Malware I

2013

Hello

​

Toomas Lepik

Information Security Expert

​

​

​

​

​

Who else

Allan Vein

And some other

Cource information and communication

​

course-malware@cert.ee

​

http://lambda.ee/wiki/Malware

​

Probably we will have additional resources they will be published in lambda !

​

​

​

Malware I Malware II

• Malware overview
• Modern attack trends (attacker strategies)
• General concepts for organization protection
• Commonly available resources
• Malware Incident handling
• introduction to static and dynamic analysis

Overview computer languages

Reverse engineering at advanced level

​

Requiaments / Graiding

​

1. Attendance at leas in 6 lectures from 8

(Exemption are on pre agreement to to additional work)

2. All given lab assignments (4 to 6) are passed:

- the assignments are done in time and correctly

- the student is able defend his work

3. The result of the final test is at least 70 points

​

Late “fees” will be applied.

​

Homework

• Extention of lab in terms of finding additional information and writing lab report
• Reading and writing essay
• Finding 3 new things in week and preparing to talk about it.

​

Expectations

You will be active

​

I try to make it interactive !

​

I will make mistakes (sometimes intentional)

encourage you finding them :)

​

​

Remarcs

Chatham House Rule

When a meeting, or part thereof, is held under the Chatham House Rule, participants are free to use the information received, but neither the

identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed

​

Books

Malware what ?

​

​

Buzzwords anyone ?

My 5 cents From last week

​

• Syria-Could-Retaliate-Against-Military-Strikes
• Popular Windows downloader has secret DDoS capabilit
• Got Mail Got Malware
• eu-24hour-breach-disclosure-laws-to-come-into-force
• Tesla Model S REST API Authentication Flaws
• 231 US Cyberspy Operations in 2011

​

Is it Bad or Good ?

http://www.csmonitor.com/var/ezflow_site/storage/images/media/images/1004-bushehr-iran-stuxnet.jpg/8751383-1-eng-US/1004-Bushehr-Iran-Stuxnet.JPG_full_600.jpg

​

​

ISS-computervirus.html

Spanair_malware/

Royal_navy_email_virus_outage

Stuxnet

Malware

Malware, short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code

http://en.wikipedia.org/wiki/Malware

Malware what ?

​

​

Software that “deliberately fulfills the harmful intent of an attacker” is commonly referred to as malicious software or malware

​

​

Some numbers and pictures.

Transparencyreport/safebrowsing

​

Malware statistics

​

​

​

Some where are THEY

What THEY want from us ?

Some Random Fluffy animals

Who THEY are !

•“Businessmen”

•“Anonymous's”

• States

• Other interested parties

Enviroment ! ?

With that a bit of statistic !

​

​

Operation system usage trends

http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10

A bit of statistic !

A bit of statistic !

How it infects ?

Vectors

• Drive byes
• exploiting unpatched security holes
• Clickjacking
• Social engineering
• Thumb drives
• Backups

​

Vectors

• Desktop
• Drive byes
• web –Chat
• removable media
• Social enginering
• Bacups
• Servers
• Leaked passwords
• password cracking
• exploiting unpatched security holes
• Social enginering

​

Verizon's 2012 Data Breach Investigations Report

http://www.youtube.com/watch?v=yVL34RpjOWc

In some sens the reality for fighting modern Malware is Advesary model.

​

Sun Tzu 

​

So it is said that if you know your enemies and know yourself, you can win a hundred battles without a single loss.

​

If you only know yourself, but not your opponent, you may win or may lose.

​

If you know neither yourself nor your enemy, you will always endanger yourself.