Upload File

a new era of cyber threats: the shift to self-learning ...€¦ · insider threat data exfiltration...

  • Home
  • Documents
  • A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek
12
A New Era of Cyber Threats: The Shift to Self-Learning, Self-Defending Networks Andrew Barrie Senior Cyber Security Manager

Upload: others

Post on 14-Jul-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek

A New Era of Cyber Threats: The Shift to Self-Learning, Self-Defending Networks

Andrew Barrie

Senior Cyber Security Manager

Page 2: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek

Company Background

World-leading artificial intelligence

for cyber defence

Founded by mathematicians

in Cambridge

Headquartered in San Francisco

and Cambridge, UK

8,000+ deployments worldwide

35+ global offices

750+ employees

$1.6 billion valuation

Page 3: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek

Compromise of Biometric ScannerIndustry: Manufacturing

Point of Entry: Fingerprint scanner

Apparent Objective: Alter biometric access keys

GLOBAL THREAT CASE STUDY

Attacker successfully exploited

known software vulnerabilities

in fingerprint scanner

Able to control information

sent to and from the fingerprint

scanner

Went unnoticed by traditional

anti-malware solutions

Darktrace detected unusual

connections to and from the

biometric scanner

If undetected, malicious actors

would have gained access to

physical machinery

Page 4: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek

Video Conferencing Camera Hack

Video conferencing camera

was transmitting data outside

the network

Camera had been

compromised by a remote

attacker

Attacker was aiming to either:

Steal corporate information

Take remote control of the device to

launch a DDoS attack on another

network

Would not have been detected

through signature-based

defenses – the activity was not

inherently malicious

Industry: Legal

Point of Entry: Video conference camera

Apparent Objective: New attack vector,

information theft

GLOBAL THREAT CASE STUDY

Page 5: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek

Insider Threat

Data Exfiltration

Ransomware

Zero-Day

Data Manipulation

Sophisticated Threat Landscape

Page 6: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek

Trust Attacks

‘Trust attacks’ seek to undermine data integrity

Characterized by stealth and sophistication

Seek to manipulate rather than exfiltrate

Threat to reputation and stability

Page 7: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek
Page 8: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek
Page 9: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek
Page 10: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek
Page 11: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek

Next Step in Automation: Self-Defending Network

Automatically produces real-time

active responses to potential threats

Does not rely on predefined

signatures or prior knowledge

Slows down or stops the progress of

novel threats within the network

Gives security team critical time to

catch up

Page 12: A New Era of Cyber Threats: The Shift to Self-Learning ...€¦ · Insider Threat Data Exfiltration Ransomware Zero-Day Data Manipulation Sophisticated Threat Landscape. ... Seek

Conclusion

Stealth and sophistication of threats are increasing

Machine learning technologies will be fundamental

Network and traffic understanding is a key pillar to recognising problems


The New Threat on Campus: Ransomware Locks Down Education

FIGHTING BACK AGAINST THE RANSOMWARE EPIDEMIC€¦ · FIGHTING BACK AGAINST THE RANSOMWARE EPIDEMIC VIPRE.COM 2 Ransomware has become the No. 1 cyber-threat, ... so all companies

STATE OF THE CHANNEL RANSOMWARE REPORT - JMARK · The “State of the Channel Ransomware Report” by Datto reveals some alarming statistics regarding the ransomware threat facing

CTERA Minimizing the threat of Ransomware with enterprise file services

Defend Your Data from Ransomware Attacksdiscover.zyxel.com/rs/471-TTL-126/images/Ransomware...Defend Your Data from Ransomware Attacks The Threat of Ransomware The WannaCry attack

Threat Report: Thanos Ransomware Content Do… · 2.3.2 Data Exfiltration ... and it partially relies on packers (Smart Assembly or Inno Setup) ... analysis system and will exit immediately

Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time

Healthcare Data Under Siege: Ransomware and the Cyber ... › sites › default › files › threatstop... · Healthcare Data Under Siege: Ransomware and the Cyber Threat Landscape

McAfee Labs Threat Advisory - Knowledge Center Labs Threat Advisory Ransomware-Locky February 22, 2018 McAfee Labs periodically publishes Threat Advisories to provide customers with

Insider Threat Control: Using Centralized Logging to Detect Data Exfiltration Near Insider Termination

MAPPING THE RANSOMWARE LANDSCAPE - Bitpipedocs.media.bitpipe.com/io_13x/io_137963/item_1550281/Mapping T… · 2 RANSOMWARE GUIDE: MAPPIN THE RANSOMWARE LANSCAPE SCOPE OF THE THREAT

Minimizing the threat of Ransomware with enterprise file services

RANSOMWARE THREAT LANDSCAPE OVERVIEW - FireEye · 2016-05-10 · RANSOMWARE THREAT LANDSCAPE OVERVIEW KEY POINTS • Since mid 2015, ... distribution of their payload—to “one-stop

Insider Threat Problem Insider Threat Management€¦ · Capture and Hide the data Data Exfiltration Send zip file over Wetransfer –off hours transfers ... since many monitoring

DSCI THREAT INTELLIGENCE AND RESEARCH INITIATIVE Threat... · 2020. 9. 17. · Nefilim classified as ransomware, is a malicious program which was spotted in March 2020, when the ransomware

Ransomware Threat Report : WannaCry fileRansomware Threat Report : WannaCry IN-DEPTH COVERAGE AND INSIGHTS OF THE WANNACRY RANSOMWARE FROM ARMOR’S SECURITY EXPERTS

Responding To Ransomware - NYMISSA · Ransomware is getting more sophisticated, and shifting to an enterprise threat. Ransomware Nightmares ... 50% of ransomware victims have paid

How to Protect Your Networks from Ransomare… · Protecting Your Networks from Ransomware . Protecting Your Networks from Ransomware . Ransomware is the fastest growing malware threat,

SamSam Ransomware Campaigns - … Ransomware Campaigns Secureworks® Counter Threat Unit™ Threat Intelligence Release date: THURSDAY, FEBRUARY 15, 2018 Summary In ®late 2015, Secureworks

RANSOMWARE - Cybersecurity Insiders€¦ · Ransomware is the fastest growing security threat, perceived as a moderate or extreme threat by 80% of cybersecurity professionals. 75%

Insider Threat Webinar Series The Resource Exfiltration

The Ransomware Threat is Evolving - cdn.buttercms.com

SamSam Ransomware Campaigns...Classification: //SecureWorks/Confidential - Limited External Distribution: SamSam Ransomware Campaigns Secureworks® Counter Threat Unit™ Threat Intelligence

Ransomware Threat Information Briefing - NIST · PDF file · 2016-12-01– Malvertisement • Targeted ... Ransomware Threat Information Briefing Author: William Wright, Symantec

THE RISING THREAT OF RANSOMWARE - Wombat Security · 2018. 9. 18. · There are several well-known ransomware variants (including WannaCry, Locky, and Cerber). Many ransomware variants

Ransomware and Digital Extortion - EXPLORE 2020 · •Overview of Ransomware/Digital Extortion and the Threat to Healthcare Industry •Case Studies of Healthcare Ransomware Attacks

2021 Ransomware Threat Report

Ransomware: 2016's Greatest Malware Threat

THE NEW CYBER THREAT AND HOW TO STOP IT - Acronisdownload.acronis.com/rc/Acronis Backup Service... · RANSOMWARE THE NEW CYBER THREAT AND HOW TO STOP IT RANSOMWARE: hackers hold your

The Growing Threat of RansomwareThe Growing Threat of Ransomware BY BRIAN HEATER APRIL 13, 2016 07:00AM EST Ransomware can hit anyone, but hackers are increasingly going after targets

Cyber Threat Intelligence October 2020...Page 6 of 16 Maze ransomware is one of the most notorious ransomware groups. The operators behind Maze began combining ransomware attacks with

Insider Threat Control: Using Plagiarism Detection …...Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time Todd Lewellen

MOBILE THREAT LANDSCAPE REPORTEvolving Threat Classes Remote Access Tools Banking Trojans Access Facilitation Ransomware Cryptomining Geographic Variations in the Threat Landscape

Ransomware Cyber Threat Acronis Infographicdownload.acronis.com/...Ransomware_Threat_Acronis... · RANSOMWARE THE NEW CYBER THREAT AND HOW TO STOP IT RANSOMWARE: hackers hold your

HC3 Intelligence Briefing Update Ransomware Threat to