O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
Credit Unions in the Crosshairs     of the Latest Threats                    Presented by                    James Brooks ...
AgendaOverviewLatest threats explainedExisting defensesBest practices            National Association of Federal Credit Un...
• Latest threats are very advanced• Attack target selection will follow the pattern  of “traditional” phishing• Credit uni...
New Threats• Social media has become a  mainstream attack vector  for fraudsters• Both credit unions and  members have cau...
New Threats• Fraud schemes targeting  smart phones on the rise• Lack of security for ever-  growing amount of new  mobile ...
Advanced Persistent Threats• Purpose-built for network infiltration and  corporate espionage• Smaller, targeted attacks mu...
New Breed of Malware                                                      • Stealthy                                      ...
Targeted Attacks                                   This variant of Phishing targets individual                            ...
Aurora• Targeted over 30  companies• Criminals sought  highly sensitive  technical  information            National Associ...
Carbon Credits• Targeted  organizations in  Europe, Japan, &  New Zealand• Stole over 4 million  dollars in credits       ...
Is My CU Vulnerable?• 57 of 530 employees  targeted clicked on  malicious link – over  10%!!!• Only a “few  megabytes” of ...
Existing Defenses Ineffective• Not designed to detect targeted attacks• No security system can make up for human  error• M...
AV PerformanceAnti-Virus Vendor Test Results 2H 2010          Source: Cyveillance National Association of Federal Credit U...
AV Lag Time StudyAnti-Virus Vendor Test Results Over Thirty Day Period                 Source: Cyveillance         Nationa...
Best Practices• Social Media Policy• Proactive registration on top social media sites• Monitoring of Web and social media ...
Best Practices• Ongoing employee training• Staying abreast of latest threats and protection  technologies             Nati...
Questions?Contact info:          James Brooks          Director, Product Management          jbrooks@cyveillance.com      ...
Próximos SlideShares
Carregando em…5
×

Credit Unions in the Crosshairs of the Latest Online Threats (Credit Union Conference Presentation)

406 visualizações

Publicada em

Online schemes designed to steal member identities continue to grow at an alarming rate in both volume and level of sophistication. In this 2011 NAFCU Annual Conference session a seasoned security professional discusses a comprehensive approach to combating phishing, malware, and other identity theft schemes. Understand real-world trends and how standard processes, consumer education, and the vigilant monitoring of the Internet, including the “hidden” Internet, can ensure long-term member confidence in online commerce.

Presented by James Brooks, Director, Product Management, Cyveillance

More info at http://www.nafcu.org/cyveillance

  • Seja o primeiro a comentar

Credit Unions in the Crosshairs of the Latest Online Threats (Credit Union Conference Presentation)

  1. 1. Credit Unions in the Crosshairs of the Latest Threats Presented by James Brooks Cyveillance National Association of Federal Credit Unions l www.nafcu.org
  2. 2. AgendaOverviewLatest threats explainedExisting defensesBest practices National Association of Federal Credit Unions l www.nafcu.org
  3. 3. • Latest threats are very advanced• Attack target selection will follow the pattern of “traditional” phishing• Credit unions need to act now National Association of Federal Credit Unions l www.nafcu.org
  4. 4. New Threats• Social media has become a mainstream attack vector for fraudsters• Both credit unions and members have cause for concern National Association of Federal Credit Unions l www.nafcu.org
  5. 5. New Threats• Fraud schemes targeting smart phones on the rise• Lack of security for ever- growing amount of new mobile applications create a new set or problems for companies National Association of Federal Credit Unions l www.nafcu.org
  6. 6. Advanced Persistent Threats• Purpose-built for network infiltration and corporate espionage• Smaller, targeted attacks much harder to detect• Direct financial losses are much more significant than past smaller scams National Association of Federal Credit Unions l www.nafcu.org
  7. 7. New Breed of Malware • Stealthy • Scalable • EffectiveNational Association of Federal Credit Unions l www.nafcu.org
  8. 8. Targeted Attacks This variant of Phishing targets individual users, but for company specific information such as a network login, or financial information. This example shows how an executive’s name (e.g. our CEO, easily garnered from our Web site) reinforces the seeming legitimacy of this classic “social engineering” attack.National Association of Federal Credit Unions l www.nafcu.org
  9. 9. Aurora• Targeted over 30 companies• Criminals sought highly sensitive technical information National Association of Federal Credit Unions l www.nafcu.org
  10. 10. Carbon Credits• Targeted organizations in Europe, Japan, & New Zealand• Stole over 4 million dollars in credits National Association of Federal Credit Unions l www.nafcu.org
  11. 11. Is My CU Vulnerable?• 57 of 530 employees targeted clicked on malicious link – over 10%!!!• Only a “few megabytes” of data were stolen before the lab discovered the breach National Association of Federal Credit Unions l www.nafcu.org
  12. 12. Existing Defenses Ineffective• Not designed to detect targeted attacks• No security system can make up for human error• Most anti-virus applications takes days or weeks to catch up to the latest threats National Association of Federal Credit Unions l www.nafcu.org
  13. 13. AV PerformanceAnti-Virus Vendor Test Results 2H 2010 Source: Cyveillance National Association of Federal Credit Unions l www.nafcu.org
  14. 14. AV Lag Time StudyAnti-Virus Vendor Test Results Over Thirty Day Period Source: Cyveillance National Association of Federal Credit Unions l www.nafcu.org
  15. 15. Best Practices• Social Media Policy• Proactive registration on top social media sites• Monitoring of Web and social media environment for potential threats National Association of Federal Credit Unions l www.nafcu.org
  16. 16. Best Practices• Ongoing employee training• Staying abreast of latest threats and protection technologies National Association of Federal Credit Unions l www.nafcu.org
  17. 17. Questions?Contact info: James Brooks Director, Product Management jbrooks@cyveillance.com (703) 351-2405 National Association of Federal Credit Unions l www.nafcu.org

×