SlideShare une entreprise Scribd logo

Anatomy of a Cyber-Attack

- Mark - Fullbright
- Mark - Fullbright

Company names mentioned herein are the property of, and may be trademarks of, their respective owners.

FormationTechnologie
1  sur  14
Télécharger pour lire hors ligne
Page title appears here Anatomy of a cyber-attack This is placeholder body copy. Ebit doloreici te quo invendit maio. Eolesequi se debis dici simi olum volupta denestoria verem del erumquidit, sumquia voluptate laborem sitatia qui invendit maio. Et nulparum num sandites es as exeratur sum aliqui porectiatur, cum evendi dest faceat raest, a poritis doluptionsed ea cum and toolsant cyber-criminals—and how to stop themeicabor umquam ipsanda ntotasi dem quo qui re The strategies quiae et of dis alit, et perum fuga. It pel ipsunt mo quunt. quiae vere adi reces etur suntionsequi repersperum la sequi solesequi se debis dici simi Borehen imolum voluptate laborem sitatia qui
Table of contents Introduction 2 Attack step 1: Reconnaissance and enumeration 3 Attack step 2: Intrusion and advanced attacks 4 Attack step 3: Malware insertion 5 Malware type 1: Nuisance malware 6 Malware type 2: Controlling malware 7 Malware type 3: Destructive malware 8 Attack step 4: Clean-up 9 Dell SonicWALL Next-Generation Firewall 10 Dell SonicWALL comprehensive integrated security solutions 12 1 2013 Dell Software. All rights reserved..
Introduction As the number and severity of cyber-crimes continues to grow, it’s important to understand the steps cyber-criminals take to attack your network, the types of malware they use, and the tools you need to stop them. The basic steps of a cyber attack include reconnaissance (finding vulnerabilities); intrusion (actual penetration of the network); malware insertion (secretly leaving code behind); and clean-up (covering tracks). Malware comes in various forms, some more nefarious than others, ranging from annoying sales pitches to potentially business-devastating assaults. Dell SonicWALL offers comprehensive solutions to counter every stage of cyber attacks and eliminate every type of malware from disrupting your business network. You need to understand the enemy before you can defeat them. 2 2013 Dell Software. All rights reserved..
Attack step 1: Reconnaissance and enumeration The goal of reconnaissance is to learn about vulnerabilities in the targeted network and systems, including credentials, software versions, and misconfigured settings. One method for gathering this information is through social engineering cons, which fool end users into surrendering data. This is often perpetrated through phishing (fraudulent email), pharming (fraudulent web sites) and driveby pharming (redirected DNS settings on hijacked wireless access points). Enumeration, the second step in any type of cyberattack, surreptitiously expands the knowledge and data gained during reconnaissance. Service scanning and war dialing are popular during the enumeration phase. Service scanning identifies network systems and correlates known bugs and software weaknesses. War dialing involves using an automated system to call each of the telephone numbers owned by a company in hopes of finding a modem which may provide direct access to internal company resources. Cyber-criminals will do anything to find and exploit your weaknesses. 3 2013 Dell Software. All rights reserved..
Attack step 2: Intrusion and advanced attacks Once attackers have identified and correlated known vulnerabilities, they can exploit them to penetrate the network. Even more dangerous are sophisticated “zero-day” attacks, which exploit software weaknesses that, while not publically disclosed, may have been distributed on the black market among attackers ranging from petty criminals to transnational organized criminal gangs. Another advanced form of malicious intrusion is the denial-of-service (DoS) attack, which aims to render networks inoperable by bombarding them with external communications requests. Common DoS attacks include smurf attacks, ping flood attacks, ping-of-death attacks and SYN flood attacks. Vulnerabilities A stealthy intruder can access every facet of your network systems. 4 2013 Dell Software. All rights reserved.. A stealthy intruder can access every facet of your network systems.
Attack step 3: Malware insertion After infiltrating a network, the next step in an attack is to secretly insert malware in order to maintain ongoing remote control over systems, and ultimately, execute code within the network to achieve a particular goal. Inserted malware can be a nuisance (e.g., marketing driven); controlling (to provide back door access or remote control), or destructive (to cause intentional harm or to cover the tracks of the attacker). Hidden malware gives your attacker the keys to your network. 5 2013 Dell Software. All rights reserved..
Malware type 1: Nuisance malware Some types of malware are not overly malicious in nature, but can cause annoyance and affect system performance and productivity. Spyware, used to collect and relay sensitive information back to its distributor, also can be a major nuisance, typically infecting web browsers rendering them nearly inoperable. Spyware is often used for deceitful marketing purposes, such as monitoring user activity without their knowledge. Adware, as the name implies, is typically used to spread advertisements, providing some type of financial benefit to the attacker. After becoming infected by adware, the victim becomes bombarded by pop-ups, toolbars and other types of advertisements when attempting to use the infected computer. Nuisance adware can render a system inoperable if not removed properly. 6 2013 Dell Software. All rights reserved.. Vacation Time Shares Em re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. turit, aliquid modigni hitiae cones re everat as as es a volupta speribea dus et ea ne sitat DISCOUNT $500 DISCOUNTS PHARMACEUTICALS Searching for bargain medication? re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus Mortgage AND SAVE! BUY NOW Insurance Coverage Em re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. turit, aliquid modigni hitiae cones re everat as as es REFINANCE TODAY Em re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. NO FEES. NO TERM LIFE INSURANCE Call our offices for a free re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et POINTS prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam Em re provid earum am saped explit quias harum aut recus apiende facea nostem Diamond Jewerly Price Your Own Airfare enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia CALL TODAY FOR RATES auditatibus simi, $500 DISCOUNTS etcon nostibero quatiusaqui et magnam prorepe ristionsecum nonserum ipsa in conse dolupta tibusae est Em re provid earum am saped explit quias haribusciam facea nostem harum aut recus enim unt expe doluptat et occatiusam, que expelit liquae rera perrovidis alita. apiende qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. Click here for a FIRST 10 TRADES FREE Sing up today re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con FREE Em re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. turit, aliquid modigni hitiae cones re everat as as es a volupta speribea dus et ea ne sitat $100 OFF YOUR NEXT VISIT Visit our website re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende
Malware type 2: Controlling malware Other malware hides in wait to issue controls or execute attacks. Trojans—executable code embedded into another (typically commonly-used) application—are often designed to be unknowingly launched by a trusted user. Remote-access Trojans (RATs) create back doors for remote control. Rootkits are even more insidious. They hide in lowlevel, sub-OS system resources to provide attackers with unrestricted network access, and can even go undetected by conventional anti-virus solutions. Trojans and rootkits are often used in creating zombie systems, from which criminals can launch outbound botnet attacks. Hidden malware gives your attacker the keys to your network. 7 2013 Dell Software. All rights reserved..
Malware type 3: Destructive malware Typically designed to inflict damage, computer viruses can purge an entire hard disk, rendering data useless in a matter of moments. Commonly spread through shared files, web downloads or email attachments, viruses must be executed on the target system before they actually pose a threat. Once activated, viruses often replicate themselves throughout the infected system. Seek-and-destroy viruses target specific files types or portions of the hard disk. Unlike viruses, worms can spread themselves throughout networks without user activation. Once infected by a worm, the compromised system will begin scanning the local network in an attempt locate additional target systems. After locating a target, the worm will exploit vulnerabilities in its operating system, injecting it with malicious code. While sometimes viewed as a nuisance, worms can also spread other malware and inflict damage. Viruses and worms can devastate your network—and your business. 8 2013 Dell Software. All rights reserved..
Attack step 4: Clean-up The final stage of the attack cycle is to rid the infected system of forensic evidence. A proactive element to this step is for attackers to be as inconspicuous as possible in the earlier steps. For example, an attacker may commandeer the credentials of a trusted network user that would not raise alarms by accessing the targeted systems, or use commonplace applications, such as instant messaging, to insert malicious files or extract information. A primary goal of this step is to erase any traces of the attack from the system. This can be done by the manual or automated deletion of command line or event logs, deactivation of alarms, and the upgrade or patching of outdated software after the attack has been accomplished. Additionally, hackers and cyber thieves often unleash viruses and worms to destroy potentially incriminating evidence. A skilled criminal can compromise your network without you ever knowing. 9 2013 Dell Software. All rights reserved..
Dell SonicWALL Next-Generation Firewall Dell™ SonicWALL™ offers a comprehensive line of defenses against all forms of cyber attack and malware. • Dell SonicWALL Next-Generation Firewalls, featuring Reassembly-Free Deep Packet Inspection® (RFDPI) technology and multi-core parallel architecture, scan and analyze inbound and outbound traffic to identify multiple threats, applications and protocols, at wire speed and without file size limitations. • Using input from millions of shared touch points in the Dell SonicWALL Global Response Intelligent Defense (GRID) Network, the Dell SonicWALL Threat Center provides continuous communication, feedback, and analysis on the nature and changing behavior of threats. Dell SonicWALL Research Labs continuously processes this information, proactively delivering countermeasures and dynamic updates to stop the latest threats. 10 2013 Dell Software. All rights reserved.. • The Dell SonicWALL SuperMassive E10800 running SonicOS 6.0 is the highest overall protection NextGeneration Firewall to earn the “Recommend” rating from NSS Labs, the recognized leader in independent security product testing. This single code base for SonicOS is at the core of every Dell Dell SonicWALL firewall, from the TZ 105 to the Dell Dell SonicWALL SuperMassive E10800.
Dell SonicWALL Next-Generation Firewall • The Dell SonicWALL Gateway Anti-Virus, AntiSpyware, Intrusion Prevention, and Application Intelligence and Control Service delivers intelligent, real-time network security protection against the latest blended threats, including viruses, spyware, worms, Trojans, software vulnerabilities and other malicious code. - Intrusion prevention service (IPS) prevents attackers from exploiting known vulnerabilities (Step 2 of the attack cycle) - Gateway anti-virus and anti-spyware prevents attackers from installing or uploading malware to a compromised system (Step 3 of the attack cycle) - Application intelligence and control prevents attackers from being able to use commonplace applications to transmit data to or from the compromised system (Step 4 of the attack cycle) 11 2013 Dell Software. All rights reserved.. • Working in conjunction with Dell SonicWALL firewalls, Dell SonicWALL Enforced Client AntiVirus and Anti Spyware software provides comprehensive gateway-enforced virus and spyware protection for desktops and laptops. Dell SonicWALL firewalls ensure that all of the computers accessing the network have the latest version of anti-virus and anti-spyware software installed and active.
Dell SonicWALL comprehensive integrated security solutions • Dell SonicWALL Clean Wireless™ integrates Dell SonicWALL firewalls with universal 802.11 a/b/g/n wireless access points, to deliver advanced security features such as WiFiSec, Virtual APs (VAP), and wireless intrusion detection services (WIDS). • When combined with Dell SonicWALL Secure Remote Access (SRA) solutions, Dell SonicWALL firewalls create a Clean VPN™ that decrypts and scans all authorized SSL VPN traffic for malware before it enters the network, and adds enforced authentication, data encryption, and granular access policy. 12 2013 Dell Software. All rights reserved.. • The Dell SonicWALL Email Security Series provides comprehensive email threat protection for organizations of all sizes, stopping email-borne spam, virus, and phishing attacks, while contributing to internal policy and regulatory compliance. • Dell SonicWALL Application Traffic Flow Analytics, including the Dell SonicWALL Global Management System 7.0, Scrutinizer and Analyzer solutions, increases threat awareness through real time and historical traffic analysis and provides powerful insight into application traffic, bandwidth utilization and security threats along with powerful troubleshooting and forensics capabilities.
How can I learn more? • Download the whitepaper “The Wild World of Malware: Keeping Your Company Safe” • View the webinar “Exploring the Digital Underworld: Botnets, Zero Day Threats and Phishing” • Opt-in to receive Dell SonicWALL newsletters For feedback on this e-book or other Dell SonicWALL e-books or whitepapers, please send an email to feedback@sonicwall.com. About Dell SonicWALL Dell™ SonicWALL™ provides intelligent network security and data protection solutions that enable customers and partners to dynamically secure, control, and scale their global networks. Securing any organization with multi-threat scanning based on global input at wire speed, Dell SonicWALL is recognized as an industry leader by Gartner and NSS Labs. For more information, visit the web site at www.sonicwall.com. 05/13 DS 0090L

Recommandé

NRWConf, DE: Defensive programming, resilience patterns & antifragility
NRWConf, DE: Defensive programming, resilience patterns & antifragilityNRWConf, DE: Defensive programming, resilience patterns & antifragility
NRWConf, DE: Defensive programming, resilience patterns & antifragilityDaniel Fisher
 
.NET Developer Days 2015, PL: Defensive programming, resilience patterns & an...
.NET Developer Days 2015, PL: Defensive programming, resilience patterns & an....NET Developer Days 2015, PL: Defensive programming, resilience patterns & an...
.NET Developer Days 2015, PL: Defensive programming, resilience patterns & an...Daniel Fisher
 
Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013- Mark - Fullbright
 
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...- Mark - Fullbright
 
State of Security
State of SecurityState of Security
State of Security- Mark - Fullbright
 
Business Identity Theft White Paper
Business Identity Theft White PaperBusiness Identity Theft White Paper
Business Identity Theft White Paper- Mark - Fullbright
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attackIcomm Technologies
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchersvicenteDiaz_KL
 

Recommandé

NRWConf, DE: Defensive programming, resilience patterns & antifragility
NRWConf, DE: Defensive programming, resilience patterns & antifragilityNRWConf, DE: Defensive programming, resilience patterns & antifragility
NRWConf, DE: Defensive programming, resilience patterns & antifragilityDaniel Fisher
 
.NET Developer Days 2015, PL: Defensive programming, resilience patterns & an...
.NET Developer Days 2015, PL: Defensive programming, resilience patterns & an....NET Developer Days 2015, PL: Defensive programming, resilience patterns & an...
.NET Developer Days 2015, PL: Defensive programming, resilience patterns & an...Daniel Fisher
 
Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013- Mark - Fullbright
 
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...The Federal Government's Track Record on Cybersecurity and Critical Infrastru...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...- Mark - Fullbright
 
State of Security
State of SecurityState of Security
State of Security- Mark - Fullbright
 
Business Identity Theft White Paper
Business Identity Theft White PaperBusiness Identity Theft White Paper
Business Identity Theft White Paper- Mark - Fullbright
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attackIcomm Technologies
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchersvicenteDiaz_KL
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
The Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersThe Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersSpouse Ware
 
Malware and malicious programs
Malware and malicious programsMalware and malicious programs
Malware and malicious programsAmmar Hasayen
 
IT viruses
IT viruses IT viruses
IT virusesHekmat Asefi
 
How to protect your computer from viruses.
How to protect your computer from viruses.How to protect your computer from viruses.
How to protect your computer from viruses.Acageron
 
sanfranAIG3
sanfranAIG3sanfranAIG3
sanfranAIG3Ian Murphy 2500+ all connections welcome
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityPriyanshu Ratnakar
 
online safety, security and rules of netiquette
online safety, security and rules of netiquetteonline safety, security and rules of netiquette
online safety, security and rules of netiquette007rgmel
 
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfComputer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfxererenhosdominaram
 
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about CybersecurityMark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecuritycentralohioissa
 
The internet and safety
The internet and safetyThe internet and safety
The internet and safetyPatricia bb
 
virus
virusvirus
virusVinod siragaon
 
The use of internet web 120
The use of internet web 120The use of internet web 120
The use of internet web 120jram2113
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?Datto
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskRob Ragan
 
The Veterans' Guide to Protecting Your Privacy and Staying Safe Online
The Veterans' Guide to Protecting Your Privacy and Staying Safe OnlineThe Veterans' Guide to Protecting Your Privacy and Staying Safe Online
The Veterans' Guide to Protecting Your Privacy and Staying Safe OnlineJinger Jarrett
 
Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl" Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl" Kate Brew
 
What is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideWhat is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideSarah Roberts
 
Jeopardy
JeopardyJeopardy
Jeopardyzed_o07
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smartKanha Sahu
 
ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019- Mark - Fullbright
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report- Mark - Fullbright
 

Contenu connexe

Similaire à Anatomy of a Cyber-Attack

Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
The Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersThe Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersSpouse Ware
 
Malware and malicious programs
Malware and malicious programsMalware and malicious programs
Malware and malicious programsAmmar Hasayen
 
How to protect your computer from viruses.
How to protect your computer from viruses.How to protect your computer from viruses.
How to protect your computer from viruses.Acageron
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityPriyanshu Ratnakar
 
online safety, security and rules of netiquette
online safety, security and rules of netiquetteonline safety, security and rules of netiquette
online safety, security and rules of netiquette007rgmel
 
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfComputer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfxererenhosdominaram
 
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about CybersecurityMark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecuritycentralohioissa
 
The internet and safety
The internet and safetyThe internet and safety
The internet and safetyPatricia bb
 
The use of internet web 120
The use of internet web 120The use of internet web 120
The use of internet web 120jram2113
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?Datto
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskRob Ragan
 
The Veterans' Guide to Protecting Your Privacy and Staying Safe Online
The Veterans' Guide to Protecting Your Privacy and Staying Safe OnlineThe Veterans' Guide to Protecting Your Privacy and Staying Safe Online
The Veterans' Guide to Protecting Your Privacy and Staying Safe OnlineJinger Jarrett
 
Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl" Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl" Kate Brew
 
What is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideWhat is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideSarah Roberts
 
Jeopardy
JeopardyJeopardy
Jeopardyzed_o07
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smartKanha Sahu
 

Similaire à Anatomy of a Cyber-Attack (20)

Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentation
 
The Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersThe Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From Hackers
 
Malware and malicious programs
Malware and malicious programsMalware and malicious programs
Malware and malicious programs
 
IT viruses
IT viruses IT viruses
IT viruses
 
How to protect your computer from viruses.
How to protect your computer from viruses.How to protect your computer from viruses.
How to protect your computer from viruses.
 
sanfranAIG3
sanfranAIG3sanfranAIG3
sanfranAIG3
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
online safety, security and rules of netiquette
online safety, security and rules of netiquetteonline safety, security and rules of netiquette
online safety, security and rules of netiquette
 
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfComputer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
 
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about CybersecurityMark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
Mark Villinski - Top 10 Tips for Educating Employees about Cybersecurity
 
The internet and safety
The internet and safetyThe internet and safety
The internet and safety
 
virus
virusvirus
virus
 
The use of internet web 120
The use of internet web 120The use of internet web 120
The use of internet web 120
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?
 
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering RiskBSidesPGH - Never Surrender - Reducing Social Engineering Risk
BSidesPGH - Never Surrender - Reducing Social Engineering Risk
 
The Veterans' Guide to Protecting Your Privacy and Staying Safe Online
The Veterans' Guide to Protecting Your Privacy and Staying Safe OnlineThe Veterans' Guide to Protecting Your Privacy and Staying Safe Online
The Veterans' Guide to Protecting Your Privacy and Staying Safe Online
 
Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl" Blue team responses to people who "hack like a girl"
Blue team responses to people who "hack like a girl"
 
What is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideWhat is Ransomware? A Quick Guide
What is Ransomware? A Quick Guide
 
Jeopardy
JeopardyJeopardy
Jeopardy
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smart
 

Plus de - Mark - Fullbright

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019- Mark - Fullbright
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019- Mark - Fullbright
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019- Mark - Fullbright
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...- Mark - Fullbright
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 - Mark - Fullbright
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft- Mark - Fullbright
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017- Mark - Fullbright
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business- Mark - Fullbright
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business- Mark - Fullbright
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016- Mark - Fullbright
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015- Mark - Fullbright
 

Plus de - Mark - Fullbright (20)

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report
 
Police, Protesters, Press, 2020
Police, Protesters, Press, 2020Police, Protesters, Press, 2020
Police, Protesters, Press, 2020
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)
 
FCPA Guidance 2020
FCPA Guidance 2020FCPA Guidance 2020
FCPA Guidance 2020
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
 
2018 IC3 Report
2018 IC3 Report2018 IC3 Report
2018 IC3 Report
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018
 
Credit Score Explainer
Credit Score ExplainerCredit Score Explainer
Credit Score Explainer
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015
 

Dernier

Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 

Dernier (20)

Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 

Anatomy of a Cyber-Attack

  • 1. Page title appears here Anatomy of a cyber-attack This is placeholder body copy. Ebit doloreici te quo invendit maio. Eolesequi se debis dici simi olum volupta denestoria verem del erumquidit, sumquia voluptate laborem sitatia qui invendit maio. Et nulparum num sandites es as exeratur sum aliqui porectiatur, cum evendi dest faceat raest, a poritis doluptionsed ea cum and toolsant cyber-criminals—and how to stop themeicabor umquam ipsanda ntotasi dem quo qui re The strategies quiae et of dis alit, et perum fuga. It pel ipsunt mo quunt. quiae vere adi reces etur suntionsequi repersperum la sequi solesequi se debis dici simi Borehen imolum voluptate laborem sitatia qui
  • 2. Table of contents Introduction 2 Attack step 1: Reconnaissance and enumeration 3 Attack step 2: Intrusion and advanced attacks 4 Attack step 3: Malware insertion 5 Malware type 1: Nuisance malware 6 Malware type 2: Controlling malware 7 Malware type 3: Destructive malware 8 Attack step 4: Clean-up 9 Dell SonicWALL Next-Generation Firewall 10 Dell SonicWALL comprehensive integrated security solutions 12 1 2013 Dell Software. All rights reserved..
  • 3. Introduction As the number and severity of cyber-crimes continues to grow, it’s important to understand the steps cyber-criminals take to attack your network, the types of malware they use, and the tools you need to stop them. The basic steps of a cyber attack include reconnaissance (finding vulnerabilities); intrusion (actual penetration of the network); malware insertion (secretly leaving code behind); and clean-up (covering tracks). Malware comes in various forms, some more nefarious than others, ranging from annoying sales pitches to potentially business-devastating assaults. Dell SonicWALL offers comprehensive solutions to counter every stage of cyber attacks and eliminate every type of malware from disrupting your business network. You need to understand the enemy before you can defeat them. 2 2013 Dell Software. All rights reserved..
  • 4. Attack step 1: Reconnaissance and enumeration The goal of reconnaissance is to learn about vulnerabilities in the targeted network and systems, including credentials, software versions, and misconfigured settings. One method for gathering this information is through social engineering cons, which fool end users into surrendering data. This is often perpetrated through phishing (fraudulent email), pharming (fraudulent web sites) and driveby pharming (redirected DNS settings on hijacked wireless access points). Enumeration, the second step in any type of cyberattack, surreptitiously expands the knowledge and data gained during reconnaissance. Service scanning and war dialing are popular during the enumeration phase. Service scanning identifies network systems and correlates known bugs and software weaknesses. War dialing involves using an automated system to call each of the telephone numbers owned by a company in hopes of finding a modem which may provide direct access to internal company resources. Cyber-criminals will do anything to find and exploit your weaknesses. 3 2013 Dell Software. All rights reserved..
  • 5. Attack step 2: Intrusion and advanced attacks Once attackers have identified and correlated known vulnerabilities, they can exploit them to penetrate the network. Even more dangerous are sophisticated “zero-day” attacks, which exploit software weaknesses that, while not publically disclosed, may have been distributed on the black market among attackers ranging from petty criminals to transnational organized criminal gangs. Another advanced form of malicious intrusion is the denial-of-service (DoS) attack, which aims to render networks inoperable by bombarding them with external communications requests. Common DoS attacks include smurf attacks, ping flood attacks, ping-of-death attacks and SYN flood attacks. Vulnerabilities A stealthy intruder can access every facet of your network systems. 4 2013 Dell Software. All rights reserved.. A stealthy intruder can access every facet of your network systems.
  • 6. Attack step 3: Malware insertion After infiltrating a network, the next step in an attack is to secretly insert malware in order to maintain ongoing remote control over systems, and ultimately, execute code within the network to achieve a particular goal. Inserted malware can be a nuisance (e.g., marketing driven); controlling (to provide back door access or remote control), or destructive (to cause intentional harm or to cover the tracks of the attacker). Hidden malware gives your attacker the keys to your network. 5 2013 Dell Software. All rights reserved..
  • 7. Malware type 1: Nuisance malware Some types of malware are not overly malicious in nature, but can cause annoyance and affect system performance and productivity. Spyware, used to collect and relay sensitive information back to its distributor, also can be a major nuisance, typically infecting web browsers rendering them nearly inoperable. Spyware is often used for deceitful marketing purposes, such as monitoring user activity without their knowledge. Adware, as the name implies, is typically used to spread advertisements, providing some type of financial benefit to the attacker. After becoming infected by adware, the victim becomes bombarded by pop-ups, toolbars and other types of advertisements when attempting to use the infected computer. Nuisance adware can render a system inoperable if not removed properly. 6 2013 Dell Software. All rights reserved.. Vacation Time Shares Em re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. turit, aliquid modigni hitiae cones re everat as as es a volupta speribea dus et ea ne sitat DISCOUNT $500 DISCOUNTS PHARMACEUTICALS Searching for bargain medication? re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus Mortgage AND SAVE! BUY NOW Insurance Coverage Em re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. turit, aliquid modigni hitiae cones re everat as as es REFINANCE TODAY Em re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. NO FEES. NO TERM LIFE INSURANCE Call our offices for a free re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et POINTS prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam Em re provid earum am saped explit quias harum aut recus apiende facea nostem Diamond Jewerly Price Your Own Airfare enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia CALL TODAY FOR RATES auditatibus simi, $500 DISCOUNTS etcon nostibero quatiusaqui et magnam prorepe ristionsecum nonserum ipsa in conse dolupta tibusae est Em re provid earum am saped explit quias haribusciam facea nostem harum aut recus enim unt expe doluptat et occatiusam, que expelit liquae rera perrovidis alita. apiende qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. Click here for a FIRST 10 TRADES FREE Sing up today re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con FREE Em re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende expelit liquae rera perrovidis alita. turit, aliquid modigni hitiae cones re everat as as es a volupta speribea dus et ea ne sitat $100 OFF YOUR NEXT VISIT Visit our website re provid earum am saped explit quias enim unt expe doluptat et occatiusam, que qui dolestion reicitiisi nectam volupta tiorem. Ut magnis quias restrun tionet quia auditatibus con nostibero quatiusa simi, et magnam et prorepe ristionsecum qui nonserum ipsa in conse dolupta tibusae est haribusciam facea nostem harum aut recus apiende
  • 8. Malware type 2: Controlling malware Other malware hides in wait to issue controls or execute attacks. Trojans—executable code embedded into another (typically commonly-used) application—are often designed to be unknowingly launched by a trusted user. Remote-access Trojans (RATs) create back doors for remote control. Rootkits are even more insidious. They hide in lowlevel, sub-OS system resources to provide attackers with unrestricted network access, and can even go undetected by conventional anti-virus solutions. Trojans and rootkits are often used in creating zombie systems, from which criminals can launch outbound botnet attacks. Hidden malware gives your attacker the keys to your network. 7 2013 Dell Software. All rights reserved..
  • 9. Malware type 3: Destructive malware Typically designed to inflict damage, computer viruses can purge an entire hard disk, rendering data useless in a matter of moments. Commonly spread through shared files, web downloads or email attachments, viruses must be executed on the target system before they actually pose a threat. Once activated, viruses often replicate themselves throughout the infected system. Seek-and-destroy viruses target specific files types or portions of the hard disk. Unlike viruses, worms can spread themselves throughout networks without user activation. Once infected by a worm, the compromised system will begin scanning the local network in an attempt locate additional target systems. After locating a target, the worm will exploit vulnerabilities in its operating system, injecting it with malicious code. While sometimes viewed as a nuisance, worms can also spread other malware and inflict damage. Viruses and worms can devastate your network—and your business. 8 2013 Dell Software. All rights reserved..
  • 10. Attack step 4: Clean-up The final stage of the attack cycle is to rid the infected system of forensic evidence. A proactive element to this step is for attackers to be as inconspicuous as possible in the earlier steps. For example, an attacker may commandeer the credentials of a trusted network user that would not raise alarms by accessing the targeted systems, or use commonplace applications, such as instant messaging, to insert malicious files or extract information. A primary goal of this step is to erase any traces of the attack from the system. This can be done by the manual or automated deletion of command line or event logs, deactivation of alarms, and the upgrade or patching of outdated software after the attack has been accomplished. Additionally, hackers and cyber thieves often unleash viruses and worms to destroy potentially incriminating evidence. A skilled criminal can compromise your network without you ever knowing. 9 2013 Dell Software. All rights reserved..
  • 11. Dell SonicWALL Next-Generation Firewall Dell™ SonicWALL™ offers a comprehensive line of defenses against all forms of cyber attack and malware. • Dell SonicWALL Next-Generation Firewalls, featuring Reassembly-Free Deep Packet Inspection® (RFDPI) technology and multi-core parallel architecture, scan and analyze inbound and outbound traffic to identify multiple threats, applications and protocols, at wire speed and without file size limitations. • Using input from millions of shared touch points in the Dell SonicWALL Global Response Intelligent Defense (GRID) Network, the Dell SonicWALL Threat Center provides continuous communication, feedback, and analysis on the nature and changing behavior of threats. Dell SonicWALL Research Labs continuously processes this information, proactively delivering countermeasures and dynamic updates to stop the latest threats. 10 2013 Dell Software. All rights reserved.. • The Dell SonicWALL SuperMassive E10800 running SonicOS 6.0 is the highest overall protection NextGeneration Firewall to earn the “Recommend” rating from NSS Labs, the recognized leader in independent security product testing. This single code base for SonicOS is at the core of every Dell Dell SonicWALL firewall, from the TZ 105 to the Dell Dell SonicWALL SuperMassive E10800.
  • 12. Dell SonicWALL Next-Generation Firewall • The Dell SonicWALL Gateway Anti-Virus, AntiSpyware, Intrusion Prevention, and Application Intelligence and Control Service delivers intelligent, real-time network security protection against the latest blended threats, including viruses, spyware, worms, Trojans, software vulnerabilities and other malicious code. - Intrusion prevention service (IPS) prevents attackers from exploiting known vulnerabilities (Step 2 of the attack cycle) - Gateway anti-virus and anti-spyware prevents attackers from installing or uploading malware to a compromised system (Step 3 of the attack cycle) - Application intelligence and control prevents attackers from being able to use commonplace applications to transmit data to or from the compromised system (Step 4 of the attack cycle) 11 2013 Dell Software. All rights reserved.. • Working in conjunction with Dell SonicWALL firewalls, Dell SonicWALL Enforced Client AntiVirus and Anti Spyware software provides comprehensive gateway-enforced virus and spyware protection for desktops and laptops. Dell SonicWALL firewalls ensure that all of the computers accessing the network have the latest version of anti-virus and anti-spyware software installed and active.
  • 13. Dell SonicWALL comprehensive integrated security solutions • Dell SonicWALL Clean Wireless™ integrates Dell SonicWALL firewalls with universal 802.11 a/b/g/n wireless access points, to deliver advanced security features such as WiFiSec, Virtual APs (VAP), and wireless intrusion detection services (WIDS). • When combined with Dell SonicWALL Secure Remote Access (SRA) solutions, Dell SonicWALL firewalls create a Clean VPN™ that decrypts and scans all authorized SSL VPN traffic for malware before it enters the network, and adds enforced authentication, data encryption, and granular access policy. 12 2013 Dell Software. All rights reserved.. • The Dell SonicWALL Email Security Series provides comprehensive email threat protection for organizations of all sizes, stopping email-borne spam, virus, and phishing attacks, while contributing to internal policy and regulatory compliance. • Dell SonicWALL Application Traffic Flow Analytics, including the Dell SonicWALL Global Management System 7.0, Scrutinizer and Analyzer solutions, increases threat awareness through real time and historical traffic analysis and provides powerful insight into application traffic, bandwidth utilization and security threats along with powerful troubleshooting and forensics capabilities.
  • 14. How can I learn more? • Download the whitepaper “The Wild World of Malware: Keeping Your Company Safe” • View the webinar “Exploring the Digital Underworld: Botnets, Zero Day Threats and Phishing” • Opt-in to receive Dell SonicWALL newsletters For feedback on this e-book or other Dell SonicWALL e-books or whitepapers, please send an email to feedback@sonicwall.com. About Dell SonicWALL Dell™ SonicWALL™ provides intelligent network security and data protection solutions that enable customers and partners to dynamically secure, control, and scale their global networks. Securing any organization with multi-threat scanning based on global input at wire speed, Dell SonicWALL is recognized as an industry leader by Gartner and NSS Labs. For more information, visit the web site at www.sonicwall.com. 05/13 DS 0090L