SlideShare une entreprise Scribd logo

Meetup Protect from Ransomware Attacks

C
CloudHesive

Meetup Protect from Ransomware Attacks

Technologie
1  sur  30
Télécharger pour lire hors ligne
© 2021, Amazon Web Services, Inc. or its Affiliates. Mike P., Solutions Architect Eduardo Lovera, Solutions Architect August 17, 2021 Ransomware Protecting and Recovering
© 2021, Amazon Web Services, Inc. or its Affiliates. Agenda • What is Ransomware? • AWS and Provable Security • Protection and Recovery • Amazon GuardDuty • Amazon Detective • AWS Backup • Q&A
© 2021, Amazon Web Services, Inc. or its Affiliates. What is Ransomware?
© 2021, Amazon Web Services, Inc. or its Affiliates. 1989 The first known ransomware, the 1989 AIDS Trojan is written. Multiple variants on multiple platforms are causing damage. 2015 A ransomware worm based on the Stamp.Ek exploit kit surfaces and a Mac OS X-specific ransomware worm arrives on the scene. CryptoLocker rakes in $5 million in the last four months of the year. 2013 A ransomware worm imitating the Windows Product Activation notice appears. 2011 By mid-2006, worms such as Gpcode, TROJ.RANSOM.A, Archiveus, Krotten, Cryzip and May Archive start using more sophisticated RSA Encryption. 2006 In May, extortion ransomware appears. 2005 Ransomware evolution
© 2021, Amazon Web Services, Inc. or its Affiliates. Ransomware – From minor annoyance to BIG business Annoyance Disruption Extortion
© 2021, Amazon Web Services, Inc. or its Affiliates. Does not encrypt files; it locks the victim out of their device, preventing them from using it. Once they are locked out, cybercriminals demand a ransom to unlock the device. Locker Ransomware Crypto Ransomware Encrypts valuable files on a computer so that the user cannot access them; attackers make money by demanding victims pay a ransom to get their files back. Main types of ransomware
© 2021, Amazon Web Services, Inc. or its Affiliates. Why has ransomware been effective?
© 2021, Amazon Web Services, Inc. or its Affiliates. Concrete examples of customer security events Diverse initial vectors and impacts • Exploit based • Active Directory lateral movement • Database vector • AWS Credential vector • S3 bucket ransom • Threats of resource deletion
© 2021, Amazon Web Services, Inc. or its Affiliates. AWS and Provable Security
© 2021, Amazon Web Services, Inc. or its Affiliates. Shared responsibility model AWS Security OF the Cloud AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud Security IN the Cloud Customer responsibility will be determined by the AWS Cloud services that a customer selects Customer
© 2021, Amazon Web Services, Inc. or its Affiliates. Principle of least privilege Storage Development & Management Tools Content Delivery Analytics Compute Messaging Database App Services Mobile Payments Networking On-Demand Workforce VPC Securely control individual And group access to your AWS resources User IAM
© 2021, Amazon Web Services, Inc. or its Affiliates. Segment Amazon Virtual Private Clouds
© 2021, Amazon Web Services, Inc. or its Affiliates. But how do you know proactively that you are prepared? Not enough time, resources, money, or know-how . . .
© 2021, Amazon Web Services, Inc. or its Affiliates. 1. Inventory 2. Vulnerability management 3. Policy enforcement 4. Integrity monitoring 5. Logging and baselining 6. Backups 7. Secure storage 8. Network protection 9. Blocklisting
© 2021, Amazon Web Services, Inc. or its Affiliates. What is the NIST Cybersecurity Framework? Executive Order Presidential Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” charges NIST in Feb. 2013 Legislation Cybersecurity Enhancement Act of 2014 reinforced the legitimacy and authority of the CSF by codifying it and its voluntary adoption into law 15 In February 2014, the National Institute of Standards and Technology (NIST) published the “Framework for Improving Critical Infrastructure Cybersecurity” (or CSF), a voluntary framework to help organizations of any size and sector improve the cybersecurity, risk management, and resilience of their systems. Originally intended for critical infrastructure, but broader applicability across all organization types. Executive Order Presidential EO 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” mandates the use of CSF for all federal IT
© 2021, Amazon Web Services, Inc. or its Affiliates. Identify Which workloads are critical for recovery? Recover Set up your ability to recover Protect, Detect, and Respond Implement best security practices to prevent an attack Aligning to AWS services
© 2021, Amazon Web Services, Inc. or its Affiliates. Protection and Recovery
© 2021, Amazon Web Services, Inc. or its Affiliates. Map Services/Solutions to the NIST CSF Identify – AWS Systems Manager Inventory, Config Protect – Network Segmentation, IAM, SCP, Federate Access, AWS Systems Manager Patch Manager, Control Tower Detect – Inspector, Security Hub, GuardDuty, Security Assessment Solution Respond – Detective, ProServe Security Gameday, Incident Response Plan Recover – Backup, S3 Cross-Region Replication/Glacier, CloudEndure Identify Protect Detect Respond Recover
© 2021, Amazon Web Services, Inc. or its Affiliates. Detect Detect AWS Security Hub Amazon Inspector Amazon GuardDuty Self Assessment Tool AWS Well- Architected Framework
© 2021, Amazon Web Services, Inc. or its Affiliates. What is Amazon GuardDuty? Amazon GuardDuty is a threat detection service that uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats. Protects AWS accounts, workloads, and data stored in S3. Identify malicious & highly suspicious activity
© 2021, Amazon Web Services, Inc. or its Affiliates. How Amazon GuardDuty works? VPC flow logs DNS Logs CloudTrail Events Findings Data Sources Threat intelligence Anomaly Detection (ML) AWS Security Hub CloudWatch Event Finding Types Examples Bitcoin Mining C&C Activity Unusual User behavior Example: • Launch instance • Change Network Permissions Amazon GuardDuty Threat Detection Types HIGH MEDIUM LOW Unusual traffic patterns Example: • Unusual ports and volume Amazon Detective S3 Data Plane Events
© 2021, Amazon Web Services, Inc. or its Affiliates. Respond Respond Amazon Detective AWS Security Hub AWS Professional Services
© 2021, Amazon Web Services, Inc. or its Affiliates. Amazon Detective Analyze and visualize security data to rapidly get to the root cause of potential security issues.
© 2021, Amazon Web Services, Inc. or its Affiliates. Hosted Service: Automated data collection, synthesis, analysis AWS Amazon Detective Findings Telemetry Enrichment Role User Instance IP Address Bucket Behavior & Baselines Behavior Graph Analytics & Insights Data & context S3 data storage How Amazon Amazon Detective works?
© 2021, Amazon Web Services, Inc. or its Affiliates. Recover Recover AWS Storage Gateway CloudEndure Disaster Recovery Amazon S3 Glacier Amazon Simple Storage Service AWS Backup
© 2021, Amazon Web Services, Inc. or its Affiliates. Introducing AWS Backup Amazon EFS Amazon EBS Amazon RDS Amazon DynamoDB AWS Storage Gateway AWS Backup A fully managed, policy- based backup service that makes it easy to centrally manage and automate the backup of data across AWS services Amazon Aurora Amazon EC2 FSx for Lustre FSx for Windows
© 2021, Amazon Web Services, Inc. or its Affiliates. DR & Ransomware Recovery with AWS Backup Vault characteristics: • Backups are highly efficient incremental forever • Backup copies cannot be changed or encrypted • Manage with vault specific CMK/KMS best practices • Air-gapped backups using vault access policies • Prescriptive guidance for vault account access provided AWS Backup Recovery options: • Supports 1-to-many, many-to- many, many-to-1, etc. • Recover from same account locally or from across region • Recover from cross-account locally or across region • Recover from RPOs that are hours, days, weeks or months old • Simple workflow to apply any forensic analysis Build an Isolated Backup Vault
© 2021, Amazon Web Services, Inc. or its Affiliates. So what do I do? Categorize applications into criticality Align to a security framework Test your incident response plan Test your backups Use AWS services to implement provable security / resiliency Meet with AWS to do a deep dive on your mitigation strategy for ransomware.
© 2021, Amazon Web Services, Inc. or its Affiliates. Q&A Mike P. Eduardo Lovera
© 2021, Amazon Web Services, Inc. or its Affiliates. Mike P. preirmi@amazon.com AWS Solutions Architect Thank you Eduardo Lovera edulover@amazon.com AWS Solutions Architect

Recommandé

Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationCloudHesive
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
5 Steps for Preventing Ransomware
5 Steps for Preventing Ransomware5 Steps for Preventing Ransomware
5 Steps for Preventing RansomwareRapidSSLOnline.com
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practicesSundeep Roxx
 
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveAWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveJason Chan
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS SecurityAmazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 

Recommandé

Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationCloudHesive
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
5 Steps for Preventing Ransomware
5 Steps for Preventing Ransomware5 Steps for Preventing Ransomware
5 Steps for Preventing RansomwareRapidSSLOnline.com
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practicesSundeep Roxx
 
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveAWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveJason Chan
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS SecurityAmazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 
AWS Security Webinar: The Key to Effective Cloud Encryption
AWS Security Webinar: The Key to Effective Cloud EncryptionAWS Security Webinar: The Key to Effective Cloud Encryption
AWS Security Webinar: The Key to Effective Cloud EncryptionAmazon Web Services
 
AWS_Security_Essentials
AWS_Security_EssentialsAWS_Security_Essentials
AWS_Security_EssentialsAmazon Web Services
 
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013Amazon Web Services
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerEast Midlands Cyber Security Forum
 
Practical Steps to Hack-Proofing AWS
Practical Steps to Hack-Proofing AWSPractical Steps to Hack-Proofing AWS
Practical Steps to Hack-Proofing AWSAmazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
 
Aws
AwsAws
AwsAhamedBashaN
 
5 minutes on security
5 minutes on security5 minutes on security
5 minutes on securityCloudHesive
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud SecurityAWS Riyadh User Group
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAlert Logic
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”Amazon Web Services
 
Best Practices for Security at Scale
Best Practices for Security at Scale Best Practices for Security at Scale
Best Practices for Security at Scale Amazon Web Services
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - OverviewSai Kesavamatham
 
Building Secure Services using Containers
Building Secure Services using ContainersBuilding Secure Services using Containers
Building Secure Services using ContainersAmazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
Network Security and Access Control within AWS
Network Security and Access Control within AWS Network Security and Access Control within AWS
Network Security and Access Control within AWS Amazon Web Services
 
Building a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with PuppetBuilding a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with PuppetTim Nolet
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security FundamentalsAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Introduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF LoftIntroduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF LoftAmazon Web Services
 

Contenu connexe

Tendances

AWS Security Webinar: The Key to Effective Cloud Encryption
AWS Security Webinar: The Key to Effective Cloud EncryptionAWS Security Webinar: The Key to Effective Cloud Encryption
AWS Security Webinar: The Key to Effective Cloud EncryptionAmazon Web Services
 
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013Amazon Web Services
 
Practical Steps to Hack-Proofing AWS
Practical Steps to Hack-Proofing AWSPractical Steps to Hack-Proofing AWS
Practical Steps to Hack-Proofing AWSAmazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
 
5 minutes on security
5 minutes on security5 minutes on security
5 minutes on securityCloudHesive
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAlert Logic
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”Amazon Web Services
 
Best Practices for Security at Scale
Best Practices for Security at Scale Best Practices for Security at Scale
Best Practices for Security at Scale Amazon Web Services
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - OverviewSai Kesavamatham
 
Building Secure Services using Containers
Building Secure Services using ContainersBuilding Secure Services using Containers
Building Secure Services using ContainersAmazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
Network Security and Access Control within AWS
Network Security and Access Control within AWS Network Security and Access Control within AWS
Network Security and Access Control within AWS Amazon Web Services
 
Building a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with PuppetBuilding a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with PuppetTim Nolet
 

Tendances (20)

AWS Security Webinar: The Key to Effective Cloud Encryption
AWS Security Webinar: The Key to Effective Cloud EncryptionAWS Security Webinar: The Key to Effective Cloud Encryption
AWS Security Webinar: The Key to Effective Cloud Encryption
 
AWS_Security_Essentials
AWS_Security_EssentialsAWS_Security_Essentials
AWS_Security_Essentials
 
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
 
Practical Steps to Hack-Proofing AWS
Practical Steps to Hack-Proofing AWSPractical Steps to Hack-Proofing AWS
Practical Steps to Hack-Proofing AWS
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
 
Aws
AwsAws
Aws
 
5 minutes on security
5 minutes on security5 minutes on security
5 minutes on security
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat Response
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in Practice
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”
 
Best Practices for Security at Scale
Best Practices for Security at Scale Best Practices for Security at Scale
Best Practices for Security at Scale
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - Overview
 
Building Secure Services using Containers
Building Secure Services using ContainersBuilding Secure Services using Containers
Building Secure Services using Containers
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
 
Network Security and Access Control within AWS
Network Security and Access Control within AWS Network Security and Access Control within AWS
Network Security and Access Control within AWS
 
Building a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with PuppetBuilding a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with Puppet
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security Fundamentals
 

Similaire à Meetup Protect from Ransomware Attacks

Introduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF LoftIntroduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF LoftAmazon Web Services
 
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...Brian Andrzejewski
 
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...himanipatel524244
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSAmazon Web Services
 
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Amazon Web Services
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSAmazon Web Services
 
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, PolandServerless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, PolandDennis Traub
 
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017Amazon Web Services
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Protecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and FeaturesProtecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and FeaturesAmazon Web Services
 
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & RemediationAWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & RemediationAmazon Web Services
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWSAmazon Web Services
 
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...Amazon Web Services
 

Similaire à Meetup Protect from Ransomware Attacks (20)

Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Introduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF LoftIntroduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF Loft
 
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
 
Security@Scale
Security@ScaleSecurity@Scale
Security@Scale
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
 
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWS
 
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, PolandServerless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
 
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Protecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and FeaturesProtecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and Features
 
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & RemediationAWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & Remediation
 
SEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) ScaleSEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) Scale
 
Protecting Your Data
Protecting Your DataProtecting Your Data
Protecting Your Data
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWS
 
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...
 

Plus de CloudHesive

Serverless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of FloridaServerless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of FloridaCloudHesive
 
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...CloudHesive
 
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...CloudHesive
 
Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...CloudHesive
 
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptxAmazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptxCloudHesive
 
ConnectPath Introduction
ConnectPath IntroductionConnectPath Introduction
ConnectPath IntroductionCloudHesive
 
Modernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdfModernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdfCloudHesive
 
Modernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdfModernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdfCloudHesive
 
End User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptxEnd User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptxCloudHesive
 
Analytics at CloudHesive
Analytics at CloudHesiveAnalytics at CloudHesive
Analytics at CloudHesiveCloudHesive
 
Supporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo LogicSupporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo LogicCloudHesive
 
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS CostsBest Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS CostsCloudHesive
 
Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations CloudHesive
 
reInvent reCap 2022
reInvent reCap 2022reInvent reCap 2022
reInvent reCap 2022CloudHesive
 
Serverless without Code (Lambda)
Serverless without Code (Lambda)Serverless without Code (Lambda)
Serverless without Code (Lambda)CloudHesive
 
AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)CloudHesive
 
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupSecurity on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupCloudHesive
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudCloudHesive
 
Amazon Connect Bootcamp
Amazon Connect BootcampAmazon Connect Bootcamp
Amazon Connect BootcampCloudHesive
 

Plus de CloudHesive (20)

Serverless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of FloridaServerless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of Florida
 
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
 
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
 
Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...
 
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptxAmazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
 
ConnectPath Introduction
ConnectPath IntroductionConnectPath Introduction
ConnectPath Introduction
 
Modernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdfModernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdf
 
Modernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdfModernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdf
 
End User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptxEnd User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptx
 
Analytics at CloudHesive
Analytics at CloudHesiveAnalytics at CloudHesive
Analytics at CloudHesive
 
Supporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo LogicSupporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo Logic
 
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS CostsBest Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
 
Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations
 
reInvent reCap 2022
reInvent reCap 2022reInvent reCap 2022
reInvent reCap 2022
 
Serverless without Code (Lambda)
Serverless without Code (Lambda)Serverless without Code (Lambda)
Serverless without Code (Lambda)
 
AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)
 
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupSecurity on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition Meetup
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWS
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
 
Amazon Connect Bootcamp
Amazon Connect BootcampAmazon Connect Bootcamp
Amazon Connect Bootcamp
 

Dernier

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 

Dernier (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

Meetup Protect from Ransomware Attacks

  • 1. © 2021, Amazon Web Services, Inc. or its Affiliates. Mike P., Solutions Architect Eduardo Lovera, Solutions Architect August 17, 2021 Ransomware Protecting and Recovering
  • 2. © 2021, Amazon Web Services, Inc. or its Affiliates. Agenda • What is Ransomware? • AWS and Provable Security • Protection and Recovery • Amazon GuardDuty • Amazon Detective • AWS Backup • Q&A
  • 3. © 2021, Amazon Web Services, Inc. or its Affiliates. What is Ransomware?
  • 4. © 2021, Amazon Web Services, Inc. or its Affiliates. 1989 The first known ransomware, the 1989 AIDS Trojan is written. Multiple variants on multiple platforms are causing damage. 2015 A ransomware worm based on the Stamp.Ek exploit kit surfaces and a Mac OS X-specific ransomware worm arrives on the scene. CryptoLocker rakes in $5 million in the last four months of the year. 2013 A ransomware worm imitating the Windows Product Activation notice appears. 2011 By mid-2006, worms such as Gpcode, TROJ.RANSOM.A, Archiveus, Krotten, Cryzip and May Archive start using more sophisticated RSA Encryption. 2006 In May, extortion ransomware appears. 2005 Ransomware evolution
  • 5. © 2021, Amazon Web Services, Inc. or its Affiliates. Ransomware – From minor annoyance to BIG business Annoyance Disruption Extortion
  • 6. © 2021, Amazon Web Services, Inc. or its Affiliates. Does not encrypt files; it locks the victim out of their device, preventing them from using it. Once they are locked out, cybercriminals demand a ransom to unlock the device. Locker Ransomware Crypto Ransomware Encrypts valuable files on a computer so that the user cannot access them; attackers make money by demanding victims pay a ransom to get their files back. Main types of ransomware
  • 7. © 2021, Amazon Web Services, Inc. or its Affiliates. Why has ransomware been effective?
  • 8. © 2021, Amazon Web Services, Inc. or its Affiliates. Concrete examples of customer security events Diverse initial vectors and impacts • Exploit based • Active Directory lateral movement • Database vector • AWS Credential vector • S3 bucket ransom • Threats of resource deletion
  • 9. © 2021, Amazon Web Services, Inc. or its Affiliates. AWS and Provable Security
  • 10. © 2021, Amazon Web Services, Inc. or its Affiliates. Shared responsibility model AWS Security OF the Cloud AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud Security IN the Cloud Customer responsibility will be determined by the AWS Cloud services that a customer selects Customer
  • 11. © 2021, Amazon Web Services, Inc. or its Affiliates. Principle of least privilege Storage Development & Management Tools Content Delivery Analytics Compute Messaging Database App Services Mobile Payments Networking On-Demand Workforce VPC Securely control individual And group access to your AWS resources User IAM
  • 12. © 2021, Amazon Web Services, Inc. or its Affiliates. Segment Amazon Virtual Private Clouds
  • 13. © 2021, Amazon Web Services, Inc. or its Affiliates. But how do you know proactively that you are prepared? Not enough time, resources, money, or know-how . . .
  • 14. © 2021, Amazon Web Services, Inc. or its Affiliates. 1. Inventory 2. Vulnerability management 3. Policy enforcement 4. Integrity monitoring 5. Logging and baselining 6. Backups 7. Secure storage 8. Network protection 9. Blocklisting
  • 15. © 2021, Amazon Web Services, Inc. or its Affiliates. What is the NIST Cybersecurity Framework? Executive Order Presidential Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” charges NIST in Feb. 2013 Legislation Cybersecurity Enhancement Act of 2014 reinforced the legitimacy and authority of the CSF by codifying it and its voluntary adoption into law 15 In February 2014, the National Institute of Standards and Technology (NIST) published the “Framework for Improving Critical Infrastructure Cybersecurity” (or CSF), a voluntary framework to help organizations of any size and sector improve the cybersecurity, risk management, and resilience of their systems. Originally intended for critical infrastructure, but broader applicability across all organization types. Executive Order Presidential EO 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” mandates the use of CSF for all federal IT
  • 16. © 2021, Amazon Web Services, Inc. or its Affiliates. Identify Which workloads are critical for recovery? Recover Set up your ability to recover Protect, Detect, and Respond Implement best security practices to prevent an attack Aligning to AWS services
  • 17. © 2021, Amazon Web Services, Inc. or its Affiliates. Protection and Recovery
  • 18. © 2021, Amazon Web Services, Inc. or its Affiliates. Map Services/Solutions to the NIST CSF Identify – AWS Systems Manager Inventory, Config Protect – Network Segmentation, IAM, SCP, Federate Access, AWS Systems Manager Patch Manager, Control Tower Detect – Inspector, Security Hub, GuardDuty, Security Assessment Solution Respond – Detective, ProServe Security Gameday, Incident Response Plan Recover – Backup, S3 Cross-Region Replication/Glacier, CloudEndure Identify Protect Detect Respond Recover
  • 19. © 2021, Amazon Web Services, Inc. or its Affiliates. Detect Detect AWS Security Hub Amazon Inspector Amazon GuardDuty Self Assessment Tool AWS Well- Architected Framework
  • 20. © 2021, Amazon Web Services, Inc. or its Affiliates. What is Amazon GuardDuty? Amazon GuardDuty is a threat detection service that uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats. Protects AWS accounts, workloads, and data stored in S3. Identify malicious & highly suspicious activity
  • 21. © 2021, Amazon Web Services, Inc. or its Affiliates. How Amazon GuardDuty works? VPC flow logs DNS Logs CloudTrail Events Findings Data Sources Threat intelligence Anomaly Detection (ML) AWS Security Hub CloudWatch Event Finding Types Examples Bitcoin Mining C&C Activity Unusual User behavior Example: • Launch instance • Change Network Permissions Amazon GuardDuty Threat Detection Types HIGH MEDIUM LOW Unusual traffic patterns Example: • Unusual ports and volume Amazon Detective S3 Data Plane Events
  • 22. © 2021, Amazon Web Services, Inc. or its Affiliates. Respond Respond Amazon Detective AWS Security Hub AWS Professional Services
  • 23. © 2021, Amazon Web Services, Inc. or its Affiliates. Amazon Detective Analyze and visualize security data to rapidly get to the root cause of potential security issues.
  • 24. © 2021, Amazon Web Services, Inc. or its Affiliates. Hosted Service: Automated data collection, synthesis, analysis AWS Amazon Detective Findings Telemetry Enrichment Role User Instance IP Address Bucket Behavior & Baselines Behavior Graph Analytics & Insights Data & context S3 data storage How Amazon Amazon Detective works?
  • 25. © 2021, Amazon Web Services, Inc. or its Affiliates. Recover Recover AWS Storage Gateway CloudEndure Disaster Recovery Amazon S3 Glacier Amazon Simple Storage Service AWS Backup
  • 26. © 2021, Amazon Web Services, Inc. or its Affiliates. Introducing AWS Backup Amazon EFS Amazon EBS Amazon RDS Amazon DynamoDB AWS Storage Gateway AWS Backup A fully managed, policy- based backup service that makes it easy to centrally manage and automate the backup of data across AWS services Amazon Aurora Amazon EC2 FSx for Lustre FSx for Windows
  • 27. © 2021, Amazon Web Services, Inc. or its Affiliates. DR & Ransomware Recovery with AWS Backup Vault characteristics: • Backups are highly efficient incremental forever • Backup copies cannot be changed or encrypted • Manage with vault specific CMK/KMS best practices • Air-gapped backups using vault access policies • Prescriptive guidance for vault account access provided AWS Backup Recovery options: • Supports 1-to-many, many-to- many, many-to-1, etc. • Recover from same account locally or from across region • Recover from cross-account locally or across region • Recover from RPOs that are hours, days, weeks or months old • Simple workflow to apply any forensic analysis Build an Isolated Backup Vault
  • 28. © 2021, Amazon Web Services, Inc. or its Affiliates. So what do I do? Categorize applications into criticality Align to a security framework Test your incident response plan Test your backups Use AWS services to implement provable security / resiliency Meet with AWS to do a deep dive on your mitigation strategy for ransomware.
  • 29. © 2021, Amazon Web Services, Inc. or its Affiliates. Q&A Mike P. Eduardo Lovera
  • 30. © 2021, Amazon Web Services, Inc. or its Affiliates. Mike P. preirmi@amazon.com AWS Solutions Architect Thank you Eduardo Lovera edulover@amazon.com AWS Solutions Architect