the threat landscape in the era of directed attacks - webinar
TRANSCRIPT
![Page 1: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/1.jpg)
THREAT LANDSCAPE IN THE ERA OF DIRECTED ATTACKS#ThreatTalk
![Page 2: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/2.jpg)
THESE SLIDES ARE AN EXCERPTFROM A LIVE KASPERSKY WEBINAR
BROADCAST ON 6TH MAY 2014TO ACCESS THE WEBINAR PLEASE VISIT
HTTP://OW.LY/WHFAR
![Page 3: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/3.jpg)
ROEL SCHOUWENBERGPRINCIPAL SECURITY RESEARCHER GLOBAL RESEARCH & ANALYSIS TEAMKASPERSKY LAB
![Page 4: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/4.jpg)
HEARTBLEED – CVE-2014-0160
4
Back to the fundamentals
Triaging is painful
Keys to the kingdom?
![Page 5: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/5.jpg)
5
Significant portion of the market still running XP
First ‘eternal zero-day’ discovered
IE Zero-day different to recent flash Zero-day
END OF XP
![Page 6: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/6.jpg)
ACTORS AND MOTIVES HAVE CHANGED
![Page 7: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/7.jpg)
NEW PLATFORMS AND TECHNOLOGIES
Attack surface keeps increasing
Diversification / BYOD
Mobile payments
![Page 8: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/8.jpg)
METHOD OF ENTRY
8
Phishing
Web browsing – watering holes
![Page 9: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/9.jpg)
NON-TARGETED MALWARE
9
Financial/ID theft malware
Ransomware
May not run in virtual environment
![Page 10: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/10.jpg)
ESPIONAGE
Zero day needed?
Widening platform support
Targeting supply chain
More and more verticals affected
More actors involved
![Page 11: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/11.jpg)
SABOTAGE
11
DDoS attacks have become a major problem
BCP 38/84
Wiper attacks as seen in cyberweapons
![Page 12: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/12.jpg)
THE FUTURE
12
Will CNE and CNA converge?
![Page 13: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/13.jpg)
INCREASED FOCUS ON VIRTUAL ENVIRONMENTS
Back to the fundamental
![Page 14: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/14.jpg)
VM SPECIFIC THREAT SCENARIOS
EoP / Escape to Host
Network traffic sniffing
Modifying master virtual disks
Lost audit trails
Hyper-visor level attacks
![Page 15: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/15.jpg)
ERIK DEVINECHIEF SECURITY OFFICERINFORMATION SERVICESRIVERSIDE MEDICAL CENTER
![Page 16: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/16.jpg)
CorporationEmployees
Cloud Services
Data Loss
Malware and Vulnerabilities
Business Associates
Mobile Devices/
Employees
Hackers
MITIGATING THE TOP 7 THREATS
![Page 17: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/17.jpg)
WHY IT’S MOVING AND CHANGINGGovernment regulations changing
Privacy
Security
Technical and operational control
Environment changing
Electronic transmission of data
BYOD
Technology changes (virtualization, OS, patient portals, physician portals, vendor portals)
Threats are changing
Malware
Hackers internal/external
![Page 18: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/18.jpg)
NOW HOW DO WE MITIGATE…
Policy and Procedures Education Technical Controls
Monitoring and Logging
Audit and Risk Assessment
![Page 19: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/19.jpg)
What are your Security Initiatives?Know your data, network, endpoints and users, then apply the rules!
![Page 20: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/20.jpg)
CONCLUSIONS AND TAKEAWAYS
New technologies present new opportunities and challenges
All platforms need protecting in an era of targeted attacks
Prioritise which assets to protect most and then segregate them
Data integrity attacks on the horizon
![Page 21: The Threat Landscape in the Era of Directed Attacks - Webinar](https://reader035.vdocument.in/reader035/viewer/2022070605/53ed43598d7f721a1e8ba9f8/html5/thumbnails/21.jpg)
FOR MORE INFORMATION WATCH THE ON DEMAND WEBINAR REGISTER HERE: HTTP://OW.LY/WHFAR
FEEL FREE TO ASK QUESTIONS:@KASPERSKYLABB2B#THREATTALK
MORE INFO ON SECURITY FOR BUSINESS WWW.KASPERSKY.COM//BUSINESS
B2B BLOGHTTP://BUSINESS.KASPERSKY.COM
THANK YOU!