Click me
Transcribed

Is Your Business Safe from Malware & Targeted Attacks

IS YOUR BUSINESS SAFE FROM MALWARE AND TARGETED ATTACKS? Sophisticated attacks now leverage social engineering techniques and malware to compromise those individuals already on the inside of your enterprise. Vector: Malware Target: Data Center 6994 OF DATA BREACHES OF ALL DATA COMPROMISED INVOLVES SERVERS INVOLVE MALWARE LESS THAN 1% OF EMPLOYEES MAY BE 100% OF EMPLOYEES HAVE THE POTENTIAL TO BE BUT MALICIOUS INSIDERS COMPROMISED INSIDERS 7 STAGES OF A TARGETED ATTACK 8 STEPS TO SAFEGUARD YOUR ORGANIZATION FROM ATTACK 1. REDUCE RISK Identify sensitive data, build policies to protect that data, and audit access activity. 1. SIZE UP THE ORGANIZATION The attacker searches social networking sites for individuals at the targeted organization. 2. PREVENT COMPROMISE Train users how to identify spear-phishing emails and deploy solutions that prevent unwanted software from reaching user devices. 2. COMPROMISE A USER The attacker finds and compromises an employee within the targeted organization with malware. 3. DETECT COMPROMISE Identify abnormal and suspicious user access activity and find malware infected devices. 3. LOGIN & BEGIN INITIAL EXPLORATION The attacker logs into the network and snoops around. 4. CONTAIN COMPROMISED DEVICES Block command and control (CnC) communications from compromised devices. 4. SOLIDIFY PRESENCE WITHIN THE ORGANIZATION The attacker steals additional user names and passwords, and installs back doors. 5. INSULATE SENSITIVE DATA Stop compromised users and devices from accessing sensitive applications and data. 5. IMPERSONATE PRIVILEGED USER The attacker adjusts employees' permissions to create "power users". 6. REMEDIATE COMPROMISED PASSWORDS Change user passwords. 6. STEAL CONFIDENTIAL DATA Impersonating a legitimate user, the attacker looks for sensitive data and steals it. 7. REMEDIATE COMPROMISED DEVICES Rebuild compromised devices. 7. COVER TRACKS & PREPARE FOR RETURN VISIT The attacker returns “power users" permissions back to normal and keeps one or more accounts for future attack. – 8. POST-INCIDENT ANALYSIS Leverage audit trail and forensics to improve the incident response process. OIMPERVA Source Original File: imperva.com/golig-mal O 2013 Imperva, Inc. All rights reserved. SOURCE: http://edocumentsciences.com/defend-against-compromised-insiders http://www.verizonenterprise.com/resources/reports/rp_data-breach-investigations-report-2012-ebk_en_xg.pdf

Is Your Business Safe from Malware & Targeted Attacks

shared by sbrannan on Aug 15
259 views
1 share
0 comments
The biggest threat to your company’s security is already inside. Hackers use spear phishing and malware to target your trusted employees, and then leverage their stolen credentials to navigate the c...

Publisher

Imperva

Designer

JumboShrimp

Category

Technology
Did you work on this visual? Claim credit!

Get a Quote

Embed Code

For hosted site:

Click the code to copy

For wordpress.com:

Click the code to copy
Customize size