Targeted Attacks on Intellectual Property
-
date post
19-Oct-2014 -
Category
Technology
-
view
2.678 -
download
2
description
Transcript of Targeted Attacks on Intellectual Property
Targeted Attacks on Intellectual Property
Targeted Attacks on Intellectual Property
April 13, 2010
1
Agenda
Targeted Attacks on Intellectual Property 2
Symantec’s Unique Vantage Point1
Targeted Attacks on Intellectual Property2
New Security Suites from Symantec3
Building a “Community of Defense” with Businesses
Targeted Attacks on Intellectual Property 3
Wh
o > Customers from businesses around the world> Symantec Security Leadership and Experts on
Threat Research
Wh
at> Ongoing discussions about the types of IT risks
businesses face today> Share information about security incidents, impact
assessment, and best practices to prevent
Key
Fin
din
gs > Today’s targeted attacks characterized by organization, covert nature and patience
> Strong consensus these attacks represent a significant risk to intellectual property
Anatomy of a Breach
Targeted Attacks on Intellectual Property 4
> Incursion
> Discovery
> Capture
> Exfiltration
Dissecting Hydraq
Targeted Attacks on Intellectual Property 5
OrganizedCriminal
OrganizedCriminal
Attacker breaks into the
network by delivering targeted
malware to vulnerable systems
and employees
Incursion
Hi, I met you at the Malware Conference last month. Wanted to let you know I got this great shot of you doing your presentation. I posted it here:
Dissecting Hydraq
Targeted Attacks on Intellectual Property 6
OrganizedCriminal
OrganizedCriminal
Hacker maps organization’s
defenses from the inside and
creates battle plan
Discovery
Dissecting Hydraq
Targeted Attacks on Intellectual Property 7
OrganizedCriminal
OrganizedCriminal
Attacker accesses data on
unprotected systems and
installs malware to secretly
acquire crucial data
Capture
Dissecting Hydraq
Targeted Attacks on Intellectual Property 8
OrganizedCriminal
OrganizedCriminal
Confidential data sent back to
enemy’s “home base” for
exploitation and fraud
Exfiltration
Victim
Hydraq
72.3.224.71:443Attacker
Mass Attack vs. Targeted Attack
Targeted Attacks on Intellectual Property 9
Phase Mass Attack Targeted Attack
Generic social engineeringBy-chance infection
Handcrafted and personalized methods of delivery
Typically no discovery, assumes content is in a predefined and predictable location
Examination of infected resource, monitoring of user to determine other accessible resources,and network enumeration
Predefined specific data or data which matches a predefined pattern such as a credit card number
Manual analysis and inspection of the data
Information sent to dump site often with little protection and dump site serves as long term storage
Information sent directly back to attacker and not stored in known location for extended period
The Challenges
Targeted Attacks on Intellectual Property 10
Develop and Enforce IT Policies
Protect The Information
Manage Systems
Protect The Infrastructure
Comprehensive Security Strategy is Required
Targeted Attacks on Intellectual Property 11
Risk Based and Policy Driven
Information - Centric
Operationalized
IT Governance, Risk and Compliance
Information Risk Management
Infrastructure Management
Well Managed InfrastructureInfrastructure Protection
New Security Suites Meet These Challenges
Targeted Attacks on Intellectual Property 12
> Control Compliance Suite 10.0
> Data Loss Prevention Suite 10.5
> IT Management Suite 7.0
> Symantec Protection Center &> Symantec Protection Suite
Enterprise Edition Family
Develop and Enforce IT Policies
Protect the Information
Manage Systems
Protect the Infrastructure
• Define risk and develop IT policies
• Assess infrastructure and processes
• Report, monitor and demonstrate due care
• Remediate problems
Targeted Attacks on Intellectual Property 13
• Centralized evidence collection and management
• Dynamic web-based dashboards
• Integration with Symantec Data Loss Prevention
• New CCS Vulnerability Manager
Key Benefits New in Version 10.0
> Control Compliance Suite 10.0Develop and
Enforce IT Policies
> Data Loss Prevention Suite 10.5Protect the Information
Targeted Attacks on Intellectual Property 14
• Discover where sensitive information resides
• Monitor how data is being used
• Protect sensitive information from loss
• Better visibility and control of unstructured data
• Enhanced protection for social media sites
– Twitter, LinkedIn, YouTube, …
• New protection for private clouds (Citrix)
• New endpoint option for less complex environments
Key Benefits New in Version 10.5
• Implement secure operating environments
• Distribute and enforce patch levels
• Automate processes to streamline efficiency
• Monitor and report on system status
Targeted Attacks on Intellectual Property 15
• New comprehensive suite that brings together all Altiris components
• Automated end to end Windows 7 migration process
• Intelligent software management providing complete visibility
• Process automation of complex, time-consuming IT tasks
Key Benefits New in Version 7.0
> IT Management Suite 7.0Manage Systems
> Symantec Protection Center & Symantec Protection Suite Enterprise Edition Family
Targeted Attacks on Intellectual Property 16
• Improved Visibility into Security & Operations
• Stronger Protection
• Accelerated Remediation
• Containment of Security Expenses
• Symantec Protection Center:
– Next generation security management solution
– Simplifies management & improves security posture
• Symantec Protection Suites:
– Three new suites designed to meet the needs of enterprise IT personnel in endpoint, gateway and server functions
Key Benefits What’s New
Protect the Infrastructure
Thank you!
Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
17Targeted Attacks on Intellectual Property