“How to kill a plant”
Per Söderqvist PerSales Söderqvist Engineer Senior Team leader – Sales Engineer Ransomware First Wave Ransomware First Wave
TorrentLocker HydraCrypt
Locky
Cryptolocker
Locker Cerber
CryptoMix
Cryptowall UmbreCrypt TeslaCrypt AlphaCrypt Ransomware
My Top 3 list
The Popcorn Ransomware ThunderCrypt Ransomware Second Wave WannaCry / NotPetya Ransomware Third Wave ? 11 Problems with IoT
• Security is expensive therefore not many suppliers of IoT devices invest in that.
• Demand for IoT devices has increased so much that the suppliers rush the product on to the market.
• No common platform/OS or API, that could be used to protect these devices
• “In September 2016, hackers used 152,000 consumer IoT devices to initiate a distributed denial of service (DDoS) attack on French hosting provider OVH. They were able to inundate the company with 1Tbps of traffic, causing mayhem for customers around the world.”
• The Mirai botnet was first found in August 2016 by MalwareMustDie, a whitehat malware research group 14 Bluetooth – BlueBorne exploit
• Doesn't even need to pair their device with that of the victim. • exploit cleverly attacks portions of the software needed to establish a connection to hijack the Bluetooth stack itself
• Currently not in the Wild.
• Apple, Google, and Microsoft have all patched the exploit.
15 Bluetooth Low Energy aka Bluetooth Smart
• Toothbrushes • Lamps • Alarm clocks • Coffee makers • Headphones
• Speakers some with built in Microphone • Smart Watches • Medical devices • Alarms • Door locks • Padlocks • etc
16 Demo Internet Of Things will not go away! Next Generation of Security Evolution of Client Security – The game of Cat and Mouse Malware First Samples per Polymorphic day reaches “First” First Worm like Exploit kits Ransomware First Malware Spam malware 100 000+ ransomware
1971 1987 1989 1990 1991 2003 2011 2008 2010 2013 2013 2016 2017
Signature Heuristic and Cloud AntiExploit Artificial based Anti-Spam Behavior based Intelligence Detection analysis lookup
20 Machine Learning vs Deep Learning
CAR
CAR Machine Learning, Deep Learning and Artificial Intelligence
CAT
22 One Final Thought…