Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.

Published byJoseph Nelson Modified over 9 years ago

Similar presentations

Presentation on theme: "©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe."— Presentation transcript:

1 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe

2 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Examples of Ransomware

3 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Examples of Ransomware

4 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. About Ransomware

5 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. About Ransomware

6 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. About Ransomware

7 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. About Ransomware

8 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. About Ransomware 84% believe their company would be seriously damaged if it were successfully infected with ransomware

9 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. About Ransomware 31% admitted that if their corporate networks were infected they’d have no choice but to pay the ransom

10 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. How Does It Work? Delivery

11 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. How Does It Work? Delivery Phishing Email Drive-By Download BotnetMalicious App Malvertising

12 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. How Does It Work? Delivery InfectionDisable DefensesPhone HomeEncrypt Data FilesInstallation

13 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. How Does It Work? DeliveryInfectionDisable DefensesPhone HomeEncrypt Data Files Demand RansomSupport Services Installation

14 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. How Does It Work? DeliveryInfectionDisable DefensesPhone HomeEncrypt Data FilesDemand RansomSupport Services Release of Files Installation Pay Ransom

15 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. How Does It Work? DeliveryInfectionDisable DefensesPhone HomeEncrypt Data FilesDemand RansomSupport ServicesRelease of FilesInstallation Pay Ransom

16 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Recommendations Network Defenses NGFW, EDR, Threat Intel Endpoint Defense-in-Depth Patch and Configuration Management Application Whitelisting Data Encryption Device Control Antivirus Preparation Back-ups – follow 3 – 2 – 1 rule Staff Training User Training Post-Event Configuration Restoration Forensics Infrastructure Changes

17 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Recommendations AV Control the Bad Device Control Control the Flow HD and Media Encryption Control the Data Application Control Control the Gray Patch and Configuration Management Control the Vulnerability Landscape Endpoint Defense-in-Depth Successful risk mitigation starts with a solid vulnerability management foun- dation, augmented by additional layered defenses which go beyond the traditional blacklist approach.

18 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Recommendations AV Control the Bad Device Control Control the Flow HD and Media Encryption Control the Data Application Control Control the Gray Patch and Configuration Management Control the Vulnerability Landscape Patch and Configuration Management Eliminates the attackable surface area that hackers can target Central configuration of native system security controls such as firewalls and OS protections (e.g., ASLR, DEP, etc.) Improves endpoint performance and stability

19 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Recommendations AV Control the Bad Device Control Control the Flow HD and Media Encryption Control the Data Application Control Control the Gray Patch and Configuration Management Control the Vulnerability Landscape Application Whitelisting Extremely effective against zero-day attacks Stops unknown, targeted malware payloads, regardless of delivery mechanism Low performance impact on endpoints

20 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Recommendations AV Control the Bad Device Control Control the Flow HD and Media Encryption Control the Data Application Control Control the Gray Patch and Configuration Management Control the Vulnerability Landscape Data Encryption Protects data in cases of theft or accidental loss Makes lateral data acquisition more difficult for APTs Required by almost all regulations

21 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Recommendations AV Control the Bad Device Control Control the Flow HD and Media Encryption Control the Data Application Control Control the Gray Patch and Configuration Management Control the Vulnerability Landscape Device / Port Control Can prevent unauthorized devices from delivering payloads Can stop specific file types from being copied to host machines Stops a common delivery vector for evading extensive physical and technologic security controls

22 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Recommendations AV Control the Bad Device Control Control the Flow HD and Media Encryption Control the Data Application Control Control the Gray Patch and Configuration Management Control the Vulnerability Landscape Antivirus Stops “background noise” malware May detect reused code and evasion techniques Will eventually clean payloads after signatures are developed

23 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Recommendations Network Defenses NGFW, ETDR, Threat Intel Endpoint Defense-in-Depth Patch and Config Management Application Whitelisting Data Encryption Device Control Antivirus Preparation Back-ups – follow 3 – 2 – 1 rule Staff Training User Training Post-Event Configuration Restoration Forensics Infrastructure Changes

24 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Summary Ransomware, cyber-extortion, digital blackmail – it’s evil and it’s here Implement the security tech and training ahead of time to minimize the chances of your data being held for ransom and to maximize your ability to recover quickly Have an Incident Response Plan in place

25 ©2015 HEAT Software. All rights reserved. Proprietary & Confidential. www.heatsoftware.com www.lumension.com

Download ppt "©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe."

Similar presentations

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel

Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
David Flournoy Bit9 Mid-Atlantic Regional Manager

David Flournoy Bit9 Mid-Atlantic Regional Manager
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
© 2012 Solera Networks. Contains confidential, proprietary, and trade secret information of Solera Networks. Any use of this work without express written.

© 2012 Solera Networks. Contains confidential, proprietary, and trade secret information of Solera Networks. Any use of this work without express written.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.
Storage Security and Management: Security Framework

Storage Security and Management: Security Framework
Study Results Advanced Persistent Threat Awareness.

Study Results Advanced Persistent Threat Awareness.
Computer & Network Security

Computer & Network Security
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.

Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.
Computer project – computer virus 1D Christy Chan (9) Patricia Cheung (14)

Computer project – computer virus 1D Christy Chan (9) Patricia Cheung (14)
In the Crossfire International Cooperation and Computer Crime Stewart Baker.

In the Crossfire International Cooperation and Computer Crime Stewart Baker.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

Similar presentations

Ads by Google