Andrew Horbury Product Marketing Manager

andy_horbury@symantec.com

Andrew ShepherdEMEA Marketing Manager

andrew_shepherd@symantec.com

WEBSITE SECURITY THREATS:JANUARY 2014 UPDATE

Thursday 9th January 2014

Agenda

Website Security Threats: January 2014 Update

1

2

3

4

5

6

Month in Numbers

Creepware

Emerging and new types of malware

Gartner – why Interest in IT Risk is growing

Everyone is a target  

Stranger than fiction

7 Good news

The month in Numbers• US$50,000

– Cybercrime boss Paunch earned US$50,000 a month• 40 million

– Target targeted: Cybercriminals may have spent the Christmas shopping season feasting on the proceeds of 40m stolen payment cards

• 00000000

– For nearly 20 years, the launch code for US nuclear missiles was 00000000• 61%

– Bots account for 61% of all website traffic up 21% yoy• 93% and 87%

– 93 percent of large organisations suffered a security breach last year, while 87 percent of small businesses also experienced

Website Security Threats: January 2014 Update

The month in Numbers• 18BN GBP

– Mobile influenced £18bn of retail sales in 2013• 54 million

– Turkish press reports that records of 54 million Turkish citizens have been stolen by attackers

• The 2 million Pony

– 1,580,000 website login credentials stolen

– 320,000 email account credentials stolen

– 41,000 FTP account credentials stolen

– 3,000 Remote Desktop credentials stolen

– 3,000 Secure Shell account credentials stolen

Website Security Threats: January 2014 Update

Creepware• Remote Access Trojans (RATs)

– Differs from tools due to malicious intent

– Allows someone to control a computer from a remote location

• How?– Drive-by downloads

– Malicious links

– Exploit kits

– Peer-to-peer file sharing/torrents

• Why?– Voyeurism, information/file stealing,

blackmail/sextortion, trolling, using computer for DDoS attacks

Website Security Threats: January 2014 Update

New and emerging types of Malware• Malicious Firefox add in

– The ‘Advanced Power’ botnet, active since May 2013 has infected more than 12,500 computers.

– The bot uses compromised Windows systems to scan for vulnerable websites to conduct SQL injection attacks

• Malware posing as Microsoft IIS to steal user data– New malware found that disguises itself as a module for

Microsoft’s IIS Web server in order to evade detection.

– The malware has been observed targeting credit card data on ecommerce websites.

– While the malware is not widespread yet, it could also be used to steal login details or any other sensitive data that’s sent to a compromised IIS instance.

Website Security Threats: January 2014 Update

Gartner – why Interest in IT Risk is growing

1. Lack of understanding

2. Increasing pressure to disclose technology risk

3. Lack of visibility into key business relationships with third-parties

4. Growing interconnection between technology and business risks

Website Security Threats: January 2014 Update

Everyone is a target……• Snapchat hack impacts 4.6 million users

– Hackers have published the usernames and phone numbers of more than 4.6 million Snapchat users in order to “raise public awareness on how reckless many internet companies are with user information”.

• 9 out of 10 large firms suffered a breach, says survey– Around 93 percent of large companies and 87

percent of small businesses suffered a security breach in 2013

Website Security Threats: January 2014 Update

Stranger than fiction

Website Security Threats: January 2014 Update

G20 Leaders are not immune to the charms of Carla Bruni

Harvard student uses Tor to send bomb threat to skip exam- FBI unamused

US agency destroys $170k of equipment to get rid of virus- Only 6 machines infected

Good News• Global ATM heist – eight arrested (two of

the suspects posted this image)• Not so secret launch codes

– Guide tours of silos

– Soldiers given checklist containing the launch code

• Glitter nail varnish could protect your laptop….

• Have you been breached? Theres an app for that!

Website Security Threats: January 2014 Update

Link Glossary (Press Print screen now)• Paunch

– http://www.group-ib.com/index.php/7-novosti/790-group-ib-assists-to-suppress-the-activities-of-a-blackhole-exploit-kit-author-paunch-is-arrestedq%22

• Target– http://www.reuters.com/article/2013/12/19/us-target-breach-idUSBRE9BH1GX20

131219• Nuclear Code

– http://www.huffingtonpost.com/2013/12/05/nuclear-missile-code-00000000-cold-war_n_4386784.html

• Bots account for 61% of web traffic– http://www.incapsula.com/the-incapsula-blog/item/820-bot-traffic-report-2013

• 9 out of 10 large firms suffered a breach– http://www.incapsula.com/the-incapsula-blog/item/820-bot-traffic-report-2013

• Mobile influenced £18bn of retail sales in 2013– http://

econsultancy.com/blog/10717-mobile-will-influence-15bn-of-in-store-sales-in-2012

• Turkish Hack• http://www.hurriyetdailynews.com/russian-hackers-stole-54-million-turkish-citiz

ens-id-data-claim.aspx?pageID=238&nID=59644&NewsCatID=338Website Security Threats: January 2014 Update

Link Glossary 2• Creepware – Symantec Blog

– https://www-secure.symantec.com/connect/blogs/creepware-who-s-watching-you

• Gartner 4 Reasons Behind the Growing Interest in IT Risk– http://blogs.gartner.com/john-wheeler/4-reasons-driving-growing-interest-

in-it-risks/

• 2013 Information Security Breaches Survey– http://www.pwc.co.uk/assets/pdf/cyber-security-2013-technical-report.pdf

• Nail Varnish– http://

www.wired.co.uk/news/archive/2014-01/02/data-security-nail-polish

• Have I been Pwned– https://haveibeenpwned.com/Website Security Threats: January 2014 Update

Thank you!

Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Andrew Shepherdandrew_shepherd@symantec.com / +44 7912 552 896Andrew Horburyandy_horbury@symantec.com / +44 7703 468 966

Website Security Threats: January 2014 Update

Next webinar: Thursday 13th February 2014 9.30am UK / 10.30am CET