disruptive innovation in cybercrime techniques
Upload: centro-de-investigacion-para-la-gestion-tecnologica-del-riesgo-cigtr
Post on 12-May-2015
294 views
DESCRIPTION
Etay Maor. Senior Fraud Prevention Strategist. Trusteer (an IBM company). Curso de Verano "Innovación Disruptiva en tecnologías de seguridad". Campus Vicálvaro de la URJC. Summer Course "Disruptive innovation in security technologies". URJC's Vicálvaro Campus.TRANSCRIPT
Disruptive Innovation in Cybercrime Techniques
Etay Maor
Senior Fraud Prevention Strategist
© IBM Trusteer, 2014
Security Silos FAIL!
© IBM Trusteer, 2014
Targeting Security Solutions:
External and Perimeter
Anti virus
Sandbox
VMs
Login
Credential protection and encryption
OTP SMS
Device ID
Internal
Behavior anomaly detection
Clickstream analysis
3
© IBM Trusteer, 2014
Malware Protection
4
© IBM Trusteer, 2014
Malware Protection
5
Malware Protection - Outsource
© IBM Trusteer, 2014
Device Forging
© IBM Trusteer, 2014
Bypassing Device ID
Notification
LoginInjection
© IBM Trusteer, 2014
Bypassing Device ID
RDP
Transaction
© IBM Trusteer, 2014
Behavior and Device ID Tricks
10
The data source:
Large European bank
3 weeks worth of data
1.5M accounts reviewed
10M login attempts
Fraudsters know behavioral profiling is in action
Fraud does not happen on the first login
30% of the users come from a mobile device
Confirmed fraud coming from the mobile channel. WHY?
New Mobile Threats
11
© IBM Trusteer, 2014
How Times Have Changed…
Trusteer Confidential 2013 ©
Ajax Vs Barcelona
13
Trusteer Confidential 2013 ©
Ajax Vs Barcelona???
14
© IBM Trusteer, 2014
Overlay Mobile Attack
© IBM Trusteer, 2014
Overlay Mobile Attack
© IBM Trusteer, 2014
Mobile SVPENG
17
© IBM Trusteer, 2014
Mobile SVPENG
1
8
C&C – ransomware preparations
© IBM Trusteer, 2014
Mobile Ransomware
Thank You