SlideShare a Scribd company logo

Cyber Security Predictions 2016

Download as PPTX, PDF
Quick Heal Technologies Ltd.
Quick Heal Technologies Ltd.

2015 cemented the saying “No one is immune to hacking” and the high profile breaches of Ashley Madison, LastPass and others was proof of that. Quick Heal detected close to 1.4 billion malware samples in 2015 and this number simply shows how widespread and lucrative cyber-attacks have now become. In this webinar, we will look back at some of the notable highlights from malware attacks in 2015, and then chart the way forward for 2016 and provide our listeners with a heads up on what kind of malware threats to expect. The webinar will cover the following points: 1. Malware detection statistics and highlights from 2015 2. Platform statistics for Windows and Android vulnerabilities 3. Insight into Ransomware and Exploit Kits in 2015 4. A look ahead at the cyber security predictions for 2016 and how we can help you

Related slideshows

Cyber Security –PPT
Cyber Security –PPTCyber Security –PPT
Cyber Security –PPT
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
Cyber Security Threats and Data Breaches
Cyber Security Threats and Data BreachesCyber Security Threats and Data Breaches
Cyber Security Threats and Data Breaches
 
1 of 31
Cyber Security Predictions 2016 Threat Research & Response Team Quick Heal Technologies Ltd.
Agenda • 2015 Review – A Look Back • Ransomware • The Evolution of Money Making Malware • Potentially Unwanted Applications (PUA) • Advanced Persistent Threats • Exploit Kits • Android Malware • Rise of Internet of Things (IoT)
2015 Review – A Look Back Quarter-wise Malware Detection Statistics
2015 Review – A Look Back Category-wise Malware Detection Statistics
2015 Review – A Look Back Operating System Distribution of Quick Heal Users
Unpatched Software is the Silent Killer! • Operating System • Web Browsers • Microsoft Office, Java, Adobe Reader and Flash • CVE-2012-0158 – Microsoft Office vulnerability exploited in wild
Ransomware – Locks Down User’s Machines
Ransomware – Locks Down User’s Machines • Continued dominance as the most destructive malware in 2015 • Ransomware-as-a-Service (RaaS) • Commoditized the creation of ransomware • To develop and distribute customized ransomware • Crowti, CryptoWall and TeslaCrypt - The consistent performers • Chimera brings in data extortion techniques
SURVEY 1 • Do you have a defined data backup policy and process in place? • Yes / No • What type of data backup do you undertake? • Online / Offline / Both / No • What is the frequency of your data backup? • Incremental / Daily / Weekly / Never
The Evolution of Money Making Malware Adware Spyware Rogueware Ransomware Extortionware Banking Trojan POS Malware
Extortionware • Hackers hold Hollywood Presbyterian Medical Center systems for ransom • Hospital is down for a week and all services are stopped • Demand 9,000 bitcoin ( $3.6 million ) for a ransomware key
Ransomware – Predictions for 2016 • Ransomware will continue to be a challenge in 2016 • Encrypting Ransomware samples will also have data theft capability • Targeting Android and iOS platforms • They are expected to get highly targeted in nature • They will use extortion tactics with threats to make stolen data public • It is highly advised to implement backup policies and processes with high-end encryption
Potentially Unwanted Applications (PUA) • Come as Downloaders, Installers or Bundlers for free applications • Modify web browser settings like • Default search engine and home page • Add extensions to web browser • Show advertisements • Collect personal data and browsing habits used for targeted marketing • Download other malicious components • Exponential growth of digitally signed malware in recent years
Potentially Unwanted Applications (PUA)
Potentially Unwanted Applications (PUA) • Be alert when downloading and installing only intended applications • Read License Agreement carefully • especially privacy policy and risks involved • Avoid downloading from fake links displayed as advertisements • Recommended to use Quick Heal AntiMalware • To detect and remove some tricky PUA’s
Quick Heal AntiMalware
Advanced Persistent Threats • Objective is different from other malware • Advanced • Spear Phishing, steals confidential and critical data • Targets sectors with high value information – national defense, manufacturing and financial industry • Persistent • Stays undetected for long duration of period • Famous APT examples • Stuxnet – discovered in August 2010, targeting Iran’s Nuclear Plants • Duqu, Flame, Dark Hotel
Advanced Persistent Threats Advanced Persistent Threats Detection Statistics
Advanced Persistent Threats Equipped with functionalities like • Steal personal information • Listing all drives and files • Enumerating running processes and terminating specific process • Downloading file from specified links • Uploading files to remote server • Executing specified file • Taking desktop snapshots and Keylogging • Stealing saved login credentials
Advanced Persistent Threats – Predictions for 2016 • Spear-phishing and social engineering to remain prominent infection vectors • Evolving encryption and obfuscation methods to evade traditional security detections • Adoption of Anti-Sandbox and Anti-VM techniques to bypass sandbox-based security solutions
Exploit Kits Top Exploit Kits Distribution
Android Malware 2015 Review Category-wise Android Malware Detection Statistics
Android Malware 2015 Review • Third-Party app stores from China and Russian contributing to Android malware growth • New Android malware in 2015 • 803 malware families and 757 variants • 28 Ransomware variants • 21 banking Trojans • Android Ransomware • LockerPin – modifies infected device’s PIN
Android Malware 2015 Review Android OS Distribution Statistics
Android Malware 2015 Review Android Security Vulnerability Statistics Source: http://www.cvedetails.com
Android Malware – Predictions for 2016 • Malware exploiting ad networks • Rise of malware exploiting Android vulnerabilities for auto root • 130 Android vulnerabilities discovered in 2015 • Segmented Android distribution • Most times OS updates are not available from vendors • More money! More malware! • Targeting new mobile payment technologies • Mobile wallets, in-app purchases etc.
Rise of Internet of Things (IoT) – A Look Ahead • Limited processing power of connected devices inhibits encryption and other robust security measures • Upatre exploiting routers with known default root passwords • Challenges: • Ubiquitous data collection • Potential for unexpected uses of consumer data • Heightened privacy & security risks
IoT - SMART TV • SMART TV features • Voice Recognition • Gesture Controls • Facial Recognition • Fitness Services • Samsung warns customers about discussing personal information in front of smart TV • Read Privacy Policy at • https://www.samsung.com/uk/info/privacy-SmartTV.html
CONCLUSION • Unpatched OS and applications are open invitation for infection • Ransomware will continue to grow with targeted reach • PUAs are on the rise • APTs will become more common • Exploit Kits integrating zero day vulnerabilities faster • Android malware will take advantage newly discovered vulnerabilities • IoT Security will add new dimension to Cyber Security
Got any queries regarding this webinar? Write to us at: • CorporateCommunications@quickheal.co.in Follow us on: • Facebook: www.facebook.com/quickhealav • Twitter: www.twitter.com/quickheal • Google Plus: bit.ly/QuickHealGooglePlus • YouTube: www.youtube.com/quickheal • SlideShare: http://www.slideshare.net/QuickHealPPTs Visit us: • Website: www.quickheal.com • Official Blog: blogs.quickheal.com
Thank You! Threat Research & Response Team

More Related Content

Cyber Security Predictions 2016

  • 1. Cyber Security Predictions 2016 Threat Research & Response Team Quick Heal Technologies Ltd.
  • 2. Agenda • 2015 Review – A Look Back • Ransomware • The Evolution of Money Making Malware • Potentially Unwanted Applications (PUA) • Advanced Persistent Threats • Exploit Kits • Android Malware • Rise of Internet of Things (IoT)
  • 3. 2015 Review – A Look Back Quarter-wise Malware Detection Statistics
  • 4. 2015 Review – A Look Back Category-wise Malware Detection Statistics
  • 5. 2015 Review – A Look Back Operating System Distribution of Quick Heal Users
  • 6. Unpatched Software is the Silent Killer! • Operating System • Web Browsers • Microsoft Office, Java, Adobe Reader and Flash • CVE-2012-0158 – Microsoft Office vulnerability exploited in wild
  • 7. Ransomware – Locks Down User’s Machines
  • 8. Ransomware – Locks Down User’s Machines • Continued dominance as the most destructive malware in 2015 • Ransomware-as-a-Service (RaaS) • Commoditized the creation of ransomware • To develop and distribute customized ransomware • Crowti, CryptoWall and TeslaCrypt - The consistent performers • Chimera brings in data extortion techniques
  • 9. SURVEY 1 • Do you have a defined data backup policy and process in place? • Yes / No • What type of data backup do you undertake? • Online / Offline / Both / No • What is the frequency of your data backup? • Incremental / Daily / Weekly / Never
  • 10. The Evolution of Money Making Malware Adware Spyware Rogueware Ransomware Extortionware Banking Trojan POS Malware
  • 11. Extortionware • Hackers hold Hollywood Presbyterian Medical Center systems for ransom • Hospital is down for a week and all services are stopped • Demand 9,000 bitcoin ( $3.6 million ) for a ransomware key
  • 12. Ransomware – Predictions for 2016 • Ransomware will continue to be a challenge in 2016 • Encrypting Ransomware samples will also have data theft capability • Targeting Android and iOS platforms • They are expected to get highly targeted in nature • They will use extortion tactics with threats to make stolen data public • It is highly advised to implement backup policies and processes with high-end encryption
  • 13. Potentially Unwanted Applications (PUA) • Come as Downloaders, Installers or Bundlers for free applications • Modify web browser settings like • Default search engine and home page • Add extensions to web browser • Show advertisements • Collect personal data and browsing habits used for targeted marketing • Download other malicious components • Exponential growth of digitally signed malware in recent years
  • 15. Potentially Unwanted Applications (PUA) • Be alert when downloading and installing only intended applications • Read License Agreement carefully • especially privacy policy and risks involved • Avoid downloading from fake links displayed as advertisements • Recommended to use Quick Heal AntiMalware • To detect and remove some tricky PUA’s
  • 17. Advanced Persistent Threats • Objective is different from other malware • Advanced • Spear Phishing, steals confidential and critical data • Targets sectors with high value information – national defense, manufacturing and financial industry • Persistent • Stays undetected for long duration of period • Famous APT examples • Stuxnet – discovered in August 2010, targeting Iran’s Nuclear Plants • Duqu, Flame, Dark Hotel
  • 18. Advanced Persistent Threats Advanced Persistent Threats Detection Statistics
  • 19. Advanced Persistent Threats Equipped with functionalities like • Steal personal information • Listing all drives and files • Enumerating running processes and terminating specific process • Downloading file from specified links • Uploading files to remote server • Executing specified file • Taking desktop snapshots and Keylogging • Stealing saved login credentials
  • 20. Advanced Persistent Threats – Predictions for 2016 • Spear-phishing and social engineering to remain prominent infection vectors • Evolving encryption and obfuscation methods to evade traditional security detections • Adoption of Anti-Sandbox and Anti-VM techniques to bypass sandbox-based security solutions
  • 21. Exploit Kits Top Exploit Kits Distribution
  • 22. Android Malware 2015 Review Category-wise Android Malware Detection Statistics
  • 23. Android Malware 2015 Review • Third-Party app stores from China and Russian contributing to Android malware growth • New Android malware in 2015 • 803 malware families and 757 variants • 28 Ransomware variants • 21 banking Trojans • Android Ransomware • LockerPin – modifies infected device’s PIN
  • 24. Android Malware 2015 Review Android OS Distribution Statistics
  • 25. Android Malware 2015 Review Android Security Vulnerability Statistics Source: http://www.cvedetails.com
  • 26. Android Malware – Predictions for 2016 • Malware exploiting ad networks • Rise of malware exploiting Android vulnerabilities for auto root • 130 Android vulnerabilities discovered in 2015 • Segmented Android distribution • Most times OS updates are not available from vendors • More money! More malware! • Targeting new mobile payment technologies • Mobile wallets, in-app purchases etc.
  • 27. Rise of Internet of Things (IoT) – A Look Ahead • Limited processing power of connected devices inhibits encryption and other robust security measures • Upatre exploiting routers with known default root passwords • Challenges: • Ubiquitous data collection • Potential for unexpected uses of consumer data • Heightened privacy & security risks
  • 28. IoT - SMART TV • SMART TV features • Voice Recognition • Gesture Controls • Facial Recognition • Fitness Services • Samsung warns customers about discussing personal information in front of smart TV • Read Privacy Policy at • https://www.samsung.com/uk/info/privacy-SmartTV.html
  • 29. CONCLUSION • Unpatched OS and applications are open invitation for infection • Ransomware will continue to grow with targeted reach • PUAs are on the rise • APTs will become more common • Exploit Kits integrating zero day vulnerabilities faster • Android malware will take advantage newly discovered vulnerabilities • IoT Security will add new dimension to Cyber Security
  • 30. Got any queries regarding this webinar? Write to us at: • CorporateCommunications@quickheal.co.in Follow us on: • Facebook: www.facebook.com/quickhealav • Twitter: www.twitter.com/quickheal • Google Plus: bit.ly/QuickHealGooglePlus • YouTube: www.youtube.com/quickheal • SlideShare: http://www.slideshare.net/QuickHealPPTs Visit us: • Website: www.quickheal.com • Official Blog: blogs.quickheal.com
  • 31. Thank You! Threat Research & Response Team

Editor's Notes

  1. Windows XP Windows XP support has ended As of April 8, 2014, support and updates for Windows XP are no longer available. Don't let your PC go unprotected. What happens if I continue to use Windows XP? If you continue to use Windows XP now that support has ended, your computer will still work but it might become more vulnerable to security risks and viruses. Internet Explorer 8 is also no longer supported, so if your Windows XP PC is connected to the Internet and you use Internet Explorer 8 to surf the web, you might be exposing your PC to additional threats. Also, as more software and hardware manufacturers continue to optimize for more recent versions of Windows, you can expect to encounter more apps and devices that do not work with Windows XP.
  2. rat – Remote Access Tools apt30 – APT 30 campaign mso – Operation IndiaIT News other – remaining APT detections crypt – cryptors used APT script – AutoIT, Javascript, and ZXShell bncc – bncc attack