New Cyber Security Technology

0 %
100 %
Information about New Cyber Security Technology

Published on May 13, 2016

Author: lunchNtouch

Source: slideshare.net

1. MALAYSIA, THAILAND & SINGAPORE LOCATION OF COMMAND AND CONTROL SERVERS: MALWARE TYPE: MULTI-STAGE TRACKING AND DATA EXFILTRATION MALWARE FORWARD WITHOUT FEAR ©2016 Forcepoint LLC. All rights reserved. Forcepoint™ is a trademark of Forcepoint LLC. 134 NUMBER OF COUNTRIES WITH JAKU VICTIMS 19k NUMBER OF UNIQUE VICTIMS 6MONTHS LENGTH OF INVESTIGATION TO DATE: J A K U CRYPTOGRAPHY, STEGANOGRAPHY, FAKE FILE TYPES, STEALTH INJECTION, ANTI-VIRUS ENGINE DETECTION (AND OTHERS) EVASION TECHNIQUES USED: EXPOSURE TO COMPROMISED BITTORRENT SITES, USE OF UNLICENSED SOFTWARE & DOWNLOADING OF WAREZ SOFTWARE PAYLOADS ARE DELIVERED VIA: GLOBAL(SIGNIFICANT CLUSTERING IN JAPAN, SOUTH KOREA & CHINA) LOCATION OF VICTIMS: SOUTH KOREA JAPAN CHINA TAIWAN USA BY COUNTRY ANALYSIS OF A BOTNET CAMPAIGN MEAN DWELL TIME 93 DAYS MAX DWELL TIME 348 DAYS

2. FORWARD WITHOUT FEAR ©2016 Forcepoint LLC. All rights reserved. Forcepoint™ is a trademark of Forcepoint LLC. JAKUistargetingspecificvictims ANALYSIS OF A BOTNET CAMPAIGN JAKU is the name of the botnet campaign investigated by the Forcepoint Security Labs Special Investigations Team. What makes JAKU unique is that within the noise of thousands of botnet victims, it targets and tracks a small number of specific individuals. These individuals include members of International Non-Governmental Organisations (NGOs), Engineering Companies, Academics, Scientists and Government Employees. North Korea (DPRK) and Pyongyang are the common theme shared between these individuals. JAKU targets its victims - 19,000 is a conservative estimate of the number of victims at any one time - primarily via 'poisoned' BitTorrent file shares. The victims are spread all over the globe, but a significant number of victims are in South Korea and Japan. Forcepoint Security Labs has determined that the botnet command and control (C2) servers identified are also located in the APAC region, including Singapore, Malaysia and Thailand. Asophisticatedbotnetcampaign JAKU uses three different C2 mechanisms, making it highly resilient. Compressed and encrypted code embedded in image files are used to deliver the second stage malware, while the botnet controllers monitor the botnet members via obfuscated SQLite databases. The controllers also cleverly re-use widely available open source software, including the UDT network transport protocol, software copied from Korean blogger sites and re-writes of previously published code. WhoisbehindtheJAKUbotnetcampaign? Forcepoint Security Labs focus on awareness and understanding of intent. This is useful to identify likely future behaviour. We do not focus on specific attribution. However, there are indicators that suggest that the author(s) of the malware identified are native Korean speakers. Foradeeperdiveintothe JAKUbotnetcampaign, downloadthereport www.forcepoint.com/jaku

Add a comment

Related presentations

Related pages

New technology tightens cyber security -- ScienceDaily

A revolutionary new technology helps with cyber security. Signcryption is a technology that protects confidentiality and authenticity, seamlessly and ...
Read more

Cybersecurity: Turning the Tide on Hackers with Dispersive ...

It’s getting increasingly difficult and costly to protect even the most basic technology ... when a new approach to ... security, as well as ...
Read more

Cybersecurity | Department of Information Technology - NH.gov

Cybersecurity encompasses technologies such as broadband, ... National Cyber Security Alert. ... and resources for New Hampshire citizens, ...
Read more

Cyber Security Technologies

Cyber Security Technologies is pleased to announce that the OnLine Digital Forensic Suite (OnLineDFS) product line and intellectual property have been ...
Read more

Cyber Security Division | Homeland Security

The DHS Science and Technology Directorate (S&T) established the Cyber Security Division (CSD), within the Directorate’s Homeland Security Advanced ...
Read more

New cyber video: Cyber Security. Evolved | Deloitte | Risk ...

Technology, Media & Telecommunications; Careers. ... Return to New cyber video: Cyber Security. Evolved. Discover more Next steps Get Connected. Home ...
Read more

Wearable Technology and the Cyber Security Risk

The age of wearable technology is here and with it comes new cyber security risks. Over 3 million wearable devices such as fitness bands and smartwatches ...
Read more

ORNL Develops New Cyber Security Technology - Washington Times

OAK RIDGE, Tenn. (AP) - A new weapon against malware has been developed at the Oak Ridge National Laboratory. The Knoxville News Sentinel (http ...
Read more

What is Cyber Security? | UMUC

Cyber security, or information technology security, protects computers, networks, programs & data from unintended or unauthorized access, change or ...
Read more

Computer Security (Cybersecurity) - The New York Times

News about computer security (cybersecurity). Commentary and archival information about computer security from The New York Times.
Read more