Stopping the Threat at the Door

Similar documents
Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Next Generation Enduser Protection

Stop Ransomware In Its Tracks. Chris Chaves Channel Sales Engineer

INTRODUCING SOPHOS INTERCEPT X

Mobile App Security and Malware in Mobile Platform

Cisco Ransomware Defense The Ransomware Threat Is Real

Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

Discount Kaspersky PURE 3.0 internet download software for windows 8 ]

Sustainable Security & Compliance Solutions

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

Sophos Central Admin. help

Sophos Central Admin. help

Quick Heal Mobile Security. Free protection for your Android phone against virus attacks, unwanted calls, and theft.

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

Countering ransomware with HPE data protection solutions

MODERN DESKTOP SECURITY

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

THE REAL TRUTH BEHIND RANSOMWARE EDDY WILLEMS SECURITY EVANGELIST

How To Remove Personal Antivirus Security Pro Virus Manually

Intercepting WannaCry

Cisco Advanced Malware Protection

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Personal Cybersecurity

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Next Generation Endpoint Security Confused?

Sophos Central Admin. help

Free antivirus software download

Deep instinct For MSSPs

MOBILE SECURITY OVERVIEW. Tim LeMaster

Kaspersky Small Office Security 5. Product presentation

Cybersecurity & Security as a Service Trends. SteakOut, June 29, 2017

SophosLabs 2019 Threat Report

Technology Incident Response and Impact Reduction. May 9, David Litton

Synchronized Security

RANSOMWARE. All Locked Up and No Place to Go. Mark

with Advanced Protection

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Standard Categories for Incident Response (definitions) V2.1. Standard Categories for Incident Response Teams. Definitions V2.1.

Top Ten IT Security Risks CHRISTOPHER S. ELLINGWOOD SENIOR MANAGER, IT ASSURANCE SERVICES

Trend Micro. Apex One as a Service / Apex One. Best Practice Guide for Malware Protection. 1 Best Practice Guide Apex One as a Service / Apex Central

Restech. User Security AVOIDING LOSS GAINING CONFIDENCE IN THE FACE OF TODAY S THREATS

9 Steps to Protect Against Ransomware

FIREWALL BEST PRACTICES TO BLOCK

WINNERS AND LOSERS OF THE 2018 CYBERTHREAT ROLLERCOASTER. Claudio Tosi, Sales Engineer, Malwarebytes

Sophos. Allan Widell Channel Account Executive. 24. August 2017

How to Build a Culture of Security

Abstract. The Challenges. ESG Lab Review Proofpoint Advanced Threat Protection. Figure 1. Top Ten IT Skills Shortages for 2016

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Multilayered technology, machine learning and human expertise working together to provide comprehensive security for all platforms.

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

10 Quick Tips to Mobile Security

EBOOK. Stopping Fraud. How Proofpoint Helps Protect Your Organization from Impostors, Phishers and Other Non-Malware Threats.

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

mhealth SECURITY: STATS AND SOLUTIONS

Security and Compliance for Office 365

How To Remove Personal Antivirus Security Pro Virus Windows 8

Safety and Security. April 2015

Cisco Advanced Malware Protection (AMP) for Endpoints

Application Layer Attacks. Application Layer Attacks. Application Layer. Application Layer. Internet Protocols. Application Layer.

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

What is a mobile protection product?

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Cyber Security. Our part of the journey

Multilayered technology, machine learning and human expertise working together to provide comprehensive security for all platforms.

Your security on click Jobs

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Protecting Your Devices. Dr. Leon D. Chapman

3.5 SECURITY. How can you reduce the risk of getting a virus?

Web Gateway Security Appliances for the Enterprise: Comparison of Malware Blocking Rates

SECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi

Mobile Field Worker Security Advocate Series: Customer Conversation Guide. Research by IDC, 2015

MOBILE THREAT PREVENTION

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

SentinelOne Technical Brief

Security Gap Analysis: Aggregrated Results

Best Practical Response against Ransomware

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

User s Guide. SingNet Desktop Security Copyright 2010 F-Secure Corporation. All rights reserved.

Quick Heal AntiVirus Pro Advanced. Protects your computer from viruses, malware, and Internet threats.

Security Awareness & Best Practices Best Practices for Maintaining Data Security in Your Business Environment

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

Quick Heal Mobile Security. Anti-Theft Security. Real-Time Protection. Safe Online Banking & Shopping.

SentinelOne Technical Brief

Intelligent Protection

Big Trends in IT and how they shape Security. Gerhard Eschelbeck, CTO

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

Securing Today s Mobile Workforce

Modern attacks and malware

OPERATIONS CENTER. Keep your client s data safe and business going & growing with SOC continuous protection

SPAM Malware s Super Highway. How To Protect Yourself Against Malicious s 1

Sophos Enterprise Console help. Product version: 5.5

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

ANDROID PRIVACY & SECURITY GUIDE ANDROID DEVICE SETTINGS

How Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong

User Guide. This user guide explains how to use and update Max Secure Anti Virus Enterprise Client.

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and the Case For Automated Sandboxing

Built without compromise for users who want it all

Prevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,

Transcription:

Stopping the Threat at the Door Matt Pannebaker Sales Engineer Ohio and Kentucky Today

2

Top Threats in the US Malvertising 6% Generic Malware 9% Crpytocoin Generator 6% Exploits 44% Phishing o 93% of phishing emails have a ransomware payload (CSO Online) Exploits o Industrialized attacks o Flash, Downloader, JS redirect, Malvertising Ransomware 35% Ransomware o Dropper, Phish, Shortcut, Doc Macro o Successful attacker can earn up to $394,000 in a single month 3

Top Threats Secure State Cleveland, Ohio 4

HD Fishing 5

HD Phishing 6

Specifically & Locally Targeted 7

Tail-tell signs of Phishing It just doesn t look right Generic salutations Requests for sensitive data Specific information on you Scare tactics Poor grammar or spelling Sense of urgency You ve won the grand prize! Verify your account. Cybersquatting 8

Changing our minds about the how s and why s of hackers & malware 9

Pavel Vrublevsky 10

Exploits as a Service Gateway Servers Exploit Kit Customers Initial Request Redirection Get Current Domain Malicious Payloads Stats Get Stats Update payloads Landing Page Exploits Payloads Victims Management Panel Malware Distribution Servers Tor Exploit Kit Admin

Malvertising Threat Chain RTB AD NETWORK THIRD PARTY

No site is immune

Who Likes Extortion? 14

Ransomware Is Hitting the Headlines 15

16

And Keeps Growing Estimated to be a $1 Billion a year industry by the end of 2016 (FBI) Criminals are dedicated and professional even setting up customer care teams to secure payment Precast Concrete ~12bn 17

Document malware 18

Ransomware Prevalence CryptoWall TorrentLocker CTBLocker TeslaCrypt AU, GB, US, CA, DE, FR AU, GB, IT, ES EU, NA UK, US, CA, SG, TH

Targeted Ransomware

Malware with fancy names: Fantom, Mamba & Odin Unprofessional but does the job Reused a ransomware framework Poses as a Windows Critical Update o Critical Update (32 bit) o Windows Form Application5 Fake update screen Attempt to wipe out backup copies Evolution of Locky, Zepto Email with ZIP attachment (2 files) JavaScript that poses as a Text file Localized Buy page View File Name Extensions No ransom & potentially unrecoverable DiskCryptor instead of File Encryption Permission to make changes to your disk Reboots and installs as DefragmentationService Dcrypt using password in log_file.txt

Evolution of your industry 24

The Evolution of Threats From Malware to Exploits 1999 1998 2003 2007 2014 2015 2016+ Melissa Virus Love Letter Worm FinFischer Spyware Exploit as a Service Ransomware $1.2B $15B $780M $2.3B $800M $500M $1.1B Traditional Malware Advanced Threats

The Evolution of Security From Anti-Malware to Anti-Exploit Exposure Prevention URL Blocking Web/App/Dev Ctrl Download Rep Pre-Exec Analytics Generic Matching Heuristics Core Rules File Scanning Known Malware Malware Bits Run-Time Behavior Analytics Runtime Behavior Exploit Detection Technique Identification Traditional Malware Advanced Threats

Intercepting NeXt Gen Threats

Introducing

Intercepting Exploits Exploit Prevention Monitors processes for attempted use of exploit techniques e.g Buffer overflow, code injection, stack pivot and others Blocks when technique is attempted Malware is prevented from leveraging vulnerabilities?

31

Intercepting Ransomware with CryptoGuard Monitor File Access Attack Detected Rollback Initiated Forensic Visibility If suspicious file changes are detected, file copies are created Cryptography events Malicious process is stopped and we investigate the process history Original files restored Malicious files removed User message Admin alert Root cause analysis details available

Sophos Clean Malware Removal. Forensic-Level Cleanup. Second Opinion Removes Threats Deep System Inspection Removes Malware Remnants Full Quarantine / Removal Effective Breach Remediation On-Demand Assessment Identifies Risky Files / Processes Constantly Refreshed Database Provides Additional Confidence Command-Line Capable 100% Automated with Intercept X Also available as a standalone Forensic Clean Utility and On-Premise Managed AV

Root Cause Analytics Understanding the Who, What, When, Where, Why and How 34

36

Why Should You Worry About Your Mobile Devices? 2x Data breaches involving smartphones or tablets more than doubled in 2015 (1) 15 % More than 200,000 phones are left in London Taxis each year! Users want to access everything, from anywhere, all the time Not managing mobile devices means flying blind, with zero visibility Users find a way to access business resources on unsecured devices of large organizations have had a security or data breach involving smartphones or tablets in 2015 (1) 1) HM Gov t, Information Security Breaches Survey 2015 37

How Mobile Devices are Lost Left in Public Space Stolen at resturant Taken from House or Car Taken at nightclub Pickpocketed Stolen off the street 38

Containers Separate Business and Personal Data BUSINESS PERSONAL 39

Should you worry about mobile malware? 40

Potentially Unwanted Apps (PUA) vs Malware PUA Not entirely honest about its intentions Often misuses your resources, leaves you with hidden costs Gateway drug Malware A weapon, not a fun tool, or a prank Steals your data for money Accesses data or resources with the intent to do harm You pay for what you get 41

42

Mobile Threats Are Real Potentially Unwanted Applications Android Malware 1,600,000 3,500,000 1,400,000 3,000,000 1,200,000 2,500,000 1,000,000 2,000,000 800,000 600,000 1,500,000 400,000 1,000,000 200,000 500,000 0 2012 2013 2014 2015 2016 2017 (est) 0 2012 2013 2014 2015 2016 2017 (est) Source: SophosLabs, 2017 43

What about ransomware? Android ransomware 2015-2017 120,000 100,000 80,000 60,000 40,000 In September 2017 alone, 30.37% of malicious Android malware processed by SophosLabs was ransomware 20,000 0 Source: SophosLabs, 2017 44

Threats on Google Play Doubled Many apps with 100,000-500,000 installations Millions of devices infected 45

Sophos Security Best Practices and Recommendations Run an anti-malware app Sophos Mobile Security for Android is FREE, or can be managed in Sophos Central Stick to the official app stores, not perfect but Avoid low reputation apps think before installing Make sure your device s OS is up to date (if you can ) If in doubt about your network, use VPN or use cellular/mobile data Manage your mobile devices with Sophos Mobile Configure Mobile Management for Security o Jailbreak/Rooting detection o Version check/enforce upgrades o Restrict devices and remove unneeded features if possible 46

Sophos Home home.sophos.com Manage 10 Windows / Mac Computers Same Great Sophos Engine Web Content Filtering

Award-winning computer security news 53

Thank You

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback