Cyber Threat Alliance Cracks The Code on CryptoWall Crimeware Associated with $325 Million in Payments

First-of-its-kind Collaborative Effort Showcases the Power of Threat Information Sharing to Make the Internet Safer

SANTA CLARA, Calif., SUNNYVALE, Calif., and MOUNTAIN VIEW, Calif. October 29, 2015 — Fortinet (NASDAQ: FTNT), Intel Security (NASDAQ: INTC), Palo Alto Networks (NYSE: PANW) and Symantec Corp. (NASDAQ: SYMC), co-founders of the Cyber Threat Alliance (CTA), today announced the publication of research examining the evolution and global impact of the aggressive CryptoWall ransomware.

Lucrative Ransomware Attacks: Analysis of the CryptoWall Version 3 Threat,” is the first published report using combined threat research and intelligence from the founding and contributing members of the CTA. This whitepaper provides organizations worldwide valuable insight into the attack lifecycle of this lucrative ransomware family, which is associated with over US$325 million in revenue for the malicious actors behind it, as well as recommendations for prevention and mitigation. The CTA further discovered:

All of the key findings and intelligence in the report are based on the collective visibility the members of the CTA have into the CryptoWall v3 threat; potential impact may extend beyond this view.


The report also highlights key recommendations by the CTA to aid users and organizations in not falling victim to CryptoWall v3 and other forms of advanced malware:

To discuss this research and how threat information sharing can help in the battle against cyberattacks, the founding CTA member CEOs will participate in a Churchill Club panel tonight titled: “Hacks and Déjà vu: As the ‘Another Day, Another Hack’ Mantra Becomes Reality, is an End to Cyber Threats in Sight?”

To learn more about the Churchill Club event, visit:
To download a copy of the report or learn more about the CTA, visit:

To attend a webinar on December 1, 2015 discussing the findings of this report, led by members of the Cyber Threat Alliance, register here:

Ransomware is malware that encrypts a victims’ data so that a cybercriminal can hold it for ransom. When the victims pay, usually through an electronic currency like bitcoin, they receive a key from the cybercriminal to unlock their data. If the victims don’t pay and haven’t backed up their data, it can be lost permanently.

About the Cyber Threat Alliance (CTA)
Co-founded by Fortinet (NASDAQ: FTNT), Intel Security (formerly McAfee), Palo Alto Networks (NYSE: PANW) and Symantec (NASDAQ: SYMC), the Cyber Threat Alliance (CTA) is the industry’s first group of cybersecurity solution providers who have come together in the interest of their collective customers to share threat information. The end goal for the information sharing is to raise the situational awareness about advanced cyberthreats and enable members and organizations worldwide to use the latest threat intelligence information to improve defenses against advanced cyber adversaries. For more information about the CTA, please visit:

© October 2015 by the Cyber Threat Alliance Founding Companies. All Rights Reserved.

Fortinet's trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCloud, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiAP, FortiDB, FortiVoice and FortiWeb. Other trademarks belong to their respective owners.

Intel, Intel Security, the Intel logo, McAfee and the McAfee logo are trademarks or registered trademarks of Intel Corporation in the United States and other countries.

Palo Alto Networks and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.

Symantec, the Symantec Logo and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Media Contacts:
Sandra Wheatley
VP of Corporate Communications

Chris Palm
Director of Corporate Communications
Intel Security

Jennifer Jasper Smith
Head of Corporate Communications
Palo Alto Networks

Kristen Batch
VP of Corporate Communications