Information-Security-Status-and-Trends.ppt
《Information-Security-Status-and-Trends.ppt》由会员分享,可在线阅读,更多相关《Information-Security-Status-and-Trends.ppt(76页珍藏版)》请在得力文库 - 分享文档赚钱的网站上搜索。
1、2Agendan2010 in ReviewnBotnet & MalwarenFuture TrendsnAdvicenHKCERT香港電腦保安香港電腦保安事故協調中心事故協調中心32010 in Review4Source: HKCERTHKCERT StatisticsSecurity & Virus Incidents1504812402174612616936321113758461127468127151692232296133798016205001000150020002500300035002001200220032004200520062007200820092010Sec
2、urityVirus5Source: HKCERTHKCERT StatisticsSecurity/Virus Alerts Published13818119178620100251088178024212320220030800501001502002503003502001200220032004200520062007200820092010SecurityVirus6Source: HKCERTHKCERT StatisticsPhishing/Hacking Incidents7321117343423174525323230526222429838201002003004005
3、006007008002004200520062007200820092010PhishingHacking7HKCERT StatisticsProactive DiscoverySource: HKCERT3318516319211425118215368050100150200250300200520062007200820092010DefacementCode Injection8Incidents Reported2010 Vs 2009Source: HKCERT38222429826216233715325177256818211621705010015020025030035
4、0400Hacking 入侵入侵Phishing 釣魚網站釣魚網站Virus 病毒病毒Defacement 網頁塗改網頁塗改Spamming 垃圾電郵垃圾電郵Code Injection 植入惡意編碼植入惡意編碼Others 其他其他Spyware 間諜軟件間諜軟件201020099SummarynIncreasing number of vulnerabilities (Record High)nVirus incidents reported - record lownHacking & Phishing Incidents on the rise10Other Major Develop
5、mentsnMalware & Botnets continue to grow in numbersnInformation leakage through social networksnSmartphone Security nWikileaksnInformation leakagenCyber Activism, Cyber War nStuxnet & infrastructure attacks 11Ming Pao 15 October 2010Malware & BotnetMing Pao 02 October 201012Malware & Botnet nMalware
6、nTargeted attacknVariants, keep changingnInfection through drive-by download (phishing websites); links in email, instant message, social media messagesnBotnetn5 million different botnets globally13Apple Daily27 August 2010Social NetworkMing Pao8 November 2010Econ Times 30 July 201014Social Networks
7、nPersonal Privacy Protectionnwhat information is kept in your profilenApplication Vulnerabilities and security settingsnMalicious AppsnFacebooknA popular platform (Worldwide over 500 million users)nA lot of personal information keptnAn obvious attack target15Smartphone SecurityMing Pao 1 January 201
8、1Apple Daily 2 January 201116Econ Times 14 August 2010Smartphone Security Data Theft/LeakageMing Pao 28 July 2010Ming Pao2 October 201017Smartphone ThreatsnSMS Spam/PhishingnMalicious AppsnVulnerabilitiesnMalwarenData Theft/Leakage18WikileaksEcon Times 14 December 2010Ming Pao 10 December 2010Econ J
9、ournal 10 December 201019WikileaksnNovember 28 - Over 250,000 U.S. Diplomatic Documents Released, Wikileaks site down nNovember 29 - Wikileaks Moves to Amazon Web ServicesnDecember 1 - Amazon stops hosting WikiLeaksnDecember 2 - New hosting service in France, EveryDNS.net terminates Wikileaks DNS se
10、rvicesnDecember 3 - sympathizers mobilize to replicate its datanDecember 4 - Paypal no longer handles Wikileaks donations. Later, MasterCard & Visa, etc 20WikileaksnDecember 8 - Anonymous launched DDoS attacks, Invited others to download software to attacknDecember 9 - A Dutch teenager arrested, Lat
11、er, another 2 arrestednDecember 13 - Anonymous encourages sympathizers to send faxes nDecember 14 - Wikileaks.org is online, Hosted in the United States, website directed to Russia (mirror.wikileaks.info). nDecember 27 - Bank of America attacked21WikileaksnInformation Leakageninformation classificat
12、ion & handlingnCyber Activists launched DDoS attacksnIs it legal?nIs it anonymous?nIs it a genuine software? Who are we attacking?nNew Trends in future attacks22Ming Pao 1 October 2010EFY Times23 December 2010Stuxnet and Infrastructure AttacksSCMP 30 September 201023Stuxnet and Infrastructure Attack
13、snStuxnet in existence since late 2009nMaking use of MS Window vulnerabilitiesnPropagate through removable media (USB disk) and Windows File SharenTarget to Siemens SIMATIC WinCC & Step 7nRead/write process and production data on the device24Stuxnet and Infrastructure AttacksnReported to have infect
14、ed Irans Nuclear PlantsnHigh level of knowledge of Siemens systemsn“A large, well-funded team is responsible for its creation .”nCyberWarnPossible infection targetsnStuxnet variants香港電腦保安香港電腦保安事故協調中心事故協調中心25Malware and Botnet26Ming Pao 15 October 2010Ming Pao 1 October 2010香港電腦保安香港電腦保安事故協調中心事故協調中心27
15、The Conficker Worm that first appeared in April 2009 is still ACTIVE Today .28The Conficker WormnAn excellent demonstration of Techniques29Conficker WormnMicrosoft Vulnerability published in October 2008 (MS08-067)nSpread through fileshare (try to crack password)nCopy at removable storage, modified
16、auto-run to load at startupnPhone home to get updatesnConnect to Domain GeneratednPeer-to-peer connectionnSelf-defense mechanismnAdvanced EncryptionnTerminate Security ProcessnDisable Security Updates30Infection Could Have Been AvoidednApply PatchesnInstall Anti-virus software with updatesnInstall P
17、ersonal FirewallnStrong PasswordnDisable Auto-run & Auto-playnDrive-by-downloadnPhishing and Social Engineering31BotnetbotbotC&CbotmasterbotC&CVictimZombie machines32PhishingnA “Phisher” sends out legitimate-looking messages in an attempt to gather personal and financial information from recipients,
18、 or to infect the computers with malwarenMessages can be email, instant messages, or social network 33PhishingOriental Daily 3 June 2010Oriental Daily 17 February 2010Oriental Daily 17 June 201034Phishing ProcessVulnerabilityIdentifiedScam Page DesignEmail HarvestingMass MailingRecipient/VictimScanV
19、ulnerabilityExploited ComputersEmail DesignBrowse Scam PageSolicit Personal InformationCredential CollectionCashingBOTNET35Drive-By DownloadServers withVulnerabilitiesClientsMalicious WebsiteBuilt by AttackersMalwareDownloaded(Drive-By Download)1Inject Malicious Code2Request forInformation3Redirect
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- Information Security Status and Trends
限制150内