SlideShare uma empresa Scribd logo

Internet threats and issues in korea 120325 eng_slideshare

Youngjun Chang
Youngjun Chang

ISOI10 in Montreal Canada

Tecnologia
1 de 18
Baixar para ler offline
InternetThreatsandIssues inKorea 2012. 04. 13 YoungjunChang(zhang95@ahnlab.com) SeniorAdvancedThreatResearcher,CISSP ASEC(AhnLabSecurityEmergencyresponseCenter) AhnLab
WhatisAhnLab??
BusinessPortfolioofAhnLab ENDPOINT SECURITY NETWORK SECURITY MOBILE SECURITY TRANSACTION SECURITY CONSULTING SERVICE FORENSICS & INCIDENT RESPONSEMANAGED SECURITY SERVICE WEB SECURITY ENDPOINT SECURITY V3 Internet Security V3 365 Clinic V3 Net for Windows Server V3 Net for Unix/Linux Server AhnLab TrusLine NETWORK SECURITY AhnLab TrusGuard AhnLab TrusGuard DPX AhnLab TrusManager AhnLab TrusAnalyzer AhnLab TrusZone AhnLab TrusWatcher MOBILE SECURITY AhnLab V3 Mobile AhnLab V3 Mobile Enterprise AhnLab Mobile Center AhnLab V3 Mobile + for Transaction TRANSACTION SECURITY AhnLab Online Security AhnLab HackShield for Online Game MANAGED SECURITY SERVICE AhnLab Policy Center AhnLab Policy Center Appliance AhnLab Policy Center Patch Management
Contents 01 Malware Trends in Korea 1) 2011MalwareInfectionStatus 2) 2011MalwareInfectionType 02 Internet Threats and Issues in Korea 1) APT(AdvancedPersistentThreat) 2) MobileThreats 3) DDoSAccidents 4) ApplicationVulnerability 5) SocialNetworkThreats
01 Malware Trends in Korea
1)2011MalwareInfectionStatus  Almost 2 billion(177,473,697) infections were reported in 2011  Infection increased over 18% than 2010(146,097,262)  Since October, malware using web application vulnerabilities are increasing 2011 MonthlyMalwareInfectionStatus
2)MalwareTypeinKorea2011(1)  2011 Infection Report : Trojan 42.1%, Script 17.4%, Worm 11.6%  2011 New Malware Type : Trojan 62%, Adware 16%, Dropper 7%  Script malwares are using vulnerabilities of Web Brower and Web Application  Increase of malware using vulnerabilities of Adobe Flash, Java and MS12-004 in first quarter 2012 Reported MalwareTypesin2011 NewMalwareTypesin2011
2)MalwareTypeinKorea2011(2)  Almost every malwares are script related files in TOP10 list in 2011 Most of them are “Autorun.inf” files which were spread by USB Also, Induc and Palevo worms are in high rank  Trojan was the most reported new malware in 2011 Windows related files were infected or replaced by the malware  OnlineGameHack related families were the most reported malware in 2011 Also, Conficker and Virut family as well 1 Textimage/Autorun 9,458,847 24.20% 2 JS/Agent 6,217,163 15.90% 3 Win32/Induc 2,149,558 5.50% 4 Html/Agent 1,859,891 4.80% 5 JS/Downloader 1,789,695 4.60% 6 JS/Redirect 1,580,959 4.10% 7 JS/Exploit 1,545,389 4.00% 8 JS/Iframe 1,446,928 3.70% 9 Swf/Agent 1,432,679 3.70% 10 Win32/Palevo1.worm.Gen 1,389,561 3.60% TOP10ReportedMalwarein2011 1 Win-Trojan/Patched.CR 757,876 25.80% 2 Win-Trojan/Overtls11.Gen 700,456 23.90% 3 Win-Trojan/Downloader.59904.AK 278,527 9.50% 4 Win-Trojan/Winsoft17.Gen 222,208 7.60% 5 Win-Trojan/Adload.77312.LPU 181,176 6.20% 6 Win-Trojan/Winsoft18.Gen 104,026 3.50% 7 Win-Trojan/Winsoft.263168.KX 75,337 2.60% 8 Win-Trojan/Winsoft.263168.LO 73,994 2.50% 9 Win-Trojan/Agent.339968.EI 69,762 2.40% 10 Win-Trojan/Agent.323584.FK 68,946 2.30% TOP10ReportedNewMalwarein2011
02 InternetThreatsand Issuesin Korea
1)APT(AdvancedPersistentThreat)(1)  Incident occurred in Korean companies using APT and Targeted Attacks  S company, N Bank and N company in 2011 was the big issue  35 million client information has been leaked by the S company incident IncidentinScompany Attacker Free software update server DB Server Spreading the malware 1 Other Victim Server Malware infection 2 Connect to DB server 4 Remote control3 Data transfer to external server 5 Data transmit6
1)APT(AdvancedPersistentThreat)(2) Incident in N Bank  Over 13 million game user’s information has been leaked by the N company incident (It is on investigation)  N Bank system has been corrupted after the attack from the outside  Attacker has spread the malware with P2P program and waited 7 month for the attack P2P Program Laptop from the outsourced staff Attacker Internal System Spreading the malware 1 Malware infection 2 Remote control3 Delete all to DB server 4
2)MobileThreats(1)  No report of any kind, about Android malwares that has been made or spread in Korea  Android samples which AhnLab has collected is from foreign countries  Mobile Threats in Korea are not related by Android malwares Android Malware founded in 2011
2)MobileThreats(2)  Disguised as public institution or bank to redirect to phishing website  Using URL shortening of spam SMS to adult website  Mobile messenger phishing by using KakaoTalk and MyPeople Mobile MobilePhishing,MobileSpamSMSandMobileMessengerPhishing Hello it’s KB Bank. For the security reasons please access to the website below Come to the Hot Adult website Disguise as your friend to borrow some money
3)DDoSAccidents(1) 4th March2011DDoSaccidentTimeLine  In Korea, DDoS attack was to obtain money, but the objective is getting wider  3.4 DDoS (4th March) attack and the attack of National Election Commission in 2011 was the big issue  Almost of the DDoS attack in Korea uses malwares that are capable for DDoS
3)DDoSAccidents(2) MalwareBuilderforDDoSattack  A lot of computers that attacked National Election Commission was infected by the malware  Most of the malware builder was made by Chinese underground  Change the malware builder into Korean language and spread from online cafe  Malware disguised as game or media files and spread by P2P or online cafe Packet type for DDoS attack
4)ApplicationVulnerability  Online game related malwares are spread by using web browser and application vulnerabilities  Malware using vulnerabilities of I.E(MS10-018), Adobe Flash Player(CVE-2011-2110, CVE- 2011-2140, CVE-2011-0609) and Adobe Reader(CVE-2011-0611) in 2011  Malware using vulnerabilities of Hangul word-process(.hwp) is increasing  Increase of malware using vulnerabilities of Windows Media(MS12-004), Adobe Flash Player(CVE-2011-0611, CVE-2011-2140, CVE-2012-0754) and JAVA(CVE-2011-3544) in first quarter 2012 HackedWebsitesusingvariousvulnerabilitiestospreadmalwares  Web sites which were found in 2th February 2012  Vulnerabilities MS10-018 Internet Explorer MS12-004 Windows Media CVE-2011-2140 Adobe Flash Player CVE-2011-3544 JAVA  Weekdays, they make the systems to spread the malware  Weekends, they hack a system and insert a script to redirect to their system  Last goal is to spread online game related malwares
5)SocialNetworkThreats  Social Network Websites Developed in Korea, me2DAY, yozm and Cyworld  Increase of Twitter and Facebook users in Korea, cause of increasing smartphone  Social Network Websites are also used for spreading malwares and phishing website MalwarespreadingbyTwitter TwitBotcommandwhichwerefoundinme2DAY Disguised as media file of a famous actress
Thank you.

Recomendados

Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingYoungjun Chang
 
Cybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareCybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareYoungjun Chang
 
Modern Malware by Nir Zuk Palo Alto Networks
Modern Malware by Nir Zuk Palo Alto NetworksModern Malware by Nir Zuk Palo Alto Networks
Modern Malware by Nir Zuk Palo Alto Networksdtimal
 
Ransomware attacks reveton
Ransomware attacks revetonRansomware attacks reveton
Ransomware attacks revetonMumbere Joab
 
New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016Marina Krotofil
 
What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?David Strom
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ckNarinrit Prem-apiwathanokul
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 

Recomendados

Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingYoungjun Chang
 
Cybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareCybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareYoungjun Chang
 
Modern Malware by Nir Zuk Palo Alto Networks
Modern Malware by Nir Zuk Palo Alto NetworksModern Malware by Nir Zuk Palo Alto Networks
Modern Malware by Nir Zuk Palo Alto Networksdtimal
 
Ransomware attacks reveton
Ransomware attacks revetonRansomware attacks reveton
Ransomware attacks revetonMumbere Joab
 
New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016Marina Krotofil
 
What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?David Strom
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ckNarinrit Prem-apiwathanokul
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
Wirelurker
WirelurkerWirelurker
Wirelurkeranupriti
 
Regin
ReginRegin
Reginanupriti
 
Ransomware
RansomwareRansomware
RansomwareDevAkabari
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...wajug
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizationsOPSWAT
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyOPSWAT
 
CSS Trivia
CSS TriviaCSS Trivia
CSS TriviaAlert Logic
 
Watch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftWatch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftSchipul - The Web Marketing Company
 
KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024Frank Maiorca
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attackIcomm Technologies
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threatsEC-Council
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav SinghGaurav Singh
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
Seminar on Internet security
Seminar on Internet securitySeminar on Internet security
Seminar on Internet securityRahul Sah
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
The Malware Menace
The Malware MenaceThe Malware Menace
The Malware MenaceTami Brass
 
악성코드와 웜
악성코드와 웜악성코드와 웜
악성코드와 웜Youngjun Chang
 
악성코드와 시스템 복구
악성코드와 시스템 복구악성코드와 시스템 복구
악성코드와 시스템 복구Youngjun Chang
 

Mais conteúdo relacionado

Mais procurados

Wirelurker
WirelurkerWirelurker
Wirelurkeranupriti
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...wajug
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizationsOPSWAT
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyOPSWAT
 
Watch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftWatch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftSchipul - The Web Marketing Company
 
KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024Frank Maiorca
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threatsEC-Council
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav SinghGaurav Singh
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
Seminar on Internet security
Seminar on Internet securitySeminar on Internet security
Seminar on Internet securityRahul Sah
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
The Malware Menace
The Malware MenaceThe Malware Menace
The Malware MenaceTami Brass
 

Mais procurados (20)

Wirelurker
WirelurkerWirelurker
Wirelurker
 
Regin
ReginRegin
Regin
 
Ransomware
RansomwareRansomware
Ransomware
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizations
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
 
CSS Trivia
CSS TriviaCSS Trivia
CSS Trivia
 
Watch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftWatch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity Theft
 
KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threats
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpoint
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacks
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information security
 
Seminar on Internet security
Seminar on Internet securitySeminar on Internet security
Seminar on Internet security
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
The Malware Menace
The Malware MenaceThe Malware Menace
The Malware Menace
 

Destaque

악성코드와 시스템 복구
악성코드와 시스템 복구악성코드와 시스템 복구
악성코드와 시스템 복구Youngjun Chang
 
악성코드와 분석 방안
악성코드와 분석 방안악성코드와 분석 방안
악성코드와 분석 방안Youngjun Chang
 
security framework2.20
security framework2.20security framework2.20
security framework2.20skccsocial
 
악성코드와 기업의 악성코드 대응
악성코드와 기업의 악성코드 대응악성코드와 기업의 악성코드 대응
악성코드와 기업의 악성코드 대응Youngjun Chang
 
악성코드 동향 및 대응 방안
악성코드 동향 및 대응 방안악성코드 동향 및 대응 방안
악성코드 동향 및 대응 방안Youngjun Chang
 
악성코드와 분석 방안
악성코드와 분석 방안악성코드와 분석 방안
악성코드와 분석 방안Youngjun Chang
 
security architecture
security architecturesecurity architecture
security architectureDO HYUNG KIM
 
구성도 샘플1
구성도 샘플1구성도 샘플1
구성도 샘플1doojung7
 
악성코드와 분석 방법
악성코드와 분석 방법악성코드와 분석 방법
악성코드와 분석 방법Youngjun Chang
 
악성코드 분석 도구
악성코드 분석 도구악성코드 분석 도구
악성코드 분석 도구Youngjun Chang
 

Destaque (12)

악성코드와 웜
악성코드와 웜악성코드와 웜
악성코드와 웜
 
악성코드와 시스템 복구
악성코드와 시스템 복구악성코드와 시스템 복구
악성코드와 시스템 복구
 
악성코드와 분석 방안
악성코드와 분석 방안악성코드와 분석 방안
악성코드와 분석 방안
 
security framework2.20
security framework2.20security framework2.20
security framework2.20
 
악성코드와 기업의 악성코드 대응
악성코드와 기업의 악성코드 대응악성코드와 기업의 악성코드 대응
악성코드와 기업의 악성코드 대응
 
악성코드 동향 및 대응 방안
악성코드 동향 및 대응 방안악성코드 동향 및 대응 방안
악성코드 동향 및 대응 방안
 
악성코드와 분석 방안
악성코드와 분석 방안악성코드와 분석 방안
악성코드와 분석 방안
 
악성코드 개론
악성코드 개론 악성코드 개론
악성코드 개론
 
security architecture
security architecturesecurity architecture
security architecture
 
구성도 샘플1
구성도 샘플1구성도 샘플1
구성도 샘플1
 
악성코드와 분석 방법
악성코드와 분석 방법악성코드와 분석 방법
악성코드와 분석 방법
 
악성코드 분석 도구
악성코드 분석 도구악성코드 분석 도구
악성코드 분석 도구
 

Semelhante a Internet threats and issues in korea 120325 eng_slideshare

Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsAlan Kan
 
Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Protect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersProtect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersKaseya
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Sophos Benelux
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII studentsAkiumi Hasegawa
 
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxAppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxEthioTelecom_Getahun Biratu
 
Detect Threats Faster
Detect Threats FasterDetect Threats Faster
Detect Threats FasterForce 3
 
FireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceValery Yelanin
 
VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51martinvoelk
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416Anthony Arrott
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Scaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware InfectionScaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware InfectionWayne Huang
 
TRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , TexasTRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , TexasAditya K Sood
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Securitysudip pudasaini
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersSomyos U.
 

Semelhante a Internet threats and issues in korea 120325 eng_slideshare (20)

Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
 
Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA Compliance
 
Protect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersProtect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and Hackers
 
The Dangers of Lapto
The Dangers of LaptoThe Dangers of Lapto
The Dangers of Lapto
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
 
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxAppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
 
Detect Threats Faster
Detect Threats FasterDetect Threats Faster
Detect Threats Faster
 
FireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment Experience
 
VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Scaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware InfectionScaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware Infection
 
TRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , TexasTRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , Texas
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
 
Defining Cyber Crime
Defining Cyber CrimeDefining Cyber Crime
Defining Cyber Crime
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security Perimeters
 

Mais de Youngjun Chang

IT보안과 사회공학(Social Engineering)
IT보안과 사회공학(Social Engineering)IT보안과 사회공학(Social Engineering)
IT보안과 사회공학(Social Engineering)Youngjun Chang
 
Volatility를 이용한 memory forensics
Volatility를 이용한 memory forensicsVolatility를 이용한 memory forensics
Volatility를 이용한 memory forensicsYoungjun Chang
 
Apt(advanced persistent threat) 공격의 현재와 대응 방안
Apt(advanced persistent threat) 공격의 현재와 대응 방안Apt(advanced persistent threat) 공격의 현재와 대응 방안
Apt(advanced persistent threat) 공격의 현재와 대응 방안Youngjun Chang
 
Memory forensics with volatility
Memory forensics with volatilityMemory forensics with volatility
Memory forensics with volatilityYoungjun Chang
 
2011년 보안 이슈와 2012년 보안 위협 예측
2011년 보안 이슈와 2012년 보안 위협 예측2011년 보안 이슈와 2012년 보안 위협 예측
2011년 보안 이슈와 2012년 보안 위협 예측Youngjun Chang
 
보안 위협 형태와 악성코드 분석 기법
보안 위협 형태와 악성코드 분석 기법보안 위협 형태와 악성코드 분석 기법
보안 위협 형태와 악성코드 분석 기법Youngjun Chang
 
클라우드 서비스를 이용한 APT 대응
클라우드 서비스를 이용한 APT 대응클라우드 서비스를 이용한 APT 대응
클라우드 서비스를 이용한 APT 대응Youngjun Chang
 
보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안Youngjun Chang
 
SNS 보안 위협 사례
SNS 보안 위협 사례SNS 보안 위협 사례
SNS 보안 위협 사례Youngjun Chang
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법Youngjun Chang
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법Youngjun Chang
 
보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안Youngjun Chang
 
2010년 상반기 보안 위협 동향과 주요 보안 위협
2010년 상반기 보안 위협 동향과 주요 보안 위협2010년 상반기 보안 위협 동향과 주요 보안 위협
2010년 상반기 보안 위협 동향과 주요 보안 위협Youngjun Chang
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법Youngjun Chang
 
2. 악성코드 동적 분석 방법론
2. 악성코드 동적 분석 방법론2. 악성코드 동적 분석 방법론
2. 악성코드 동적 분석 방법론Youngjun Chang
 
1. 보안 위협 동향과 주요 보안 위협 특징
1. 보안 위협 동향과 주요 보안 위협 특징1. 보안 위협 동향과 주요 보안 위협 특징
1. 보안 위협 동향과 주요 보안 위협 특징Youngjun Chang
 
5. system level reversing
5. system level reversing5. system level reversing
5. system level reversingYoungjun Chang
 
4. reverse engineering basic
4. reverse engineering basic4. reverse engineering basic
4. reverse engineering basicYoungjun Chang
 
3. windows system과 rootkit
3. windows system과 rootkit3. windows system과 rootkit
3. windows system과 rootkitYoungjun Chang
 

Mais de Youngjun Chang (20)

IT보안과 사회공학(Social Engineering)
IT보안과 사회공학(Social Engineering)IT보안과 사회공학(Social Engineering)
IT보안과 사회공학(Social Engineering)
 
Volatility를 이용한 memory forensics
Volatility를 이용한 memory forensicsVolatility를 이용한 memory forensics
Volatility를 이용한 memory forensics
 
Apt(advanced persistent threat) 공격의 현재와 대응 방안
Apt(advanced persistent threat) 공격의 현재와 대응 방안Apt(advanced persistent threat) 공격의 현재와 대응 방안
Apt(advanced persistent threat) 공격의 현재와 대응 방안
 
Memory forensics with volatility
Memory forensics with volatilityMemory forensics with volatility
Memory forensics with volatility
 
2011년 보안 이슈와 2012년 보안 위협 예측
2011년 보안 이슈와 2012년 보안 위협 예측2011년 보안 이슈와 2012년 보안 위협 예측
2011년 보안 이슈와 2012년 보안 위협 예측
 
보안 위협 형태와 악성코드 분석 기법
보안 위협 형태와 악성코드 분석 기법보안 위협 형태와 악성코드 분석 기법
보안 위협 형태와 악성코드 분석 기법
 
클라우드 서비스를 이용한 APT 대응
클라우드 서비스를 이용한 APT 대응클라우드 서비스를 이용한 APT 대응
클라우드 서비스를 이용한 APT 대응
 
APT Case Study
APT Case StudyAPT Case Study
APT Case Study
 
보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안
 
SNS 보안 위협 사례
SNS 보안 위협 사례SNS 보안 위협 사례
SNS 보안 위협 사례
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법
 
보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안
 
2010년 상반기 보안 위협 동향과 주요 보안 위협
2010년 상반기 보안 위협 동향과 주요 보안 위협2010년 상반기 보안 위협 동향과 주요 보안 위협
2010년 상반기 보안 위협 동향과 주요 보안 위협
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법
 
2. 악성코드 동적 분석 방법론
2. 악성코드 동적 분석 방법론2. 악성코드 동적 분석 방법론
2. 악성코드 동적 분석 방법론
 
1. 보안 위협 동향과 주요 보안 위협 특징
1. 보안 위협 동향과 주요 보안 위협 특징1. 보안 위협 동향과 주요 보안 위협 특징
1. 보안 위협 동향과 주요 보안 위협 특징
 
5. system level reversing
5. system level reversing5. system level reversing
5. system level reversing
 
4. reverse engineering basic
4. reverse engineering basic4. reverse engineering basic
4. reverse engineering basic
 
3. windows system과 rootkit
3. windows system과 rootkit3. windows system과 rootkit
3. windows system과 rootkit
 

Último

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 

Último (20)

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 

Internet threats and issues in korea 120325 eng_slideshare

  • 3. BusinessPortfolioofAhnLab ENDPOINT SECURITY NETWORK SECURITY MOBILE SECURITY TRANSACTION SECURITY CONSULTING SERVICE FORENSICS & INCIDENT RESPONSEMANAGED SECURITY SERVICE WEB SECURITY ENDPOINT SECURITY V3 Internet Security V3 365 Clinic V3 Net for Windows Server V3 Net for Unix/Linux Server AhnLab TrusLine NETWORK SECURITY AhnLab TrusGuard AhnLab TrusGuard DPX AhnLab TrusManager AhnLab TrusAnalyzer AhnLab TrusZone AhnLab TrusWatcher MOBILE SECURITY AhnLab V3 Mobile AhnLab V3 Mobile Enterprise AhnLab Mobile Center AhnLab V3 Mobile + for Transaction TRANSACTION SECURITY AhnLab Online Security AhnLab HackShield for Online Game MANAGED SECURITY SERVICE AhnLab Policy Center AhnLab Policy Center Appliance AhnLab Policy Center Patch Management
  • 4. Contents 01 Malware Trends in Korea 1) 2011MalwareInfectionStatus 2) 2011MalwareInfectionType 02 Internet Threats and Issues in Korea 1) APT(AdvancedPersistentThreat) 2) MobileThreats 3) DDoSAccidents 4) ApplicationVulnerability 5) SocialNetworkThreats
  • 5. 01 Malware Trends in Korea
  • 6. 1)2011MalwareInfectionStatus  Almost 2 billion(177,473,697) infections were reported in 2011  Infection increased over 18% than 2010(146,097,262)  Since October, malware using web application vulnerabilities are increasing 2011 MonthlyMalwareInfectionStatus
  • 7. 2)MalwareTypeinKorea2011(1)  2011 Infection Report : Trojan 42.1%, Script 17.4%, Worm 11.6%  2011 New Malware Type : Trojan 62%, Adware 16%, Dropper 7%  Script malwares are using vulnerabilities of Web Brower and Web Application  Increase of malware using vulnerabilities of Adobe Flash, Java and MS12-004 in first quarter 2012 Reported MalwareTypesin2011 NewMalwareTypesin2011
  • 8. 2)MalwareTypeinKorea2011(2)  Almost every malwares are script related files in TOP10 list in 2011 Most of them are “Autorun.inf” files which were spread by USB Also, Induc and Palevo worms are in high rank  Trojan was the most reported new malware in 2011 Windows related files were infected or replaced by the malware  OnlineGameHack related families were the most reported malware in 2011 Also, Conficker and Virut family as well 1 Textimage/Autorun 9,458,847 24.20% 2 JS/Agent 6,217,163 15.90% 3 Win32/Induc 2,149,558 5.50% 4 Html/Agent 1,859,891 4.80% 5 JS/Downloader 1,789,695 4.60% 6 JS/Redirect 1,580,959 4.10% 7 JS/Exploit 1,545,389 4.00% 8 JS/Iframe 1,446,928 3.70% 9 Swf/Agent 1,432,679 3.70% 10 Win32/Palevo1.worm.Gen 1,389,561 3.60% TOP10ReportedMalwarein2011 1 Win-Trojan/Patched.CR 757,876 25.80% 2 Win-Trojan/Overtls11.Gen 700,456 23.90% 3 Win-Trojan/Downloader.59904.AK 278,527 9.50% 4 Win-Trojan/Winsoft17.Gen 222,208 7.60% 5 Win-Trojan/Adload.77312.LPU 181,176 6.20% 6 Win-Trojan/Winsoft18.Gen 104,026 3.50% 7 Win-Trojan/Winsoft.263168.KX 75,337 2.60% 8 Win-Trojan/Winsoft.263168.LO 73,994 2.50% 9 Win-Trojan/Agent.339968.EI 69,762 2.40% 10 Win-Trojan/Agent.323584.FK 68,946 2.30% TOP10ReportedNewMalwarein2011
  • 10. 1)APT(AdvancedPersistentThreat)(1)  Incident occurred in Korean companies using APT and Targeted Attacks  S company, N Bank and N company in 2011 was the big issue  35 million client information has been leaked by the S company incident IncidentinScompany Attacker Free software update server DB Server Spreading the malware 1 Other Victim Server Malware infection 2 Connect to DB server 4 Remote control3 Data transfer to external server 5 Data transmit6
  • 11. 1)APT(AdvancedPersistentThreat)(2) Incident in N Bank  Over 13 million game user’s information has been leaked by the N company incident (It is on investigation)  N Bank system has been corrupted after the attack from the outside  Attacker has spread the malware with P2P program and waited 7 month for the attack P2P Program Laptop from the outsourced staff Attacker Internal System Spreading the malware 1 Malware infection 2 Remote control3 Delete all to DB server 4
  • 12. 2)MobileThreats(1)  No report of any kind, about Android malwares that has been made or spread in Korea  Android samples which AhnLab has collected is from foreign countries  Mobile Threats in Korea are not related by Android malwares Android Malware founded in 2011
  • 13. 2)MobileThreats(2)  Disguised as public institution or bank to redirect to phishing website  Using URL shortening of spam SMS to adult website  Mobile messenger phishing by using KakaoTalk and MyPeople Mobile MobilePhishing,MobileSpamSMSandMobileMessengerPhishing Hello it’s KB Bank. For the security reasons please access to the website below Come to the Hot Adult website Disguise as your friend to borrow some money
  • 14. 3)DDoSAccidents(1) 4th March2011DDoSaccidentTimeLine  In Korea, DDoS attack was to obtain money, but the objective is getting wider  3.4 DDoS (4th March) attack and the attack of National Election Commission in 2011 was the big issue  Almost of the DDoS attack in Korea uses malwares that are capable for DDoS
  • 15. 3)DDoSAccidents(2) MalwareBuilderforDDoSattack  A lot of computers that attacked National Election Commission was infected by the malware  Most of the malware builder was made by Chinese underground  Change the malware builder into Korean language and spread from online cafe  Malware disguised as game or media files and spread by P2P or online cafe Packet type for DDoS attack
  • 16. 4)ApplicationVulnerability  Online game related malwares are spread by using web browser and application vulnerabilities  Malware using vulnerabilities of I.E(MS10-018), Adobe Flash Player(CVE-2011-2110, CVE- 2011-2140, CVE-2011-0609) and Adobe Reader(CVE-2011-0611) in 2011  Malware using vulnerabilities of Hangul word-process(.hwp) is increasing  Increase of malware using vulnerabilities of Windows Media(MS12-004), Adobe Flash Player(CVE-2011-0611, CVE-2011-2140, CVE-2012-0754) and JAVA(CVE-2011-3544) in first quarter 2012 HackedWebsitesusingvariousvulnerabilitiestospreadmalwares  Web sites which were found in 2th February 2012  Vulnerabilities MS10-018 Internet Explorer MS12-004 Windows Media CVE-2011-2140 Adobe Flash Player CVE-2011-3544 JAVA  Weekdays, they make the systems to spread the malware  Weekends, they hack a system and insert a script to redirect to their system  Last goal is to spread online game related malwares
  • 17. 5)SocialNetworkThreats  Social Network Websites Developed in Korea, me2DAY, yozm and Cyworld  Increase of Twitter and Facebook users in Korea, cause of increasing smartphone  Social Network Websites are also used for spreading malwares and phishing website MalwarespreadingbyTwitter TwitBotcommandwhichwerefoundinme2DAY Disguised as media file of a famous actress