© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. AT&T Proprietary (Internal Use Only). Not for use or disclosure outside the AT&T companies except under written agreement. Trends

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. AT&T Proprietary (Internal Use Only). Not for use or disclosure outside the AT&T companies except under written agreement. Data is being generated at a far Security, identity management, Machine learning advancing faster faster rate and privacy are increasingly more through availability of data and important Artificial Intelligence

A Data Powered, Intelligent Network is essential to the Evolution of Security

AT&T Proprietary (Restricted) Page 3 Not for use or disclosure outside the AT&T companies except under written agreement Cyber Security Technology Evolution

Adoption S-Curves Mobility-Enabled SDN Cloud

6 years - Virtualization - Strong Authentication Sandbox - Threat Analytics WAF Automation

25 years

Next-Gen SIEM IPS firewall

IDS Anti-virus Firewall

1983 2008 2013 2018

AT&T Proprietary (Restricted) Page 5 Not for use or disclosure outside the AT&T companies except under written agreement Cyber Security Transformation

Traditional Security Virtual Security Wide variety of vendor appliances Real-time and dynamic security Specialized management platforms Security integration with network Highly manual security Closed-loop automation Multiple support organizations Common support organization No single operations model or database of record Common operations model and database of record

5 Threat Analytics

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. AT&T Proprietary (Internal Use Only). Not for use or disclosure outside the AT&T companies except under written agreement. General Cyber Threat Actors

Nation-states Industrial espionage (data theft) Political positioning (Information Confrontation) Organized criminal groups Credit card theft Identity theft Ransomware Hacktivists Instill fear Individuals Gaming Mischief Threat Types Invasion DDoS (flooding)

AT&T Proprietary (Restricted) Page 15 Not for use or disclosure outside the AT&T companies except under written agreement Inside the Network: Intelligent Data

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. AT&T Proprietary (Internal Use Only). Not for use or disclosure outside the AT&T companies except under written agreement. Threat Analytics

5/12 Wannacry Event CSO Risk & Threat Intel Expedite Patch & Monitor for Activity

Microsoft Shadowbrokers Potential Release Leak NSA 5/9 CSO 2nd Event Patch Exploits Detects Deterred Activity

AT&T Patched – No Impact APT (Advanced Persistent Threats)

- Intellectual property harvesting Analysis of APT Activity (60 days) - Identity / Intelligence Gathering

50

45

40

35 Added detection for new attacker group 30

25 Non-Customer

20 Customer

15

10

5

0

AT&T Proprietary (Restricted) Page 23 Not for use or disclosure outside the AT&T companies except under written agreement Internet Threat Reconnaissance Index (2005-2013)

1 1 Internet Threat Reconnaissance Index (2005-2017)

1 2 Direct Scanning of Popular ioT Ports Growth

3 years

Massive Recruitment Activity

AT&T Proprietary (Restricted) Page 18 Not for use or disclosure outside the AT&T companies except under written agreement Current View – Emerging Variants and Targeting Scanning Targeting on Popular Vulnerable IoT Devices

Increasingly aggressive recruiting activity

Covert backdoor in Netis home Variants routers expanding variety of devices targeted. Internet of Trojanized Things (IoTT)

Single Botnet….

AT&T Proprietary (Restricted) Page 20 Not for use or disclosure outside the AT&T companies except under written agreement Industry-Coordinated Botnet Takedown

ZeroAccess Botnet (Click Fraud) Didn’t Work

Massive Takedown Effort (Industry Wide-Led)

AT&T Proprietary (Restricted) Page 16 Not for use or disclosure outside the AT&T companies except under written agreement SDN & Security Function Virtualization

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. AT&T Proprietary (Internal Use Only). Not for use or disclosure outside the AT&T companies except under written agreement. Notional Enterprise Perimeter Design

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Moblizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. State of Practice Enterprise Perimeter Design

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Moblizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. East/West Vulnerability in APT Attacks

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Moblizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. Advancing the Architecture….

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Moblizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. East/West Vulnerability Mitigated in APT Attacks

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Moblizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. If we think of these Microperimeter controlled Assets as Independent Objects…..

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Moblizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. Globally Diverse…..

“…where have I seen this before?” © 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Moblizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. Distributed, Resilient Botnet Architecture

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Moblizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners.