Believe it or not, a higher percentage of religious sites have been compromised with malware than adult websites. Organizations of all kinds are at risk as are everyday internet users, but there are simple steps to take to avoid being duped and stay safe online.
4. Most Harmful Websites by Categories
• Websites with poor security become easy targets for malware authors
• Any website you visit could potentially be infected with malware
4
6. Yes. Even Macs Get Infected.
In 2012, 500,000 Macs were infected by 1 threat. Flashback
• Malware can figure out what type of computer you use
• Then it infects you with the appropriate malware
6
7. Which is More Likely to Get Attacked?
A B
Small or Medium Large Organization
Organization
7
8. Which is More Likely to Get Attacked?
All sizes of organizations get attacked
Small or Medium Large Organization
Organization
8
9. Who is Most Likely to be Targeted in an Attack?
A B
Typical Employee CEO
9
10. Who is Most Likely to be Targeted in an Attack?
Both
Only 25% of targeted attacks directed at C-Level executives
10
13. Would You be Fooled by This?
How About by This?
twitter.dsdsdds.com/main/sessions-login/
If something seems wrong take a closer look
Attackers can’t fool all the people all the time
13
14. Double Click to Edit Following Text Areas;
Are You Expecting a Package? Subject, Date, Body
Window Title, From, To,
From: UPS Sent: Mon 6/4/2012 4:08 PM
To: Kevin Haley
Cc:
Subject: Unable to Deliver Package
Dan,
I have been a Weyerhaeuser shareholder since late 2008 and recently had the
opportunity to attend your Annual Shareholders’ Meeting at your headquarters. I spoke
to you briefly after your address and it was pleasure to hear from you about all of
Weyerhaeuser’s innovations.
I also never realized that Clint Eastwood was once an employee of the company – now it
makes sense why I like him so much!
I posted this picture from your address, I hope you like it.
14
15. Double Click to Edit Following Text Areas;
Did You Have Trouble LoggingSubject, Date, Body
Window Title, From, To,
Into Facebook?
From: Facebook Sent: Mon 6/4/2012 4:08 PM
To: Kevin Haley
Cc:
Subject: Login Problem
Dan,
I have been a Weyerhaeuser shareholder since late 2008 and recently had the
opportunity to attend your Annual Shareholders’ Meeting at your headquarters. I spoke
to you briefly after your address and it was pleasure to hear from you about all of
Weyerhaeuser’s innovations.
I also never realized that Clint Eastwood was once an employee of the company – now it
makes sense why I like him so much!
I posted this picture from your address, I hope you like it.
15
16. Double Click to Edit Following Text Areas;
Would Your Bank Really WantSubject, Date, Body
Window Title, From, To,
You to Click Here?
From: YourBank Sent: Mon 6/4/2012 4:08 PM
To: Kevin Haley
Cc:
Subject: Account Issue
Dan,
You can ensure your
I have been a Weyerhaeuser shareholder since late 2008 and recently had the
Your Bank
opportunity to attend your Annual Shareholders’ Meeting at your headquarters. I spoke
bank account is okay
to you briefly after your address and it was pleasure to hear from you about all of
Weyerhaeuser’s innovations.
I also never realized that Clint Eastwood was once an employee of the company – now it
makes sense why I like him so much!
I posted this picture from your address, I hope you like it.
16
22. Which of These is a Real Person?
James Stavridis is the commander of NATO
He created his own Facebook page after he
found someone on Facebook pretending to
be him
A People may not be who they say they are
on the Internet
22
23. Which of These is Most Likely to be a Facebook Scam?
OMG! Profile Dislike
Videos Viewers Buttons
A B C
23
24. Which of These is Most Likely to be a Facebook Scam?
OMG! Profile Dislike
Videos Viewers Buttons
All of Them
24
25. Which of These is Most Likely to be a Facebook Scam?
Bad Guys Want to Get Us to Click to:
• Infect us with malware
• Make us take bogus surveys to:
• Gain information or
• Sign us up for premium SMS services
OMG!
• Send spam to us and our friends
Videos
OMG! Videos Get People to Click
25
26. Which of These is Most Likely to be a Facebook Scam?
Profile
Viewers
Bad guys know that people want to know
who viewed their Facebook page
26
27. Which of These is Most Likely to be a Facebook Scam?
Dislike
Buttons
Bad guys know that people want a
dislike button
27
28. Which of These is Most Likely to be a Facebook Scam?
OMG! Profile Dislike
Videos Viewers Buttons
They can’t give us these things, but they
can fool us into thinking they can
28
29. What Are Your Chances of Getting Your Lost Phone Back?
29
30. What Are Your Chances of Getting Your Lost Phone Back?
Source: Symantec’s “Project HoneyStick” research
http://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=symantec-smartphone-honey-stick-project
30
31. What are the Chances of Your Work and Personal
Information Being Looked at?
31
32. What are the Chances of Your Work and Personal
Information Being Looked at?
Source: Symantec’s “Project HoneyStick” research
http://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=symantec-smartphone-honey-stick-project
32
33. How Many New Pieces of Malware are Created Each Day?
A 1,000
B 100,000
C 1,000,000
33
34. How Many New Pieces of Malware are Created Each Day?
• 1 million+ new pieces of malware are created every day
• In 2011 we saw 403 million new pieces of malware
C 1,000,000
34
35. Why?
• Bad guys have tools to easily create and distribute new threats
• Some of these tool kits can create malware-on-demand
35
36. Does it Seem Pretty Bad Out There?
• Symantec and Norton have good tips on protecting yourself and
your business
• But … if you need it simplified, remember these 3 things …
36
37. You don’t have to give up
using the Internet…
There are ways to protect
yourself.
37
38. What your mother told you
is still true…
If something doesn’t seem
right, it probably isn’t.
38
39. Get help from experts…
We hope it’s from Symantec
and Norton.
39
40. Additional Resources
If You Are More Technical If You Are Less Technical
Internet Security Threat Report Norton Security Center
Symantec Security Response Norton Family Resources
Website
Advanced Persistent Threat
Website
Malicious Insider White Paper
Twitter.com/threatintel
40
Quiz question – which is more dangerous?It’s not what we used to think.We’ve been telling people that “bad” sites are dangerous … but one of the most interesting pieces of data is that religious sites are more likely to infect you than an adult site
This chart is from the ISTR 17 (April 2012)Looked at sites that were infected – how many pieces of malware were on each of these sitesAlmost 5x more malware on religious sites than on adult sitesTakeaway? Sites with poor security become an easy target – sites are beginning to realize that if their sites are infected, people won’t visit. Adult websites are businesses – they have learned that if they infect their customers, they wont’ get repeat visits, so they are working hard to keep their sites cleanMessage for SMBs – you need to protect your site or you will become a host for malware and customers will go elsewhere
This is one of the key assumptions … Anybody that has gone into an SMB has heard this – that they don’t believe they are a target.
This is one of the key assumptions … Anybody that has gone into an SMB has heard this – that they don’t believe they are a target.
Assumption 2 – only executives are targeted
This shows targeted attacks by the target’s occupation …Executives seem to be a big chunk … but …
So, spam is down and vulnerabilities are down, but malware is up. Why?Attack toolkits continue to flourish – they use existing vulnerabilities – the malware authors use those vulnerabilities that work – they focus on the vulns that are not patchedThis chart at the bottom looks at toolkits that were in use in 2011 – Blackhole was a big one and another was NumDir (not named)Toolkit authors trying to go a bit more undercover than in the past – trying to lower their profile – they are also moving to service model like legit SW – think of it like cloud computing for malware authors – they are not handing out SW as in the past