ransomware, gdpr a security fabric · 2017. 6. 8. · fortinet: global network security leader...
TRANSCRIPT
![Page 1: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/1.jpg)
RansomWare,GDPRaSecurityFabricZsoltGéczi,[email protected]
![Page 2: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/2.jpg)
Fortinet:GlobalNetworkSecurityLeader• Highlights:2000- present
4,650
EMPLOYEES WORLDWIDE
100+OFFICESACROSSTHE GLOBE
358PATENTS292 INPROCESS
ISSUED
2.8mSHIPPEDSECURITYDEVICES
300KCUSTOMERS
$1bnREVENUE
IN EXCESS OF
$1.3bnIN CASH
30%YEAR ON YEARGROWTH
2000BY KEN XIE
FOUNDED IN
HEADQUARTERED INSUNNYVALECALIFORNIA
![Page 3: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/3.jpg)
Fortinet:ZískavaPodieľ naRastúcomTrhu• FortinetvsKonkurencia
Riešenieširokéhospektravýziev...
• Fortinetjenajväčšímdodávateľombezpečnostnýchzariadenínasvete• SpoločnosťFortinetvyvinulavizionárskusadubezpečnostnýchriešení
0
500,000
400,000
300,000
200,000
100,000
2012 2013 2014 2015 2016Source:IDCWorldwideSecurityApplicancesTracker,March2016(basedonannualunitshipments)
PaloAltoNetworks
JuniperNetworks
CheckPoint
Cisco
![Page 4: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/4.jpg)
Hrozby. Obrovské Množstvá.
35,000 Threatevents
21,000 Spamemailsintercepted
470,000 Networkintrusionsresisted
95,000 Malwareprogramsneutralized
160,000 Maliciouswebsitesblocked
32,000 BotnetC&Cattemptsthwarted
43M Websitecategorizationrequests
46M New&updatedspamrules
1,000 Intrusionpreventionrulesgenerated
1.8M New&updatedAVdefinitions
1.4M NewURLratings
8,000 Hoursofthreatresearchglobally
190 Terabytes ofthreatsamples
18,000 Intrusionpreventionrules
5,800 Applicationcontrolrules
250M Ratedwebsitesin78categories
262 Zero-daythreatsdiscovered
PerMinute PerWeek TotalDatabase
![Page 5: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/5.jpg)
RansomWare...napr.vs DDoS
![Page 6: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/6.jpg)
TopRansomware2017VBS/Locky.SMK!tr
W32/Locky.CFH!tr
JS/Locky.AZ5!tr
W32/HydraCrypt.D!tr
W32/TeslaCrypt.I!tr
W32/Locky.B!tr
W32/Filecoder_Cerber.F!tr
W32/CryptoLocker.84CA!tr
W32/Filecoder_Locky.C!tr
OSX/RansomKeRanger.A!tr
W32/Locky.A!tr
W32/WannaCryptor.D!tr
JS/FileCerber.C!tr
Total VirusHitsWorldwide2017YTD
- Nárast Ransomware>150xza posledné 3roky- Locky jenajaktívnejší ransomware- Najbežnejšieútočenéplatformi – Adobe,MSOffice,Websites…
![Page 7: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/7.jpg)
RansomwareWannaCry zPiatku minulého týždňa
…WCry,WannaCry,WanaCrypt0r,WannaCrypt,orWana Decrypt0r
200,000obetí v150krajinách Zasiahnuté Microsoftproducty:•WindowsXP•WindowsVista•WindowsServer2008•Windows7•WindowsServer2008R2•Windows8.1•WindowsServer2012and2012R2•WindowsRT8.1•Windows10•WindowsServer2016•WindowsServerCoreinstallationoption
....šírisaprostredníctvomúdajnéhozneužita NSAsnázvomETERNALBLUE(CVE-2017-0144),ktorýminulýmesiacunikolonlinehackerskouskupinouznámuakoThe Shadow Brokers.SlužbaETERNALBLUEvyužívazraniteľnosťvprotokoleMicrosoftServerMessageBlock 1.0(SMBv1).
![Page 8: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/8.jpg)
Dôrazneodporúčamevšetkýmzákazníkomvykonaťtietokroky:
• ApplythepatchpublishedbyMicrosoftonallaffectednodesofthenetworkMS17-010• EnsurethattheFortinetAVandIPSinspectionsaswellaswebfilteringenginesareturnedonandupdatedtopreventthemalwarefrombeingdownloaded,andtoensurethatwebfilteringisblockingcommunicationsbacktothecommandandcontrolservers.• IsolatecommunicationtoUDPports137/138andTCPports139/445.
![Page 9: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/9.jpg)
Odporúčametiežnasledujúcepreventívneopatrenia:•Establisharegularroutineforpatchingoperatingsystems,software,andfirmwareonalldevices.Forlargerorganizationswithlotsofdeployeddevices,consideradoptingacentralizedpatchmanagementsystem.•DeployIPS,AV,andWebFilteringtechnologies,andkeepthemupdated.•Backupdataregularly.Verifytheintegrityofthosebackups,encryptthem,andtesttherestorationprocesstoensureitisworkingproperly.•Scanallincomingandoutgoingemailstodetectthreatsandfilterexecutablefilesfromreachingendusers.•Scheduleyouranti-virusandanti-malwareprogramstoautomaticallyconductregularscans.•Disablemacroscriptsinfilestransmittedviaemail.ConsiderusingatoollikeOfficeViewertoopenattachedMicrosoftOfficefilesratherthantheOfficesuiteofapplications.•Establishabusinesscontinuityandincidentresponsestrategyandconductregularvulnerabilityassessments.
![Page 10: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/10.jpg)
Aakstetoužschytali...
•Isolate infecteddevicesimmediatelybyremovingthemfromthenetworkassoonaspossibletopreventransomwarefromspreadingtothenetworkorshareddrives.
•Ifyournetworkhasbeeninfected,immediatelydisconnect allconnecteddevices.
•Power-off affecteddevicesthathavenotbeencompletelycorrupted.Thismayprovidetimetocleanandrecoverdata,containdamage,andpreventconditionsfromworsening.
•Backedupdatashouldbestoredoffline.Whenaninfectionisdetected,takebackupsystemsofflineaswellandscanbackupstoensuretheyarefreeofmalware.
•Contactlawenforcementimmediatelytoreportanyransomwareeventsandrequestassistance.
![Page 11: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/11.jpg)
Analýzasledovaniaukazuje,žeod1.januára2016došlodenne vpriemereviacako4000RansomWare útokov.
![Page 12: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/12.jpg)
![Page 13: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/13.jpg)
NitrianskaNemocnica
Jezodpovedná???
![Page 14: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/14.jpg)
...ačokritickéinfraštruktúry,ICS/SCADAsystémy,
Energetika,elektrárne,vodárne,plynárne...
súpripravené???
![Page 15: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/15.jpg)
![Page 16: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/16.jpg)
![Page 17: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/17.jpg)
GDPRposkytujejednotlivcomnasledujúcepráva:
1.Právobyťinformovaný2.Právonaprístup3.Právonaopravu4.Právonavymazanie5.Právoobmedziťspracovanie6.Právonaprenosúdajov7.Právonanámietku8.Právasúvisiacesautomatizovanýmrozhodovanímaprofilovaním.
Právo jednotlivca
![Page 18: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/18.jpg)
VrámciGDPRmátevšeobecnúpovinnosťimplementovaťtechnickéaorganizačnéopatrenia,abystepreukázali,žestezohľadniliaintegrovaliochranuúdajovdovašichspracovateľskýchčinností.
Dataprotectionbydesignandbydefault
![Page 19: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/19.jpg)
Security technológiemôžualeurčitepomôcťaniekedysúpotrebnénato,abystesaudržalivsúlade...;)
GDPRjelegislatíva obezpečnostiúdajovaniekybernetickejbezpečnosti
Článok25:Ochranaúdajovbydesignandbydefault
Článok32:Bezpečnosťprispracovaní
Články33a34:Oznámenieo narušení/úniku[napr.SIEM...?]
Článok35:Hodnotenievplyvuochranyúdajov
![Page 20: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/20.jpg)
ZastaveniePokročilýchHrozieb vyžadujerýchlukomunikáciuBezpečnostnýchprvkov
1980s
HardwareTheft
Perfo
rmanceDegradatio
n
Viruses&Spyware
Intrusion&Worms
MaliciousApps
AdvancedTargetedAttacks
Spam
Today
MaliciousSites
MachinetoMachineAttacks
Anti-malware
Firewall
Exploits VulnerabilityManagement
IntrusionPrevention
SecureEmailGateway
Botnets
NetworkSegmentation
ApplicationControl
IPReputation
URLFiltering
AdvancedThreatProtection
PointProductsCONTENTBASEDSECURITY
RapidCommunication&ActionINFRASTRUCTURE
CONNECTIONSECURITY
![Page 21: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/21.jpg)
TheElementsoftheFortinetSecurityFabric
EnterpriseFirewall
SecureAccess
CloudSecurity
AdvancedThreat
Protection
ApplicationSecurity
SecurityOperations
![Page 22: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/22.jpg)
TechnologyIntegrationandCollaboration
§ FortiGate
§ FortiWiFi
ENTERPRISE FIREWALL
§ ForitGateVM(VirtualFW)
§ FortiGateVMX(SDNVirtualFW)
§ FortiGateVMforPublicCloud» AWS
»MicrosoftAzure
» OpenStack
CLOUD SECURITY
§ FortiSandbox
§ FortiMail
§ FortiWeb
§ FortiClient
ADVANCEDTHREAT
PROTECTION§ FortiMail
§ FortiWeb
§ FortiADC
§ FortiDDoS
§ FortiWAN
§ FortiCache
APPLICATIONSECURITY
§ FortiAP
§ FortiWiFi
§ FortiSwitch
§ FortiAuthenticator
§ FortiToken
§ FortiExtender
SECUREACCESS
§ FortiManager
§ FortiAnalyzer
§ FortiSIEMSECURITY
OPERATIONS
![Page 23: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/23.jpg)
DnešnásieťjeBezhraničná-ArchitektúraSegmentácieSietejeNevyhnutná
IoT
Mobile
Windows
Mac
Private
Public
NoTrust
Trusted
5G
100GAccess
Campus
WAN
Core
![Page 24: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/24.jpg)
Segmentácia vDataCentre
Kľúčovéfaktory– Súladspožiadavkami,Riadenierizík,ZeroTrustSecurity§ Vysokápriepustnosť,vysokáhustotaportov,veľmi nízkalatencia
§ Granulárna bezpečnostnápolitikarozdeľujeasegmentuječastiinternejsiete
§ Zastavíšírenieškodlivéhokódu§ E-Wmicro-segmentácia viafyzickej avirtuálnejinfraštriktúry
![Page 25: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/25.jpg)
ISFWTechnologická Požiadavaka No.1:VÝKON
Internet
PerimeterFirewall(NGFW)
PortsSpeedsà 1G,10G
No.ofPortsà 2to12
ThroughputàMbpstoGbps
InternalSegmentationFirewall(ISFW)
Interfacesà 10G,40G&100G
No.ofPortsà 8to48GbE/10GbE
Throughputà 10Gbpsto100+Gbps
![Page 26: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/26.jpg)
Riešenie FORTINET
• Zkrátenie dobyodnakazenia kidentifikácii• Historickésúbory• Podateľne
Integrácia s:• Mailbránami• Firewallmi (NGFW)• WebAplikačnými Firewallmi• Endpointami
FortiSandbox
![Page 27: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/27.jpg)
ThreatPredictions- 2017
![Page 28: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/28.jpg)
ThreatPredictions- 2017
![Page 29: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/29.jpg)
Ďakujem za pozornosť!
![Page 30: RansomWare, GDPR a Security Fabric · 2017. 6. 8. · Fortinet: Global Network Security Leader •Highlights: 2000 -present 4,650 EMPLOYEES WORLDWIDE 100+ OFFICES ACROSS THE GLOBE](https://reader033.vdocuments.us/reader033/viewer/2022060900/609e09ab5ca4ca76ee7c3aac/html5/thumbnails/30.jpg)