Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Exploits and the Rise of Cybercriminals Roger Thompson AVG Chief Research Officer.

Published byGabrielle Adair Modified over 10 years ago

Similar presentations

Presentation on theme: "Web Exploits and the Rise of Cybercriminals Roger Thompson AVG Chief Research Officer."— Presentation transcript:

1 Web Exploits and the Rise of Cybercriminals Roger Thompson AVG Chief Research Officer

2 WWW stands for World War Web

3 Topics How we got here Best solution Future

4 Ages of Malicious Code Age 1 - 1987 – 1995 – Dos viruses Age 2 - 1995 – 2000 – Macro viruses Age 3 - 1999 – 2002 – Mass mailing worms Age 4 - 2001 – 2004 – Bots and worms Age 5 - 2004 - ? - Web based attacks

5 Extinction Level Events Age 1 – Windows 95 released Age 2 – Office 2000 released Age 3 – Email gateway scanning Age 4 – XP service pack 2 Age 5 – nothing yet

6 Why web? New name for HTTP is GFBP (Generic Firewall Bypass Protocol) When you start a browser, you start from a trusted place … inside the firewall Instant tunnel

7 Why? For goodness sake Age 1 – fun Age 2 – fun Age 3 – fun and profit (spam and botnets) Age 4 – fun and profit (spam, botnets, adware, spyware) Age 5 – profit only (they want your money)

8 Who? For goodness sake Russia China Brazil

9 How? For goodness sake 40 to 50,000 unique executable samples every day All delivered by about 500 total exploits and social engineering tricks over the web This is whats known as an aptitude test

10 Exploit? Social engineering? An exploit is code that takes advantage of a vulnerability in some program to force some other code to run. Social engineering is code that takes advantage of a vulnerability in peoples common sense to trick them into running some code. (Well always have Paris)

11 Attack styles

12 Damage done

13 So whats the solution? Option 1 is focus on 50k every day –Make your scanner work really hard –Get your researchers working really hard pulling sigs –Continue to automate your sig pulling –Find generic solutions / HIPS

14 So whats the solution? Option 2 is focus on 500 total http tricks Multiple layers, oriented at http activity. –Block some ip addresses –Block some URLs –The real solution is … block the 500 http tricks

15 Life is full of 80/20 rules

16 So why isnt everyone doing it? Automated community intelligence Internet Neighborhood Watch And, of course, LinkScanner Its not that easy, but theyre all going to try

17 The future For the next few years, it is the web If there is an ELE, the Bad Guys will find a new way, and our job is to be ready The 10 most important words in the English language are Never, never, never, never, never, never, never, never give up!

18 Sales & Support Contacts Web Exploits: www.avg.com/exploitwww.avg.com/exploit Sales – M-F 8:30-5:30 ET –Phone: 321.274.1888 (Option 2) –Fax: 321-274-1886 –Email: reseller@avg.comreseller@avg.com Support – 24x7 –Phone: 321-274-1888 (Option 1) –Email: resellersupport@avg.comresellersupport@avg.com –Resellers receive priority technical support!

Download ppt "Web Exploits and the Rise of Cybercriminals Roger Thompson AVG Chief Research Officer."

Similar presentations

Updating from 7.5/8.0 to 8.5 Technical Review Presenter: Mark Danus, Sales Engineer/Training Manager Conference #: 888-346-3950 Pin#: 600979.

Updating from 7.5/8.0 to 8.5 Technical Review Presenter: Mark Danus, Sales Engineer/Training Manager Conference #: Pin#:
AVG Update Proxy Server Presenter: Khalid Sheffield, AVG Technical Trainer Host: Jeffrey Zinnert, Channel Sales Manager Conference #: 888-346-3950 Pin#:

AVG Update Proxy Server Presenter: Khalid Sheffield, AVG Technical Trainer Host: Jeffrey Zinnert, Channel Sales Manager Conference #: Pin#:
(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.
June 2008 Surf Safely with a Clean Computer Roger Thornburn.

June 2008 Surf Safely with a Clean Computer Roger Thornburn.
Slide 11 June 2014© IRM Plc 2001 Eaten by the Worms Eaten by the Worms The perils of network hostile code Dr Neil Barrett Technical Director - IRM Plc.

Slide 11 June 2014© IRM Plc 2001 Eaten by the Worms Eaten by the Worms The perils of network hostile code Dr Neil Barrett Technical Director - IRM Plc.
Outpost Office Firewall Product presentation. What is Outpost Office Firewall? Software firewall solution designed especially to meet small and medium.

Outpost Office Firewall Product presentation. What is Outpost Office Firewall? Software firewall solution designed especially to meet small and medium.
Outpost Network Security Product presentation. What is Outpost Network Security? Combined manageable software firewall and anti-spyware solution designed.

Outpost Network Security Product presentation. What is Outpost Network Security? Combined manageable software firewall and anti-spyware solution designed.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
200 300 400 500 100 200 300 400 500 100 200 300 400 500 100 200 300 400 500 100 200 300 400 500 100 BlueRedGreenPurpleOrange.

BlueRedGreenPurpleOrange.
INTERNET SAFETY FOR EVERYONE A QUICK AND EASY CRASH COURSE.

INTERNET SAFETY FOR EVERYONE A QUICK AND EASY CRASH COURSE.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Zombie or not to be: Trough the meshes of Botnets - Guillaume Lovet AVAR 2005 Tianjin, China.

Zombie or not to be: Trough the meshes of Botnets - Guillaume Lovet AVAR 2005 Tianjin, China.
UT Wing Civil Air Patrol. Objective Identify network and cyber vulnerabilities and mitigations Social Media/Metadata/Exfil data MITM Attacks Malware Social.

UT Wing Civil Air Patrol. Objective Identify network and cyber vulnerabilities and mitigations Social Media/Metadata/Exfil data MITM Attacks Malware Social.
AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
AVG 8.5 Product Line Welcome to a safe world …. | Page 2 Contents  Components Overview  Product Line Overview  AVG 8.0 Boxes.

AVG 8.5 Product Line Welcome to a safe world …. | Page 2 Contents  Components Overview  Product Line Overview  AVG 8.0 Boxes.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
INTERNET SAFETY FOR EVERYONE

INTERNET SAFETY FOR EVERYONE

Similar presentations

Ads by Google