SlideShare une entreprise Scribd logo

Website Security Threats: Spotlight on the Netherlands

Télécharger en tant que PPTX, PDF
Symantec Website Security
Symantec Website Security

The topic of security has grabbed headlines over the last few years and indeed the last few weeks, but most of this attention has focused on a small percentage of large enterprises. However, security is not an issue for them alone, as mid-market companies increasingly deal with the same threats. Join Symantec Website Security Solutions to understand how you can take a proactive website security stance. A webinar posted here https://www.brighttalk.com/webcast/6331/109323 looks at the size of Ecommerce market opportunity in the Netherlands, and the threat landscape in general and website security solutions that can help your protect your company.

TechnologieFormation
1  sur  41
Website Security Threats: Spotlight on the Netherlands 2 May 2014 9.30am CET Jane Broderick – Account Manager Andrew Horbury – Product Marketing Manager
Agenda • The growing market opportunity • Cybercrime • Data Breaches • Website Vulnerabilities & Malware • Targeted Attacks • CA breaches • Diginotar • Symantec Website Security Solutions Spotlight on the Netherlands 2
Spotlight on the Netherlands 3
Ecommerce in Europe Spotlight on the Netherlands 4
Netherlands Ecommerce • 94% of 16,7 million Dutch population used the Internet in 2012 • 10.9 million Dutch citizens bought goods and services online , amounting to a total value of €9.8bn in 2012. This represents an increase of 9,1% compared to 2011. Spotlight on the Netherlands 5
Who is affected most by cybercrime? Spotlight on the Netherlands 6 CYBERCRIME VICTIMS MORE LIKELY TO BE: MALE – 64% (COMPARED TO 58% OF FEMALES) MILLENNIAL – 66% (COMPARED TO 54% OF BABY BOOMERS) AND: • MOBILE DEVICE OWNERS – 63% • SOCIAL NETWORK USERS – 63% • PUBLIC / UNSECURED WI-FI USERS – 68% • EMERGING MARKET – 68% • PARENT OF CHILDREN 8-17 – 65% 85% CHINA 77% RUSSIA 73% SOUTH AFRICA Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
EUR82 BN FRAUD 38% THEFT OR LOSS 21% REPAIRS 24% OTHER 17% 83% OF DIRECT FINANCIAL COSTS ARE A RESULT OF FRAUD, REPAIRS, THEFT AND LOSS EUR215 AVERAGE COST PER VICTIM THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf REPRESENTS A 50 PERCENT INCREASE OVER 2012 ENOUGH TO HOST THE 2012 LONDON OLYMPICS NEARLY 10 TIMES OVER Spotlight on the Netherlands 7
1 ALL AMOUNTS IN EUR (at 26 April 2014) ROUNDED TO THE NEAREST BILLION 27 USA BN 2MEXICO BN 6BRAZIL BN 9 EUROPE BN 1RUSSIA BN 28CHINA BN 3INDIA BN 1 JAPAN BN AUSTRALIA BN THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME 0.2 SOUTH AFRICA BN CANADA 2 BN; SINGAPORE 0.7 BN; NEW ZEALAND 0.1 BN; TURKEY 1.4 BN; SAUDI ARABIA 0.4 BN; UAE 0.2 BN; COLOMBIA 0.4 BN Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
• THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME • EUR82 BILLION ANNUALLY, COST PER CYBERCRIME VICTIM UP 50 PERCENT • THE SCALE OF CONSUMER CYBERCRIME • 1 MILLION+ VICTIMS DAILY • CREATING PERFECT STORM AS LINES BLUR BETWEEN WORK/PLAY • 49% USE THEIR PERSONAL DEVICE FOR WORK AND PLAY • AROUND ONE-IN-FIVE SHARE WORK RELATED INFORMATION WITH FRIENDS AND FAMILY Spotlight on the Netherlands 9 Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
Netherlands: State of the nation • 30% of adults have experienced cybercrime in the past 12 months (61% globally) • 3M cybercrime victims in the past 12 months (378M globally) • 53% of males who have been victim of cybercrime in their lifetime (sorry no number available for females) (64% globally) • 137M EUR: total cost of cybercrime in the past 12 months (82Bn EUR globally) • 53EUR: Average direct cost per cybercrime victim in the past 12 months (215EUR globally) • Social network users who do not log out after each session 53% (39% globally) • Social network users who share their social media passwords with others 30% (keep an eye on this one). Spotlight on the Netherlands 10
We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. Spotlight on the Netherlands 11
We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. USUALDon’t share passwords or reuse them on multiple sites Spotlight on the Netherlands 12
Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 13 The Year of the Breach
Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 14
Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 15 2013 was the Year of the Mega Breach
2013 Year of the Mega Breach Source: 2012 Symantec ISTR • 8 of the top 10 breaches were of more than 10 million identities • Average Identities exposed were 4 times greater than 2012 Spotlight on the Netherlands 16
Breaches • The average number of identities exposed per data breach for Hacking incidents was approximately 4.7 million. • Theft or loss of a device was ranked third, and accounted for 27% of data breach incidents. Spotlight on the Netherlands 17
Mega Breaches – What Was Lost Spotlight on the Netherlands 18
Vulnerabilities 19Spotlight on the Netherlands
Vulnerabilities • With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware 20Spotlight on the Netherlands
• Targeted Attacks predominantly start as spear phishing attacks • In 2012, Watering Hole Attacks emerged Send an email to a person of interest Spear Phishing Infect a website and lie in wait for them Watering Hole Attack Spotlight on the Netherlands 21
Effectiveness of Watering Hole Attacks • Watering Hole attacks are targeted at specific groups • Can capture a large number of victims in a very short time Infected 500 Companies Watering Hole Attack in 2012 1 All Within 24 Hours Spotlight on the Netherlands 22
Watering Hole Targeted iOS Developers • Several high profile companies fall victim to just such an attack Spotlight on the Netherlands 23
Website Security Challenges Evolving Regulations • Externalisation & Virtualisation • Consolidation • Integration Evolving Cyber Crime • Web-Focused • Targeting users • Stealing Confidential Information Evolving Web Use Enable Business Innovation and Agility Protect the Brand Evolving Infrastructures • Consumerisation • More Mobility • Social Augmented ‘Big Data’ Website • Protect the Consumer • Protect the User • Increasing scope Spotlight on the Netherlands 24
Implications of the Evolving Threat Landscape Individual SMB’s Large companies and Enterprises Symantec Increase security of their sites and apps Manage, monitor and automate security of servers/sites/apps. Provide our customers with additional security services Consumers Which sites can I trust? Who can I trust? Spotlight on the Netherlands 25
http://bit.ly/1oT6qwc • DigiNotar breach • Browser Exploit Against SSL/TLS Attack (BEAST) • SSL Renegotiation Attack • CRIME, Lucky 13 • Heartbleed Its clear that SSL is more newsworthy today than ever SSL in the news……. 26
Heartbleed – OpenSSL Vulnerability • This is not a vulnerability with SSL/TLS • SSL/TLS is not broken, nor are the SSL certificates issued by Symantec • Users of Open SSL versions 1.0.1 through (and including) 1.0.1f are affected Advice for Businesses Check your version of OpenSSL and either: • Recompile OpenSSL without the heartbeat extension • Update to the latest fixed version of the software (1.0.1g) if you are using OpenSSL versions 1.0.1 through (and including) 1.0.1f • After moving to a fixed version of OpenSSL, contact the SSL certificate’s issuing Certification Authority for a replacement • Finally, businesses should also consider resetting end-user passwords that potentially may have been visible in compromised server memory. Website Security Threats: April 2014 Update
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 28
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 29
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 30
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 31
Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 32
CA news Spotlight on the Netherlands 33
Spotlight on the Netherlands More servers, more certificates, more developers, more complexity Late night calls when a certificate expires, or is wrongly configured What happens when things do go wrong 34
Expired & Misconfigured Certificates Drive Costs, Losses & Brand Damage CALLS TO TECH SUPPORT USERS TRAINED TO IGNORE WARNINGS LOST PRODUCTIVITY MISSED SALES OPPORTUNITIES DEFECTION TO COMPETITORS DAMAGE TO BRAND AND CREDIBILITY CALLS TO CUSTOMER SUPPORT INTERNAL APPLICATIONS EXTERNAL APPLICATIONS Spotlight on the Netherlands 35
Five to do’s 1. Do you know what certificates you have? – Their expiry dates, how to renew them? 2. Be ready: Expect the unexpected but mitigate the risk 3. How can you deliver improved reporting across your organisation 4. New Algorithms can reduce overheads and create efficiencies – do you know what they are? 5. Are you ready and prepared for Internal Server Name Deprecation? Spotlight on the Netherlands 36
One final to do • Call me – I understand SSL, your challenges and needs –Jane Broderick –Tel: +44 20 7448 5608 –Email: jane_broderick@symantec.com Spotlight on the Netherlands 37
More information? Spotlight on the Netherlands 2013 ISTR: www.symantec.com/threatreport/ Always-On SSL: go.symantec.com/always-on-ssl/ Symantec Certificate Intelligence Center: go.symantec.com/certificate-intelligence- center Symantec Website Security Solutions www.symantec.com/ssl 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf Twitter @nortonsecured 38
Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Spotlight on the Netherlands 39 Jane Broderick – Account Manager Tel: +44 207 4485 608 email: jane_broderick@symantec.com Andrew Horbury – Product Marketing Tel: +44 7703 468 966 email: andrew_horbury@symantec.com
Web-based threats: Any website can infect you • In the past – you had to visit dangerous sites to get infected but today it could be a legitimate site attacking you • Web malware exploits - leverage software vulnerabilities without users knowledge • Which sites can infect you? Your favourites: – News, travel, online games, real estate, government, many others With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware • 78% of scanned websites have vulnerabilities • 1 in 8 sites had critical unpatched vulnerabilities • In 2013, over 56,000 domains were used to host web malware Source: Symantec ISTR Spotlight on the Netherlands 40
CA news Spotlight on the Netherlands 41

Recommandé

Web Based Marketing
Web Based MarketingWeb Based Marketing
Web Based MarketingB2BPlanner Ltd.
 
Web Security Threats and Solutions
Web Security Threats and Solutions Web Security Threats and Solutions
Web Security Threats and Solutions Ivo Andreev
 
Security Threats to Electronic Commerce
Security Threats to Electronic CommerceSecurity Threats to Electronic Commerce
Security Threats to Electronic CommerceDarlene Enderez
 
E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesInderjeet Singh
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
6. Security Threats with E-Commerce
6. Security Threats with E-Commerce6. Security Threats with E-Commerce
6. Security Threats with E-CommerceJitendra Tomar
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final pptreemalmarri
 

Recommandé

Web Based Marketing
Web Based MarketingWeb Based Marketing
Web Based MarketingB2BPlanner Ltd.
 
Web Security Threats and Solutions
Web Security Threats and Solutions Web Security Threats and Solutions
Web Security Threats and Solutions Ivo Andreev
 
Security Threats to Electronic Commerce
Security Threats to Electronic CommerceSecurity Threats to Electronic Commerce
Security Threats to Electronic CommerceDarlene Enderez
 
E commerce security
E commerce securityE commerce security
E commerce securityShakti Singh
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesInderjeet Singh
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
6. Security Threats with E-Commerce
6. Security Threats with E-Commerce6. Security Threats with E-Commerce
6. Security Threats with E-CommerceJitendra Tomar
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final pptreemalmarri
 
Symantec Code Sign (NAM)
Symantec Code Sign (NAM)Symantec Code Sign (NAM)
Symantec Code Sign (NAM)Symantec Website Security
 
Symantec Code Signing (SE)
Symantec Code Signing (SE)Symantec Code Signing (SE)
Symantec Code Signing (SE)Symantec Website Security
 
Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода SymantecSymantec Website Security
 
Symantec Code Signing (IT)
Symantec Code Signing (IT)Symantec Code Signing (IT)
Symantec Code Signing (IT)Symantec Website Security
 
Symantec Code Signing (FR)
Symantec Code Signing (FR)Symantec Code Signing (FR)
Symantec Code Signing (FR)Symantec Website Security
 
Code signing de Symantec (ES)
Code signing de Symantec (ES)Code signing de Symantec (ES)
Code signing de Symantec (ES)Symantec Website Security
 
Symantec Code Signing (DE)
Symantec Code Signing (DE)Symantec Code Signing (DE)
Symantec Code Signing (DE)Symantec Website Security
 
Symantec Code Signing (CH)
Symantec Code Signing (CH)Symantec Code Signing (CH)
Symantec Code Signing (CH)Symantec Website Security
 
Symantec Code Signing (UK)
Symantec Code Signing (UK)Symantec Code Signing (UK)
Symantec Code Signing (UK)Symantec Website Security
 
Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security
 
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Symantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Symantec Website Security
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliSymantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsSymantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsSymantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Symantec Website Security
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Symantec Website Security
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec Website Security
 
Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.Symantec Website Security
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL ExplainedSymantec Website Security
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Contenu connexe

Plus de Symantec Website Security

Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода SymantecSymantec Website Security
 
Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security
 
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Symantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Symantec Website Security
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliSymantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsSymantec Website Security
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsSymantec Website Security
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Symantec Website Security
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Symantec Website Security
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec Website Security
 
Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.Symantec Website Security
 

Plus de Symantec Website Security (20)

Symantec Code Sign (NAM)
Symantec Code Sign (NAM)Symantec Code Sign (NAM)
Symantec Code Sign (NAM)
 
Symantec Code Signing (SE)
Symantec Code Signing (SE)Symantec Code Signing (SE)
Symantec Code Signing (SE)
 
Сертификаты подписания кода Symantec
Сертификаты подписания кода SymantecСертификаты подписания кода Symantec
Сертификаты подписания кода Symantec
 
Symantec Code Signing (IT)
Symantec Code Signing (IT)Symantec Code Signing (IT)
Symantec Code Signing (IT)
 
Symantec Code Signing (FR)
Symantec Code Signing (FR)Symantec Code Signing (FR)
Symantec Code Signing (FR)
 
Code signing de Symantec (ES)
Code signing de Symantec (ES)Code signing de Symantec (ES)
Code signing de Symantec (ES)
 
Symantec Code Signing (DE)
Symantec Code Signing (DE)Symantec Code Signing (DE)
Symantec Code Signing (DE)
 
Symantec Code Signing (CH)
Symantec Code Signing (CH)Symantec Code Signing (CH)
Symantec Code Signing (CH)
 
Symantec Code Signing (UK)
Symantec Code Signing (UK)Symantec Code Signing (UK)
Symantec Code Signing (UK)
 
Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.Symantec Website Security Threats: March 2014 update.
Symantec Website Security Threats: March 2014 update.
 
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
Um guia de e-commerce para a aquisição e manutenção de novos clientes da Syma...
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
 
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarliGuida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
Guida per l'e-commerce Symantec - Come acquisire nuovi clienti e conservarli
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
 
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clientsGuía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
Guía de comercio electrónico de Symantec: Cómo atraer y retener a nuevos clients
 
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
Guide Symantec de conquête et de fidélisation de nouveaux clients sur vos sit...
 
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
Leitfaden von Symantec: „Das 1×1 der Kundengewinnung und -bindung im E-Commerce“
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threats
 
Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.Symantec Website Security Threats: February 2014 Update.
Symantec Website Security Threats: February 2014 Update.
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
 

Dernier

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Dernier (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Website Security Threats: Spotlight on the Netherlands

  • 1. Website Security Threats: Spotlight on the Netherlands 2 May 2014 9.30am CET Jane Broderick – Account Manager Andrew Horbury – Product Marketing Manager
  • 2. Agenda • The growing market opportunity • Cybercrime • Data Breaches • Website Vulnerabilities & Malware • Targeted Attacks • CA breaches • Diginotar • Symantec Website Security Solutions Spotlight on the Netherlands 2
  • 3. Spotlight on the Netherlands 3
  • 4. Ecommerce in Europe Spotlight on the Netherlands 4
  • 5. Netherlands Ecommerce • 94% of 16,7 million Dutch population used the Internet in 2012 • 10.9 million Dutch citizens bought goods and services online , amounting to a total value of €9.8bn in 2012. This represents an increase of 9,1% compared to 2011. Spotlight on the Netherlands 5
  • 6. Who is affected most by cybercrime? Spotlight on the Netherlands 6 CYBERCRIME VICTIMS MORE LIKELY TO BE: MALE – 64% (COMPARED TO 58% OF FEMALES) MILLENNIAL – 66% (COMPARED TO 54% OF BABY BOOMERS) AND: • MOBILE DEVICE OWNERS – 63% • SOCIAL NETWORK USERS – 63% • PUBLIC / UNSECURED WI-FI USERS – 68% • EMERGING MARKET – 68% • PARENT OF CHILDREN 8-17 – 65% 85% CHINA 77% RUSSIA 73% SOUTH AFRICA Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
  • 7. EUR82 BN FRAUD 38% THEFT OR LOSS 21% REPAIRS 24% OTHER 17% 83% OF DIRECT FINANCIAL COSTS ARE A RESULT OF FRAUD, REPAIRS, THEFT AND LOSS EUR215 AVERAGE COST PER VICTIM THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf REPRESENTS A 50 PERCENT INCREASE OVER 2012 ENOUGH TO HOST THE 2012 LONDON OLYMPICS NEARLY 10 TIMES OVER Spotlight on the Netherlands 7
  • 8. 1 ALL AMOUNTS IN EUR (at 26 April 2014) ROUNDED TO THE NEAREST BILLION 27 USA BN 2MEXICO BN 6BRAZIL BN 9 EUROPE BN 1RUSSIA BN 28CHINA BN 3INDIA BN 1 JAPAN BN AUSTRALIA BN THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME 0.2 SOUTH AFRICA BN CANADA 2 BN; SINGAPORE 0.7 BN; NEW ZEALAND 0.1 BN; TURKEY 1.4 BN; SAUDI ARABIA 0.4 BN; UAE 0.2 BN; COLOMBIA 0.4 BN Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
  • 9. • THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME • EUR82 BILLION ANNUALLY, COST PER CYBERCRIME VICTIM UP 50 PERCENT • THE SCALE OF CONSUMER CYBERCRIME • 1 MILLION+ VICTIMS DAILY • CREATING PERFECT STORM AS LINES BLUR BETWEEN WORK/PLAY • 49% USE THEIR PERSONAL DEVICE FOR WORK AND PLAY • AROUND ONE-IN-FIVE SHARE WORK RELATED INFORMATION WITH FRIENDS AND FAMILY Spotlight on the Netherlands 9 Source: 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf
  • 10. Netherlands: State of the nation • 30% of adults have experienced cybercrime in the past 12 months (61% globally) • 3M cybercrime victims in the past 12 months (378M globally) • 53% of males who have been victim of cybercrime in their lifetime (sorry no number available for females) (64% globally) • 137M EUR: total cost of cybercrime in the past 12 months (82Bn EUR globally) • 53EUR: Average direct cost per cybercrime victim in the past 12 months (215EUR globally) • Social network users who do not log out after each session 53% (39% globally) • Social network users who share their social media passwords with others 30% (keep an eye on this one). Spotlight on the Netherlands 10
  • 11. We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. Spotlight on the Netherlands 11
  • 12. We are making it easy…… The third most common password tip found in the 2013 Adobe breach was…. USUALDon’t share passwords or reuse them on multiple sites Spotlight on the Netherlands 12
  • 13. Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 13 The Year of the Breach
  • 14. Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 14
  • 15. Mega Breaches 2011 2012 2013 Breaches 208 156 253 Identities Exposed 232M 93M 552M Breaches >10M 5 1 8 Spotlight on the Netherlands 15 2013 was the Year of the Mega Breach
  • 16. 2013 Year of the Mega Breach Source: 2012 Symantec ISTR • 8 of the top 10 breaches were of more than 10 million identities • Average Identities exposed were 4 times greater than 2012 Spotlight on the Netherlands 16
  • 17. Breaches • The average number of identities exposed per data breach for Hacking incidents was approximately 4.7 million. • Theft or loss of a device was ranked third, and accounted for 27% of data breach incidents. Spotlight on the Netherlands 17
  • 18. Mega Breaches – What Was Lost Spotlight on the Netherlands 18
  • 20. Vulnerabilities • With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware 20Spotlight on the Netherlands
  • 21. • Targeted Attacks predominantly start as spear phishing attacks • In 2012, Watering Hole Attacks emerged Send an email to a person of interest Spear Phishing Infect a website and lie in wait for them Watering Hole Attack Spotlight on the Netherlands 21
  • 22. Effectiveness of Watering Hole Attacks • Watering Hole attacks are targeted at specific groups • Can capture a large number of victims in a very short time Infected 500 Companies Watering Hole Attack in 2012 1 All Within 24 Hours Spotlight on the Netherlands 22
  • 23. Watering Hole Targeted iOS Developers • Several high profile companies fall victim to just such an attack Spotlight on the Netherlands 23
  • 24. Website Security Challenges Evolving Regulations • Externalisation & Virtualisation • Consolidation • Integration Evolving Cyber Crime • Web-Focused • Targeting users • Stealing Confidential Information Evolving Web Use Enable Business Innovation and Agility Protect the Brand Evolving Infrastructures • Consumerisation • More Mobility • Social Augmented ‘Big Data’ Website • Protect the Consumer • Protect the User • Increasing scope Spotlight on the Netherlands 24
  • 25. Implications of the Evolving Threat Landscape Individual SMB’s Large companies and Enterprises Symantec Increase security of their sites and apps Manage, monitor and automate security of servers/sites/apps. Provide our customers with additional security services Consumers Which sites can I trust? Who can I trust? Spotlight on the Netherlands 25
  • 26. http://bit.ly/1oT6qwc • DigiNotar breach • Browser Exploit Against SSL/TLS Attack (BEAST) • SSL Renegotiation Attack • CRIME, Lucky 13 • Heartbleed Its clear that SSL is more newsworthy today than ever SSL in the news……. 26
  • 27. Heartbleed – OpenSSL Vulnerability • This is not a vulnerability with SSL/TLS • SSL/TLS is not broken, nor are the SSL certificates issued by Symantec • Users of Open SSL versions 1.0.1 through (and including) 1.0.1f are affected Advice for Businesses Check your version of OpenSSL and either: • Recompile OpenSSL without the heartbeat extension • Update to the latest fixed version of the software (1.0.1g) if you are using OpenSSL versions 1.0.1 through (and including) 1.0.1f • After moving to a fixed version of OpenSSL, contact the SSL certificate’s issuing Certification Authority for a replacement • Finally, businesses should also consider resetting end-user passwords that potentially may have been visible in compromised server memory. Website Security Threats: April 2014 Update
  • 28. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 28
  • 29. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 29
  • 30. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 30
  • 31. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 31
  • 32. Spotlight on the Netherlands Who can you trust? On 10 July 10 2011 Diginotar issued a wildcard certificate to Google 32
  • 33. CA news Spotlight on the Netherlands 33
  • 34. Spotlight on the Netherlands More servers, more certificates, more developers, more complexity Late night calls when a certificate expires, or is wrongly configured What happens when things do go wrong 34
  • 35. Expired & Misconfigured Certificates Drive Costs, Losses & Brand Damage CALLS TO TECH SUPPORT USERS TRAINED TO IGNORE WARNINGS LOST PRODUCTIVITY MISSED SALES OPPORTUNITIES DEFECTION TO COMPETITORS DAMAGE TO BRAND AND CREDIBILITY CALLS TO CUSTOMER SUPPORT INTERNAL APPLICATIONS EXTERNAL APPLICATIONS Spotlight on the Netherlands 35
  • 36. Five to do’s 1. Do you know what certificates you have? – Their expiry dates, how to renew them? 2. Be ready: Expect the unexpected but mitigate the risk 3. How can you deliver improved reporting across your organisation 4. New Algorithms can reduce overheads and create efficiencies – do you know what they are? 5. Are you ready and prepared for Internal Server Name Deprecation? Spotlight on the Netherlands 36
  • 37. One final to do • Call me – I understand SSL, your challenges and needs –Jane Broderick –Tel: +44 20 7448 5608 –Email: jane_broderick@symantec.com Spotlight on the Netherlands 37
  • 38. More information? Spotlight on the Netherlands 2013 ISTR: www.symantec.com/threatreport/ Always-On SSL: go.symantec.com/always-on-ssl/ Symantec Certificate Intelligence Center: go.symantec.com/certificate-intelligence- center Symantec Website Security Solutions www.symantec.com/ssl 2013 Norton Cybercrime Report http://bit.ly/1fIP4wf Twitter @nortonsecured 38
  • 39. Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Spotlight on the Netherlands 39 Jane Broderick – Account Manager Tel: +44 207 4485 608 email: jane_broderick@symantec.com Andrew Horbury – Product Marketing Tel: +44 7703 468 966 email: andrew_horbury@symantec.com
  • 40. Web-based threats: Any website can infect you • In the past – you had to visit dangerous sites to get infected but today it could be a legitimate site attacking you • Web malware exploits - leverage software vulnerabilities without users knowledge • Which sites can infect you? Your favourites: – News, travel, online games, real estate, government, many others With so many vulnerable web sites cybercriminals have no need to set up their own web sites to host malware • 78% of scanned websites have vulnerabilities • 1 in 8 sites had critical unpatched vulnerabilities • In 2013, over 56,000 domains were used to host web malware Source: Symantec ISTR Spotlight on the Netherlands 40
  • 41. CA news Spotlight on the Netherlands 41