Embed Size (px)
Citation preview
2016 Cyber SecurityThreat Report
Read the Report
Symantec Internet Security Threat
Report 2016
https://www.symantec.com/security-center/threat-report
Data Breaches & Privacy
Data Breaches
Data Breaches
Largest Data Breaches in 2015
10 Million Records
Largest Data Breaches in 2015
11 Million Records
Largest Data Breaches in 2015
11.3 Million Records
Largest Data Breaches in 2015
15 Million Records
Largest Data Breaches in 2015
21.5 Million Records
Largest Data Breaches in 2015
37 Million Records
Largest Data Breaches in 2015
80 Million Records
Data Breaches in 2015
Top Causes of Data Breaches by Incident
Top Causes of Data Breaches by Records
Vulnerabilities
Websites with Vulnerabilities
Browser Vulnerabilities
Browser Plugin Vulnerabilities
Zero Day Vulnerabilities
ONE NEW ZERO DAY VULNERABILITY
DISCOVERED EVERY WEEK IN 2015
Zero Day Vulnerabilities
Zero Day Vulnerabilities
Almost 20%of all zero-days
involved Adobe Flash
Zero Day Vulnerabilities
4 out of 5 of the exploited zero-days
involved Adobe Flash
Crypto-Ransomware Rise
Crypto-Ransomware Rise
Social Media, Scams & Email Threats
Gmail Scam
Sextortion
•Scammers use an attractive profile picture and encourage the intended victim to share sexually explicit videos. •The criminals then encourage the victim to “continue the liaison” using an Android app which also gathers the victim’s phone number, account details and all of their contacts.
•The criminals now threaten to send the explicit content to the victims contact list unless a ransom is paid.
Social Media Scams
Social Media Safeguards•Be skeptical of new followers. If a random person follows you, do not automatically follow them back. Look at their tweets. Are they retweeting content that looks like spam? If they are, they are most likely a bot.•Numbers can lie. Even if these random followers have tens of thousands of followers, those numbers can easily be faked. Do not base your decision to follow them back based on how many people follow them.•Look for the “verified” badge. Twitter users should always check to see if a well-known brand or famous celebrity has been verified by Twitter before following. The blue verified badge denotes that Twitter has authenticated the true owner of an account.
Spam
Mass Phishing
Spear Phishing
Spear Phishing Industries Targeted
Spear Phishing Organization Size
Email SafeguardsOrganizations and individuals need to realize that even if they do not think they are an obvious target for cybercriminals, it does not mean they are immune.
On a personal level, this means remaining vigilant by:• Not opening emails from unknown senders• Looking for the padlock and checking the encryption certificate on any sites
where you enter sensitive data• Not using unsecure networks when accessing sensitive data
For organizations to remain vigilant by:• Deploying email encryption where possible• Ensuring that email is scanned for malware, spam, and phishing• Using web security systems to block access to known phishing sites
Mobile & Internetof Things
Mobile Vulnerabilities by OS
Android Malware Volume
Ransomware Goes Mobile
Internet of Things
Insecurity of Things•Cars – Fiat Chrysler recalled 1.4 million vehicles after researchers took control of the vehicle remotely•Smart Home – Multiple unpatched vulnerabilities in commercially available products. Researchers remotely opened a “smart” door lock.•Medical Devices – Researchers have found potentially deadly vulnerabilities in dozens of devices such as insulin pumps and implantable defibrillators.•Smart TVs – Researchers claim hundreds of millions of TVs are potentially vulnerable to all kinds of fraud, even ransomware.•Embedded devices – Routers, webcams, IP phones share the same hard coded SSH and HTTPS server certificates.
Read the Report
Symantec Internet Security Threat
Report 2016
https://www.symantec.com/security-center/threat-report
Contact Information:
Peter J. Vasquez Sr., MSCS, CISSPE-Mail: [email protected]
Phone: (956) 467-0667
