![Page 1: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/1.jpg)
![Page 2: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/2.jpg)
2011: The Year in Numbers
Internet Security Threat Report, Vol. 17 2
![Page 3: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/3.jpg)
Internet Security Threat Report, Vol. 17 3
![Page 4: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/4.jpg)
Internet Security Threat Report, Vol. 17 4
![Page 5: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/5.jpg)
Internet Security Threat Report, Vol. 17 5
![Page 6: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/6.jpg)
Internet Security Threat Report, Vol. 17 6
![Page 7: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/7.jpg)
Internet Security Threat Report, Vol. 17 7
![Page 8: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/8.jpg)
Internet Threat Report 17 8
![Page 9: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/9.jpg)
Internet Threat Report 17 9
![Page 10: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/10.jpg)
Internet Threat Report 17 10
![Page 11: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/11.jpg)
Four Key Trends
Internet Security Threat Report, Vol. 17
Malware Attacks
81% ↑
Targeted Attacks Expand
Mobile Threats
Expose All
Data Breaches on Rise
Internet Threat Report 17 11
![Page 12: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/12.jpg)
Malware Activity at a Glance
Internet Security Threat Report, Vol. 17 12
![Page 13: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/13.jpg)
Internet Threat Report 17 13
![Page 14: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/14.jpg)
The Big Numbers for 2011
5.5B Attacks blocked by Symantec +81%
403M Unique variants of malware +41%
4,597 Web attacks per day +36%
4,989 New vulnerabilities -20%
8 Zero-day vulnerabilities -43%
315 New mobile vulnerabilities +93%
75% Spam rate -34%
Internet Security Threat Report, Vol. 17 14
![Page 15: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/15.jpg)
Malware Attacks Continue to Grow
Internet Security Threat Report, Vol. 17 15
![Page 16: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/16.jpg)
Top Families Dominate Malicious Code
Internet Security Threat Report, Vol. 17
• 10 families account for 45% of all unique malware variants
16
![Page 17: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/17.jpg)
Spam Still Effective, but Changes Underway
Internet Security Threat Report, Vol. 17 17
![Page 18: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/18.jpg)
Vulnerabilities Not Being Discovered at Previous Rate
• Zero-day vulnerabilities also down in 2011
– Stuxnet affected 2010 numbers
Internet Security Threat Report, Vol. 17 18
![Page 19: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/19.jpg)
Why is Malware Continuing to Rise?
• Attack tool kits continue to flourish
• Increase efficacy of known vulnerabilities
Internet Security Threat Report, Vol. 17 19
![Page 20: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/20.jpg)
Why is Malware Continuing to Rise?
• Web attacks are increasing
Internet Security Threat Report, Vol. 17 20
![Page 21: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/21.jpg)
Which Website is More Dangerous?
Internet Security Threat Report, Vol. 17 21
![Page 22: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/22.jpg)
Most Harmful Websites by Categories
Internet Security Threat Report, Vol. 17
• Sites with poor security become easy targets for malware authors
• Some businesses understand that customers will visit sites that infect them
22
![Page 23: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/23.jpg)
• Cybercriminals taking advantage of social media
– Social media is viral in nature
– People are less suspicious of content from friends
Internet Security Threat Report, Vol. 17
Why is Malware Continuing to Rise?
23
![Page 24: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/24.jpg)
Social Engineering is Effective in Social Media
• Users willing to help infect themselves
Internet Security Threat Report, Vol. 17 24
![Page 25: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/25.jpg)
Targeted Attacks Have Expanded
Internet Security Threat Report, Vol. 17 25
![Page 26: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/26.jpg)
Advanced Targeted Threats
Internet Security Threat Report, Vol. 17
Your Assumptions are Wrong
26
![Page 27: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/27.jpg)
Only large corporations, governments and defense
industries are targeted for attack
Internet Security Threat Report, Vol. 17
Assumption #1
27
![Page 28: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/28.jpg)
Organizations of All Sizes at Risk of Targeted Attacks
Internet Security Threat Report, Vol. 17
2,500+
13,428 13,518
1501-2500
1001-1500
501-1000
250-500
<250 18%
28
![Page 29: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/29.jpg)
Targeted Attacks by Sector
Internet Security Threat Report, Vol. 17
Government & Public Sector
Manufacturing
Finance
IT Services
Chemical & Pharmaceutical
Transport & Utilities
Non-Profit
Marketing & Media
Education
Retail
29
![Page 30: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/30.jpg)
Targeted Attacks by Sector
Internet Security Threat Report, Vol. 17
Government & Public Sector
Manufacturing
Finance
IT Services
Chemical & Pharmaceutical
Transport & Utilities
Non-Profit
Marketing & Media
Education
Retail
30
![Page 31: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/31.jpg)
Only CEOs and senior managers are targeted
Internet Security Threat Report, Vol. 17
Assumption #2
31
![Page 32: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/32.jpg)
Targeted Attacks by Job Function
Internet Security Threat Report, Vol. 17
C-Level
Senior
R&D
Sales
Media
Shared Mailbox
PA
Recruitment
32
![Page 33: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/33.jpg)
Targeted Attacks by Job Function
Internet Security Threat Report, Vol. 17
C-Level
Senior
R&D
Sales
Media
Shared Mailbox
PA
Recruitment
33
![Page 34: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/34.jpg)
A targeted attack is a single attack
Internet Security Threat Report, Vol. 17
Assumption #3
34
![Page 35: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/35.jpg)
Use Case: Taidoor
• One target was attacked for 9 straight months
• In June, attacks occurred almost once a day
Internet Security Threat Report, Vol. 17 35
![Page 36: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/36.jpg)
Number of Data Breaches Continues to Rise
Internet Security Threat Report, Vol. 17 36
![Page 37: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/37.jpg)
Data Breaches
• Hactivism helped drive this dramatic increase over 2010
Internet Security Threat Report, Vol. 17 37
![Page 38: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/38.jpg)
Data Breaches
Internet Security Threat Report, Vol. 17 38
![Page 39: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/39.jpg)
Data Breaches
Internet Security Threat Report, Vol. 17
• 232 million identities were stolen in 2011 (1.1 million/breach avg.)
39
![Page 40: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/40.jpg)
Mobile Threats Expose Organizations and Consumers
Internet Security Threat Report, Vol. 17 40
![Page 41: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/41.jpg)
Mobile Malware on the Rise
• This represents families of mobile malware
• There are 3,000-4,000 variants in the wild today and growing
Internet Security Threat Report, Vol. 17 41
![Page 42: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/42.jpg)
Mobile Threats Focus Areas for Malware Authors
• Stealing information, spying and sending SMS messages
• Malware authors porting old threats and working on new ones
• Most popular way to make money? Sending premium SMS
Internet Security Threat Report, Vol. 17 42
![Page 43: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/43.jpg)
Sending Content = Dialing for Dollars
Internet Security Threat Report, Vol. 17 43
![Page 44: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/44.jpg)
Mobile Phones: A New Source of Data Breaches
• Mobile devices contain work and personal information
• Unlike a desktop computer they are easily stolen
• …. and often lost
Internet Security Threat Report, Vol. 17 44
![Page 45: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/45.jpg)
Los Angeles
San Francisco
Washington, D. C.
New York
Ottawa, Canada
Project Honey Stick
Internet Threat Report 17 45
![Page 46: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/46.jpg)
Internet Threat Report 17 46
![Page 47: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/47.jpg)
Internet Threat Report 17 47
![Page 48: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/48.jpg)
What’s Ahead in 2012?
Internet Security Threat Report, Vol. 17
Macs are not immune
Targeted attacks will continue
Attackers will capitalize on
work/personal info on mobiles
Cloud computing and mobile will
force IT to rethink security
48
![Page 49: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/49.jpg)
Internet Security Threat Report, Vol. 17
Best Practices for Protection
49
![Page 50: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/50.jpg)
Thwarting Malware Attacks: Defense
Internet Security Threat Report, Vol. 17
• More than just AV – need to use full functionality of endpoint protection • Restrict removable devices and turn off auto-run to prevent malware infection Layered Endpoint Protection
• Ensure employees become the first line of defense against socially engineered attacks Security Awareness Training
• Detect and block new and unknown threats based on reputation and ranking Advanced Reputation Security
• Monitor for network intrusions, propagation attempts and other suspicious traffic patterns Layered Network Protection
50
![Page 51: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/51.jpg)
Thwarting Targeted Attacks
Internet Security Threat Report, Vol. 17
• Detect and block new and unknown threats based on reputation and ranking
• Set strong permissions around apps, servers and clusters, according to sensitivity of information processed
• Restrict removable devices and functions to prevent malware infection
Advanced Reputation Security
Employ Offensive Protection Strategies
Removable Media Device Control
• Scan and monitor inbound/outbound email and web traffic and block accordingly
• Discover data spills of confidential information that are targeted by attackers
• Create and enforce security policy so all confidential information is encrypted
Email & Web Gateway Filtering
Data Loss Prevention
Encryption
• Monitor for network intrusions, propagation attempts and other suspicious traffic patterns
Network Threat and Vulnerability Monitoring
51
![Page 52: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/52.jpg)
Avoiding Data Breaches
Internet Security Threat Report, Vol. 17
• Which information should you protect?
• Discover data spills of confidential information that are targeted by attackers • Enforce rules prohibiting access of confidential data using applications
• Locks down key systems that contain confidential information • Prevents any unauthorized code to run — independent of AV signatures
Data Classification
Data Loss Prevention
Host-based Intrusion Prevention
• Scan and monitor inbound/outbound email and web traffic and block accordingly
• Create and enforce security policy so all confidential information is encrypted
Email & Web Gateway Filtering
Encryption
• Two-factor authentication to protect against credential theft Strong Authentication
52
![Page 53: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/53.jpg)
Mitigating Mobile Threats
Internet Security Threat Report, Vol. 17
• Remotely wipe devices in case of theft or loss • Update devices with applications as needed without physical access • Get visibility and control of devices, users and applications
• Guard mobile device against malware and spam • Prevent the device from becoming a vulnerability
• Identify confidential data on mobile devices • Encrypt mobile devices to prevent lost devices from turning into lost
confidential data
Device Management
Device Security
Content Security
• Strong authentication and authorization for access to enterprise applications and resources
• Allow access to right resources from right devices with right postures Identity and Access
53
![Page 54: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/54.jpg)
Stay Informed
Internet Security Threat Report, Vol. 17
www.symantec.com/threatreport
Security Response Website
Twitter.com/threatintel
54
![Page 55: Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012](https://reader034.vdocuments.site/reader034/viewer/2022051012/54440aa0afaf9fa0098b4748/html5/thumbnails/55.jpg)
Thank you! Thank you!
Copyright © 2012 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Internet Security Threat Report, Vol. 17
Presenter Information Here
55