2009 kl cybercrime kaspersky
DESCRIPTION
Presentatie gebruikt door Kaspersky op het seminarie georganiseerd door ICTloket.be op 15 april 2009.TRANSCRIPT
![Page 1: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/1.jpg)
Cybercrime & solutions for
Home users and Small
Businesses
Copyright by Kaspersky Lab
BusinessesEddy Willems
Security EvangelistEICAR Director Information & Press
![Page 2: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/2.jpg)
Agenda
� About Kaspersky Lab
� History
� Cyber Crime ...
Copyright by Kaspersky Lab
� Cyber Crime ...
� Future
![Page 3: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/3.jpg)
About Kaspersky Lab
� International leader in internet security, visionary part
Gartner quadrant
� Advanced antivirus, antispyware, antispam and firewall
� More than 250 million protected users worldwide
� 10 R&D and virus labs worldwide
Copyright by Kaspersky Lab
� 10 R&D and virus labs worldwide
� Over 1400 employees, 450 developers & engineers
� Local sales, marketing and technical support
� Local virus detection by Benelux virus lab
� Fast reaction time and automatic hourly updates
![Page 4: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/4.jpg)
Leading IT security players worldwide
Copyright by Kaspersky Lab
Have Chosen Kaspersky Lab TechnologyHave Chosen Kaspersky Lab Technology
![Page 5: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/5.jpg)
Antivirus experts and virus analysts
� AVIEN (Anti-Virus Information
Exchange Network)
� CARO (Computer Antivirus
Research Organization)
� ICSA (International Computer
The Kaspersky Virus Lab The Kaspersky Virus Lab -- sharing knowledge through malware researchsharing knowledge through malware research
� Industry-leading knowledge resource – http://www.viruslist.com
� Our team of virus analysts is active in
Copyright by Kaspersky Lab
� ICSA (International Computer
Security Association)
� AVAR (Association of Antivirus
Asia Researchers)
� IMPACT (international partnership
dedicated to combating terrorist
activities in the area of information
technology)
� EICAR (European Institute for
Computer AntiVirus Research)
![Page 6: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/6.jpg)
TIME
Copyright by Kaspersky Lab
TIME
![Page 7: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/7.jpg)
Some History: The old days !
Copyright by Kaspersky Lab
![Page 8: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/8.jpg)
SPAM
Some years ago ...
Virus
Copyright by Kaspersky Lab
SPAM
Worm
Trojan
![Page 9: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/9.jpg)
SPAM
Today’s Threats …
Virus
Spyware
AdwareBot R
emo
te
Co
ntro
l Ag
ent
Root-kitsPhishing
Copyright by Kaspersky Lab
Trojan
Worm
Bot
Zombie
Pharming
Keystroke
logger
Rem
ote-
Co
ntro
l Ag
ent
Screen
grabberPassword
grabber
Premium-
Rate Dialer
![Page 10: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/10.jpg)
What are the real threats ?
VirusesWorms Spyware
PeerToPeer
attacks
Data Theft
Copyright by Kaspersky Lab
Bad StuffAdware
Exploits
User Phishing
Spam
attacks
DoS
Identity Theft
DDoS Mailers
External
HackerInternal
Hacker
Vulnerabilities
![Page 11: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/11.jpg)
The end of global epidemics
10
15
20
25Epidemics
Copyright by Kaspersky Lab
Source: Kaspersky Lab
0
5
10
Quarters
Epidemics
2002 2003 2004 2005 2006 2007
![Page 12: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/12.jpg)
Increasing Numbers
1.000.000
1.200.000
1.400.000
1.600.000KL records
Copyright by Kaspersky Lab
0
200.000
400.000
600.000
800.000
1.000.000
Source: Kaspersky Lab
98 99 00 01 02 03 04 05 06 07 08
![Page 13: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/13.jpg)
� Types of malware in daily updates
Cyber crime
300
400
500 Cyber vandalism
Petty fraud
Cyber crime
Copyright by Kaspersky Lab
Source: Kaspersky Lab
0
100
200
300
1998 1999 2000 2001 2002 2003 2004 2005 2006 2007
![Page 14: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/14.jpg)
The Ecosystem
VictimsE-Criminals
Copyright by Kaspersky Lab
Police ITTP Industry
![Page 15: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/15.jpg)
The Rogues’ Gallery – The Script Kiddies
Copyright by Kaspersky Lab
Jeffrey Lee Parson Jeffrey Lee Parson ––1818 –– (USA)(USA)Arrested August Arrested August 2929,, 2003 2003
for the Lovesanfor the Lovesan..b virusb virus
Sven Jaschan Sven Jaschan –– 18 18 ––(Germany)(Germany)Arrested May Arrested May 77,, 2004 2004 for for
NetSkyNetSky andand Sasser virusesSasser viruses
Chen IngChen Ing--Hau Hau –– 24 24 (Taiwan)(Taiwan)Arrested September Arrested September 2121,,
2000 2000 for the CIH virusfor the CIH virus
![Page 16: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/16.jpg)
The Rogues’ Gallery – Binary Thieves
Copyright by Kaspersky Lab
Jeanson James Jeanson James Ancheta Ancheta –– 2020 (USA)(USA)Arrested November Arrested November 33,, 2005 2005
for creating zombie for creating zombie
networksnetworks and leasing them and leasing them
for spam mailing and DDoS for spam mailing and DDoS
attacks on websitesattacks on websites
Farid Essebar Farid Essebar --18 (Morocco), Atilla Ekici 18 (Morocco), Atilla Ekici –– 21 21 (Turkey)(Turkey)Arrested on August Arrested on August 2626,, 2005 2005 for creating zombie for creating zombie
networksnetworks using Mytob andusing Mytob and Zotob Zotob ((BozoriBozori)) wormsworms
![Page 17: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/17.jpg)
Today we are fighting these!
Copyright by Kaspersky Lab
� Jeremy Jaynes
Millionaire,
and a spammer
� Jay Echouafni
CEO,
and a DDoS attacker
� Andrew Schwarmkoff
Member of Russian
mob, and a phisher
![Page 18: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/18.jpg)
One of the big problems: Botnets
Copyright by Kaspersky Lab
One of the big problems: Botnets
![Page 19: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/19.jpg)
What is a botnet ? part 1
Copyright by Kaspersky Lab
![Page 20: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/20.jpg)
What is a botnet ? part 2
Copyright by Kaspersky Lab
![Page 21: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/21.jpg)
What is a botnet ? part 3
Copyright by Kaspersky Lab
![Page 22: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/22.jpg)
What can you see ?
Copyright by Kaspersky Lab
![Page 23: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/23.jpg)
Using botnet
� DDoS for fun and glory
� Sending spam, making spamlists
� Phishing
� Stealing private data
Copyright by Kaspersky Lab
� Stealing private data
� Ransoming
� Botnet renting
![Page 24: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/24.jpg)
New territories: Social Networking
�Blogs, forums
�Wiki
�MySpace, YouTube
�Other online communities:
Copyright by Kaspersky Lab
Who’s on Facebook?
![Page 25: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/25.jpg)
�� ProfitabilityProfitability
�� Easy to doEasy to do
((technically and morallytechnically and morally))
CyberCrime is Big Business
Copyright by Kaspersky Lab
�� Low risk businessLow risk business
�� New services that are New services that are
profitable to attackprofitable to attack
![Page 26: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/26.jpg)
Today’s Networks Lack Clear, Crisp Boundaries
� Internal/External network
� Individual Users connect from
multiple locations
� Managed/Unmanaged devicesCCCCoooonnnnttttrrrraaaacccc
TelecommTelecommTelecommTelecomm
utersutersutersuters
Copyright by Kaspersky Lab
Internet
� Managed/Unmanaged devices
� Individual devices operate both
inside the network, and on public
networks
� New Devices on the Network
eg. SmartPhones, etc ….
CCCCoooonnnnttttrrrraaaacccc
Mobile Mobile Mobile Mobile
UsersUsersUsersUsers
Network
WirelessWirelessWirelessWireless
UsersUsersUsersUsers
![Page 27: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/27.jpg)
Top 10: Safe Internet Security Tips
� 1. Make backups
� 2. Update software regularly and check this
� 3. Use upgraded anti-virus/spyware software and update regularly and
check this
� 4. Use a personal desktop firewall
Copyright by Kaspersky Lab
� 5. Use difficult passwords
� 6. Be very carefull with unknown files or programs
� 7. Surf sure and browse logically
� 8. Thnik twice when leaving personal data somewhere
� 9. do not react on SPAM
� 10. Use common sense
![Page 28: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/28.jpg)
What do we really need ?
VirusesWorms Spyware
PeerToPeer
attacks
Data Theft
Copyright by Kaspersky Lab
Bad StuffAdware
Exploits
User Phishing
Spam
attacks
DoS
Identity Theft
DDoS Mailers
External
HackerInternal
Hacker
Vulnerabilities
![Page 29: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/29.jpg)
Thank you
Copyright by Kaspersky Lab
![Page 30: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/30.jpg)
KOSS
Copyright by Kaspersky Lab
KOSS
![Page 31: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/31.jpg)
Kaspersky Open Space Security
Copyright by Kaspersky Lab
![Page 32: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/32.jpg)
A perfect combination of ….� Legendary good detection with very quick reaction time� New improved scanning engine with rootkit cleaning
� Improved Heuristic scanner
(emulation+sandbox)
So what do we have?
Copyright by Kaspersky Lab
(emulation+sandbox)
� Behaviour blocker + HIPS
(proactive detection)
� An easy firewall
� Anti-Spam� Vulnerability Scanner
� Web control and Device control
� Within one easy package !!!
![Page 33: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/33.jpg)
Don’t forget
Copyright by Kaspersky Lab
KMS
![Page 34: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/34.jpg)
Kaspersky Anti-Virus Mobile
� On-access monitor intercepts all data channels
� On-demand monitor for manual scan
� SMS spam filtering and other value-add features
� Firewall
� Anti-theft: SMS Block, SMS Clean, SIM Watch : Unique feature
Copyright by Kaspersky Lab
� Anti-theft: SMS Block, SMS Clean, SIM Watch : Unique feature
� Digitally signed updates via WAP, HTTP or from PC folder
� Minimal amount of system resources used
� Flexible customization options for OEMs, mobile operators, device vendors and content providers
� Supports all popular devices, including SonyEricsson, NOKIA, Siemens, Samsung, Panasonic, Sendo and other vendors
� Available for Symbian, Windows Mobile
![Page 35: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/35.jpg)
A different view ...
Copyright by Kaspersky Lab
KHSS
![Page 36: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/36.jpg)
KasperskyKaspersky
Hosted Mail Hosted Mail
SecuritySecurity
KasperskyKaspersky
Hosted Web Hosted Web
Security Security
KasperskyKaspersky
Hosted IM Hosted IM
Security Security
Cascaded Virus Cascaded Virus protectionprotection
Comprehensive Spam Comprehensive Spam protectionprotection
What do we offer?
Virus Virus protectionprotection
Content Content ControlControl
URLURL--FilterFilter
Virus Virus protectionprotection
SPIM SPIM protectionprotection
Content Content ControlControl
Copyright by Kaspersky Lab
protectionprotection
Content Content ControlControl
InboundInbound andand OutboundOutbound
ScalableScalable
ReportingReporting
ScalableScalable
ReportingReporting
ScalableScalable
ReportingReporting
![Page 37: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/37.jpg)
Consumer v2009
Copyright by Kaspersky Lab
KAV & KIS
![Page 38: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/38.jpg)
New Technologies in v2009KAV / KIS v2009 (8.0) : AV signatures + PDM + Emulator +
Improved Heuristics
- Behaviour control {Security Rating, WhiteListing, Rules
engine} => Improved HIPS
- Vulnerability Checker
- Virtual Keyboard
- In-the Cloud protection: Kaspersky Security Network
Copyright by Kaspersky Lab
- In-the Cloud protection: Kaspersky Security Network
- Online Check + Rescue Disk Image
- Improved Anti-Rootkit
- Improved Firewall
- Improved Parental Control
- Easier Wizards
� First Hybrid Technology Product in the world
![Page 39: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/39.jpg)
Automatic Classification of Applications
Copyright by Kaspersky Lab
Avantages : Each
application is
automatically
categorized based on
criteria managed by KIS
2009
Much less user
interaction needed while
less false postives
![Page 40: 2009 Kl Cybercrime Kaspersky](https://reader033.vdocuments.mx/reader033/viewer/2022052823/55549b12b4c90502618b4685/html5/thumbnails/40.jpg)
Copyright by Kaspersky Lab