cybercrime threat landscape: cyber criminals never sleep
Post on 14-Sep-2014
1.185 views
DESCRIPTION
A Glimpse into the Cybercrime Underground In this session, Trusteer’s senior fraud prevention strategist, Etay Maor, will dive into the latest tools, techniques and threats developed and utilized by cybercriminals. The presentation will include a market overview of the latest offerings from the criminal underground, with a deep dive into some of the techniques discussed by cybercriminals, and review how they manifest as real attacks with real examples and case studies. A share of the presentation will also be dedicated to possible mitigation strategies and techniques. During this webinar you will learn about: New malware attack and evasion techniques The latest underground offerings on the “fraud as a service” market The latest rumors and discussions around malware and malware authors from the underground Real-time intelligence and adaptable counter measuresTRANSCRIPT
Cybercrime Threat Landscape: Cyber Criminals Never Sleep
Etay MaorSenior Fraud Prevention Strategist
© IBM Trusteer, 2014
Security Silos FAIL!
© IBM Trusteer, 2014 3
Holistic Approach for Cybercrime
WWW
Phishing and Malware Fraud
Advanced Threats (Employees)
Online/Mobile Banking
Money, Intellectual Property, Business Data
Account Takeover, New Account Fraud
Mobile Fraud Risk
Phishing
4
© IBM Trusteer, 2014 5
New C&Cs for Phishing
© IBM Trusteer, 2014 6
Targeting Security Solutions:
External and Perimeter Anti virus Sandbox VMs
Login Credential protection and encryption OTP SMS Device ID
Internal Behavior anomaly detection Clickstream analysis
© IBM Trusteer, 2014 7
Malware Protection
Malware Protection - Outsource
© IBM Trusteer, 2014
Device Forging
© IBM Trusteer, 2014
Bypassing Device ID
Notification
LoginInjection
© IBM Trusteer, 2014
Bypassing Device ID
RDP
Transaction
© IBM Trusteer, 2014 12
Behavior and Device ID Tricks
The data source: Large European bank 3 weeks worth of data 1.5M accounts reviewed 10M login attempts
Fraudsters know behavioral profiling is in action Fraud does not happen on the first login
30% of the users come from a mobile device Confirmed fraud coming from the mobile channel. WHY?
New Mobile Threats
13
© IBM Trusteer, 2014
How Times Have Changed…
© IBM Trusteer, 2014
Overlay Mobile Attack
© IBM Trusteer, 2014
Overlay Mobile Attack
© IBM Trusteer, 2014
Mobile Ransomware
Cybercrime Services
18
© IBM Trusteer, 2014 19
© IBM Trusteer, 2014
A Page From a CT Book – Sounds Familiar?
© IBM Trusteer, 2014
Building a Solution
Advanced Fraud
Prevention
Real Time Intelligence• Integrated: fully
integrated to leverage threat data across channels
• Global: identify threats any time, anywhere for all channels
Seamless Experience• Transparent: minimize
“action items” to user• Automated: minimize
“action items” to staff
Accurate Analysis• Focused: root cause• Impactful: prevent,
detect, mitigate and remediate
Adaptive Controls• Intelligent: build with
the “unknowns” • Dynamic: rapidly
updatable software
© IBM Trusteer, 2014
And Always Remember – Security is in YOUR Hands
© IBM Trusteer, 2014 23
And Always Remember – Security is in YOUR Hands
© IBM Trusteer, 2014 24
And Always Remember – Security is in YOUR Hands
Thank You