cisco security vision (20100121)
DESCRIPTION
Presentación realizada por Ricardo Rivera E., Business Development Manager Security & Mobility, donde se presentaron los siguientes tópicos: - Matriz ROI para el Cybercrimen. - Indice ARMS Race. - Vision de Borderless Index - Security Intelligence OperationsTRANSCRIPT
![Page 1: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/1.jpg)
© 2007 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
Ricardo Rivera E.Business Development Manager
Security & Mobility
Cisco Borderless Security
![Page 2: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/2.jpg)
2
Cisco Security Intelligence Operations
Agenda
Cisco Cybercrime ROI Matrix
Cisco ARMS Race Index
Cisco Borderless Security Vision
Q&A
![Page 3: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/3.jpg)
3
Some numbers…
![Page 4: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/4.jpg)
4
Some numbers…
![Page 5: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/5.jpg)
5
Cisco Cybercrime ROI Matrix
How are criminals making the most money?
Where are they divesting?
What’s next on the threat landscape?
What are the most promising new techniques?
![Page 6: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/6.jpg)
6
Cisco Cybercrime ROI Matrix
![Page 7: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/7.jpg)
7
Zeus: Banking Trojan prime example
“$10 million lost in one 24-hour period.”
“…[C]riminals have used the Internet to steal more than $100 million from U.S. banks so far this year and they did it without ever having to draw a gun or pass a note to a teller…I've seen attacks where there's been $10 million lost in one 24-hour period.”
-Sean Henry, an assistant director of the FBI in charge of the bureau's cyber division.
![Page 8: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/8.jpg)
8
Automation of Targeted & Blended Attacks
![Page 9: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/9.jpg)
9
Why Zeus?
![Page 10: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/10.jpg)
10
What Happened in Kentucky?
County treasurer had Zeus malware on his PCCriminals stole credentials and logged in to bank accounts from treasurer’s PC
Reconnaissance used to plan theft
Mule recruitment pretending to be Careerbuilder.com
Created mules as fictitious employees
Mules receive $9700 and sent $8700 to Ukraine via Western Union
More than 25 <$10,000 wire transfersTotal of $415k stolen
![Page 11: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/11.jpg)
11
Screen Injection
Courtesy Silver Tail Systems
Your browser NOT on Zeus:
Your browser on Zeus:
![Page 12: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/12.jpg)
12
Statistics
784 Zeus Botnets tracked by Zeus TrackerEstimate of 1.6M bots in Zeus botnets1130 brands targeted 960 estimated financial targets (85%)Top 5 US banks EACH targeted by over 500 Zeus botnets
12
Source: Zeus Tracker
![Page 13: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/13.jpg)
13
Social Networking Exploits
Most important communications tool of the decade.Builds on email, IM.
Big crowds = big targets.Facebook hit 350M users in 2009.
…and criminals have automated how to best penetrate our trust networks
![Page 14: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/14.jpg)
14
![Page 15: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/15.jpg)
15
Targeted Social Networking Attacks
![Page 16: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/16.jpg)
16
![Page 17: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/17.jpg)
17
![Page 18: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/18.jpg)
18
Bringing it all together…Koobface
Links are posted to (or sent from) hijacked social networking accounts
The link leads to a fake video site that ask the user to install a new Flash player / codec to view the video
![Page 19: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/19.jpg)
19
Fake video site that delivers malware
![Page 20: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/20.jpg)
20
Introducing The Cisco ARMS Race Index
![Page 21: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/21.jpg)
21
Introducing The Cisco ARMS Race Index
Global Adversary Resource Market Share (ARMS) Index
Designed to be a barometer of the current level of computing and network resources under criminal control and means for tracking over time.
Derived from leading botnet tracking stats, stats for total PCs worldwide, home/work infection rates.
![Page 22: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/22.jpg)
22
ARMS Race Index
![Page 23: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/23.jpg)
23
Cisco ARMS Race Index: Dec-2009
![Page 24: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/24.jpg)
24
Recommendations for 2010
User education and security awareness training remain top priority
Maintain defenses for “Cash Cow”threats
Evaluate security practices and investments for “Rising Star” threats
Develop security architecture for mobility and consumerization of IT
![Page 25: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/25.jpg)
25
Cisco Security Intelligence Operations www.cisco.com/security
Cisco Security Blog blogs.cisco.com/security
For More Information
The Cisco 2009 Annual Security Report
www.cisco.com/go/securityreport
![Page 26: Cisco Security Vision (20100121)](https://reader033.vdocument.in/reader033/viewer/2022052600/55757462d8b42adb7e8b462f/html5/thumbnails/26.jpg)
26
Cisco