SlideShare ist ein Scribd-Unternehmen logo

Ransomware Overview

Greg Hopke
Greg Hopke

Technical Brief on Ransomware

Technologie
1 von 4
Downloaden Sie, um offline zu lesen
February 2016 Intel Security 1 Sales Brief Customer Challenge Hardly a day goes by without news of another emerging threat causing a security breach or privacy violation. Businesses must find a way to neutralize all of these threats. One of the most common and damaging threats targeting business today are called cypto-ransomware. The term ransom means the practice of holding a prisoner or item to extort money or property to secure their release, or it may refer to the sum of money involved. Ransomware is a type of malware that encrypts a victim’s files and subsequently demands payment in return for the key that can decrypt said files. These files may contain various types of information, such as important financial data, business records, databases, and personal files that may hold sentimental value to the victim, such as photos and home movies. Once these files are identified, the malware will encrypt them using a key known only by the attackers. In order to acquire this key to decrypt these files, the victim must pay a ransom to the attackers, often in the form of electronic currency, such as bitcoin. Ransomware is one of today’s biggest security threats and McAfee Labs has seen mass rise in new, unique ransomware in 2015.  In 2015, we saw more unique ransomware binaries than we have seen in the previous 4 years.  Cryptowall ransomware cost users/business $325 million in 2015 (Cyber Threat Report)  66% of the CryptoWall infections occurred from phishing emails  Cost of individual ransoms range from $300 - $17,000 per incident  Recent news on ransomware: o LA Hospital Servers Shut Down By Ransomware o Hospital's Ransomware Attack Highlights Importance of Strong Endpoint Protection o Security Experts: You Should Never Pay Ransomware Hackers
February 2016 Intel Security 2 Call Topics - Combatting Ransomware The goal is to use the recent publicity about ransomware threats as reason to call your customers or prospects to have a discussion about how Intel Security can help them with these pervasive attacks. Use this as an opportunity to be your customer’s #1 security advisor by suggesting ways they can optimize their existing solutions to protect themselves or suggest additional technologies to fortify their defenses against these types of attacks. 1. Topics for Conversation Intel Security Labs have seen a sharp spike in ransomware/cryptomalware activity 2015 There were more new unique samples were seen in 2015 than in previous 4 years combined. Did you know that ransomware cost users/business $325 million in 2015 Question: How aware are you of ransomware and cryptomalware attacks? We have seen many organizations in various industries across all regions targeted; they thought they would be protected against these threats, however with the highly targeted nature of these attacks, traditional standalone defenses are struggling – we have been called in to help many organizations. Did you know 66% of the CryptoWall infections occurred from phishing emails Question: What are you currently seeing in your organization around cryptomalware or ransomware attacks?
February 2016 Intel Security 3 Organizations can’t rely on traditional defenses alone – Signatures and even reputation are not enough to combat these targeted attacks Because of these attacks we have been running tests on the effectiveness of various Countermeasures/Protections against these attacks and we want to share this info with your customers We have a Ransomware prevention document that outlines how our different technologies can help prevent these attacks. Question: Can I send that to you? Intel tested various defenses  Current AV alone – 63% detection  Sandboxing alone – 65% detection  Gateway Anti-Malware engine - 95% detection  Multiple engines – 99.96% (confirmed by AV test) Customer Opportunities To prevent ransomware attacks, organizations today need advance defenses at many different layers, from endpoint to gateway protection. Intel Security believes in order to efficiently filter, monitor, detect, and block these advanced threats, organizations need a collaborative environment that protect, detect and correct from ransomware outbreaks. For existing endpoint customers using existing endpoint security products, offer these solutions:  TIE/ATD – ATD will detect when new variants of ransomware; TIE/DXL will immediately inoculate endpoint that may be targets.  Network Security Platform – NSP has signatures in their default policies to detect ransomware  Web Gateway – Use to stop spam and phishing that ransomware uses; use Gateway Anti- malware (GAM) inspection to stop ransomware before they get to the endpoints  Engage with our Professional Service team o For existing customers: 1. Our Incident Response team can come in and diagnose, contain the breach  Emergency Incident Response Services or Forensic Investigative Service offerings 2. Our Education team can train staff on skills to tighten up security posture  Forensics & Incident Response (FIRE) educational course 3. Our Solution Services team can determine why existing products did not detect, assess current environment and offer recommendations on future solutions 4. Utilize our Managed Services team augment existing staff, if needed. o For net new customers: 1. All same, except in #3 our Solution Services team can design and architect a new Intel Security solution. Qualifying Questions to Ask  How aware are you of ransomware and cryptomalware attacks?  What are you currently seeing in your organization around cryptomalware or ransomware attacks?  Has your organization ever been impacted by these types of attacks, if so how did you respond?  What are your concerns currently with this style of attack?  How are you currently protecting against these attacks?
February 2016 Intel Security 4 Customer Assets Available  Solution Brief - Defeat Ransomware: Ensure Your Data Is Not Taken Hostage – Four page solution brief outlining what ransomware is and how some of (not all) Intel Security solutions that help to protect against ransomware  Blog - Advice for Unfastening CryptoLocker Ransomware – Detailed article on what a customer should do after a ransomware attack  Knowledgebase Article - Protecting against Cryptolocker, CryptoWall & Teslacrypt – Knowledgebase article on how to configure VSE and HIPS to provide protection against ransomware  McAfee Labs Threat Report – Ransonware Returns: New Families Emerge with a Vengence support – In this issue of the McAfee Threat Report there is an article on ransomware, page 14.

Empfohlen

Half past two - U.A. Fanthorpe
Half past two - U.A. FanthorpeHalf past two - U.A. Fanthorpe
Half past two - U.A. Fanthorpe
npaliterature
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 

Empfohlen

Half past two - U.A. Fanthorpe
Half past two - U.A. FanthorpeHalf past two - U.A. Fanthorpe
Half past two - U.A. Fanthorpe
npaliterature
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
V3cube
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
hans926745
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
 

Weitere ähnliche Inhalte

Kürzlich hochgeladen

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Kürzlich hochgeladen (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

Empfohlen

Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Saba Software
 

Empfohlen (20)

Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
 
Barbie - Brand Strategy Presentation
Barbie - Brand Strategy PresentationBarbie - Brand Strategy Presentation
Barbie - Brand Strategy Presentation
 
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them wellGood Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
 

Ransomware Overview

  • 1. February 2016 Intel Security 1 Sales Brief Customer Challenge Hardly a day goes by without news of another emerging threat causing a security breach or privacy violation. Businesses must find a way to neutralize all of these threats. One of the most common and damaging threats targeting business today are called cypto-ransomware. The term ransom means the practice of holding a prisoner or item to extort money or property to secure their release, or it may refer to the sum of money involved. Ransomware is a type of malware that encrypts a victim’s files and subsequently demands payment in return for the key that can decrypt said files. These files may contain various types of information, such as important financial data, business records, databases, and personal files that may hold sentimental value to the victim, such as photos and home movies. Once these files are identified, the malware will encrypt them using a key known only by the attackers. In order to acquire this key to decrypt these files, the victim must pay a ransom to the attackers, often in the form of electronic currency, such as bitcoin. Ransomware is one of today’s biggest security threats and McAfee Labs has seen mass rise in new, unique ransomware in 2015.  In 2015, we saw more unique ransomware binaries than we have seen in the previous 4 years.  Cryptowall ransomware cost users/business $325 million in 2015 (Cyber Threat Report)  66% of the CryptoWall infections occurred from phishing emails  Cost of individual ransoms range from $300 - $17,000 per incident  Recent news on ransomware: o LA Hospital Servers Shut Down By Ransomware o Hospital's Ransomware Attack Highlights Importance of Strong Endpoint Protection o Security Experts: You Should Never Pay Ransomware Hackers
  • 2. February 2016 Intel Security 2 Call Topics - Combatting Ransomware The goal is to use the recent publicity about ransomware threats as reason to call your customers or prospects to have a discussion about how Intel Security can help them with these pervasive attacks. Use this as an opportunity to be your customer’s #1 security advisor by suggesting ways they can optimize their existing solutions to protect themselves or suggest additional technologies to fortify their defenses against these types of attacks. 1. Topics for Conversation Intel Security Labs have seen a sharp spike in ransomware/cryptomalware activity 2015 There were more new unique samples were seen in 2015 than in previous 4 years combined. Did you know that ransomware cost users/business $325 million in 2015 Question: How aware are you of ransomware and cryptomalware attacks? We have seen many organizations in various industries across all regions targeted; they thought they would be protected against these threats, however with the highly targeted nature of these attacks, traditional standalone defenses are struggling – we have been called in to help many organizations. Did you know 66% of the CryptoWall infections occurred from phishing emails Question: What are you currently seeing in your organization around cryptomalware or ransomware attacks?
  • 3. February 2016 Intel Security 3 Organizations can’t rely on traditional defenses alone – Signatures and even reputation are not enough to combat these targeted attacks Because of these attacks we have been running tests on the effectiveness of various Countermeasures/Protections against these attacks and we want to share this info with your customers We have a Ransomware prevention document that outlines how our different technologies can help prevent these attacks. Question: Can I send that to you? Intel tested various defenses  Current AV alone – 63% detection  Sandboxing alone – 65% detection  Gateway Anti-Malware engine - 95% detection  Multiple engines – 99.96% (confirmed by AV test) Customer Opportunities To prevent ransomware attacks, organizations today need advance defenses at many different layers, from endpoint to gateway protection. Intel Security believes in order to efficiently filter, monitor, detect, and block these advanced threats, organizations need a collaborative environment that protect, detect and correct from ransomware outbreaks. For existing endpoint customers using existing endpoint security products, offer these solutions:  TIE/ATD – ATD will detect when new variants of ransomware; TIE/DXL will immediately inoculate endpoint that may be targets.  Network Security Platform – NSP has signatures in their default policies to detect ransomware  Web Gateway – Use to stop spam and phishing that ransomware uses; use Gateway Anti- malware (GAM) inspection to stop ransomware before they get to the endpoints  Engage with our Professional Service team o For existing customers: 1. Our Incident Response team can come in and diagnose, contain the breach  Emergency Incident Response Services or Forensic Investigative Service offerings 2. Our Education team can train staff on skills to tighten up security posture  Forensics & Incident Response (FIRE) educational course 3. Our Solution Services team can determine why existing products did not detect, assess current environment and offer recommendations on future solutions 4. Utilize our Managed Services team augment existing staff, if needed. o For net new customers: 1. All same, except in #3 our Solution Services team can design and architect a new Intel Security solution. Qualifying Questions to Ask  How aware are you of ransomware and cryptomalware attacks?  What are you currently seeing in your organization around cryptomalware or ransomware attacks?  Has your organization ever been impacted by these types of attacks, if so how did you respond?  What are your concerns currently with this style of attack?  How are you currently protecting against these attacks?
  • 4. February 2016 Intel Security 4 Customer Assets Available  Solution Brief - Defeat Ransomware: Ensure Your Data Is Not Taken Hostage – Four page solution brief outlining what ransomware is and how some of (not all) Intel Security solutions that help to protect against ransomware  Blog - Advice for Unfastening CryptoLocker Ransomware – Detailed article on what a customer should do after a ransomware attack  Knowledgebase Article - Protecting against Cryptolocker, CryptoWall & Teslacrypt – Knowledgebase article on how to configure VSE and HIPS to provide protection against ransomware  McAfee Labs Threat Report – Ransonware Returns: New Families Emerge with a Vengence support – In this issue of the McAfee Threat Report there is an article on ransomware, page 14.