend Micro Inc.
Four stages of an attack
Classification 04/18/2023 18
I own one PC
Starting point for this phase
Probably used by a Senior Manager
The data on there is valuable But that’s just the start…
Copyright 2011 Trend Micro Inc.
New security mantra…
Classification 04/18/2023 19
Too many attacks to stop
Block at my network edge
Treat my internal network as “safe”
Copyright 2011 Trend Micro Inc.
New security mantra…
Classification 04/18/2023 20
Too many attacks to stop
Block at my network edge
Treat my internal network as “safe”
Keep outwhat I can
Copyright 2011 Trend Micro Inc.
New security mantra…
Classification 04/18/2023 21
Too many attacks to stop
Block at my network edge
Treat my internal network as “safe”
Keep outwhat I canDon’t trust internal machines
Copyright 2011 Trend Micro Inc.
New security mantra…
Classification 04/18/2023 22
Too many attacks to stop
Block at my network edge
Treat my internal network as “safe”
Keep outwhat I canDon’t trust internal machinesClean internal infection sources
Copyright 2011 Trend Micro Inc.
New security mantra…
Classification 04/18/2023 23
Too many attacks to stop
Block at my network edge
Treat my internal network as “safe”
Keep outwhat I canDon’t trust internal machinesClean internal infection sources
So if I lose the battle I don’t lose the war
Copyright 2011 Trend Micro Inc.
Four stages of an attack
Classification 04/18/2023 24
Level of damage from
advanced persistent
threats
Hours Days/ weeks
Weeks / months
Weeks / months
Copyright 2011 Trend Micro Inc.
Four stages of an attack
Classification 04/18/2023 25
Level of damage from
advanced persistent
threats
Hours Days/ weeks
Weeks / months
Weeks / months
1
Copyright 2011 Trend Micro Inc.
Four stages of an attack
Classification 04/18/2023 26
Level of damage from
advanced persistent
threats
Hours Days/ weeks
Weeks / months
Weeks / months
1
2
Copyright 2011 Trend Micro Inc.
Four stages of an attack
Classification 04/18/2023 27
Level of damage from
advanced persistent
threats
Hours Days/ weeks
Weeks / months
Weeks / months
1
2
3
Copyright 2011 Trend Micro Inc.
Protect my data
28
Inside-out Security
Smart
Context aware
Self-Secured Workload
Local Threat Intelligence
When Timeline Aware
Who Identity Aware
Where Location Aware
What Content Aware
User-defined Access Policies
Encryption
DATAINSIDE-OUT SECURITY
Copyright 2011 Trend Micro Inc.
So what does that look like?
29
Outer Perimeter
Inn
er P
erim
eter
sValuable Server
Valuable Server
Valuable Server
Endpoint
Endpoint
Copyright 2011 Trend Micro Inc.
Deep SecurityInner Perimeter for valuable assets
30
VM VM VM VMVMSecurity
VM
Hypervisor
Deep Packet Inspection
Firewall
Anti-Virus
Log Inspection
Integrity Monitoring
Also works
for VDI
Copyright 2011 Trend Micro Inc.
Deep Discovery
31
Outer Perimeter
Inn
er P
erim
eter
sValuable Server
Valuable Server
Valuable Server
Endpoint
Endpoint
Copyright 2011 Trend Micro Inc.
Deep Discovery
Identify Attack Behaviour & Reduce False Positives
Detect Malicious Content and Communication
Analyze
Simulate
Real-Time
Inspection
Deep
Analysis
Correlate
Actionable
Intelligence
Visibility – Real-time DashboardsInsight – Risk-based Analysis
Action – Remediation Intelligence
Out of band network data
feed of all network traffic
Actionable
Intelligence
Copyright 2012 Trend Micro Inc.
Mobile App Reputation
• Mobile App Reputation is a cloud-based technology that automatically identifies mobile threats based on app behavior– Crawl & collect huge number of Android apps
from various Android Markets– Identifies existing and brand new mobile
malware– Identifies apps that may abuse privacy / device
resources
– World’s first automatic mobile app evaluation service
– Secure App Store & provide “peace of mind” for end users
– Has been adopted by nDuoa, Nokia-Siemens Network.
• Malware?• Privacy Risk?• High Resource
Consumption?
Mobile App Reputation
Apps
No Issues
Issue Identified