Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Against Malware Nick Hall and Fred Baumhardt Security Technology Architects Microsoft EMEA.

Published byAngel Nicholson Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing Against Malware Nick Hall and Fred Baumhardt Security Technology Architects Microsoft EMEA."— Presentation transcript:

1 Securing Against Malware Nick Hall and Fred Baumhardt Security Technology Architects Microsoft EMEA

2 Agenda History of Viruses Current Threats Future…? What is Microsoft Doing?

3 Thief Spy Author National Interest Personal Gain Personal Fame Curiosity Script-Kiddy Undergraduate Expert Specialist Microsoft Execution The Attackers Trespasser Largest Area By $$ Lost FastestGrowingSegment Largest Segment By $$ Spent On Defense Largest Area By Volume Vandal

4

5 Phishing

6

7

8 ..this is actually the legitimate site you are returned to.

9 Virus Information Viruses: speed is dependent on the vector File viruses took months to years to spread widely Macro viruses took weeks to months Mass Mailers took days Code Red took about 12 hours Klez went around the world in 2.5 hours SQL Slammer affected the world in about 10 minutes Source: ICSA Virus Prevalence Survey 2003 “Just how fast is instant messaging?”

10 "We advise customers to contact their anti-virus software provider and obtain the latest signatures for the virus, which should now be available.“ W32/Kelvir – Slowed down a network by putting additional traffic on it, it did not create backdoors, install keyloggers, or steal money from brokerage accounts. BUT THE NEXT ONE MIGHT !!!! You're 10 times more likely to click on a URL that comes from someone on your buddy list than something that comes in over email” Viruses Over IM

11 Spyware www.ISpyNow.com www.keykatcher.com

12 Spies per Consumer PC Oct to Dec 2005 UK 21.6 Norway 20.3 Sweden: 19.1 Lithuania 17.2 Slovenia 15.7 Source: BBC website

13 Worms are Anonymous – they don’t carry your password database…. Pathogens Break protocol rules – you wrote a buffer for 72 characters – attacker sent you 182 Worms send clients something they didn’t ask for Authenticate Traffic – Stops foreign Infection Enforce Protocol Rules at the Network Device – things that break are dropped Don’t process traffic that you didn’t ask for, understand protocols and know what to expect Worm Malware Theory

14 Future…? Creation of a Superbug (usually worm propagating)? Vector is changing. i.e. music, video The attackers themselves are changing “New World” virus writers New threats like “Spear Fishing"

15 SPAM Is it Malware ? Nuisance or Pain ? Same mindset to AV ? 4 Million mails, generate 4 responses with 1 person buying (well in the US anyway !!!) Going away…………..You decide?

16

17 What is Microsoft Doing ? Individual users Businesses

18 Windows Services Hardening Windows Firewall with advanced security Reduced administrative privileges User Account Protection Internet Explorer 7 with Protected Mode Secure Start-up Integrated Anti-Malware Control over removable device installation Restart manager to reduce reboots Security Center enhancements ActiveX Opt-in puts users in control Phising Filter

19 Simple and Easy ComprehensiveAutomatedEvolving Protection Plus Performance Plus Backup & Restore Help and Support Design Principles Product Features “Windows OneCare is the comprehensive PC health service for consumers that continuously and automatically manages vital computer tasks to help protect and maintain your PC”

20

21 Prioritizes data to help focus resources on the right issues Maximizes the value of existing investments Guards against current and emerging malware threats Provides businesses the control they need to protect against current and emerging malware threats

22 Live Communications Server SharePoint Server Exchange Servers ISA Server Windows SMTP Server VirusesWorms IM and Documents Antigen Antigen Antigen Antigen E-mail Antigen

23 caching Content filtering applicatio n publishing advanced application layer firewall caching content filtering application publishing advanced application layer firewall / vpn

24 Transport and CAS/UM are rewritten in managed code Encryption of all links among E12 servers by default if encryption can be supported Emails between two E12 organizations can be encrypted over the Internet without end-user S/MIME SMTP Gateway Throttling Much enhanced Anti-spam protection in addition to Ex2003 IMF

25 Microsoft Exchange Hosted Services Real-time threat prevention features Multi-layer anti-spam and anti-virus Customized content and policy enforcement E-mail retention for help with compliance and e-discovery Customized report generation for help demonstrating compliance Fully indexed, searchable archive Full e-mail encryption No public and private key management Gateway, policy-based e-mail encryption Uninterrupted e-mail accessibility Rapid recovery from unplanned disasters and network outages Thirty-day rolling historical e-mail store

26 Remove most prevalent viruses Remove all known viruses Real-time antivirus Remove all known spyware Real-time antispyware Central reporting and alerting Customization MicrosoftClientProtection FOR INDIVIDUAL USERS FOR BUSINESSES MSRT Windows Defender Windows Live Safety Center Windows OneCare Live IT Infrastructure Integration

27 Important Dates Q2 06 Exchange Hosted Services Antigen V 9.0 for Exchange, SMTP & AEM Microsoft Client Protection – Beta Antigen for E12 – Beta Windows OneCare Q3 06 Antigen V 9.0 for IM, SharePoint ISA 2006 - RTM Q4 06 Microsoft Client Protection Antigen for E12 ISA 2006 - RTMQ1 07 Q1 07 Windows Vista Antigen for ISA

28 © 2005-06 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Download ppt "Securing Against Malware Nick Hall and Fred Baumhardt Security Technology Architects Microsoft EMEA."

Similar presentations

Primary Threats to Computer Security

Primary Threats to Computer Security
POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.

Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Secure Messaging Nick Hall & James Clifford Microsoft.

Secure Messaging Nick Hall & James Clifford Microsoft.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Gabriel Fedorko Microsoft Slovakia. Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Addressing.

Gabriel Fedorko Microsoft Slovakia. Evolving Security Threat Landscape Methods to Addressing Security Threats Microsoft Trustworthy Computing Addressing.
Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro

Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro
Optimizing Client Security by Using Windows Vista.

Optimizing Client Security by Using Windows Vista.
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.
E-mail Protection Through Software and Services James Hamilton General Manager Microsoft Corporation.

Protection Through Software and Services James Hamilton General Manager Microsoft Corporation.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
1 Integrating ISA Server and Exchange Server. 2 How email works.

1 Integrating ISA Server and Exchange Server. 2 How works.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Similar presentations

Ads by Google