Today, we are excited to announce that we have unveiled our new Australian-based cloud location for WildFire, serving local and regional customers as part of our continued investments in local cloud infrastructure.
With this launch, Wildfire now provides seven globally distributed regional clouds delivering low latency, best-in-class detection and prevention of unknown malware.
Figure 1: WildFire Global and Regional Cloud Locations
This latest cloud rollout provides the best of both worlds for our Australian customers. Our customers can now utilise the WildFire cloud-based threat analysis and prevention engine, while ensuring that files submitted for analysis stay in the country to address data location concerns. Note that certain metadata connected to submitted samples, as described in the WildFire Privacy datasheet, are shared with our other regional clouds. While submissions stay within Australian borders, Australian customers still benefit from the global security intelligence and updates based on the network effect of Palo Alto Networks 42,000+ WildFire customers.
The current threat landscape demands this focus on a highly scaled global protection capability driven by automated protections. The continued evolution of ransomware attacks is a case in point. A key finding in the 2021 Ransomware Threat Report--just published by Unit 42, the global threat intelligence team at Palo Alto Networks--indicates that attackers focus on new variants to evade detection. In fact, some of the most prevalent ransomware families Unit 42 observed throughout 2020 were less than a year old.
With these and other tactics in force, ransomware operators certainly made their presence felt in Australia. The Australian Cyber Security Centre's 2020 Health Sector Snapshot, which summarised the cyber security environment from 1 January to 31 December 2020, cited ransomware as “the most significant cybercrime threat to the Australian health sector.” Additionally, the Unit 42 ransomware report noted above also listed Australia as seventh (out of 40 countries tracked) in terms of the number of victim organisations with data published on ransomware leak sites.
The ransomware example is not unique. Cyberattacks continue to grow in complexity and sophistication, making threat prevention more difficult, time-consuming and expensive, especially when done in isolation. A global, cloud-delivered, community-driven approach to aggregated threat analysis is crucial to achieving the best possible threat intelligence and prevention, to effectively defend against a community of attackers who share information, attack methods, and techniques. Without the visibility or a global community-sourced detection infrastructure to turn unknown samples rapidly into known threats with preventions, these new threats and variants sail through existing defences and wreak havoc.
At the same time, Palo Alto Networks understands that some Australian customers prefer in-country infrastructure. With the ability to submit unknown files to the WildFire Australia Cloud for analysis, customers will have more control over their data storage location. Note that the types of files submitted to WildFire are configurable, so customers could choose to share, for example, unknown executables only with the WildFire Global Cloud. This option would balance privacy with the ability to ensure detection of emerging threats and the distribution of protective measures to all Palo Alto Networks customers as soon as possible. The ability to leverage the WildFire services available locally-- or alternatively use overseas-based locations (as some organisations may choose to do)-- are powerful options that are now available to our customers in Australia.
Figure 2. Palo Alto Networks Investments in local cloud infrastructure
Investing in local cloud infrastructure is part of Palo Alto Networks’ continued commitment to customers around the world, wherever their data resides. For more information, read more about Palo Alto Networks regional cloud locations.