1. Andrew Horbury
Product Marketing Manager
andy_horbury@symantec.com
Andrew Shepherd
EMEA Marketing Manager
andrew_shepherd@symantec.com
WEBSITE SECURITY THREATS:
JANUARY 2014 UPDATE
Thursday 9th January 2014
2. Agenda
Website Security Threats: January 2014 Update
1
2
3
4
5
6
Month in Numbers
Creepware
Emerging and new types of malware
Gartner – why Interest in IT Risk is growing
Everyone is a target
Stranger than fiction
7 Good news
3. The month in Numbers
• US$50,000
– Cybercrime boss Paunch earned US$50,000 a month
• 40 million
– Target targeted: Cybercriminals may have spent the Christmas shopping
season feasting on the proceeds of 40m stolen payment cards
• 00000000
– For nearly 20 years, the launch code for US nuclear missiles was 00000000
• 61%
– Bots account for 61% of all website traffic up 21% yoy
• 93% and 87%
– 93 percent of large organisations suffered a security breach last year,
while 87 percent of small businesses also experienced
Website Security Threats: January 2014 Update
4. The month in Numbers
• 18BN GBP
– Mobile influenced £18bn of retail sales in 2013
• 54 million
– Turkish press reports that records of 54 million Turkish citizens have been
stolen by attackers
• The 2 million Pony
– 1,580,000 website login credentials stolen
– 320,000 email account credentials stolen
– 41,000 FTP account credentials stolen
– 3,000 Remote Desktop credentials stolen
– 3,000 Secure Shell account credentials stolen
Website Security Threats: January 2014 Update
5. Creepware
• Remote Access Trojans (RATs)
– Differs from tools due to malicious intent
– Allows someone to control a computer from a remote
location
• How?
– Drive-by downloads
– Malicious links
– Exploit kits
– Peer-to-peer file sharing/torrents
• Why?
– Voyeurism, information/file stealing,
blackmail/sextortion, trolling, using computer for
DDoS attacks
Website Security Threats: January 2014 Update
6. New and emerging types of Malware
• Malicious Firefox add in
– The ‘Advanced Power’ botnet, active since May 2013 has
infected more than 12,500 computers.
– The bot uses compromised Windows systems to scan for
vulnerable websites to conduct SQL injection attacks
• Malware posing as Microsoft IIS to steal user data
– New malware found that disguises itself as a module for
Microsoft’s IIS Web server in order to evade detection.
– The malware has been observed targeting credit card
data on ecommerce websites.
– While the malware is not widespread yet, it could also be
used to steal login details or any other sensitive data
that’s sent to a compromised IIS instance.
Website Security Threats: January 2014 Update
7. Gartner – why Interest in IT Risk is growing
1. Lack of understanding
2. Increasing pressure to
disclose technology risk
3. Lack of visibility into key
business relationships with
third-parties
4. Growing interconnection
between technology and
business risks
Website Security Threats: January 2014 Update
8. Everyone is a target……
• Snapchat hack impacts 4.6 million users
– Hackers have published the usernames and phone
numbers of more than 4.6 million Snapchat users in
order to “raise public awareness on how reckless
many internet companies are with user
information”.
• 9 out of 10 large firms suffered a breach,
says survey
– Around 93 percent of large companies and 87
percent of small businesses suffered a security
breach in 2013
Website Security Threats: January 2014 Update
9. Stranger than fiction
Website Security Threats: January 2014 Update
G20 Leaders are not immune to the charms of Carla Bruni
Harvard student uses Tor to send bomb threat to skip exam
- FBI unamused
US agency destroys $170k of equipment to get rid of virus
- Only 6 machines infected
10. Good News
• Global ATM heist – eight arrested (two of
the suspects posted this image)
• Not so secret launch codes
– Guide tours of silos
– Soldiers given checklist containing the launch
code
• Glitter nail varnish could protect your
laptop….
• Have you been breached? Theres an app
for that!
Website Security Threats: January 2014 Update
11. Link Glossary (Press Print screen now)
• Paunch
– http://www.group-ib.com/index.php/7-novosti/790-group-ib-assists-to-suppress-
the-activities-of-a-blackhole-exploit-kit-author-paunch-is-arrestedq%22
• Target
– http://www.reuters.com/article/2013/12/19/us-target-breach-
idUSBRE9BH1GX20131219
• Nuclear Code
– http://www.huffingtonpost.com/2013/12/05/nuclear-missile-code-00000000-
cold-war_n_4386784.html
• Bots account for 61% of web traffic
– http://www.incapsula.com/the-incapsula-blog/item/820-bot-traffic-report-2013
• 9 out of 10 large firms suffered a breach
– http://www.incapsula.com/the-incapsula-blog/item/820-bot-traffic-report-2013
• Mobile influenced £18bn of retail sales in 2013
– http://econsultancy.com/blog/10717-mobile-will-influence-15bn-of-in-store-
sales-in-2012
• Turkish Hack
• http://www.hurriyetdailynews.com/russian-hackers-stole-54-million-turkish-
citizens-id-data-claim.aspx?pageID=238&nID=59644&NewsCatID=338
Website Security Threats: January 2014 Update
12. Link Glossary 2
• Creepware – Symantec Blog
– https://www-secure.symantec.com/connect/blogs/creepware-who-s-
watching-you
• Gartner 4 Reasons Behind the Growing Interest in IT Risk
– http://blogs.gartner.com/john-wheeler/4-reasons-driving-growing-interest-
in-it-risks/
• 2013 Information Security Breaches Survey
– http://www.pwc.co.uk/assets/pdf/cyber-security-2013-technical-report.pdf
• Nail Varnish
– http://www.wired.co.uk/news/archive/2014-01/02/data-security-nail-polish
• Have I been Pwned
– https://haveibeenpwned.com/
Website Security Threats: January 2014 Update