Evolving with the threats

Alexander HägglundSales Engineer – Nordics & Baltics

Evolution of IoT

3

Melissa Virus

1998

$1.2B

Love LetterWorm

$15B

1999

$2.3B

2007

$800M

2014

LockyRansomware

$1.1B

2016

FinFischerSpyware

2003

$780M

Exploit as aService

$500M

2015

TRADITIONAL MALWARE ADVANCED THREATS

The Evolution of Endpoint ThreatsFrom Malware to Exploits

2009 - INTRODUCTION OF POLYPACK

“CRIMEWARE AS A SERVICE”

Traditional Malware Advanced Threats

The Evolution of Endpoint SecurityFrom Anti-Malware to Anti-Exploit to Next-Generation

Exposure Prevention

URL BlockingWeb Scripts

Download Rep

Pre-Exec Analytics

Generic MatchingHeuristicsCore Rules

Signatures

Known MalwareMalware Bits

Run-Time

SignaturelessBehavior AnalyticsRuntime Behavior

Exploit Detection

Technique Identification

Exponential growth in new malware27% of all malware variants in history were created in the last 12 months

0

100000

200000

300000

400000

500000

600000

700000

800000

2007 2008 2009 2010 2011 2012 2013 2014 2015 2016

Total Malware (AV-Test)

Machine learning – Is it the answer?

Machine Learning: Image Recognition

Machine Learning Framework – Image Recognition

8

= “cat”

= “tomato”

= “apple”

Machine Learning for Malware Detection

9

= “bad program” aka malware

= “good program” aka benignware

Why Deep Learning?

10

Machine Learning Vs. Deep Learning

11

DEE

P L

EAR

NIN

G

Interconnected Layers of Neurons, Each Identifying More Complex Features

INPUT OUTPUT

OUTPUT

MA

CH

INE

LEA

RN

ING

Decision Tree

INPUT

Random Forest

OUTPUTINPUT

Sophos Confidential

We’re secure now, right?

Haha! All your files are encrypted!

Give me money!

Let‘s see what we can find here..

Information is more valuable

Social Engineering – One of the biggest threats

Social Engineering bypasses all technologies, including firewalls.

– Kevin Mitnick

Educate your users!