Ransomware & Security for Virtualization

Slides:

Advertisements

Similar presentations

1 Bitdefender 2013 Virtualization Security Understanding The Impact.

Advertisements

1 Dell World 2014 Dell & Trend Micro Boost VM Density with AV Designed for VDI TJ Lamphier, Sr. Director Trend Micro & Aaron Brace, Solution Architect.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

INTRODUCING: KASPERSKY Security FOR VIRTUALIZATION | LIGHT AGENT FOR MICROSOFT AND CITRIX VIRTUAL ENVIRONMENTS.

The Evolution of the Kaspersky Lab Approach to Corporate Security Petr Merkulov, Chief Product Officer, Kaspersky Lab Kaspersky Lab Cyber Conference, Cancun,

Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.

Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Norman Endpoint Protection Advanced security made easy.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

2011 / 9/11/ S V E Security for Virtualized Environments The first comprehensive security solution for.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

Hyper-V Security Tips: Protect yourself from vulnerabilities that you never knew existed Symon PerrimanAlex Karavanov VP, Business DevelopmentDirector.

1 Bitdefender 2013 Bitdefender “What business are we really in?” 1.Theodore Levitt.

Copyright 2009 Trend Micro Inc. 1 Classification 10/10/ New Trend Micro Security Suites for Enterprise and Medium Business Pre-Briefing for January.

Introducing Kaspersky Security for Virtualization Peter Beardmore Sr. Director of Product Marketing.

CUTTING COMPLEXITY – SIMPLIFYING SECURITY INSERT PRESENTERS NAME HERE XXXX INSERT DATE OF EVENT HERE XXXX.

Virus and anti virus. Intro too anti virus Microsoft Anti-Virus (MSAV) was an antivirus program introduced by Microsoft for its MS-DOS operating system.

Kaspersky Labs 6 ht Annual Partner Conference · Turkey, June Kaspersky Labs 6 th Annual Partner Conference · Turkey, 2-6 June 2004 November 16.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

Hyper-V Security TipsHyper-V Security Tips Fix the Gaps you Never Knew About Symon Thomas.

Virtualization One computer can do the job of multiple computers, by sharing the resources of a single computer across multiple environments. Turning hardware.

Agency Introduction to DDM Dell Desktop Manager (DDM) Implementation.

Introduction TO Network Administration

BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.

Kaspersky Small Office Security INTRODUCING New for 2014!

VIRTUAL MACHINE – VMWARE. VIRTUAL MACHINE (VM) What is a VM? – A virtual machine (VM) is a software implementation of a computing environment in which.

Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.

LANDesk Software Confidential Data Analytics LANDESK Day 5. March 2014 Jan Pisarik Technical Presales Manager.

Clouding with Microsoft Azure

WannaCry/WannaCrypt Ransomware

2017 Security Predictions from FortiGuard Labs

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data Version 2.6 | July 2014.

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.

Advanced Endpoint Security Data Connectors-Charlotte January 2016

Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda

WannaCry/WannaCrypt Ransomware

Microsoft Azure Virtual Machines

Trend Micro Consumer 2010 Easy. Fast. Smart.

Boost VM Density with AV Designed for VDI

3 Do you monitor for unauthorized intrusion activity?

Barracuda SSL VPN Remote, Authenticated Access to Applications and Data.

[Internal Use] for Check Point employees

Barracuda Web Filtering Service

“Introduction to Azure Security Center”

Network Operating System Lab

Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM

Prepared by: Assistant prof. Aslamzai

Trends in Ransomware Distribution

Computers – Kaspersky antivirus

Call AVG Antivirus Support | Fix Your PC

SVTRAININGS. SVTRAININGS Features of SCCM  Application management  Provides a set of tools and resources that can help you create, manage, deploy, and.

Cybersecurity Strategy

Healthcare Cloud Security Stack for Microsoft Azure

20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.

Data Security for Microsoft Azure

Bethesda Cybersecurity Club

Unique features of Bitdefender Cloud Security for MSPs

Secure once, run anywhere Simplify your security with Sophos

Logicom Cloud Marketplace

Healthcare Cloud Security Stack for Microsoft Azure

Information Protection

3 Do you monitor for unauthorized intrusion activity?

Information Protection

3 Do you monitor for unauthorized intrusion activity?

Cybersecurity Simplified: Ransomware

Defencebyte THE PERFECT SECURITY FOR YOUR COMPUTER.

Presentation transcript:

Ransomware & Security for Virtualization Zack Ehrhardt Kaspersky Lab Zachary.Ehrhardt@Kaspersky.com 781-503-2680

RANSOMWARE BY THE NUMBERS 3x Ransomware attacks on businesses increased threefold Attacks on small businesses increased eightfold* Frequency of ransomware attacks on businesses Cost of a single cryptomalware attack for SMBs Enterprises in NA who suffered four or more data breaches in the past year** The cost of a single cybersecurity incident for large businesses 8x Every 40 seconds $99,000 44% $861,000

HOW DO WE GET INFECTED WITH RANSOMWARE? Source: Osterman Research, Inc.

NO MORE RANSOM Founding partners: European Cybercrime Centre, Politie, Intel Security and Kaspersky Lab Additional partners: Over 30 organizations in security, cloud services and law enforcement Goal: Help ransomware victims retrieve their encrypted data without paying the criminals Project aim: Prevent ransomware by educating users about prevention https://www.nomoreransom.org

Kaspersky Security for Virtualization

Dilbert’s Take on Virtualization

Basic Theory for Security Chance of getting infected Investment in Security The chance of getting infected drops exponentially by increasing the investment in security

Kaspersky Security Center IT security in a single-pane-of-glass view All protected machines – Virtual / Physical / Mobile Protection status at a glance with actionable intelligence

Excessive resource consumption Update storms Instant-On gaps Agent-based Security in a Virtual Environment Redundant Excessive resource consumption Update storms Instant-On gaps Lower VM densities Each guest protects itself - Antimalware stored locally on each VM. Requires a separate process to scan each VM

Is there a better way to protect virtualized environments from malware?

Aligning the Security approach to the environment Traditional Agent-Based Works on any hypervisor Where VM density is not critical Windows, Linux or Mac guest VMs Offers anti-cryptor feature for file servers Agentless Security VMware only Allows high VM density Windows guest VMs only Small IT resources to manage security Typical installation would be server virtualization with no/or controlled internet connectivity (limited browsing) Light Agent Security VMware, Hyper-V, Citrix, or KVM Allows high VM density Windows and Linux guest VMs Advanced security requirements: IM, Web and Mail AV Application, Web and Device controls Automatic Exploit Protection Typical usage would be VDI and servers with critical Internet facing roles

Enterprise class failover Light Agent Security Keeps consolidation ratio high Still easy to deploy and manage No problems of Agent-based security VMWare, Citrix, Microsoft, KVM Advanced protection Enterprise class failover LIGHT AGENT Advanced antimalware Advanced protection from network threats Controls SECURITY VIRTUAL APPLIANCE Anti-malware databases Centralized file scanning KSV | Security Options

SECURITY VIRTUAL APPLIANCE Agentless Security Eliminate redundant security Reduce boot latency Keeps consolidation ratio high Extremely easy to deploy and manage Agent-based security issues eliminated, but.. File scanning security Only VMware Excessive resource consumption Update storms Instant-On gaps Lower VM densities Every VM get basic protection automatically w/o installation of any additional software SECURITY VIRTUAL APPLIANCE Anti-malware databases Centralized file scanning

2 Simple Takeaways… Be proactive when protecting against ransomware Choose the right security option for your virtual environment

Thank you!