2016 Syste m Se c urity Upda te Surviving a nd Sta ying sa fe in - PowerPoint PPT Presentation

2016 Syste m Se c urity Upda te Surviving a nd Sta ying sa fe in a c o nne c te d wo rld. Jim Hutc hins So uth So und I T Olympia , WA 866.827.9889

T o da y  Curre nt T hre a ts  Pre ve ntio n  Mitig a tio n  Re c o ve ry

Curre nt T hre a ts  Ra nso mwa re  Ma lwa re  Ra nso mwa re  Phishing  Ra nso mwa re  DDOS/ I ntrusio n  Ra nso mwa re

Ma lwa re  Spo tify F re e – c a use d the de fa ult b ro wse r to o pe n ma lwa re / virus site s  Humming Ba d Andro id-infe c ting Ma lwa re  OSX/ K e ydna p ma lwa re – ke ylo g g e r  L inux/ I RCT e lne t I nte rne t o f T hing s (I o T )  Ne w AT M ma lwa re fa mily – Rippe r  Ato mBo mb ing : Bra nd Ne w Co de I nje c tio n fo r Windo ws

Ma lwa re in the Clo ud  2-ye a r o ld ra nso mwa re stra in - Virlo c k  Sta rte d spre a ding itse lf via c lo ud sto ra g e a nd c o lla b o ra tio n a pplic a tio ns  “ Virlo c k has e ffe c tive ly we apo nize d e ve ry data file it e nc rypts ”  T he re a re “Clo ud Anti-Virus” so lutio ns  Re pre se nts unma na g e d risk

Phishing  T a rg e ting individua ls  Mining so c ia l me dia fo r info rma tio n  Custo mize d e ma il – with a ma lic io us link  L ink ta ke s the m to a c o mpro mise d site  T ha t site do wnlo a ds the pa ylo a d  T he pa ylo a d e xe c ute s in the b a c kg ro und

DDOS Atta c k  DynDNS, a ka Dyn.c o m, a tta c ke d b y a ve ry a g g re ssive DDo S a tta c k – Oc to b e r 2016  Pa ypa l, Ne tflix, Wo rdc a mp, Github , T witte r, E sty, So undc lo ud, Spo tify, Ama zo n, He ro ku, Sho pify, Pa g e rDuty, Ze nDe sk, Bra intre e , F a stly, Clo udfla re  I o T de vic e s infe c te d with a b o tne t (c a me ra s)  500,000 de vic e s we re infe c te d a nd o nly 10% o f the m we re use d in the a tta c k.

Ra nso mwa re  Po lymo rphic - o n the fly muta tio n  Ne w (ha c ke r) to o ls a re re a dily a va ila b le  Ro o tkits a re “e ve ryda y pe rso n” a c c e ssib le  De vic e spe c ific ve rsio ns  Billio n do lla r industry

De c e mbe r 2015 17% o f a ll o b se rve d ma lwa re dro ppe d b y e xplo it kits wa s Ra nso mwa re May 2016 61% o f a ll o b se rve d ma lwa re dro ppe d b y e xplo it K its wa s Ra nso mwa re 259% inc re a se in 5 mo nths

Pre ve ntio n  Co mmo n se nse  Po lic y & Pro c e dure  Anti-virus  Anti-e xplo it  Se g me nte d ne two rking  Ma na g e me nt a wa re ne ss a nd b uy-in  T he re is no 100%

Ma lwa re  AV & AE  Ma lwa re b yte s  E SE T  Mo b ile  Pre y – lo st/ sto le n  360 Mo b ile Se c urity  Bitde fe nde r/ E SE T

Phishing

Minimizing impa c ts  DDOS - se c o nda ry DNS pro vide r  Phishing – F ilte rs/ Pre -e duc a tio n  Re mo te Ac c e ss/ T ro ja ns – Outb o und de te c tio n/ filte ring  Ra nso mwa re / Ma lwa re – Ba c kups

DDNS a tta c ks  Ope nDNS ha s DNS se rve r a ddre sse s:  208.67.222.222  208.67.220.220  Se c o nda ry DNS pro vide r  I ng re ss/ E g re ss F illte ring  L o c k o ut une xpe c te d tra nsa c tio ns

Priva te VPNs

T OR: T he Onio n Ro uting pro g ra m

Re c o ve ry  Phishing - Syste ms, T ra ining , Po lic y  Ra nso mwa re / Ma lwa re - Re sto re da ta

Phishing  Upda te / impro ve E ma il a nd F ire wa ll filte rs a nd rule s  E sta b lish/ I mpro ve / E xpa nd Phishing tra ining fo r use rs  E sta b lish and e nfor c e mo re rig o ro us po lic ie s & pro c e dure s

Ra nso mwa re  Wipe & Re sto re fro m b a c kup  Just sa ve c ritic a l file s Wipe & Re sto re fro m b a c kup  Cle a n the syste m with purc ha se d so ftwa re Wipe & Re sto re fro m b a c kup  Pa y so me o ne e lse to c le a n it up Wipe & Re store from ba c kup!!

Ba c kups

Ne w USB c o nne c to r – T ype C

Ra nso mwa re