Scribd
Upload
89 views

21st Century Malware Threatscape: 15 Years of Evolution

Malware has evolved significantly over the past 15 years from simple viruses to complex malware using techniques like encryption and obfuscation to avoid detection, while infection vectors have expanded from physical media to online methods like email attachments and drive-by downloads; the effects of infections have also become more harmful, changing from minor annoyances to modern threats like ransomware and password theft; independent testing of security products is important to evaluate their ability to detect this evolving malware threat landscape.

Uploaded by

dcbvapor
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
89 views

21st Century Malware Threatscape: 15 Years of Evolution

Malware has evolved significantly over the past 15 years from simple viruses to complex malware using techniques like encryption and obfuscation to avoid detection, while infection vectors have expanded from physical media to online methods like email attachments and drive-by downloads; the effects of infections have also become more harmful, changing from minor annoyances to modern threats like ransomware and password theft; independent testing of security products is important to evaluate their ability to detect this evolving malware threat landscape.

Uploaded by

dcbvapor
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

21st Century Malware

Threatscape
15 Years of Evolution
Andy Hayter
Anti-Malcode Program Manager
ICSA Labs
Introduction
• Andy Hayter – Anti-Malcode Program
Manager – ICSA Labs
– Anti-Virus, Anti-Spyware, PC Firewall, HIPS
– 25 years experience
• Anti-Virus Product Marketing & Product Manager
• Security Vendors
• End-User
• Anti-Malware Testing Programs
ICSA Labs Overview
Who We Are Independent Third Party
+ Validation
Global leader and
Neutral and
defacto standard in
+ Testing
the private sector for
security product / Vendor
Agnostic
services / solutions
Research
assurance through
&
testing and
Analysis
certification.
Current Product Certification Programs

• Anti-SPAM • Network IPS


• Anti-Spyware • PC Firewall
• Anti-Virus • SSL VPN
• Cryptography • Web Application FW
• Firewall • Wireless LAN
• IDS • Custom Services
• IPSec VPN
Nature of Evolving Threats
Rewind the Clock
• 1997 – Unfamiliar, but not complex

• 2009 – Complex – obfuscated, packed,


encrypted, multiple vectors
Varieties of Malware
• Virus
• Worm
• Bot
• Trojan
• Rootkit
• Spyware
• Spam
Vectors of Infection
Yesterday Today
• Sneaker Net • E-mail Attachments
• Boot Disks • Drive-by Downloads
• Pre-packaged • XSS
Software • Social Engineering
• Home à Work • Botnets
Effects of Infection
Yesterday Today
• Corrupted Hard Drive Ransomware
• Political Message Keylogger
• P.O.C
Password Stealer
• Fun
Crimeware
€£ P $
Is it In-The-Wild?
Targeted Attacks
• Regional
• Industry
• Company
• Government
Analysis
2009
• 1997 – 10,000 known
viruses

• 2009 - >10,000 new


per day
1997

Traditional Analysis cannot keep up with rate at which new


malware appears.
What can you do about it?
• EDUCATION à (ISC)2
• Policy – Develop, Test and Enforce
• End-User Education
• Patch, Patch, Patch
• Outside, 3rd Party, Independent External
Assessment of Security Solutions
Testing and Certification
• Security Products
– Tested
– Certified
by a Credible Laboratory such as
Data Breaches and Malware
Perfect Together
• Greater than One-Third of Data Breaches
Involved Malware

Source: 2008 Data Breach Investigations Report


Verizon Business
www.verizonbusiness.com/resources/security/databreachreport.pdf
Investigative Analysis
• ICSA Labs – conducted
major portion of
malware analysis

• à What was the


malware looking for
• à What is/or could have
been the impact
Questions?
Click on the questions tab on your screen, type in your question, name
and e-mail address; then hit submit.

You might also like