November 2013 Website security solutions monthly threat update website join us each month at https://www.brighttalk.com/channel/6331/

1. WEBSITE SECURITY THREATS:
NOVEMBER UPDATE
Thursday 7th November 2013
Andrew Horbury
Andrew Shepherd
Product Marketing Manager
EMEA Marketing Manager
andrew_horbury@symantec.com
andrew_shepherd@symantec.com

2. Agenda
1
Month in Numbers
2
Ransomware
3
Phishing
4
Attack toolkits and the Internet of Things
5
Stranger than Fiction
6
Follow-up on previous stories
7
Good news
Website Security Threats: November 2013 Update

3. The Month in Numbers
The global price tag of consumer cybercrime
• $113BN enough to host the 2012 London Olympics nearly 10 times
over
• 212 million (11,000 malicious network requests a second) cyber
attacks on the official website during 2012 Olympic and Para-Olympic
Games
• $298 - average cost per victim (represents a 50 percent increase over
2012)
The scale of consumer cybercrime
• 378 million victims per year - nearly 2.8 times as many babies born
each year
• 1 million+ victims per day - enough to fill Wembley football stadium
(London, England) more than 10 times over
Website Security Threats: November 2013 Update

4. The month in numbers continued…..
22 hours Average time for malware
distributors to exploit news events
8 out of 10 malware infections
involve Trojans
46% of firms believe they are “very
vulnerable” or “vulnerable” to an
insider attack.
Website Security Threats: November 2013 Update

5. Ransomware
• New variant encrypts data files
• Uses strong encryption algorithms
• Demands payment in
Bitcoins/MoneyPak
• Pay €300 or keys destroyed
• No guarantee – so don’t pay!
Website Security Threats: November 2013 Update

6. Phishing
• Campaign to harvest Apple IDs
– “Your Apple ID has been frozen
temporarily”
– Links to a website where accounts
can be ‘re-accessed’
– Email sent just after latest OS
download
• “Ghost Brokers”
– Taking advantage of high
insurance prices for young drivers
– Advertised online and offline
– Victims often don’t realise
Website Security Threats: November 2013 Update

7. Hacking the internet of things
• Electricity substations – targeted
• Lack physical and infrastructure
hardening makes for a soft target
• Carmel Tunnel toll road targeted in Israel
• Road closed for 20 mins one day, 8 hours the next
Website Security Threats: November 2013 Update

8. Stranger than Fiction
• Could Dick Cheney have been hacked?
– Feared terrorists might hack his implanted
medical device
– Dr turned off wireless capabilities
– Hard-coded password flaw in 300 medical
devices from 40 vendors
• Beware of your Kettle!
– Kettles and irons found in customs with
spyware chips
– Can exploit Wi-Fi without passwords
– Sends data to foreign servers
Website Security Threats: November 2013 Update

9. Toolkits: Try before you buy…
•
•
•
•
Trial software for free
Basic license costs $500
Full license costs $950.
Discounts are offered to
owners of other DDoS
toolkits such as Dirt Jumper
Website Security Threats: November 2013 Update

10. Updates from previous webinars
• WordPress 3.7 (aka Basie)
– Attempts to improve security
– “Updates while you sleep”
– Remains to be seen if this helps with
plugin issues
• Criminals Hit the ATM Jackpot
– Technical characteristics of
Backdoor.Ploutus
– Actions performed
– Interactions through keypad and
GUI
Website Security Threats: November 2013 Update

11. Good News
• Silk Road “Mastermind” not so Smart
– Five stupid things Dread Pirate Roberts did to
get arrested
• TorRAT
– Dutch police arrest four men involved in largescale digital fraud and money laundering
– 150 fraudulent transactions worth €1 million
– Spear phishing was used to install malicious
TorRAT malware onto victims' computers
• Blackhole and Cool malware exploit kit
suspect arrested
– Alias Paunch
– “If it’s true…it’s a very big deal”
Website Security Threats: November 2013 Update

12. Link Glossary (Press Print screen now)
• BT Cyber Attacks:
– http://www.computerweekly.com/news/2240208217/Olympic-cybersecurity-down-to-design-and-testing-says-BT
• Norton Cybercrime Report 2013
– http://www.symantec.com/about/news/release/article.jsp?prid=2013100
1_01
• Vulnerabilities in Power stations
– http://www.wired.com/threatlevel/2013/10/ics/
• Guardian Article - Five stupid things Dread Pirate Roberts did
– http://www.theguardian.com/technology/2013/oct/03/five-stupidthings-dread-pirate-roberts-did-to-get-arrested
• Mexican ATM blog post
– http://www.symantec.com/connect/blogs/criminals-hit-atm-jackpot
Website Security Threats: November 2013 Update

13. Next webinar: Wednesday 4th December 2013
9.30am UK / 10.30am CET
Thank you!
Andrew Shepherd
andrew_shepherd@symantec.com / +44 7912 552896
Andrew Horbury
andrew_horbury@symantec.com / +44 7703 468966
Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied,
are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Website Security Threats: November 2013 Update