WannaCry Ransomware: Why Kill Switches Will Not Protect You

Presented by

Mounir Hahad, Sr. Director of Cyphort Labs

About this talk

The world is experiencing a ransomware attack like no other. While the wave of infections was spreading from East to West, a kill switch was identified that slowed the campaign considerably. Then another kill switch was needed, then another. Against popular belief, these kill switches are only effective against the original strain of the malware. In this presentation, we will review a variant without a registerable web site kill switch and how to protect against it. Join this webinar and ask your most pressing WannaCry questions. About the Presenter: Mounir Hahad, Ph.D. is Sr Director at Cyphort, a Security Analytics company headquartered in Santa Clara, CA. Mounir is the head of Cyphort Labs, the group responsible for conducting threat research within Cyphort and driving detection enhancements for Cyphort’s Advanced Detection Fabric which uses behavioral analysis along with machine learning to detect advanced threats and correlate those incidents with ingested information from third party solutions. Mounir holds a Ph.D. in computer science from the University of Rennes. Prior to Cyphort, Mounir held various engineering management positions with Cisco’s Security Technology Group and with IronPort Systems.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (11)
Subscribers (1015)
Cyphort delivers the Anti-SIEM, an innovative security analytics and advanced threat defense platform that addresses time, cost, and complexity challenges associated with traditional SIEMs. The software uses machine learning and behavioral analysis technologies to detect advanced threats in web, email, and lateral spread traffic. Threat data is correlated with event and log data collected from other security devices in the network.  Results are consolidated and presented as a timeline view of each security incident. One-touch mitigation can contain breaches and strengthen existing tools.  The Anti-SIEM works with or without an existing SIEM to reduce noise, improve productivity, and accelerate response.