SlideShare a Scribd company logo

Palestra Filipi Pires - Ransomware – Existe proteção para isso?

BHack Conference
BHack Conference

Ransomware is malware that prevents users from accessing their systems or files unless a ransom is paid. Crypto-ransomware encrypts the infected system's data, forcing users to pay the ransom to obtain the decryption key. Trend Micro provides four layers of optimized protection against ransomware through email, endpoint, network and server security solutions that use techniques like behavioral analysis, vulnerability shielding, application control, and custom sandbox analysis. Users can also reduce risk by following security best practices like keeping systems patched, backups, access control, and education against phishing.

Technology
1 of 28
Download to read offline
RANSOMWARE: Existe proteção para isso? Filipi Pires – Trend Micro SalesEngineer
Copyright 2017 Trend Micro Inc.2 Ransomware: “O Ransomware (“resgate + ware”) é um tipo de malware que previne ou limita o usuário em acessar seu Sistema, bloqueando a tela do Sistema ou bloqueando acesso aos arquivos pessoais do usuário, a menos que um resgate seja pago. As famílias mais atuais de Ransomware, coletivamente conhecidas como crypto- ransomware, encriptam os dados do Sistema infectado, forçando o usuário a pagar o resgate através de métodos de pagamento online para obter a chave de descriptografia”
Copyright 2017 Trend Micro Inc.3 Worldwide Outbreak 192 Countries 300K Windows machines
Copyright 2017 Trend Micro Inc.4 Shadow Brokers Leak Tools April 14, 2017 Timeline WannaCry/WCRY 1.0 April 14, 2017 Timeline MS17-010 Microsoft Patch March 14, 2017 WannaCry/WCRY 2.0 May 12, 2017 Vulnerability Named EternalBlue
Copyright 2017 Trend Micro Inc.5 27-Jun-2017 Social media reports of cyber attack ~07:00 EST Attack spreads quickly in the Ukraine ~07:04 EST Reported victims include: Kyivenergo (powercompany) Ukrtelecom (telco) Oschadbank(bank) Farmak(healthcare) NBU (nationalbank) Nova Posta(shipping)
Copyright 2017 Trend Micro Inc.6 ~10:14 EST Isolation of samples Analysis continues ~10:07 EST Rosneft (oil producer) Maersk (shipping) Cadbury(food manufacturing) Multi-national orgs get hit Reported victims include:
Copyright 2017 Trend Micro Inc.7 ETERNALBLUE usage confirmed ~10:34 EST PSEXEC/WMIC usage confirmed ~12:44 EST
Copyright 2017 Trend Micro Inc.8 Linux?? Servers are not immune.
Copyright 2017 Trend Micro Inc.9 Entendendo os Ataques 9
Copyright 2017 Trend Micro Inc.10 WannaCry (Ransom_WCRY.*)
Copyright 2017 Trend Micro Inc.11 Fluxo da Infecção
Copyright 2017 Trend Micro Inc.12 Petya
Copyright 2017 Trend Micro Inc.13 Fluxo da Infecção Propagation Port scan (139 and 445) Use Mimikatztoget credential Administrator: Encrypt MBR & MFT Non-admin: Encrypt Files EncryptMFT aftersystembootto fake loader
Copyright 2017 Trend Micro Inc.14 Erebus
Copyright 2017 Trend Micro Inc.15 Execution via PSEXESVC.exe Exploração de Vulnerabilidade OR Process httpdStart “Erebus.exe” _DECRYPT_FILE.txt Ransom note Fluxo da Infecção
Copyright 2017 Trend Micro Inc.16 Mamba Ransomware (HDDCryptor)
Copyright 2017 Trend Micro Inc.17 Execution via PSEXESVC.exe Exploração de Vulnerabilidade OR dcrypt.exe HDDCryptor Ransom note Fluxo da Infecção
Copyright 2017 Trend Micro Inc.18 Segurança de Email Documento JavaScript Executável do Ransomware URL Download do ransomware Anexo Segurança de Endpoint Execução: Criptografia dos arquivos e resgate Ransomware no sistema Segurança Web Segurança de Endpoint Exploit kit Website Comprometido Existe proteção para isso?
Copyright 2017 Trend Micro Inc.19 I’M 100% Safe o/ 19
Copyright 2017 Trend Micro Inc.20 Email Protection Spear Phishing Protection Identify and block emails which spur users to action that will deliver ransomware. Malware Scanning Scan for ransomware in emails, attachments and downloads. Web Reputation Block access to known malicious URLs. Real-time analysis at time of click. Sandbox Attachments and URLs Detect and stop malicious URLs, document exploits, macros and scripts.
Copyright 2017 Trend Micro Inc.21 Endpoint Protection Ransomware Behavioral Analysis Detect and stop unauthorized encryption of files, restore lost files Vulnerability Shielding Virtually patch endpoint software until it can be patched, shielding endpoints againstvulnerabilities. Application Control Allow only know good applications to run High Fidelity Machine Learning Examines the unknown both prior to execution and at runtime with noise cancelling
Copyright 2017 Trend Micro Inc.22 Network Protection Custom Sandbox Analysis Detect mass file modifications, encryption behavior and modifications that are consistent with ransomware Network Monitoring Monitor all network ports and protocols: • pattern and reputation analysis and script emulation • zero-day exploits and command and control traffic
Copyright 2017 Trend Micro Inc.23 Server Protection Lateral Movement, C&C Traffic Detection Detect and alert on ransomware- specific traffic Vulnerability Shielding Virtually patches server software until it can be patched, shielding servers against vulnerability exploits Behavioral Analysis Detect suspicious activity on file servers related to ransomware and stops it Application Control Locks down host to prevent any unknown process or scripts from running.
Copyright 2017 Trend Micro Inc.24 Don’t Forget !!! 24
Copyright 2017 Trend Micro Inc.25 Four Layers of Optimized Protection 1 Email 2 Endpoint 3 Network 4 Server
Copyright 2017 Trend Micro Inc.26 Educação dos usuários contra Phishing Educar os usuários em boas práticas de uso de e-mail e navegação na internet Aumentar postura de segurança Seguir as melhores práticas de segurança para suas atuais e futuras tecnologias “Não Pague” Pagar o resgate encoraja a continuidade destes ataques e não garante a recuperação dos dados Manter patches atualizados Minimizar possibilidade de exploração de vulnerabilidades Controle de Acesso Limitar o acesso a dados críticos e compartilhamentos de rede a usuários que realmente necessitem Backup Em local isolado da rede Boas práticas
Copyright 2017 Trend Micro Inc.27 Dúvidas?
Copyright 2017 Trend Micro Inc.28 Obrigado! Contatos: Facebook: www.facebook.com/filipi86 Linkedin: https://br.linkedin.com/in/filipipires

Recommended

Palestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry morePalestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry moreBHack Conference
 
Wannacry
WannacryWannacry
WannacryGunther Clauwaert
 
WannaCry ransomware attack
WannaCry ransomware attackWannaCry ransomware attack
WannaCry ransomware attackAbdelhakim Salama
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
WannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to knowWannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to knowSymantec Security Response
 
WannaCry Ransomware
WannaCry Ransomware WannaCry Ransomware
WannaCry RansomwareZoho Corporation
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure Compliance and Certification Training
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011 Trend Micro
 

Recommended

Palestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry morePalestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry moreBHack Conference
 
Wannacry
WannacryWannacry
WannacryGunther Clauwaert
 
WannaCry ransomware attack
WannaCry ransomware attackWannaCry ransomware attack
WannaCry ransomware attackAbdelhakim Salama
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
WannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to knowWannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to knowSymantec Security Response
 
WannaCry Ransomware
WannaCry Ransomware WannaCry Ransomware
WannaCry RansomwareZoho Corporation
 
ITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure on WannaCry
ITPG Secure on WannaCryITPG Secure Compliance and Certification Training
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011 Trend Micro
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
WannaCry (WannaCrypt) Ransomware - Advisory from CERT-IN
WannaCry (WannaCrypt) Ransomware - Advisory from CERT-INWannaCry (WannaCrypt) Ransomware - Advisory from CERT-IN
WannaCry (WannaCrypt) Ransomware - Advisory from CERT-INVijay Sarathy Rangayyan
 
How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareKaspersky
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesTrend Micro
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...Orbid
 
Beveilig je data met windows 10
Beveilig je data met windows 10 Beveilig je data met windows 10
Beveilig je data met windows 10 Avanade Nederland
 
Network security
Network securityNetwork security
Network securityNikhil Vyas
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An AttackCisco Canada
 
Cisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco Canada
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an AttackCisco Canada
 
Azlan Security Offering
Azlan Security OfferingAzlan Security Offering
Azlan Security OfferingGianandrea Daverio
 
Russia the threat landscape
Russia the threat landscapeRussia the threat landscape
Russia the threat landscapeАльбина Минуллина
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomwareOsirium Limited
 
Shamoon attacks - Destructive malware targeting Middle East organizations
Shamoon attacks - Destructive malware targeting Middle East organizationsShamoon attacks - Destructive malware targeting Middle East organizations
Shamoon attacks - Destructive malware targeting Middle East organizationsSymantec Security Response
 
How to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareHow to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareQualys
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Dragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupDragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupSymantec Security Response
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of RansomwareUnitrends
 
Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Symantec Security Response
 
How to protect my cloud workload from Ransomware?
How to protect my cloud workload from Ransomware?How to protect my cloud workload from Ransomware?
How to protect my cloud workload from Ransomware?Raphael Bottino
 
Your Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeYour Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
 

More Related Content

What's hot

seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
WannaCry (WannaCrypt) Ransomware - Advisory from CERT-IN
WannaCry (WannaCrypt) Ransomware - Advisory from CERT-INWannaCry (WannaCrypt) Ransomware - Advisory from CERT-IN
WannaCry (WannaCrypt) Ransomware - Advisory from CERT-INVijay Sarathy Rangayyan
 
How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareKaspersky
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesTrend Micro
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...Orbid
 
Beveilig je data met windows 10
Beveilig je data met windows 10 Beveilig je data met windows 10
Beveilig je data met windows 10 Avanade Nederland
 
Network security
Network securityNetwork security
Network securityNikhil Vyas
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An AttackCisco Canada
 
Cisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco Canada
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an AttackCisco Canada
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomwareOsirium Limited
 
Shamoon attacks - Destructive malware targeting Middle East organizations
Shamoon attacks - Destructive malware targeting Middle East organizationsShamoon attacks - Destructive malware targeting Middle East organizations
Shamoon attacks - Destructive malware targeting Middle East organizationsSymantec Security Response
 
How to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareHow to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareQualys
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Dragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupDragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupSymantec Security Response
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of RansomwareUnitrends
 
Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Symantec Security Response
 

What's hot (20)

seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomware
 
WannaCry (WannaCrypt) Ransomware - Advisory from CERT-IN
WannaCry (WannaCrypt) Ransomware - Advisory from CERT-INWannaCry (WannaCrypt) Ransomware - Advisory from CERT-IN
WannaCry (WannaCrypt) Ransomware - Advisory from CERT-IN
 
How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry Ransomware
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomware
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
 
Beveilig je data met windows 10
Beveilig je data met windows 10 Beveilig je data met windows 10
Beveilig je data met windows 10
 
Network security
Network securityNetwork security
Network security
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An Attack
 
Cisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attackCisco connect winnipeg 2018 anatomy of an attack
Cisco connect winnipeg 2018 anatomy of an attack
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an Attack
 
Azlan Security Offering
Azlan Security OfferingAzlan Security Offering
Azlan Security Offering
 
Russia the threat landscape
Russia the threat landscapeRussia the threat landscape
Russia the threat landscape
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomware
 
Shamoon attacks - Destructive malware targeting Middle East organizations
Shamoon attacks - Destructive malware targeting Middle East organizationsShamoon attacks - Destructive malware targeting Middle East organizations
Shamoon attacks - Destructive malware targeting Middle East organizations
 
How to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry RansomwareHow to Rapidly Identify Assets at Risk to WannaCry Ransomware
How to Rapidly Identify Assets at Risk to WannaCry Ransomware
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
 
Dragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupDragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack group
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of Ransomware
 
Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Threat landscape update: June to September 2017
Threat landscape update: June to September 2017
 

Similar to Palestra Filipi Pires - Ransomware – Existe proteção para isso?

How to protect my cloud workload from Ransomware?
How to protect my cloud workload from Ransomware?How to protect my cloud workload from Ransomware?
How to protect my cloud workload from Ransomware?Raphael Bottino
 
Your Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeYour Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
 
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICES
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICESRansomware Response Guide IBM INCIDENT RESPONSE SERVICES
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICESKatherine Duffy
 
Ransomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesRansomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesAvinash Sinha
 
Defending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen SecurityDefending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen SecuritySophos Benelux
 
Ransomeware : A High Profile Attack
Ransomeware : A High Profile AttackRansomeware : A High Profile Attack
Ransomeware : A High Profile AttackIRJET Journal
 
Lessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyondLessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyondAPNIC
 
FireEye Report.ppt
FireEye Report.pptFireEye Report.ppt
FireEye Report.pptDubemJavapi
 
Wannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedWannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedThomas Roccia
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416Anthony Arrott
 
Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?ahanashrin
 
The Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersThe Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersPriyanka Aash
 
SMB Guide-to-Ransomware
SMB Guide-to-RansomwareSMB Guide-to-Ransomware
SMB Guide-to-RansomwareDave Augustine
 
Mastering Next Gen SIEM Use Cases (Part 2)
Mastering Next Gen SIEM Use Cases (Part 2)Mastering Next Gen SIEM Use Cases (Part 2)
Mastering Next Gen SIEM Use Cases (Part 2)DNIF
 
Cyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.pptCyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.pptNiteshRajput1123
 

Similar to Palestra Filipi Pires - Ransomware – Existe proteção para isso? (20)

How to protect my cloud workload from Ransomware?
How to protect my cloud workload from Ransomware?How to protect my cloud workload from Ransomware?
How to protect my cloud workload from Ransomware?
 
Your Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeYour Guide to tackle the Ransomware threat "WannaCry" | Sysfore
Your Guide to tackle the Ransomware threat "WannaCry" | Sysfore
 
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICES
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICESRansomware Response Guide IBM INCIDENT RESPONSE SERVICES
Ransomware Response Guide IBM INCIDENT RESPONSE SERVICES
 
Ransomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesRansomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation Techniques
 
Defending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen SecurityDefending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen Security
 
Ransomeware : A High Profile Attack
Ransomeware : A High Profile AttackRansomeware : A High Profile Attack
Ransomeware : A High Profile Attack
 
Web Security.pptx
Web Security.pptxWeb Security.pptx
Web Security.pptx
 
Lessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyondLessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyond
 
Lecture 2
Lecture 2Lecture 2
Lecture 2
 
What is ransomware?
What is ransomware?What is ransomware?
What is ransomware?
 
FireEye Report.ppt
FireEye Report.pptFireEye Report.ppt
FireEye Report.ppt
 
Wannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedWannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons Learned
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416
 
Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?
 
The Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software UpdatersThe Unexpected Attack Vector: Software Updaters
The Unexpected Attack Vector: Software Updaters
 
SMB Guide-to-Ransomware
SMB Guide-to-RansomwareSMB Guide-to-Ransomware
SMB Guide-to-Ransomware
 
Ransomware ly
Ransomware lyRansomware ly
Ransomware ly
 
Mastering Next Gen SIEM Use Cases (Part 2)
Mastering Next Gen SIEM Use Cases (Part 2)Mastering Next Gen SIEM Use Cases (Part 2)
Mastering Next Gen SIEM Use Cases (Part 2)
 
Cyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.pptCyber-Security-Presentation-2_2017.pptx.ppt
Cyber-Security-Presentation-2_2017.pptx.ppt
 
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About RansomwareWhat Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
 

More from BHack Conference

Palestra William Costa - Pentester Raiz vs Pentester Goumert
Palestra William Costa - Pentester Raiz vs Pentester GoumertPalestra William Costa - Pentester Raiz vs Pentester Goumert
Palestra William Costa - Pentester Raiz vs Pentester GoumertBHack Conference
 
Palestra Daniel Peres - Modelo de Responsabilidade compartilhada AWS e as imp...
Palestra Daniel Peres - Modelo de Responsabilidade compartilhada AWS e as imp...Palestra Daniel Peres - Modelo de Responsabilidade compartilhada AWS e as imp...
Palestra Daniel Peres - Modelo de Responsabilidade compartilhada AWS e as imp...BHack Conference
 
Palestra Murilo Santana - Ownando sistemas por uma porta USB
Palestra Murilo Santana - Ownando sistemas por uma porta USBPalestra Murilo Santana - Ownando sistemas por uma porta USB
Palestra Murilo Santana - Ownando sistemas por uma porta USBBHack Conference
 
Palestra Tony Rodrigues - OctaneLabs WarpSpeed Project – Computação Forense e...
Palestra Tony Rodrigues - OctaneLabs WarpSpeed Project – Computação Forense e...Palestra Tony Rodrigues - OctaneLabs WarpSpeed Project – Computação Forense e...
Palestra Tony Rodrigues - OctaneLabs WarpSpeed Project – Computação Forense e...BHack Conference
 
Palestra Pedro Lopes e Victor Martins - Incidentes na Segurança da Informação...
Palestra Pedro Lopes e Victor Martins - Incidentes na Segurança da Informação...Palestra Pedro Lopes e Victor Martins - Incidentes na Segurança da Informação...
Palestra Pedro Lopes e Victor Martins - Incidentes na Segurança da Informação...BHack Conference
 
Palestra Lucas França - 802.1x e 802.1ae
Palestra Lucas França - 802.1x e 802.1aePalestra Lucas França - 802.1x e 802.1ae
Palestra Lucas França - 802.1x e 802.1aeBHack Conference
 
Palestra Walter Capanema - Liberdade de expressão na internet
Palestra Walter Capanema - Liberdade de expressão na internet Palestra Walter Capanema - Liberdade de expressão na internet
Palestra Walter Capanema - Liberdade de expressão na internet BHack Conference
 
Palestra Regilberto Girão - Segurança digital em camadas – Digital layered se...
Palestra Regilberto Girão - Segurança digital em camadas – Digital layered se...Palestra Regilberto Girão - Segurança digital em camadas – Digital layered se...
Palestra Regilberto Girão - Segurança digital em camadas – Digital layered se...BHack Conference
 
Palestra Rafael Correia - O que eu deveria ter aprendido sobre segurança na g...
Palestra Rafael Correia - O que eu deveria ter aprendido sobre segurança na g...Palestra Rafael Correia - O que eu deveria ter aprendido sobre segurança na g...
Palestra Rafael Correia - O que eu deveria ter aprendido sobre segurança na g...BHack Conference
 

More from BHack Conference (9)

Palestra William Costa - Pentester Raiz vs Pentester Goumert
Palestra William Costa - Pentester Raiz vs Pentester GoumertPalestra William Costa - Pentester Raiz vs Pentester Goumert
Palestra William Costa - Pentester Raiz vs Pentester Goumert
 
Palestra Daniel Peres - Modelo de Responsabilidade compartilhada AWS e as imp...
Palestra Daniel Peres - Modelo de Responsabilidade compartilhada AWS e as imp...Palestra Daniel Peres - Modelo de Responsabilidade compartilhada AWS e as imp...
Palestra Daniel Peres - Modelo de Responsabilidade compartilhada AWS e as imp...
 
Palestra Murilo Santana - Ownando sistemas por uma porta USB
Palestra Murilo Santana - Ownando sistemas por uma porta USBPalestra Murilo Santana - Ownando sistemas por uma porta USB
Palestra Murilo Santana - Ownando sistemas por uma porta USB
 
Palestra Tony Rodrigues - OctaneLabs WarpSpeed Project – Computação Forense e...
Palestra Tony Rodrigues - OctaneLabs WarpSpeed Project – Computação Forense e...Palestra Tony Rodrigues - OctaneLabs WarpSpeed Project – Computação Forense e...
Palestra Tony Rodrigues - OctaneLabs WarpSpeed Project – Computação Forense e...
 
Palestra Pedro Lopes e Victor Martins - Incidentes na Segurança da Informação...
Palestra Pedro Lopes e Victor Martins - Incidentes na Segurança da Informação...Palestra Pedro Lopes e Victor Martins - Incidentes na Segurança da Informação...
Palestra Pedro Lopes e Victor Martins - Incidentes na Segurança da Informação...
 
Palestra Lucas França - 802.1x e 802.1ae
Palestra Lucas França - 802.1x e 802.1aePalestra Lucas França - 802.1x e 802.1ae
Palestra Lucas França - 802.1x e 802.1ae
 
Palestra Walter Capanema - Liberdade de expressão na internet
Palestra Walter Capanema - Liberdade de expressão na internet Palestra Walter Capanema - Liberdade de expressão na internet
Palestra Walter Capanema - Liberdade de expressão na internet
 
Palestra Regilberto Girão - Segurança digital em camadas – Digital layered se...
Palestra Regilberto Girão - Segurança digital em camadas – Digital layered se...Palestra Regilberto Girão - Segurança digital em camadas – Digital layered se...
Palestra Regilberto Girão - Segurança digital em camadas – Digital layered se...
 
Palestra Rafael Correia - O que eu deveria ter aprendido sobre segurança na g...
Palestra Rafael Correia - O que eu deveria ter aprendido sobre segurança na g...Palestra Rafael Correia - O que eu deveria ter aprendido sobre segurança na g...
Palestra Rafael Correia - O que eu deveria ter aprendido sobre segurança na g...
 

Recently uploaded

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Recently uploaded (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Palestra Filipi Pires - Ransomware – Existe proteção para isso?

  • 1. RANSOMWARE: Existe proteção para isso? Filipi Pires – Trend Micro SalesEngineer
  • 2. Copyright 2017 Trend Micro Inc.2 Ransomware: “O Ransomware (“resgate + ware”) é um tipo de malware que previne ou limita o usuário em acessar seu Sistema, bloqueando a tela do Sistema ou bloqueando acesso aos arquivos pessoais do usuário, a menos que um resgate seja pago. As famílias mais atuais de Ransomware, coletivamente conhecidas como crypto- ransomware, encriptam os dados do Sistema infectado, forçando o usuário a pagar o resgate através de métodos de pagamento online para obter a chave de descriptografia”
  • 3. Copyright 2017 Trend Micro Inc.3 Worldwide Outbreak 192 Countries 300K Windows machines
  • 4. Copyright 2017 Trend Micro Inc.4 Shadow Brokers Leak Tools April 14, 2017 Timeline WannaCry/WCRY 1.0 April 14, 2017 Timeline MS17-010 Microsoft Patch March 14, 2017 WannaCry/WCRY 2.0 May 12, 2017 Vulnerability Named EternalBlue
  • 5. Copyright 2017 Trend Micro Inc.5 27-Jun-2017 Social media reports of cyber attack ~07:00 EST Attack spreads quickly in the Ukraine ~07:04 EST Reported victims include: Kyivenergo (powercompany) Ukrtelecom (telco) Oschadbank(bank) Farmak(healthcare) NBU (nationalbank) Nova Posta(shipping)
  • 6. Copyright 2017 Trend Micro Inc.6 ~10:14 EST Isolation of samples Analysis continues ~10:07 EST Rosneft (oil producer) Maersk (shipping) Cadbury(food manufacturing) Multi-national orgs get hit Reported victims include:
  • 7. Copyright 2017 Trend Micro Inc.7 ETERNALBLUE usage confirmed ~10:34 EST PSEXEC/WMIC usage confirmed ~12:44 EST
  • 8. Copyright 2017 Trend Micro Inc.8 Linux?? Servers are not immune.
  • 9. Copyright 2017 Trend Micro Inc.9 Entendendo os Ataques 9
  • 10. Copyright 2017 Trend Micro Inc.10 WannaCry (Ransom_WCRY.*)
  • 11. Copyright 2017 Trend Micro Inc.11 Fluxo da Infecção
  • 12. Copyright 2017 Trend Micro Inc.12 Petya
  • 13. Copyright 2017 Trend Micro Inc.13 Fluxo da Infecção Propagation Port scan (139 and 445) Use Mimikatztoget credential Administrator: Encrypt MBR & MFT Non-admin: Encrypt Files EncryptMFT aftersystembootto fake loader
  • 14. Copyright 2017 Trend Micro Inc.14 Erebus
  • 15. Copyright 2017 Trend Micro Inc.15 Execution via PSEXESVC.exe Exploração de Vulnerabilidade OR Process httpdStart “Erebus.exe” _DECRYPT_FILE.txt Ransom note Fluxo da Infecção
  • 16. Copyright 2017 Trend Micro Inc.16 Mamba Ransomware (HDDCryptor)
  • 17. Copyright 2017 Trend Micro Inc.17 Execution via PSEXESVC.exe Exploração de Vulnerabilidade OR dcrypt.exe HDDCryptor Ransom note Fluxo da Infecção
  • 18. Copyright 2017 Trend Micro Inc.18 Segurança de Email Documento JavaScript Executável do Ransomware URL Download do ransomware Anexo Segurança de Endpoint Execução: Criptografia dos arquivos e resgate Ransomware no sistema Segurança Web Segurança de Endpoint Exploit kit Website Comprometido Existe proteção para isso?
  • 19. Copyright 2017 Trend Micro Inc.19 I’M 100% Safe o/ 19
  • 20. Copyright 2017 Trend Micro Inc.20 Email Protection Spear Phishing Protection Identify and block emails which spur users to action that will deliver ransomware. Malware Scanning Scan for ransomware in emails, attachments and downloads. Web Reputation Block access to known malicious URLs. Real-time analysis at time of click. Sandbox Attachments and URLs Detect and stop malicious URLs, document exploits, macros and scripts.
  • 21. Copyright 2017 Trend Micro Inc.21 Endpoint Protection Ransomware Behavioral Analysis Detect and stop unauthorized encryption of files, restore lost files Vulnerability Shielding Virtually patch endpoint software until it can be patched, shielding endpoints againstvulnerabilities. Application Control Allow only know good applications to run High Fidelity Machine Learning Examines the unknown both prior to execution and at runtime with noise cancelling
  • 22. Copyright 2017 Trend Micro Inc.22 Network Protection Custom Sandbox Analysis Detect mass file modifications, encryption behavior and modifications that are consistent with ransomware Network Monitoring Monitor all network ports and protocols: • pattern and reputation analysis and script emulation • zero-day exploits and command and control traffic
  • 23. Copyright 2017 Trend Micro Inc.23 Server Protection Lateral Movement, C&C Traffic Detection Detect and alert on ransomware- specific traffic Vulnerability Shielding Virtually patches server software until it can be patched, shielding servers against vulnerability exploits Behavioral Analysis Detect suspicious activity on file servers related to ransomware and stops it Application Control Locks down host to prevent any unknown process or scripts from running.
  • 24. Copyright 2017 Trend Micro Inc.24 Don’t Forget !!! 24
  • 25. Copyright 2017 Trend Micro Inc.25 Four Layers of Optimized Protection 1 Email 2 Endpoint 3 Network 4 Server
  • 26. Copyright 2017 Trend Micro Inc.26 Educação dos usuários contra Phishing Educar os usuários em boas práticas de uso de e-mail e navegação na internet Aumentar postura de segurança Seguir as melhores práticas de segurança para suas atuais e futuras tecnologias “Não Pague” Pagar o resgate encoraja a continuidade destes ataques e não garante a recuperação dos dados Manter patches atualizados Minimizar possibilidade de exploração de vulnerabilidades Controle de Acesso Limitar o acesso a dados críticos e compartilhamentos de rede a usuários que realmente necessitem Backup Em local isolado da rede Boas práticas
  • 27. Copyright 2017 Trend Micro Inc.27 Dúvidas?
  • 28. Copyright 2017 Trend Micro Inc.28 Obrigado! Contatos: Facebook: www.facebook.com/filipi86 Linkedin: https://br.linkedin.com/in/filipipires