Ransomware, delivered by DDoS, redesigning the data centre
Ransomware is potentially one of the most crippling breaches that can occur to any organisation, especially if the attacker is patient and allows the malware to spread before it starts encrypting and this being discovered. However, it is a symptom and the bigger issue is Unknown Malware, unknown because the variant has not been detected before and so Signature based Anti-Virus cannot detect it.
This session will discuss how we detect the undetectable using solutions already in place today, but more importantly what can we do to prevent malware when its never been done before.
The delivery mechanism historically through compromised websites and drive by infection, however we are now seeing more direct attack vectors and DDOS being used as camouflage as the malware is deployed. To make things worse the DDOS attacks are getting more sophisticated and so harder to prevent using traditional volumetric attack prevention, L7 attacks are more common now imbedded in volumetric attacks, complicating mitigation as dealing with volume and deep inspection simultaneously is very difficult. What can be done?
In addition, we will explore design strategies to protect the most important area of the network, the Data Centre. If we assume a breach will happen at some stage to all customers, and the evidence suggests that is the case, how can we contain that within the smallest part of the Data Centre which typically has been protected at the edge but not segmented to avoid East West performance issues and latency concerns.