Infotechcrowd

A Trend Micro White Paper I October 2017 Table of Contents INTRODUCTION ..................................................................................................................... 1 PART I: A BRIEF HISTORY OF RANSOMWARE .......................................................................... 2 Types of Ransomware ....................................................................................................................2 The Evolution of Ransomware ........................................................................................................3 PART II – HOW CRYPTO RANSOMWARE WORKS .................................................................... 4 Customized Vs. Standard Encryption Cryptosystems .......................................................................4 Symmetric Vs. Asymmetric Encryption ............................................................................................5 Key Management ...........................................................................................................................5 Key Generation & Delivery .............................................................................................................5 PART III – DEFENCE-IN-DEPTH STRATEGY ............................................................................... 8 General Best Security Practices .......................................................................................................8 Deploy Layered Security Controls Using Deep Security .................................................................. 11 Network Security Controls ............................................................................................................ 12 Deep Security: Firewall Recommendations >> ................................................................................... 12 Deep Security: Web Reputation Service Recommendations >> ......................................................... 13 Deep Security: Intrusion Prevention System Recommendations >> .................................................. 14 Malware Prevention & System Security Controls........................................................................... 15 Deep Security: Anti-Malware Recommendations >> .......................................................................... 16 Deep Security: Application Control Recommendations >>................................................................. 17 Deep Security: Integrity Monitoring Recommendations >> ............................................................... 18 CONCLUSION ....................................................................................................................... 19 Trend Micro White Paper Ransomware: Detection and Prevention using Trend Micro Deep Security A Trend Micro White Paper I October 2017 INTRODUCTION Intended Audience This paper is aimed at information security professionals looking to combat Ransomware on servers. It will provide guidance on how to adopt and implement safeguards to servers leveraging Trend Micro™ Deep Security™. It is expected that the reader is comfortable with common computing, security, and networking terminologies and topics. About This Paper This paper will assist in designing a “defense-in-depth” strategy to combat ransomware using Deep Security. We will first discuss the generic and the most effective IT strategies over the years against threats and then provide specific configuration guidance on how to leverage Deep Security modules, such as Intrusion Prevention System (IPS), firewall, application control, integrity monitoring and anti-malware, to help create a “defense-in-depth” strategy against ransomware. This paper is not intended or claimed to provide a “magic” solution to combat ransomware nor should it be believed that there is a single technology which will prevent all of the bad scenarios or the continued proliferation of ransomware. An information security professional’s job is to make it harder and increasingly frustrating for adversaries by adopting a “defense-in-depth” or “layered security model”. This model recommends “Detective”, “Preventive”, and “Forensic” defensive layers and we will see where Deep Security can fit into this model. Help and Support This paper is not meant to be a substitute for product documentation. For detailed information regarding installation, configuration, administration and usage of the Deep Security product, please refer to https://help.deepsecurity.trendmicro.com/. Page 1 | Trend Micro White Paper Ransomware: Detection and Prevention using Trend Micro Deep Security

Ransomware on Servers: Detection and Prevention using Trend Micro Deep Security

Please complete the form to gain access to this content

Related Resources

6 Schritte Fur Umfassende Container-Sicherheit In AWS

Automated Security at the Speed of DevOps

Banking on Cloud Governance

Cloud-Architekturen bauen mit Sicherheit

Six étapes vers une sécurité optimale des conteneurs

Six Steps to Comprehensive Container Security in AWS

Undertaking Security Challenges in Hybrid Cloud Environments

Addressing Security Challenges in Hybrid Cloud Environments

The Critical Role of Endpoint Detection and Response

Linux Servers: Why Native Security is Not Enough

Leveraging the Agility of DevOps Processes to Secure Hybrid Clouds

Deep Security Smart Check

Top 3 challenges your team faces when building in the cloud

Gartner Newsletter: Prioritize and Remediate Active Vulnerabilities Impacting Your Network

NSS Labs Breach Detection Systems Report

The Top five Myths of Hybrid Cloud Security

AWS eBook

Filling the Gaps in Office 365

The Five Milestones to GDPR Success

Paradigm Shifts: Trend Micro Security Predictions for 2018