THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets &...
Transcript of THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets &...
![Page 1: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/1.jpg)
THREAT LANDSCAPE By Sergey Novikov, Deputy director, GReAT, Kaspersky Lab
17/09/2015
![Page 2: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/2.jpg)
2 |
GREAT: ELITE THREAT RESEARCH
Global Research and Analysis Team, since 2008
Threat intelligence, research and innovation leadership
Focus: APTs, critical infrastructure threats, banking threats, sophisticated
targeted attacks
![Page 3: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/3.jpg)
3 |
SECURITY PERIMETER - BEFORE
![Page 4: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/4.jpg)
4 |
SECURITY PERIMETER - NOW
![Page 5: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/5.jpg)
What we are used to protect
![Page 6: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/6.jpg)
What we have to protect nowadays
Stuxnet - First known Cyber-weapon
![Page 7: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/7.jpg)
7 |
THE CYBER-THREATS PYRAMID — 2013
Nation-states with unlimited
budgets
Cyber-crime gangs,
financially motivated
Internet annoyances – spam, DDoS, Trojan downloaders, adware, spyware, etc., etc.
![Page 8: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/8.jpg)
8 |
THE CYBER-THREATS PYRAMID — 2014
Nation-states
with unlimited budgets
Cyber-crime gangs,
financially motivated
Internet annoyances – spam, DDoS, Trojan downloaders, adware, spyware, etc., etc.
![Page 9: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/9.jpg)
9 |
THE CYBER-THREATS PYRAMID — 2015
Nation-states
with unlimited budgets
&
Cyber-crime gangs,
financially motivated
Internet annoyances – spam, DDoS, Trojan downloaders, adware, spyware, etc., etc.
This line is disappearing
![Page 10: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/10.jpg)
10 |
THE CYBER-THREATS PYRAMID — 2015
Nation-states
with unlimited budgets
&
Cyber-crime gangs,
financially motivated
Internet annoyances – spam, DDoS, Trojan downloaders, adware, spyware, etc., etc.
![Page 11: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/11.jpg)
11 |
APT ANNOUNCEMENTS
KASPERSKY LAB
2010 2011 2012 2013
Stuxnet Duqu Flame
Gauss
MiniDuke
RedOctober
Icefog
NetTraveler
Winnti
Teamspy
Miniflame
Kimsuki
2014
Crouching Yeti
Epic Turla
SyrianEA
Careto/The
Mask
El Machete
Regin
Cloud Atlas
Dark Hotel
BlackEnergy2
CosmicDuke
Animal Farm
H1 2015
Carbanak
Equation
Desert
Falcons
Animal
Farm
Duqu2
Naikon
Hellsing
Wild Neutron
2012 – 3 announcements
2013 – 7 announcements
2014 – 11 announcements
H1 2015 - 8 announcements
![Page 12: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/12.jpg)
12 |
IN 2015…
CARBANAK
EQUATION GROUP
![Page 13: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/13.jpg)
13 |
CYBERATTACK ON GERMAN IRON PLANT CAUSES
‘WIDESPREAD DAMAGE’…
![Page 14: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/14.jpg)
APT: A Mite in Your Network
• Hard to detect
• Almost impossible to get rid of
• And even if you do it comes
back again
![Page 15: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/15.jpg)
Motivation: What are they looking for?
• Your innovations and blueprints
• Business plans and budgets
• Routes to your shareholders and partners
![Page 16: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/16.jpg)
Motivation: What are they looking for?
• Digital certificates
• Your virtual credentials
• Physical access codes
![Page 17: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/17.jpg)
Motivation: What are they looking for?
• Scientific research results
• Government links
• List of secret studies
![Page 18: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/18.jpg)
Motivation: What are they looking for?
• Your business procedures
• Enterprise datasets
• Ways to control your company
![Page 19: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/19.jpg)
19 |
Motivation: What’s the ultimate goal?
Money Power
![Page 20: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/20.jpg)
Means: The Arsenal
0 – day 0lday 1 – day
![Page 21: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/21.jpg)
Means: The Arsenal
Digital certificates
• Invalid, fake certificates
• Certificates stolen from vendors
• Certificates by fake businesses
• Forged certificates
![Page 22: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/22.jpg)
Means: The Arsenal
Malware tools:
• First stage implant
• Modular backdoors
Some capabilities:
• Filesystem control
• Cached password stealing
• Sound recording
• Screen grabbing
• Video casting and keylogging
• Removable media monitoring
• Smartphone infection and data snooping
![Page 23: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/23.jpg)
Means: The Arsenal
The most advanced capabilities:
• Factoring RSA-1024 keys
• Live modification of OS updates
• OS boot process orchestration
• Jailbreaking mobile OS
• HDD firmware infection
Copyright by Frontier Developments
![Page 24: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/24.jpg)
Methods: Infiltration Techniques
How they get to your systems:
• Spear-phishing emails
• Social Networks and Instant Messaging
• Watering holes
• Hospitality networks
• USB drives
![Page 25: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/25.jpg)
25 |
Future main vector
of attacks –
communication
channel
WHAT WILL HAPPEN TOMORROW?
More complex
state-sponsored
attacks
New targets:
- ICS
- Smart cities
- ATMs & PoS
- IoT
- Connected cars
Social engineering,
hacktivism, leaks,
exposures
![Page 26: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/26.jpg)
26 |
![Page 27: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/27.jpg)
27 |
Educate people
Establish processes
Implement technologies
HOW TO PROTECT YOURSELF?
![Page 28: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/28.jpg)
Conclusions
It’s time to choose
your digital bodyguard!
![Page 29: THREAT LANDSCAPE...THE CYBER-THREATS PYRAMID — 2015 Nation-states with unlimited budgets & Cyber-crime gangs, financially motivated Internet annoyances – spam, DDoS, Trojan downloaders,](https://reader034.fdocuments.us/reader034/viewer/2022042121/5e9aec69da8ac06d6b2fc1de/html5/thumbnails/29.jpg)
29 |
For Your Precious Time and Attention
THANK YOU