Threat Landscape vs

Threat Management

Thomas Ludvik Næss

Country Manager

Threat Landscape

Past, Present and Future

Copyright 2017 Trend Micro Inc.3

So it begins… in the year of 1802

Joseph Marie Jacquard

Copyright 2017 Trend Micro Inc.4

Very first computer virus… 1971

•The Creeper system, an experimental self-replicating program, is written by

Bob Thomas at BBN Technologies to test John von Neumann's

theory.[2] Creeper infected DEC PDP-10 computers running the TENEX

operating system. Creeper gained access via the ARPANET and copied itself to

the remote system where the message "I'm the creeper, catch me if you can!"

was displayed. The Reaper program was later created to delete Creeper.[3]

Source: https://en.wikipedia.org/wiki/Timeline_of_computer_viruses_and_worms

Copyright 2017 Trend Micro Inc.5

May 1974 – World´s first “Spam” sent…

CRIMEWARE

DA

MA

GE

CA

US

ED

W orm

Outbreaks

Vulnerabi l i t ies

Spam

Mass

Mailers

Spyware

Intel l igent

Botnets

W eb

Threats

2001 2003 2004 2005 2007 2010 2012

Targeted

Attacks

Mobi le

Attacks

2015

Destructive

Attacks/

Ransomware

2016

Business

Email

Compromise

Cybercrime Business Development

brand new malware every second!

of these infects only one machine…

…cybercrimers spends more time deleting their trails.

I will never be hacked!

YES YOU WILL!!

Copyright 2017 Trend Micro Inc.9

World Economic Forum - The Global Risks Report 2017

Copyright 2017 Trend Micro Inc.10

RANSOMWARE GROWTH WILL PLATEAU IN 2017, BUT ATTACK METHODS

AND TARGETS WILL DIVERSIFY.

Copyright 2017 Trend Micro Inc.11

IOT DEVICES WILL PLAY A BIGGER ROLE IN DDOS ATTACKS; IIOT SYSTEMS

IN TARGETED ATTACKS.

Copyright 2017 Trend Micro Inc.12

THE SIMPLICITY OF BUSINESS EMAIL COMPROMISE ATTACKS WILL DRIVE

AN INCREASE IN THE VOLUME OF TARGETED SCAMS IN 2017.

Copyright 2017 Trend Micro Inc.13

BUSINESS PROCESS COMPROMISE WILL GAIN TRACTION AMONG

CYBERCRIMINALS LOOKING TO TARGET THE FINANCIAL SECTOR.

Copyright 2017 Trend Micro Inc.14

ADOBE AND APPLE WILL OUTPACE MICROSOFT IN TERMS OF PLATFORM

VULNERABILITY DISCOVERIES.

Copyright 2017 Trend Micro Inc.15

CYBERPROPAGANDA WILL BECOME A NORM.

GENERAL DATA PROTECTION REGULATION IMPLEMENTATION AND

COMPLIANCE WILL RAISE ADMINISTRATIVE COSTS ACROSS

ORGANIZATIONS.

THREAT ACTORS WILL COME UP WITH NEW TARGETED ATTACK TACTICS

THAT CIRCUMVENT CURRENT ANTI-EVASION SOLUTIONS.

Copyright 2017 Trend Micro Inc.16

Face Reality With a Hollistic Approach

Cloud and Virtualization

ConsumerizationComplex Networks

State of the Art Threat Management

Copyright 2017 Trend Micro Inc.18

Threat Researchers

• 450 researchers• Threat lifecycle and

distribution research• 3k+ external vulnerability &

exploit researchers (ZDI)

Cloud based & Big Data Analytics Driven Threat Intelligence since 2004

Global Threat Intelligence

• 100 TB analyzed daily• 500k new threats daily• 800M+ good file whitelist• 100s of millions of sensors

Copyright 2017 Trend Micro Inc.19

Copyright 2017 Trend Micro Inc.20

Application Control

BehavioralAnalysis

Response & Containment

Intrusion Prevention

Machine Learning

Sandbox Analysis

Integrity Monitoring

Anti-Malware & Content Filtering

SMARTMaximizes protection

Copyright 2017 Trend Micro Inc.21

Application Control

BehavioralAnalysis

Response & Containment

Intrusion Prevention

Machine Learning

Sandbox Analysis

Integrity Monitoring

Anti-Malware & Content Filtering

Application Control

BehavioralAnalysis

Response & Containment

Intrusion Prevention

Machine Learning

Sandbox Analysis

Integrity Monitoring

Anti-Malware & Content Filtering

Application Control

BehavioralAnalysis

Response & Containment

Intrusion Prevention

Machine Learning

Sandbox Analysis

Integrity Monitoring

Anti-Malware & Content Filtering

OPTIMIZEDMinimizes IT impact

Copyright 2017 Trend Micro Inc.22

CONNECTEDSpeeds time to protect, detect and respond

Copyright 2017 Trend Micro Inc.23

Anti-Malware & Content Filtering

Intrusion Prevention (IPS) & Firewall

Integrity Monitoring & Log Inspection

Application Control

Safe files & actions allowed

Malicious files & actions blocked

LEG

END

Known Good

Known Bad

Unknown

Machine Learning

Behavioral Analysis

Custom Sandbox Analysis

Protect Against Advanced Threats

ANALYZERVISIBILITY AND

CONTROL

INSPECTOR

Copyright 2017 Trend Micro Inc.25

Layered Defense on WCRY (and all other threats)

Copyright 2017 Trend Micro Inc.26

Market Leadership Position

The market leader in server security

for the 7th straight year

Highest and Furthest to the Right in the Leader’s Quadrant in the Gartner

Magic Quadrant for Endpoint Protection Platforms, Jan 2017

#1 in protection and performance

• Source: IDC, Securing the Server Compute Evolution: Hybrid Cloud Has Transformed the Datacenter, January 2017 #US41867116

• NSS Labs Breach Detection Test Results (2014-2016); NSS NGIPS Test Results, 2016

• http://www.trendmicro.com/us/business/cyber-security/gartner-idps-report/

• https://resources.trendmicro.com/Gartner-Magic-Quadrant-Endpoints.html

• av-test.org (Jan 2014 to Dec 2016)

Recommended Breach Detection System for 3 straight years, and

Recommended Next-generation IPS

Leader in Gartner Magic Quadrant forIntrusion Detection and Prevention

Systems, January 2017

Copyright 2017 Trend Micro Inc.27

Trend Micro

28 years focused on security software

Headquartered in Japan, Tokyo Exchange Nikkei Index (4704)

Annual sales over $1B US

Customers include 45 of top 50 global corporations

5500+ employees in over 50 countries

500k commercial customers &155M endpoints protected

Small Business

Midsize Business

Enterprise

Consumer

Consumers

thomas@trendmicro.no