Know your threat landscape
[2015-02-27 Fri 12:10] speaker: Eugene Teo, Symantec event: Hackers and Painters @ Blk71 ** Main areas of Symantec
- intelligence, targeted attack investigation
- network level security, protection from malware
- cloud based security, scrub email to get rid of viruses ** Traditional malware vs targeted attack ** Targeted attacks
- reconnaissance
- incursion
- discovery
- capture
- exfiltration
Attack cycles can be as long as ten years Targeted attacks increase by 91% from 2012 to 2013 ** Means of penetration traditionally, spear phishing since 2012, watering hole attack ** Trends in targeted attacks More campagins but fewer spear phishing emails
More attacks on smaller companies since 2013
For journalists, hard to distinguish between phishing email and real tip offs.
** Operation Francophoned Happens to French banks. Social engineering attack on personal assistant, make call to as assitant to open “invoice” on dropbox. Goal is to get credentials to wire money. Group is from Israel, using mobile hotspot, always on the move