The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of...
Transcript of The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of...
![Page 1: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/1.jpg)
The Rise of Ransomware
Rani Hmayssi Regional Manager , Emerging markets
Cyber Security Solutions
![Page 2: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/2.jpg)
2 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 3: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/3.jpg)
What is Ransomware Ransomware is not a single family of malware, but a criminal business model in which malicious software is used to hold something of value for ransom
3 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 4: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/4.jpg)
4 | © 2015, Palo Alto Networks. Confidential and Proprietary.
The First Ransomware Attack – AIDS Trojan
![Page 5: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/5.jpg)
Source: PaloAltoNetworks.com/solutions/initiatives/ransomware
![Page 6: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/6.jpg)
6 | © 2015, Palo Alto Networks. Confidential and Proprietary.
44% Victims Paid Up
$325M Estimated Damages
Across the Globe
30.7% Exploit Delivery
CryptoWall v3 Investigation
Source: http://go.paloaltonetworks.com/cryptowall
Palo Alto Networks
Intel Security Symantec Fortinet
Co-Founded by
![Page 7: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/7.jpg)
7 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Unique samples of crypto ransomware
collected in Palo Alto Networks WildFire Threat Intelligence
Cloud.
1M+ Families of crypto
ransomware tracked in Palo Alto Networks
AutoFocus threat analysis service.
30+
![Page 8: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/8.jpg)
WildFire Demonstrates the Shortcomings of Current Approach
8 | ©2016, Palo Alto Networks. Confidential and Proprietary.
*Average monthly values as of January 2016. Source: Palo Alto Networks WildFire and Multi-Scanner
Of the malware files seen by WildFire each month are
detected by the top 6 enterprise AV
vendors*.
37.5% 71.9M
5.3M
2.0M All Files Malicious Detected by AV
![Page 9: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/9.jpg)
Dealing with Ransomware
9 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Preparation Prevention Response
![Page 10: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/10.jpg)
To Prevent Ransomware:
10 | © 2015, Palo Alto Networks. Confidential and Proprietary.
1. Attack Vectors
2. Delivery Methods
3. How to Block
![Page 11: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/11.jpg)
11 | © 2015, Palo Alto Networks. Confidential and Proprietary.
1. A
ttac
k Ve
ctor
s
Exploits Exec Macros
![Page 12: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/12.jpg)
12 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Exploit Kits
Email Attachments
2. D
eliv
ery
Met
hods
Drive-by Downloads
![Page 13: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/13.jpg)
A Ransomware Email That I Received on my Personal Email
![Page 14: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/14.jpg)
More Sophisticated Ransomware Examples
14 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 15: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/15.jpg)
15 | © 2015, Palo Alto Networks. Confidential and Proprietary.
3. H
ow t
o B
lock
Multiple Attack Vectors
Multiple Delivery Methods
Perimeter
Cloud/SaaS
Endpoints
![Page 16: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/16.jpg)
16 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Reduce Attack
Surface
3. H
ow t
o B
lock
Prevent Known Threats
Prevent Unknown Threats
![Page 17: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/17.jpg)
17 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Reduce Attack
Surface
Block unknown traffic
Stop dangerous file types
Block malicious URLs
Evaluate encrypted traffic
Extend zero-trust policies to endpoints
Block dangerous file types
Disallow non-org access
Extend threat
intelligence from
network to SaaS apps
to endpoints
![Page 18: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/18.jpg)
18 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Prevent Known Threats
Block storage or transmission of files containing exploits
Scan cloud storage & SaaS apps for malicious files
Block all known exploits
Block execution of known malware
Stop known exploits, malware & command-
and-control traffic
Block malicious URLs
Extend threat
intelligence from
network to SaaS apps
to endpoints
![Page 19: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/19.jpg)
19 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Prevent Unknown Threats
Block all unknown and zero-day exploits
Block execution of unknown malware
Control unknown traffic
Detect and prevent threats in unknown
files and URLs
Add context to threats and create proactive
protections
Scan cloud storage & SaaS apps for malicious files
Extend threat
intelligence from
network to SaaS apps
to endpoints
![Page 20: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/20.jpg)
20 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Exploit Kits Email Attachments Drive-by Download
Network & Perimeter
✓… ✓... ✓...
✓... ✓... ✓...
✓... ✓... ✓...
SaaS Applications
✓... ✓... ✓...
✓... ✓... ✓...
✓... ✓... ✓...
Endpoint
✓... ✓... ✓...
✓... ✓... ✓...
✓... ✓... ✓...
Automated Ransomware Prevention Across
Multiple Attack Vectors and Delivery Methods is Only Possible with an Integrated
Security Platform
![Page 21: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/21.jpg)
Looking at Another Industry Trying to Protect Their Assets
21 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 22: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/22.jpg)
22 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Contain Stop Thief from entering Pray you made the right choice
Someone breaks into your safe
Alarm turns on
![Page 23: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/23.jpg)
23 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Remediation Prevention It’s only a matter of time to find out
Ransmoware attack succeeds
You find out that files are
encrypted
Where would you prefer to be?
![Page 24: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/24.jpg)
“Intellectuals solve problems. Geniuses PREVENT them.”
-Albert Einstein
![Page 25: The Rise of Ransomwarecdn-cms.f-static.com/uploads/164655/normal_590868ab08377.pdf · The Rise of Ransomware Rani Hmayssi . Regional Manager , Emerging markets . Cyber Security Solutions](https://reader033.fdocuments.us/reader033/viewer/2022050408/5f8511bf6b2ea00bfc724dbd/html5/thumbnails/25.jpg)
THANK YOU