SlideShare a Scribd company logo

Palestra realizada no S4x17 - Miami - EUA (em Inglês)

TI Safe
TI Safe

Palestra realizada por Marcelo Branquinho no dia 11/1/17 no palco principal do evento S4x17, em Miami, EUA.

Technology
1 of 28
Download to read offline
TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Ransomware in ICS..... It begins Marcelo Branquinho January, 2017
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. • Introduction • About Ransomware • Ransomware in ICS Study Case #1 – Furniture Factory Study Case #2 – Electrical Company • What if the worst happens? Agenda
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. INTRODUCTION
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Threats have changed: Advanced Attacks Data Data Internet Encryption Targeted PURPOSE: Profit, Sabotage and Conflict among organized nations • Targeted Attacks • Funded – Industry Growing Focus PURPOSE: Notoriety • One person, small groups • Limited Knowledge and Resources • Basic Attacks Internet ?Past Present
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. SCADA / ICS - The perfect storm for cyber attacks
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Unknown control and persistent advanced threats Malware impacting industrial production
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. The scenery is bad, but can it get worse ??
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. The attackers have figured out that ICS are an easy target…..and started to attack them! Sure!!
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. ABOUT RANSOMWARE
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. What is Ransomware? • Ransomware is a type of malware that prevents the user from accessing your data. • The user will recover access to the data only by paying a redemption. • Ransomware affects directly the availability of ICS by blocking access to vital information for its operation.
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Is Ransomware a new threat?
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Ransomware in ICS....It Begins
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados.
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. The redemption is rising...just happened last week
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Ransomware in OT x Ransomware in IT • Ransomware in OT can be much worst than Ransomware in IT because it can directly affect SCADA systems operation by:  Blocking Access to HMIs  Ciphering Windows SCADA supervision and programming machines (HMI)  Ciphering Historians and Production Databases  Ciphering Engineering stations  Spreading to other plants through remote access or VPNs  Blocking access to utilities systems
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. RANSOMWARE IN ICS TWO STUDY CASES IN BRAZIL
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. STUDY CASE #1 FURNITURE FACTORY
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Study Case #1 – Furniture Factory • Where: State of Goias, Brazil • Type of Ransomware: cryptoRSA4096-Ransomware • Machines infected: Windows SCADA supervision and programming machines (HMI) inside the factory.
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Study Case #1 – Furniture Factory • Consequence: The factory stopped working. The company lost customer and supplier registrations, employee payroll and machine supervision and programming. • Redemption requested: U$ 3.061,00 • Financial Loss: The factory stayed 15 days stopped (loss of approximately US $ 100,000.00 due to downtime in production and delays in deliveries), until it restructured, to return the normal routines. • No redemption was paid for infected machines that had to be fully recovered because the OT team didn´t have healthy and updated backups.
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Video - Ransomware in Furniture Factory Video produced by Globo TV (Brazil) and broadcasted for the whole brazilian territory at “Fantastico”, a sunday night TV show
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. STUDY CASE #2 ELECTRICAL COMPANY Special thanks to Mr. Alexandre Freire, from the Palo Alto Networks SCADA & ICS Tiger Team, for sharing information over this study case
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Study case #2 – Electrical Company • Where: South of Brazil • Type of Ransomware: CryptoLocker • Machines infected: Windows SCADA supervision machines (HMI) inside a control center.
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Study case #2 – Electrical Company • Infection Vector: A Flash Drive used at one HMI. The ransomware spreaded through file shares and network mapped folders infecting other 3 supervision stations at the same automation network segment. • Consequence: momentary loss of supervision and control of power distribution. • Redemption requested: USD 300,00 per machine (4 machines were infected) • Financial Loss: No financial loss happened because the control was automatically transferred to a secondary control center that wasn´t physically connected to the main control center. No redemption was paid for infected machines that could be resettled through healthy backups.
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. WHAT IF THE WORST HAPPENS?
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. What if the worst happens? When mitigation fails, it is important for organizations and individuals to consider all possible responses to a Ransomware attack: • Have a prepared incident response team: This team must have previously planned a procedure to follow in the event of a ransomware attack during its risk assessment. This procedure should start notifying the authorities and regulators because Ransomware attacks are crimes prescribed by law. • Switch control to a secondary control center: in case of non stop real time systems, a secondary control center must be fully prepared to be activated. • Try to recover lost data: System backup and recovery are the only technical solution to revert ransomware attacks. Having updated backups is vital in cases of critical data loss. In this case, it will be necessary to perform a recover of the systems and data to return to normal business activity. • Do Nothing: In cases where the rescue outweighs the cost of the system, the victim can purchase a new device and dispose of the infected system.
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. What if the worst happens? ( cont.. ) • Pay the redemption: Some attackers may release the system after receiving payment, because doing different would reduce the probability that new victims will fall into the blow. Unfortunately, however, there is no guarantee that the attackers would help you recover the data after the redemption paid. •A Hybrid Solution: includes simultaneous efforts to pay the rescue and attempt to restore systems from a trusted backup. Organizations opt for this strategy when system downtime is even more critical than the consequences of the redemption payment.
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. An important detail .... • Modern Ransomware is able to search servers and backup applications running on the network and also encrypt them ... • In these cases, the only possible solution will be to pay the redemption. • Paying redemptions can be easy for private institutions, but public companies do not have the money allocated for this ... They would have to bid the redemption 
www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Marcelo Branquinho Marcelo.branquinho@tisafe.com +55 21 994002290

Recommended

CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
TI Safe
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
TI Safe
 
TI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity TrainingTI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity Training
TI Safe
 
Ignite 2019
Ignite 2019Ignite 2019
Ignite 2019
TI Safe
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Eran Goldstein
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
Shah Sheikh
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
Jim Gilsinn
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Shah Sheikh
 

Recommended

CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
TI Safe
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
TI Safe
 
TI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity TrainingTI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity Training
TI Safe
 
Ignite 2019
Ignite 2019Ignite 2019
Ignite 2019
TI Safe
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Eran Goldstein
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
Shah Sheikh
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
Jim Gilsinn
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Shah Sheikh
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
Itex Solutions
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
Maurice Dawson
 
Aprendizado de máquinas aplicado à segurança cibernética de plantas industriais
Aprendizado de máquinas aplicado à segurança cibernética de plantas industriaisAprendizado de máquinas aplicado à segurança cibernética de plantas industriais
Aprendizado de máquinas aplicado à segurança cibernética de plantas industriais
TI Safe
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentation
Data Unit
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0
Shah Sheikh
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
Cristian Garcia G.
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
DLT Solutions
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012
Jimmy Saigon
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
Tonex
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solution
matthew.maisel
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
BGA Cyber Security
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on Utilities
WPICPE
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
EnergySec
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
Ahmed Hashem El Fiky
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
Community Protection Forum
 
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
TI Safe
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Shah Sheikh
 
Sophos
SophosSophos
Sophos
Jean Amani
 
Symantec Endpoint Protection
Symantec Endpoint ProtectionSymantec Endpoint Protection
Symantec Endpoint Protection
MindRiver Group
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
Great Bay Software
 
Understanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacksUnderstanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacks
Marie Wilcox
 

More Related Content

What's hot

Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
Itex Solutions
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
Maurice Dawson
 
Aprendizado de máquinas aplicado à segurança cibernética de plantas industriais
Aprendizado de máquinas aplicado à segurança cibernética de plantas industriaisAprendizado de máquinas aplicado à segurança cibernética de plantas industriais
Aprendizado de máquinas aplicado à segurança cibernética de plantas industriais
TI Safe
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentation
Data Unit
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0
Shah Sheikh
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
Cristian Garcia G.
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
DLT Solutions
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012
Jimmy Saigon
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
Tonex
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solution
matthew.maisel
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
BGA Cyber Security
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on Utilities
WPICPE
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
EnergySec
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
Ahmed Hashem El Fiky
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
Community Protection Forum
 
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
TI Safe
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Shah Sheikh
 
Sophos
SophosSophos
Sophos
Jean Amani
 
Symantec Endpoint Protection
Symantec Endpoint ProtectionSymantec Endpoint Protection
Symantec Endpoint Protection
MindRiver Group
 

What's hot (20)

Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
 
Aprendizado de máquinas aplicado à segurança cibernética de plantas industriais
Aprendizado de máquinas aplicado à segurança cibernética de plantas industriaisAprendizado de máquinas aplicado à segurança cibernética de plantas industriais
Aprendizado de máquinas aplicado à segurança cibernética de plantas industriais
 
Kaspersky endpoint security business presentation
Kaspersky endpoint security business presentationKaspersky endpoint security business presentation
Kaspersky endpoint security business presentation
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0
 
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solution
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on Utilities
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
 
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 
Sophos
SophosSophos
Sophos
 
Symantec Endpoint Protection
Symantec Endpoint ProtectionSymantec Endpoint Protection
Symantec Endpoint Protection
 

Similar to Palestra realizada no S4x17 - Miami - EUA (em Inglês)

IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
Great Bay Software
 
Understanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacksUnderstanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacks
Marie Wilcox
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
SecPod Technologies
 
Hem infotech company profile
Hem infotech company profileHem infotech company profile
Hem infotech company profile
Hem Infotech
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
Imperva
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
EnergySec
 
Corona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat ManagementCorona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat Management
RedZone Technologies
 
Philippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsPhilippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTs
APNIC
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
Atlantic Training, LLC.
 
Addressing cyber risk managment from SME perspective
Addressing cyber risk managment from SME perspectiveAddressing cyber risk managment from SME perspective
Addressing cyber risk managment from SME perspective
Cyber Watching
 
An Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesAn Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security Practices
Jerry Harding
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Digital Bond
 
Three Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and EngineeringThree Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and Engineering
Waterfall Security Solutions
 
The Avoidable Risks of Remote Working
The Avoidable Risks of Remote WorkingThe Avoidable Risks of Remote Working
The Avoidable Risks of Remote Working
Richard Kennedy
 
CEO's Guide to Effective IT Management
CEO's Guide to Effective IT ManagementCEO's Guide to Effective IT Management
CEO's Guide to Effective IT Management
guest64c5c
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson
 
FortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptxFortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptx
Alejandro Daricz
 
File000119
File000119File000119
File000119
Desmond Devendran
 
CEO's Guide to Effective IT Management
CEO's Guide to Effective IT ManagementCEO's Guide to Effective IT Management
CEO's Guide to Effective IT Management
dhaydenSlide
 
CEO's Guide Effective IT Management
CEO's Guide Effective IT ManagementCEO's Guide Effective IT Management
CEO's Guide Effective IT Management
guest86c967
 

Similar to Palestra realizada no S4x17 - Miami - EUA (em Inglês) (20)

IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
 
Understanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacksUnderstanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacks
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 
Hem infotech company profile
Hem infotech company profileHem infotech company profile
Hem infotech company profile
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
 
Corona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat ManagementCorona| COVID IT Tactical Security Preparedness: Threat Management
Corona| COVID IT Tactical Security Preparedness: Threat Management
 
Philippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsPhilippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTs
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Addressing cyber risk managment from SME perspective
Addressing cyber risk managment from SME perspectiveAddressing cyber risk managment from SME perspective
Addressing cyber risk managment from SME perspective
 
An Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security PracticesAn Introduction to zOS Real-time Infrastructure and Security Practices
An Introduction to zOS Real-time Infrastructure and Security Practices
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
 
Three Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and EngineeringThree Networks, Different Risks - IT, OT and Engineering
Three Networks, Different Risks - IT, OT and Engineering
 
The Avoidable Risks of Remote Working
The Avoidable Risks of Remote WorkingThe Avoidable Risks of Remote Working
The Avoidable Risks of Remote Working
 
CEO's Guide to Effective IT Management
CEO's Guide to Effective IT ManagementCEO's Guide to Effective IT Management
CEO's Guide to Effective IT Management
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
 
FortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptxFortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptx
 
File000119
File000119File000119
File000119
 
CEO's Guide to Effective IT Management
CEO's Guide to Effective IT ManagementCEO's Guide to Effective IT Management
CEO's Guide to Effective IT Management
 
CEO's Guide Effective IT Management
CEO's Guide Effective IT ManagementCEO's Guide Effective IT Management
CEO's Guide Effective IT Management
 

More from TI Safe

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
TI Safe
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
TI Safe
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
TI Safe
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
TI Safe
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
TI Safe
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
TI Safe
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
TI Safe
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
TI Safe
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
TI Safe
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
TI Safe
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
TI Safe
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
TI Safe
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
TI Safe
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
TI Safe
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
TI Safe
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
TI Safe
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
TI Safe
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
TI Safe
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
TI Safe
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
TI Safe
 

More from TI Safe (20)

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
 

Recently uploaded

Session 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdfSession 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdf
UiPathCommunity
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
Ajin Abraham
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
christinelarrosa
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
Jason Yip
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024
Vadym Kazulkin
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
Antonios Katsarakis
 
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
DanBrown980551
 
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge GraphGraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Neo4j
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
christinelarrosa
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
operationspcvita
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
LizaNolte
 

Recently uploaded (20)

Session 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdfSession 1 - Intro to Robotic Process Automation.pdf
Session 1 - Intro to Robotic Process Automation.pdf
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
Christine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptxChristine's Product Research Presentation.pptx
Christine's Product Research Presentation.pptx
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
 
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
 
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
 
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge GraphGraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptxPRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
PRODUCT LISTING OPTIMIZATION PRESENTATION.pptx
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
 
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillinQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
 

Palestra realizada no S4x17 - Miami - EUA (em Inglês)

  • 1. TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Ransomware in ICS..... It begins Marcelo Branquinho January, 2017
  • 2. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. • Introduction • About Ransomware • Ransomware in ICS Study Case #1 – Furniture Factory Study Case #2 – Electrical Company • What if the worst happens? Agenda
  • 3. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. INTRODUCTION
  • 4. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Threats have changed: Advanced Attacks Data Data Internet Encryption Targeted PURPOSE: Profit, Sabotage and Conflict among organized nations • Targeted Attacks • Funded – Industry Growing Focus PURPOSE: Notoriety • One person, small groups • Limited Knowledge and Resources • Basic Attacks Internet ?Past Present
  • 5. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. SCADA / ICS - The perfect storm for cyber attacks
  • 6. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Unknown control and persistent advanced threats Malware impacting industrial production
  • 7. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. The scenery is bad, but can it get worse ??
  • 8. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. The attackers have figured out that ICS are an easy target…..and started to attack them! Sure!!
  • 9. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. ABOUT RANSOMWARE
  • 10. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. What is Ransomware? • Ransomware is a type of malware that prevents the user from accessing your data. • The user will recover access to the data only by paying a redemption. • Ransomware affects directly the availability of ICS by blocking access to vital information for its operation.
  • 11. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Is Ransomware a new threat?
  • 12. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Ransomware in ICS....It Begins
  • 13. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados.
  • 14. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. The redemption is rising...just happened last week
  • 15. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Ransomware in OT x Ransomware in IT • Ransomware in OT can be much worst than Ransomware in IT because it can directly affect SCADA systems operation by:  Blocking Access to HMIs  Ciphering Windows SCADA supervision and programming machines (HMI)  Ciphering Historians and Production Databases  Ciphering Engineering stations  Spreading to other plants through remote access or VPNs  Blocking access to utilities systems
  • 16. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. RANSOMWARE IN ICS TWO STUDY CASES IN BRAZIL
  • 17. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. STUDY CASE #1 FURNITURE FACTORY
  • 18. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Study Case #1 – Furniture Factory • Where: State of Goias, Brazil • Type of Ransomware: cryptoRSA4096-Ransomware • Machines infected: Windows SCADA supervision and programming machines (HMI) inside the factory.
  • 19. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Study Case #1 – Furniture Factory • Consequence: The factory stopped working. The company lost customer and supplier registrations, employee payroll and machine supervision and programming. • Redemption requested: U$ 3.061,00 • Financial Loss: The factory stayed 15 days stopped (loss of approximately US $ 100,000.00 due to downtime in production and delays in deliveries), until it restructured, to return the normal routines. • No redemption was paid for infected machines that had to be fully recovered because the OT team didn´t have healthy and updated backups.
  • 20. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Video - Ransomware in Furniture Factory Video produced by Globo TV (Brazil) and broadcasted for the whole brazilian territory at “Fantastico”, a sunday night TV show
  • 21. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. STUDY CASE #2 ELECTRICAL COMPANY Special thanks to Mr. Alexandre Freire, from the Palo Alto Networks SCADA & ICS Tiger Team, for sharing information over this study case
  • 22. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Study case #2 – Electrical Company • Where: South of Brazil • Type of Ransomware: CryptoLocker • Machines infected: Windows SCADA supervision machines (HMI) inside a control center.
  • 23. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Study case #2 – Electrical Company • Infection Vector: A Flash Drive used at one HMI. The ransomware spreaded through file shares and network mapped folders infecting other 3 supervision stations at the same automation network segment. • Consequence: momentary loss of supervision and control of power distribution. • Redemption requested: USD 300,00 per machine (4 machines were infected) • Financial Loss: No financial loss happened because the control was automatically transferred to a secondary control center that wasn´t physically connected to the main control center. No redemption was paid for infected machines that could be resettled through healthy backups.
  • 24. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. WHAT IF THE WORST HAPPENS?
  • 25. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. What if the worst happens? When mitigation fails, it is important for organizations and individuals to consider all possible responses to a Ransomware attack: • Have a prepared incident response team: This team must have previously planned a procedure to follow in the event of a ransomware attack during its risk assessment. This procedure should start notifying the authorities and regulators because Ransomware attacks are crimes prescribed by law. • Switch control to a secondary control center: in case of non stop real time systems, a secondary control center must be fully prepared to be activated. • Try to recover lost data: System backup and recovery are the only technical solution to revert ransomware attacks. Having updated backups is vital in cases of critical data loss. In this case, it will be necessary to perform a recover of the systems and data to return to normal business activity. • Do Nothing: In cases where the rescue outweighs the cost of the system, the victim can purchase a new device and dispose of the infected system.
  • 26. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. What if the worst happens? ( cont.. ) • Pay the redemption: Some attackers may release the system after receiving payment, because doing different would reduce the probability that new victims will fall into the blow. Unfortunately, however, there is no guarantee that the attackers would help you recover the data after the redemption paid. •A Hybrid Solution: includes simultaneous efforts to pay the rescue and attempt to restore systems from a trusted backup. Organizations opt for this strategy when system downtime is even more critical than the consequences of the redemption payment.
  • 27. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. An important detail .... • Modern Ransomware is able to search servers and backup applications running on the network and also encrypt them ... • In these cases, the only possible solution will be to pay the redemption. • Paying redemptions can be easy for private institutions, but public companies do not have the money allocated for this ... They would have to bid the redemption 
  • 28. www.tisafe.com TI Safe Segurança da Informação LTDA, 2007-2010.Todos os direitos reservados. Marcelo Branquinho Marcelo.branquinho@tisafe.com +55 21 994002290