Norton Overview

Sophie Caron

SMBs represent the largest growth area for targeted attacks

– increasing threefold in the last

year1

81% of top tier SMBs said

using computing strategically is an effective way to increase market

share2Half of SMBs have fallen victim to a cyber-attack. Of

those, 61% occurred within the past year2

60% of all targeted attacks struck

small and medium businesses 3

SMBs are four times more at risk

of cyberattacks than larger companies4

The average amount of money stolen from SMBs by cyber-attacks

have tripled in just one year to $19.948 5

46% of SMBs said a targeted

attack would cause revenue loss6

1 Symantec Internet Security Threat Report vol. 18, 20122 National Small Business Association, 2014 Year-end Economic Report3 Symantec Internet Security Threat Report vol. 20, 20154 Symantec.com SkepticTM System data5 National Small Business Association, 2014 Year-end Economic Report6 “SMB Threat Awareness Poll,” Symantec, Sept. 2011

Small Businesses & Cybersecurity

Copyright © 2016 Symantec Corporation2

Distribution of attacks by organizations sizeSmall Businesses Are Now The Most Targeted : Security is not an option

• 43% of attacks in 2015 targeted small businesses, the most of any organization size.

• This is an almost 10% increase from 2014.

Copyright © 2016 Symantec Corporation3

Spear-Phishing Attacks by Size of Targeted Organization

Symantec Internet Security Threat Report, Version 21, April 2016

Top Industries Targeted In Spear Phishing Attacks

Copyright © 2016 Symantec Corporation4

Industry Detail Distribution Attacks per Org % Risk in Group*

1 Finance, Insurance, & Real Estate 34.9% 4.1 8.7%

2 Services 21.6% 2.1 2.5%

3 Manufacturing 13.9% 1.8 8.0%

4 Transportation & Public Utilities 12.5% 2.7 10.7%

5 Wholesale Trade 8.6% 1.9 6.9%

6 Retail Trade 2.5% 2.1 2.4%

7 Public Administration 2.0% 4.7 3.2%

8 Non-Classifiable Establishments 1.6% 1.7 3.4%

9 Mining 1.4% 3.0 10.3%

10 Construction 0.7% 1.7 1.1%

11 Agriculture, Forestry, & Fishing 0.2% 1.4 2.0%

Non SIC Related Industries

Energy 1.8% 2.0 8.4%

Healthcare 0.7% 2.0 1.1%

Symantec Internet Security Threat Report, Version 21, April 2016

No Cybersecurity Plans…No Worries

31% of SMBs are not taking any proactive cybersecurity measures

53% of SMBs report that they do not store valuable data

– But over 65% store email addresses, phone #’s, and other PII

Yet 58% of SMBs are worried about cyber attacks

5

Source: CSID Small Business Survey: 2016, May 2016 - https://www.csid.com/resources/white-papers/

Cybercrime in Belgium

62016 Internet Security Threat Report Volume 21

Belgium ranks 33rd globally, up from 44th in 2014 and 13th in Europe

624 ransomware attacks blocked each day:Belgium ranks 10th globally

Social media attacks: Belgium is #11 in the world and 4th in Europe: 241 attacks per day blocked

THE THREAT LANDSCAPE

317Mup 26%

y/y

Threat Landscape and Norton Risk Mitigation

8

431Mup 36% y/y

2014 20151 Billion New Pieces of Malware in

Less Than 3 Years

8

Consumer pays $300 on average

Hospital pays

$17000

Big Numbers Emerging Threats Norton ProtectionDigital extortion - Crypto-Ransomware

Fin, Insurance Real Estate

18%

Services 20%

Manuf20%

Transport, Public

utilities 11%

Wholesale Trade10%

Other21% Fin, Insurance,

Real Estate35%

Services22%

Manuf14%

Transport, Public Util

13%

Wholesale Trade

9%

Other7%

Spear-phishing

2014 2015

180 948

2010 - 2014 2015Mac is not safe either

Malware trends for Mac

World Class Protection

• 63M Users

• 4M Small Businesses

• 6.8M mobile devices

Global Support

• 280 severe security incidents daily

Telemetry & intelligence

• 31 billion + unique URLs

• 1.7 billion web requests

• 25 billion unique executable files

Monitored daily identify suspicious activity and preventmalicious attacks.

2000 Today

Antivirus

Virus & WormsEmail attachments

Adware, SpywareFreeware & Non-legitimate Web Sites

VISIBLE THREATS

10%

PhishingPaypal, eBay, online banking…

Drive-by downloadPopular websites

INVISIBLES THREATS90%

Internet Security Solution

SCAMPhishing scam email, …

10

CybercrimeA well-organized and highly lucrative market

90 USD Milliards per Year

Attack

Infection

Theft

Sold

Money

Mobility, new playground for cybercriminals

11

CryptoLocker Ransomware attacks both PC Android smartphones and tablets

“

”

Dendroid virus for Android smartphones“

”

Android malware trend (June 2012-June 2013)

Mobility, new playground for cybercriminals

12

The number of '' families '' threats increased by 69% The number of malware has increased by 4

Android malware trend (June 2012-June 2013)

Android ecosystem continues to incubate malware

Greyware / Madware

6.3M

Android Apps tracked by Norton Mobile Insight

Malicious

36%

17%

13

Copyright © 2015 Symantec Corporation14

Malware / Adware

Malware, short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. Malware is defined by its malicious intent, acting against the requirements of the computer user.

Adware, or advertising-supported software, is any software package that automatically renders advertisements in order to generate revenue for its author. The advertisements may be in the user interface of the software or on a screen presented to the user during the installation process. The functions may be designed to analyze which Internet sites the user visits and to present advertising pertinent to the types of goods or services featured there.

15

Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid in order for the restriction to be removed. Some forms of ransomware encrypt files on the system's hard drive.

Ransomware

Ransomware

Ransomware

Your data is encrypted (possibly for ever!)

Your computeris unusable

(but it’s fixable)

Crypto - Ransomware

Digital Extortion aggressively on the riseNow also on Smartphones!

45x

Phishing / Smishing (SMS Phishing)

Obtain financial or other confidential information, typically by sending an email or an SMS that looks as if it is from a legitimate organization, but contains a link to a fake website that replicates the real one

• Step 1 :Fraudsters usurp an identity and create fraudulent emails.The purpose of the message: check , under false pretenses , your information by asking you to click "simply" a link.

• Step 2 :This link takes you to a fake web page.You are asked to complete various information.You have to disclose your confidential data without even knowing it .

Phishing

Phishing

Anti-Phishing: Block

“Fraudulent” – the site is known as a phishing site

Copyright © 2015 Symantec Corporation20

21

Drive-by download means two things, each concerning the unintended download of computer software from the Internet:- Downloads which a person authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Java applet).- Any download that happens without a person's knowledge, often a computer virus, spyware, malware, or crimeware.Drive-by downloads may happen when visiting a website, viewing an e-mail message or by clicking on a deceptive pop-up window

Drive-by Download

Copyright © 2015 Symantec Corporation22

SCAM - Social Media

A SCAM is an attempt to defraud a person or group after first gaining their confidence, used in the classical sense of trust.Criminals will go wherever there are people to be scammed. There are large numbers of people using well-established social media platforms, and, as such, they play host to plenty of scams.

Manual Sharing – These rely on victims to actually do the work of sharingthe scam by presenting them with intriguing videos, fake offers or messages that they share with their friends.

Fake Offering – These scams invite social network users to join a fake event or group with incentives such as free gift cards. Joining often requires the user to share credentials with the attacker or send a text to a premium rate number.

Likejacking – Using fake “Like” buttons, attackers trick users into clicking websitebuttons that install malware and may post updates on a user’s newsfeed, spreading the attack.

Fake Apps – Users are invited to subscribe to an application that appears to be integrated for use with a social network, but is not as described and may be used to steal credentials or harvest other personal data.

Comment Jacking – This attack is similar to the "Like" jacking where the attacker tricks theuser into submitting a comment about a link or site, which will then be posted to his/her wall.

Copyright © 2015 Symantec Corporation23

Social Media & SCAM

Copyright © 2015 Symantec Corporation24

Social Media & SCAM

Copyright © 2015 Symantec Corporation25

Social Media & SCAM

WHY NORTON

Copyright © 2016 Symantec Corporation26

Copyright © 2016 Symantec Corporation27

Copyright © 2016 Symantec Corporation28

Copyright © 2016 Symantec Corporation29

Copyright © 2016 Symantec Corporation30

Copyright © 2016 Symantec Corporation31

SSL Certificats

• https://www.symantec.com/ssl-certificates/?sl=awareness_ytvideo#overview

Copyright © 2016 Symantec Corporation32

Symantec SSL/TLS certificates, formerly by VeriSign, uses industry-leading SSL encryption across all products, with various solutions for website and server security. Extended Validation (EV) SSL certificates will increase customers' confidence and help your website reach its full potential. You can compare and buy Symantec SSL Certificates, to make sure your customers are safe from search to browse to buy.