SlideShare ist ein Scribd-Unternehmen logo

Internet threats and issues in korea 120325 eng_slideshare

Youngjun Chang
Youngjun Chang

ISOI10 in Montreal Canada

Technologie
1 von 18
Downloaden Sie, um offline zu lesen
InternetThreatsandIssues inKorea 2012. 04. 13 YoungjunChang(zhang95@ahnlab.com) SeniorAdvancedThreatResearcher,CISSP ASEC(AhnLabSecurityEmergencyresponseCenter) AhnLab
WhatisAhnLab??
BusinessPortfolioofAhnLab ENDPOINT SECURITY NETWORK SECURITY MOBILE SECURITY TRANSACTION SECURITY CONSULTING SERVICE FORENSICS & INCIDENT RESPONSEMANAGED SECURITY SERVICE WEB SECURITY ENDPOINT SECURITY V3 Internet Security V3 365 Clinic V3 Net for Windows Server V3 Net for Unix/Linux Server AhnLab TrusLine NETWORK SECURITY AhnLab TrusGuard AhnLab TrusGuard DPX AhnLab TrusManager AhnLab TrusAnalyzer AhnLab TrusZone AhnLab TrusWatcher MOBILE SECURITY AhnLab V3 Mobile AhnLab V3 Mobile Enterprise AhnLab Mobile Center AhnLab V3 Mobile + for Transaction TRANSACTION SECURITY AhnLab Online Security AhnLab HackShield for Online Game MANAGED SECURITY SERVICE AhnLab Policy Center AhnLab Policy Center Appliance AhnLab Policy Center Patch Management
Contents 01 Malware Trends in Korea 1) 2011MalwareInfectionStatus 2) 2011MalwareInfectionType 02 Internet Threats and Issues in Korea 1) APT(AdvancedPersistentThreat) 2) MobileThreats 3) DDoSAccidents 4) ApplicationVulnerability 5) SocialNetworkThreats
01 Malware Trends in Korea
1)2011MalwareInfectionStatus  Almost 2 billion(177,473,697) infections were reported in 2011  Infection increased over 18% than 2010(146,097,262)  Since October, malware using web application vulnerabilities are increasing 2011 MonthlyMalwareInfectionStatus
2)MalwareTypeinKorea2011(1)  2011 Infection Report : Trojan 42.1%, Script 17.4%, Worm 11.6%  2011 New Malware Type : Trojan 62%, Adware 16%, Dropper 7%  Script malwares are using vulnerabilities of Web Brower and Web Application  Increase of malware using vulnerabilities of Adobe Flash, Java and MS12-004 in first quarter 2012 Reported MalwareTypesin2011 NewMalwareTypesin2011
2)MalwareTypeinKorea2011(2)  Almost every malwares are script related files in TOP10 list in 2011 Most of them are “Autorun.inf” files which were spread by USB Also, Induc and Palevo worms are in high rank  Trojan was the most reported new malware in 2011 Windows related files were infected or replaced by the malware  OnlineGameHack related families were the most reported malware in 2011 Also, Conficker and Virut family as well 1 Textimage/Autorun 9,458,847 24.20% 2 JS/Agent 6,217,163 15.90% 3 Win32/Induc 2,149,558 5.50% 4 Html/Agent 1,859,891 4.80% 5 JS/Downloader 1,789,695 4.60% 6 JS/Redirect 1,580,959 4.10% 7 JS/Exploit 1,545,389 4.00% 8 JS/Iframe 1,446,928 3.70% 9 Swf/Agent 1,432,679 3.70% 10 Win32/Palevo1.worm.Gen 1,389,561 3.60% TOP10ReportedMalwarein2011 1 Win-Trojan/Patched.CR 757,876 25.80% 2 Win-Trojan/Overtls11.Gen 700,456 23.90% 3 Win-Trojan/Downloader.59904.AK 278,527 9.50% 4 Win-Trojan/Winsoft17.Gen 222,208 7.60% 5 Win-Trojan/Adload.77312.LPU 181,176 6.20% 6 Win-Trojan/Winsoft18.Gen 104,026 3.50% 7 Win-Trojan/Winsoft.263168.KX 75,337 2.60% 8 Win-Trojan/Winsoft.263168.LO 73,994 2.50% 9 Win-Trojan/Agent.339968.EI 69,762 2.40% 10 Win-Trojan/Agent.323584.FK 68,946 2.30% TOP10ReportedNewMalwarein2011
02 InternetThreatsand Issuesin Korea
1)APT(AdvancedPersistentThreat)(1)  Incident occurred in Korean companies using APT and Targeted Attacks  S company, N Bank and N company in 2011 was the big issue  35 million client information has been leaked by the S company incident IncidentinScompany Attacker Free software update server DB Server Spreading the malware 1 Other Victim Server Malware infection 2 Connect to DB server 4 Remote control3 Data transfer to external server 5 Data transmit6
1)APT(AdvancedPersistentThreat)(2) Incident in N Bank  Over 13 million game user’s information has been leaked by the N company incident (It is on investigation)  N Bank system has been corrupted after the attack from the outside  Attacker has spread the malware with P2P program and waited 7 month for the attack P2P Program Laptop from the outsourced staff Attacker Internal System Spreading the malware 1 Malware infection 2 Remote control3 Delete all to DB server 4
2)MobileThreats(1)  No report of any kind, about Android malwares that has been made or spread in Korea  Android samples which AhnLab has collected is from foreign countries  Mobile Threats in Korea are not related by Android malwares Android Malware founded in 2011
2)MobileThreats(2)  Disguised as public institution or bank to redirect to phishing website  Using URL shortening of spam SMS to adult website  Mobile messenger phishing by using KakaoTalk and MyPeople Mobile MobilePhishing,MobileSpamSMSandMobileMessengerPhishing Hello it’s KB Bank. For the security reasons please access to the website below Come to the Hot Adult website Disguise as your friend to borrow some money
3)DDoSAccidents(1) 4th March2011DDoSaccidentTimeLine  In Korea, DDoS attack was to obtain money, but the objective is getting wider  3.4 DDoS (4th March) attack and the attack of National Election Commission in 2011 was the big issue  Almost of the DDoS attack in Korea uses malwares that are capable for DDoS
3)DDoSAccidents(2) MalwareBuilderforDDoSattack  A lot of computers that attacked National Election Commission was infected by the malware  Most of the malware builder was made by Chinese underground  Change the malware builder into Korean language and spread from online cafe  Malware disguised as game or media files and spread by P2P or online cafe Packet type for DDoS attack
4)ApplicationVulnerability  Online game related malwares are spread by using web browser and application vulnerabilities  Malware using vulnerabilities of I.E(MS10-018), Adobe Flash Player(CVE-2011-2110, CVE- 2011-2140, CVE-2011-0609) and Adobe Reader(CVE-2011-0611) in 2011  Malware using vulnerabilities of Hangul word-process(.hwp) is increasing  Increase of malware using vulnerabilities of Windows Media(MS12-004), Adobe Flash Player(CVE-2011-0611, CVE-2011-2140, CVE-2012-0754) and JAVA(CVE-2011-3544) in first quarter 2012 HackedWebsitesusingvariousvulnerabilitiestospreadmalwares  Web sites which were found in 2th February 2012  Vulnerabilities MS10-018 Internet Explorer MS12-004 Windows Media CVE-2011-2140 Adobe Flash Player CVE-2011-3544 JAVA  Weekdays, they make the systems to spread the malware  Weekends, they hack a system and insert a script to redirect to their system  Last goal is to spread online game related malwares
5)SocialNetworkThreats  Social Network Websites Developed in Korea, me2DAY, yozm and Cyworld  Increase of Twitter and Facebook users in Korea, cause of increasing smartphone  Social Network Websites are also used for spreading malwares and phishing website MalwarespreadingbyTwitter TwitBotcommandwhichwerefoundinme2DAY Disguised as media file of a famous actress
Thank you.

Empfohlen

Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingYoungjun Chang
 
Cybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareCybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareYoungjun Chang
 
Modern Malware by Nir Zuk Palo Alto Networks
Modern Malware by Nir Zuk Palo Alto NetworksModern Malware by Nir Zuk Palo Alto Networks
Modern Malware by Nir Zuk Palo Alto Networksdtimal
 
Ransomware attacks reveton
Ransomware attacks revetonRansomware attacks reveton
Ransomware attacks revetonMumbere Joab
 
New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016Marina Krotofil
 
What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?David Strom
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ckNarinrit Prem-apiwathanokul
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 

Empfohlen

Avar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingAvar2011 changing security_awareness_training
Avar2011 changing security_awareness_trainingYoungjun Chang
 
Cybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareCybercrimes against the korean online banking systems 1227 eng_slideshare
Cybercrimes against the korean online banking systems 1227 eng_slideshareYoungjun Chang
 
Modern Malware by Nir Zuk Palo Alto Networks
Modern Malware by Nir Zuk Palo Alto NetworksModern Malware by Nir Zuk Palo Alto Networks
Modern Malware by Nir Zuk Palo Alto Networksdtimal
 
Ransomware attacks reveton
Ransomware attacks revetonRansomware attacks reveton
Ransomware attacks revetonMumbere Joab
 
New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016Marina Krotofil
 
What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?David Strom
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ckNarinrit Prem-apiwathanokul
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
Wirelurker
WirelurkerWirelurker
Wirelurkeranupriti
 
Regin
ReginRegin
Reginanupriti
 
Ransomware
RansomwareRansomware
RansomwareDevAkabari
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...wajug
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizationsOPSWAT
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyOPSWAT
 
CSS Trivia
CSS TriviaCSS Trivia
CSS TriviaAlert Logic
 
Watch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftWatch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftSchipul - The Web Marketing Company
 
KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024Frank Maiorca
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attackIcomm Technologies
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threatsEC-Council
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav SinghGaurav Singh
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
Seminar on Internet security
Seminar on Internet securitySeminar on Internet security
Seminar on Internet securityRahul Sah
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
The Malware Menace
The Malware MenaceThe Malware Menace
The Malware MenaceTami Brass
 
악성코드와 웜
악성코드와 웜악성코드와 웜
악성코드와 웜Youngjun Chang
 
악성코드와 시스템 복구
악성코드와 시스템 복구악성코드와 시스템 복구
악성코드와 시스템 복구Youngjun Chang
 

Weitere ähnliche Inhalte

Was ist angesagt?

Wirelurker
WirelurkerWirelurker
Wirelurkeranupriti
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...wajug
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizationsOPSWAT
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyOPSWAT
 
Watch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftWatch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftSchipul - The Web Marketing Company
 
KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024Frank Maiorca
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threatsEC-Council
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav SinghGaurav Singh
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
Seminar on Internet security
Seminar on Internet securitySeminar on Internet security
Seminar on Internet securityRahul Sah
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
The Malware Menace
The Malware MenaceThe Malware Menace
The Malware MenaceTami Brass
 

Was ist angesagt? (20)

Wirelurker
WirelurkerWirelurker
Wirelurker
 
Regin
ReginRegin
Regin
 
Ransomware
RansomwareRansomware
Ransomware
 
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
Wajug: Cyber war, Cyber Attacks and Ethical Hacking - Frédéric de Pauw - Dece...
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizations
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
 
CSS Trivia
CSS TriviaCSS Trivia
CSS Trivia
 
Watch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity TheftWatch Your Back: Let’s Talk Web Safety and Personal Identity Theft
Watch Your Back: Let’s Talk Web Safety and Personal Identity Theft
 
KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024KeystrokeGuard_Presentation_20141024
KeystrokeGuard_Presentation_20141024
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threats
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpoint
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacks
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information security
 
Seminar on Internet security
Seminar on Internet securitySeminar on Internet security
Seminar on Internet security
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
The Malware Menace
The Malware MenaceThe Malware Menace
The Malware Menace
 

Andere mochten auch

악성코드와 시스템 복구
악성코드와 시스템 복구악성코드와 시스템 복구
악성코드와 시스템 복구Youngjun Chang
 
악성코드와 분석 방안
악성코드와 분석 방안악성코드와 분석 방안
악성코드와 분석 방안Youngjun Chang
 
security framework2.20
security framework2.20security framework2.20
security framework2.20skccsocial
 
악성코드와 기업의 악성코드 대응
악성코드와 기업의 악성코드 대응악성코드와 기업의 악성코드 대응
악성코드와 기업의 악성코드 대응Youngjun Chang
 
악성코드 동향 및 대응 방안
악성코드 동향 및 대응 방안악성코드 동향 및 대응 방안
악성코드 동향 및 대응 방안Youngjun Chang
 
악성코드와 분석 방안
악성코드와 분석 방안악성코드와 분석 방안
악성코드와 분석 방안Youngjun Chang
 
security architecture
security architecturesecurity architecture
security architectureDO HYUNG KIM
 
구성도 샘플1
구성도 샘플1구성도 샘플1
구성도 샘플1doojung7
 
악성코드와 분석 방법
악성코드와 분석 방법악성코드와 분석 방법
악성코드와 분석 방법Youngjun Chang
 
악성코드 분석 도구
악성코드 분석 도구악성코드 분석 도구
악성코드 분석 도구Youngjun Chang
 

Andere mochten auch (12)

악성코드와 웜
악성코드와 웜악성코드와 웜
악성코드와 웜
 
악성코드와 시스템 복구
악성코드와 시스템 복구악성코드와 시스템 복구
악성코드와 시스템 복구
 
악성코드와 분석 방안
악성코드와 분석 방안악성코드와 분석 방안
악성코드와 분석 방안
 
security framework2.20
security framework2.20security framework2.20
security framework2.20
 
악성코드와 기업의 악성코드 대응
악성코드와 기업의 악성코드 대응악성코드와 기업의 악성코드 대응
악성코드와 기업의 악성코드 대응
 
악성코드 동향 및 대응 방안
악성코드 동향 및 대응 방안악성코드 동향 및 대응 방안
악성코드 동향 및 대응 방안
 
악성코드와 분석 방안
악성코드와 분석 방안악성코드와 분석 방안
악성코드와 분석 방안
 
악성코드 개론
악성코드 개론 악성코드 개론
악성코드 개론
 
security architecture
security architecturesecurity architecture
security architecture
 
구성도 샘플1
구성도 샘플1구성도 샘플1
구성도 샘플1
 
악성코드와 분석 방법
악성코드와 분석 방법악성코드와 분석 방법
악성코드와 분석 방법
 
악성코드 분석 도구
악성코드 분석 도구악성코드 분석 도구
악성코드 분석 도구
 

Ähnlich wie Internet threats and issues in korea 120325 eng_slideshare

Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsAlan Kan
 
Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Protect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersProtect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersKaseya
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Sophos Benelux
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII studentsAkiumi Hasegawa
 
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxAppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxEthioTelecom_Getahun Biratu
 
Detect Threats Faster
Detect Threats FasterDetect Threats Faster
Detect Threats FasterForce 3
 
FireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceValery Yelanin
 
OpenSSF Day Tokyo 2023 Keynote presentation.
OpenSSF Day Tokyo 2023 Keynote presentation.OpenSSF Day Tokyo 2023 Keynote presentation.
OpenSSF Day Tokyo 2023 Keynote presentation.Kazuki Omo
 
VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51martinvoelk
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416Anthony Arrott
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Scaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware InfectionScaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware InfectionWayne Huang
 
TRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , TexasTRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , TexasAditya K Sood
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Securitysudip pudasaini
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextPriyanka Aash
 

Ähnlich wie Internet threats and issues in korea 120325 eng_slideshare (20)

Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
 
Next Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA ComplianceNext Dimension and Cisco | Solutions for PIPEDA Compliance
Next Dimension and Cisco | Solutions for PIPEDA Compliance
 
Protect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersProtect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and Hackers
 
The Dangers of Lapto
The Dangers of LaptoThe Dangers of Lapto
The Dangers of Lapto
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
 
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptxAppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
AppSecEU2016-Amol-Sarwate-2016-State-of-Vulnerability-Exploits.pptx
 
Detect Threats Faster
Detect Threats FasterDetect Threats Faster
Detect Threats Faster
 
FireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment Experience
 
OpenSSF Day Tokyo 2023 Keynote presentation.
OpenSSF Day Tokyo 2023 Keynote presentation.OpenSSF Day Tokyo 2023 Keynote presentation.
OpenSSF Day Tokyo 2023 Keynote presentation.
 
VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Scaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware InfectionScaling Web 2.0 Malware Infection
Scaling Web 2.0 Malware Infection
 
TRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , TexasTRISC 2010 - Grapevine , Texas
TRISC 2010 - Grapevine , Texas
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
 
Defining Cyber Crime
Defining Cyber CrimeDefining Cyber Crime
Defining Cyber Crime
 

Mehr von Youngjun Chang

IT보안과 사회공학(Social Engineering)
IT보안과 사회공학(Social Engineering)IT보안과 사회공학(Social Engineering)
IT보안과 사회공학(Social Engineering)Youngjun Chang
 
Volatility를 이용한 memory forensics
Volatility를 이용한 memory forensicsVolatility를 이용한 memory forensics
Volatility를 이용한 memory forensicsYoungjun Chang
 
Apt(advanced persistent threat) 공격의 현재와 대응 방안
Apt(advanced persistent threat) 공격의 현재와 대응 방안Apt(advanced persistent threat) 공격의 현재와 대응 방안
Apt(advanced persistent threat) 공격의 현재와 대응 방안Youngjun Chang
 
Memory forensics with volatility
Memory forensics with volatilityMemory forensics with volatility
Memory forensics with volatilityYoungjun Chang
 
2011년 보안 이슈와 2012년 보안 위협 예측
2011년 보안 이슈와 2012년 보안 위협 예측2011년 보안 이슈와 2012년 보안 위협 예측
2011년 보안 이슈와 2012년 보안 위협 예측Youngjun Chang
 
보안 위협 형태와 악성코드 분석 기법
보안 위협 형태와 악성코드 분석 기법보안 위협 형태와 악성코드 분석 기법
보안 위협 형태와 악성코드 분석 기법Youngjun Chang
 
클라우드 서비스를 이용한 APT 대응
클라우드 서비스를 이용한 APT 대응클라우드 서비스를 이용한 APT 대응
클라우드 서비스를 이용한 APT 대응Youngjun Chang
 
보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안Youngjun Chang
 
SNS 보안 위협 사례
SNS 보안 위협 사례SNS 보안 위협 사례
SNS 보안 위협 사례Youngjun Chang
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법Youngjun Chang
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법Youngjun Chang
 
보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안Youngjun Chang
 
2010년 상반기 보안 위협 동향과 주요 보안 위협
2010년 상반기 보안 위협 동향과 주요 보안 위협2010년 상반기 보안 위협 동향과 주요 보안 위협
2010년 상반기 보안 위협 동향과 주요 보안 위협Youngjun Chang
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법Youngjun Chang
 
2. 악성코드 동적 분석 방법론
2. 악성코드 동적 분석 방법론2. 악성코드 동적 분석 방법론
2. 악성코드 동적 분석 방법론Youngjun Chang
 
1. 보안 위협 동향과 주요 보안 위협 특징
1. 보안 위협 동향과 주요 보안 위협 특징1. 보안 위협 동향과 주요 보안 위협 특징
1. 보안 위협 동향과 주요 보안 위협 특징Youngjun Chang
 
5. system level reversing
5. system level reversing5. system level reversing
5. system level reversingYoungjun Chang
 
4. reverse engineering basic
4. reverse engineering basic4. reverse engineering basic
4. reverse engineering basicYoungjun Chang
 
3. windows system과 rootkit
3. windows system과 rootkit3. windows system과 rootkit
3. windows system과 rootkitYoungjun Chang
 

Mehr von Youngjun Chang (20)

IT보안과 사회공학(Social Engineering)
IT보안과 사회공학(Social Engineering)IT보안과 사회공학(Social Engineering)
IT보안과 사회공학(Social Engineering)
 
Volatility를 이용한 memory forensics
Volatility를 이용한 memory forensicsVolatility를 이용한 memory forensics
Volatility를 이용한 memory forensics
 
Apt(advanced persistent threat) 공격의 현재와 대응 방안
Apt(advanced persistent threat) 공격의 현재와 대응 방안Apt(advanced persistent threat) 공격의 현재와 대응 방안
Apt(advanced persistent threat) 공격의 현재와 대응 방안
 
Memory forensics with volatility
Memory forensics with volatilityMemory forensics with volatility
Memory forensics with volatility
 
2011년 보안 이슈와 2012년 보안 위협 예측
2011년 보안 이슈와 2012년 보안 위협 예측2011년 보안 이슈와 2012년 보안 위협 예측
2011년 보안 이슈와 2012년 보안 위협 예측
 
보안 위협 형태와 악성코드 분석 기법
보안 위협 형태와 악성코드 분석 기법보안 위협 형태와 악성코드 분석 기법
보안 위협 형태와 악성코드 분석 기법
 
클라우드 서비스를 이용한 APT 대응
클라우드 서비스를 이용한 APT 대응클라우드 서비스를 이용한 APT 대응
클라우드 서비스를 이용한 APT 대응
 
APT Case Study
APT Case StudyAPT Case Study
APT Case Study
 
보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안
 
SNS 보안 위협 사례
SNS 보안 위협 사례SNS 보안 위협 사례
SNS 보안 위협 사례
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법
 
보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안보안 위협 동향과 대응 방안
보안 위협 동향과 대응 방안
 
2010년 상반기 보안 위협 동향과 주요 보안 위협
2010년 상반기 보안 위협 동향과 주요 보안 위협2010년 상반기 보안 위협 동향과 주요 보안 위협
2010년 상반기 보안 위협 동향과 주요 보안 위협
 
보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법보안 위협과 악성코드 분석 기법
보안 위협과 악성코드 분석 기법
 
2. 악성코드 동적 분석 방법론
2. 악성코드 동적 분석 방법론2. 악성코드 동적 분석 방법론
2. 악성코드 동적 분석 방법론
 
1. 보안 위협 동향과 주요 보안 위협 특징
1. 보안 위협 동향과 주요 보안 위협 특징1. 보안 위협 동향과 주요 보안 위협 특징
1. 보안 위협 동향과 주요 보안 위협 특징
 
5. system level reversing
5. system level reversing5. system level reversing
5. system level reversing
 
4. reverse engineering basic
4. reverse engineering basic4. reverse engineering basic
4. reverse engineering basic
 
3. windows system과 rootkit
3. windows system과 rootkit3. windows system과 rootkit
3. windows system과 rootkit
 

Kürzlich hochgeladen

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 

Kürzlich hochgeladen (20)

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 

Internet threats and issues in korea 120325 eng_slideshare

  • 3. BusinessPortfolioofAhnLab ENDPOINT SECURITY NETWORK SECURITY MOBILE SECURITY TRANSACTION SECURITY CONSULTING SERVICE FORENSICS & INCIDENT RESPONSEMANAGED SECURITY SERVICE WEB SECURITY ENDPOINT SECURITY V3 Internet Security V3 365 Clinic V3 Net for Windows Server V3 Net for Unix/Linux Server AhnLab TrusLine NETWORK SECURITY AhnLab TrusGuard AhnLab TrusGuard DPX AhnLab TrusManager AhnLab TrusAnalyzer AhnLab TrusZone AhnLab TrusWatcher MOBILE SECURITY AhnLab V3 Mobile AhnLab V3 Mobile Enterprise AhnLab Mobile Center AhnLab V3 Mobile + for Transaction TRANSACTION SECURITY AhnLab Online Security AhnLab HackShield for Online Game MANAGED SECURITY SERVICE AhnLab Policy Center AhnLab Policy Center Appliance AhnLab Policy Center Patch Management
  • 4. Contents 01 Malware Trends in Korea 1) 2011MalwareInfectionStatus 2) 2011MalwareInfectionType 02 Internet Threats and Issues in Korea 1) APT(AdvancedPersistentThreat) 2) MobileThreats 3) DDoSAccidents 4) ApplicationVulnerability 5) SocialNetworkThreats
  • 5. 01 Malware Trends in Korea
  • 6. 1)2011MalwareInfectionStatus  Almost 2 billion(177,473,697) infections were reported in 2011  Infection increased over 18% than 2010(146,097,262)  Since October, malware using web application vulnerabilities are increasing 2011 MonthlyMalwareInfectionStatus
  • 7. 2)MalwareTypeinKorea2011(1)  2011 Infection Report : Trojan 42.1%, Script 17.4%, Worm 11.6%  2011 New Malware Type : Trojan 62%, Adware 16%, Dropper 7%  Script malwares are using vulnerabilities of Web Brower and Web Application  Increase of malware using vulnerabilities of Adobe Flash, Java and MS12-004 in first quarter 2012 Reported MalwareTypesin2011 NewMalwareTypesin2011
  • 8. 2)MalwareTypeinKorea2011(2)  Almost every malwares are script related files in TOP10 list in 2011 Most of them are “Autorun.inf” files which were spread by USB Also, Induc and Palevo worms are in high rank  Trojan was the most reported new malware in 2011 Windows related files were infected or replaced by the malware  OnlineGameHack related families were the most reported malware in 2011 Also, Conficker and Virut family as well 1 Textimage/Autorun 9,458,847 24.20% 2 JS/Agent 6,217,163 15.90% 3 Win32/Induc 2,149,558 5.50% 4 Html/Agent 1,859,891 4.80% 5 JS/Downloader 1,789,695 4.60% 6 JS/Redirect 1,580,959 4.10% 7 JS/Exploit 1,545,389 4.00% 8 JS/Iframe 1,446,928 3.70% 9 Swf/Agent 1,432,679 3.70% 10 Win32/Palevo1.worm.Gen 1,389,561 3.60% TOP10ReportedMalwarein2011 1 Win-Trojan/Patched.CR 757,876 25.80% 2 Win-Trojan/Overtls11.Gen 700,456 23.90% 3 Win-Trojan/Downloader.59904.AK 278,527 9.50% 4 Win-Trojan/Winsoft17.Gen 222,208 7.60% 5 Win-Trojan/Adload.77312.LPU 181,176 6.20% 6 Win-Trojan/Winsoft18.Gen 104,026 3.50% 7 Win-Trojan/Winsoft.263168.KX 75,337 2.60% 8 Win-Trojan/Winsoft.263168.LO 73,994 2.50% 9 Win-Trojan/Agent.339968.EI 69,762 2.40% 10 Win-Trojan/Agent.323584.FK 68,946 2.30% TOP10ReportedNewMalwarein2011
  • 10. 1)APT(AdvancedPersistentThreat)(1)  Incident occurred in Korean companies using APT and Targeted Attacks  S company, N Bank and N company in 2011 was the big issue  35 million client information has been leaked by the S company incident IncidentinScompany Attacker Free software update server DB Server Spreading the malware 1 Other Victim Server Malware infection 2 Connect to DB server 4 Remote control3 Data transfer to external server 5 Data transmit6
  • 11. 1)APT(AdvancedPersistentThreat)(2) Incident in N Bank  Over 13 million game user’s information has been leaked by the N company incident (It is on investigation)  N Bank system has been corrupted after the attack from the outside  Attacker has spread the malware with P2P program and waited 7 month for the attack P2P Program Laptop from the outsourced staff Attacker Internal System Spreading the malware 1 Malware infection 2 Remote control3 Delete all to DB server 4
  • 12. 2)MobileThreats(1)  No report of any kind, about Android malwares that has been made or spread in Korea  Android samples which AhnLab has collected is from foreign countries  Mobile Threats in Korea are not related by Android malwares Android Malware founded in 2011
  • 13. 2)MobileThreats(2)  Disguised as public institution or bank to redirect to phishing website  Using URL shortening of spam SMS to adult website  Mobile messenger phishing by using KakaoTalk and MyPeople Mobile MobilePhishing,MobileSpamSMSandMobileMessengerPhishing Hello it’s KB Bank. For the security reasons please access to the website below Come to the Hot Adult website Disguise as your friend to borrow some money
  • 14. 3)DDoSAccidents(1) 4th March2011DDoSaccidentTimeLine  In Korea, DDoS attack was to obtain money, but the objective is getting wider  3.4 DDoS (4th March) attack and the attack of National Election Commission in 2011 was the big issue  Almost of the DDoS attack in Korea uses malwares that are capable for DDoS
  • 15. 3)DDoSAccidents(2) MalwareBuilderforDDoSattack  A lot of computers that attacked National Election Commission was infected by the malware  Most of the malware builder was made by Chinese underground  Change the malware builder into Korean language and spread from online cafe  Malware disguised as game or media files and spread by P2P or online cafe Packet type for DDoS attack
  • 16. 4)ApplicationVulnerability  Online game related malwares are spread by using web browser and application vulnerabilities  Malware using vulnerabilities of I.E(MS10-018), Adobe Flash Player(CVE-2011-2110, CVE- 2011-2140, CVE-2011-0609) and Adobe Reader(CVE-2011-0611) in 2011  Malware using vulnerabilities of Hangul word-process(.hwp) is increasing  Increase of malware using vulnerabilities of Windows Media(MS12-004), Adobe Flash Player(CVE-2011-0611, CVE-2011-2140, CVE-2012-0754) and JAVA(CVE-2011-3544) in first quarter 2012 HackedWebsitesusingvariousvulnerabilitiestospreadmalwares  Web sites which were found in 2th February 2012  Vulnerabilities MS10-018 Internet Explorer MS12-004 Windows Media CVE-2011-2140 Adobe Flash Player CVE-2011-3544 JAVA  Weekdays, they make the systems to spread the malware  Weekends, they hack a system and insert a script to redirect to their system  Last goal is to spread online game related malwares
  • 17. 5)SocialNetworkThreats  Social Network Websites Developed in Korea, me2DAY, yozm and Cyworld  Increase of Twitter and Facebook users in Korea, cause of increasing smartphone  Social Network Websites are also used for spreading malwares and phishing website MalwarespreadingbyTwitter TwitBotcommandwhichwerefoundinme2DAY Disguised as media file of a famous actress