Uploaded bysammadbasheer5
PPTX, PDF97 views

440890252-RANSOMWARE.cybersecurity-ppt.pptx

The document provides a comprehensive overview of ransomware, detailing its history, types, and how it operates, highlighting its emergence as a significant cyber threat since the late 1980s. It discusses two main types of ransomware, encryptors and lockers, along with various attack methods and notable examples. Additionally, the document emphasizes the importance of disaster recovery plans and preventive measures to combat ransomware attacks.

Embed presentation

Download to read offline
RANSOMWARE CYBER SECURITY
Overview Below is what we will be going over in our presentation.  Introduction of Ransomware.  Background and history of Ransomware.  Types of Ransomware attacks.  What you can do to protect yourself from Ransomware.  Backup and DR planning.  Real world examples of Ransomware.
What is Ransomware?  One of the most prominent and fast growing threats which: 1.Takes users files 2. Encrypts them 3. And creates a decryption key This makes the user’s files inaccessible until some sort of Ransom is paid. Two main types of Ransomware. 1. Encryptors- which incorporate encryption algorithm s to black system files and demand some sort of payment to be able to access the key to decrypt victims files. 2. Locker – completely locks users out of their devices by not allowing them to or locking them out of their operating system until the desired ransom is paid.
History of Ransomware  It’s been said that Ransomware was introduced as an AIDS Trojan in 1989 when Harvard-educated biologist Joseph L. Popp sent 20,000 compromised diskettes named “AIDS Information – Introductory Diskettes” to attendees of the internal AIDS conference organized by the World Health Organization. The Trojan worked by encrypting the file names on the customers’ computer and hiding directories. The victims were asked to pay $189 to PC Cyborg Corp. at a mailbox in Panama.  From 2006 and on, cybercriminals have become more active and started using asymmetric RSA encryption. They launched the Archives Trojan that encrypted the files of the My Documents directory. Victims were promised access to the 30-digit password only if they decided to purchase from an online pharmacy.  After 2012, ransomware started spreading worldwide, infecting systems and transforming into more sophisticated forms to promote easier attack delivery as the years rolled by. In Q3, about 60,000 new ransomware was discovered, which doubled to over 200,000 in Q3 of 2012.  The first version of CryptoLocker appeared in September 2013 and the first copycat software called Locker was introduced in December of that year.  Ransomware has been creatively defined by the U.S. Department of Justice as a new model of cybercrime with a potential to cause impacts on a global scale. Stats indicate that the use of ransomware is on a steady rise and according to Veeam, businesses had to pay $11.7 on average in 2017 due to ransomware attacks. Alarmingly, the annual ransomware-induced costs, including the ransom and the damages caused by ransomware attacks, are most likely to shoot beyond $11.5 billion by 2019
Birth and Evolution of Ransomware  Early Years 1. Born in 1989 and given the name “AIDS” 2. Focused attacks primarily in the healthcare industry 3. Encrypted files on a system and demanded ransom to decrypt them  Evolution and Adaptability 1. Utilization of more sophisticated algorithms such as RSA 2. Usage and ransom of cryptocurrencies like bitcoin to maintain anonymity. 3. Pre-built infrastructures and AES-256 encryption promote wide distribution.
Types of Ransomware Attacks  Locker Ransomware Deny access to computing resources. Locks computer Displays official message Limits user’s capabilities  Crypto Ransomware Find and encrypt valuable data stored on user’s computer Makes data useless Computer does not have limited access Attacker uses information to extort the user into giving them money
 Jigsaw Ransomware Encrypts important information Starts deleting the files until ransom is paid 72 hour mark and the user loses all their information  KeRanger Ransomware Encrypt Mac users backup files Not able to recover anything Ransom of about $400  WannaCry Encrypts user’s data Ransom of about $300 using Bitcoins Increases ransom or delete the user’s files stored in the computer
How Ransomware works  Ransomware is a prominent and fast growing threat which takes user files, encrypts them and creates decryption key making the user’s files inaccessible until some sort of ransom is paid  Ransomware attacks work in that malware sent from the hacker can be spread through malicious email attachments, infected external storage devices and websites that are compromised
Anatomy of ransomware attack  A ransomware attack is a multi-step process. If the proper defenses are in place at the various steps of the attack, the impact can be greatly reduced.  Delivery and exploit: Ransomware is delivered through a certain mechanism (e.g.: phishing) and finds a vulnerability or a victim to attack  Install and disarm: Ransomware installs itself and lower the security poster of the victim machine  Occupy and encrypt: Establish communication with the command and control server and encrypt data files and mapped drivers  Demand ransom: Users attempt to access files and are alerted that the data has been encrypted  Decrypt: Decryption keys will only be provided on payment of a ransom
Secure and Protect  On the computer Do not store important data Backup important files After usage, disconnect from the cloud  In the Browser Remove plugins from your browser Adjust browser’s security settings Use an ad blocker  Security Tools Have a real time scanner Have your firewall on Use internet security suite’s
 Online Do not open spam emails Never download attachments from spam email Only open emails from known recipients  Infected? Disconnect your computer Contact and IT professional Report the crime If absolutely necessary, pay the ransom
Why backup testing & Having a DR plan  Many organizations recognize the need for a disaster recovery plan; however the majority don’t have one in place. Those that have a DR plan often don’t test it. • 80% of U.S. companies lack a DR plan • 50% of small and midsized businesses (SMBs) worldwide have no DR plan • 72% of SMBs worldwide that have a DR plan have never tested it • 25% of reported DR tests fail  So why aren’t DR plans being tested, or being tested more often? • 40% of SMBs fear that DR testing will impact their business operations and their customers • 27% of SMBs fear disruption to their sales and revenue • 48% of SMBs claim that they lack the resources to test their DR plans on a regular basis
Building a disaster recovery plan  Disaster recovery planning is the plan put in place to recover from a disaster or interruption of key services. The business continuity plan includes:  Creating of business continuity and disaster recovery policy  Business impact analysis  Classification of operations and criticality analysis  Development of a business continuity plan and disaster recover procedures  Training and awareness, Testing  Ongoing Monitoring
Know your environment and SLA’S • Recovery point objectives • How much lost data can you afford? • Data size/change rate (i.e. what is feasible?) • Recovery time objectives • How long can you afford to be down? • SLA’s Determine Which Cloud Provider • Depending on the recovery time, 4 different ways to choose: 3RD Party Cloud, Replication, DRaaS or Manufacturers Cloud
Real world examples of Ransomware
440890252-RANSOMWARE.cybersecurity-ppt.pptx
440890252-RANSOMWARE.cybersecurity-ppt.pptx

More Related Content

PDF
Combating RANSOMWare
byUmer Saeed
 
PDF
The Complete Guide to Ransomware Protection for SMBs
byProtected Harbor
 
PDF
What is ransomware?
byMilan Santana
 
PDF
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
byRoger Hagedorn
 
PPTX
Ransomware attack
byAmna
 
PDF
Ransomware ly
byLisa Young
 
PPTX
Ransomware
byChaitali Sharma
 
PDF
Ransomware all locked up book
byDiego Souza
 
Combating RANSOMWare
byUmer Saeed
 
The Complete Guide to Ransomware Protection for SMBs
byProtected Harbor
 
What is ransomware?
byMilan Santana
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
byRoger Hagedorn
 
Ransomware attack
byAmna
 
Ransomware ly
byLisa Young
 
Ransomware
byChaitali Sharma
 
Ransomware all locked up book
byDiego Souza
 

Similar to 440890252-RANSOMWARE.cybersecurity-ppt.pptx

PPTX
Ransomware : A cyber crime without solution ? by Prashant Mali
byAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
PPTX
Defend Your Company Against Ransomware
byKevo Meehan
 
PDF
Get Smart about Ransomware: Protect Yourself and Organization
bySecurity Innovation
 
PPTX
MMW April 2016 Ransomware Resurgence
byCyphort
 
PDF
SMB Guide-to-Ransomware
byDave Augustine
 
PDF
Ransomware (1).pdf
byHiYeti1
 
PDF
How to Help Your Customers Protect Themselves from Ransomware Attacks
bySolarwinds N-able
 
PPTX
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
byMavrickHost - Reliable Hosting Partner
 
PPTX
Web Security.pptx
byAnnMichelleDiaz
 
PPTX
What is Ransomware
byjeetendra mandal
 
PDF
Ransomware_PDF
byRen Hao
 
PDF
Ransomware
byPrachi Gulihar
 
PDF
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
byAshishDPatel1
 
PDF
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
byRSIS International
 
PDF
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
byRSIS International
 
PDF
Null mumbai Session on ransomware by_Aditya Jamkhande
bynullowaspmumbai
 
PPTX
Ransomware
byAkshita Pillai
 
PPTX
EverSec + Cyphort: Big Trends in Cybersecurity
byCyphort
 
PDF
Ransomeware : A High Profile Attack
byIRJET Journal
 
PDF
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
byNCCOMMS
 
Ransomware : A cyber crime without solution ? by Prashant Mali
byAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Defend Your Company Against Ransomware
byKevo Meehan
 
Get Smart about Ransomware: Protect Yourself and Organization
bySecurity Innovation
 
MMW April 2016 Ransomware Resurgence
byCyphort
 
SMB Guide-to-Ransomware
byDave Augustine
 
Ransomware (1).pdf
byHiYeti1
 
How to Help Your Customers Protect Themselves from Ransomware Attacks
bySolarwinds N-able
 
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
byMavrickHost - Reliable Hosting Partner
 
Web Security.pptx
byAnnMichelleDiaz
 
What is Ransomware
byjeetendra mandal
 
Ransomware_PDF
byRen Hao
 
Ransomware
byPrachi Gulihar
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
byAshishDPatel1
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
byRSIS International
 
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
byRSIS International
 
Null mumbai Session on ransomware by_Aditya Jamkhande
bynullowaspmumbai
 
Ransomware
byAkshita Pillai
 
EverSec + Cyphort: Big Trends in Cybersecurity
byCyphort
 
Ransomeware : A High Profile Attack
byIRJET Journal
 
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
byNCCOMMS
 

Recently uploaded

PPTX
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
PDF
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
PDF
Animated Safety Induction: A Smarter Way to Onboard for Workplace Safety
byTECH EHS Solution
 
PPTX
Best Digital Marketing Company in Lucknow
bydigitallearning9277
 
PDF
Massage Booking App Development Company
byV3CUBE TECHNOLABS
 
PPTX
Chapter Two Logic and Language - Copy.pptx
byGediyonBelay
 
PDF
On Demand Massage Therapist Booking App Development
byV3CUBE TECHNOLABS
 
PDF
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
PDF
HuemanAI Platform Overview.pptx (1) (2).pdf
byAnkur Handoo
 
PPTX
Prime Teams – Real-Time Employee Monitoring & Project Management Software
byPrime Teams
 
PPTX
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
PDF
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
PPTX
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
PDF
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
PDF
Versnel innovatie met GitHub Enterprise - Rick Smit GitHub
byDelta-N
 
PDF
Complete iOS Delivery App Features & Admin Tools
byShiv Technolabs Pvt. Ltd.
 
PPTX
Introduction to n8n infrstructure and ho to install it
byMassimiliano Iommi
 
PDF
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
PDF
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
PDF
openstack_operations_slides_version1.3_pp.pdf
byssuser47d511
 
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
Animated Safety Induction: A Smarter Way to Onboard for Workplace Safety
byTECH EHS Solution
 
Best Digital Marketing Company in Lucknow
bydigitallearning9277
 
Massage Booking App Development Company
byV3CUBE TECHNOLABS
 
Chapter Two Logic and Language - Copy.pptx
byGediyonBelay
 
On Demand Massage Therapist Booking App Development
byV3CUBE TECHNOLABS
 
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
HuemanAI Platform Overview.pptx (1) (2).pdf
byAnkur Handoo
 
Prime Teams – Real-Time Employee Monitoring & Project Management Software
byPrime Teams
 
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
Versnel innovatie met GitHub Enterprise - Rick Smit GitHub
byDelta-N
 
Complete iOS Delivery App Features & Admin Tools
byShiv Technolabs Pvt. Ltd.
 
Introduction to n8n infrstructure and ho to install it
byMassimiliano Iommi
 
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
openstack_operations_slides_version1.3_pp.pdf
byssuser47d511
 

440890252-RANSOMWARE.cybersecurity-ppt.pptx

  • 1.
  • 2.
    Overview Below is whatwe will be going over in our presentation.  Introduction of Ransomware.  Background and history of Ransomware.  Types of Ransomware attacks.  What you can do to protect yourself from Ransomware.  Backup and DR planning.  Real world examples of Ransomware.
  • 3.
    What is Ransomware? One of the most prominent and fast growing threats which: 1.Takes users files 2. Encrypts them 3. And creates a decryption key This makes the user’s files inaccessible until some sort of Ransom is paid. Two main types of Ransomware. 1. Encryptors- which incorporate encryption algorithm s to black system files and demand some sort of payment to be able to access the key to decrypt victims files. 2. Locker – completely locks users out of their devices by not allowing them to or locking them out of their operating system until the desired ransom is paid.
  • 4.
    History of Ransomware It’s been said that Ransomware was introduced as an AIDS Trojan in 1989 when Harvard-educated biologist Joseph L. Popp sent 20,000 compromised diskettes named “AIDS Information – Introductory Diskettes” to attendees of the internal AIDS conference organized by the World Health Organization. The Trojan worked by encrypting the file names on the customers’ computer and hiding directories. The victims were asked to pay $189 to PC Cyborg Corp. at a mailbox in Panama.  From 2006 and on, cybercriminals have become more active and started using asymmetric RSA encryption. They launched the Archives Trojan that encrypted the files of the My Documents directory. Victims were promised access to the 30-digit password only if they decided to purchase from an online pharmacy.  After 2012, ransomware started spreading worldwide, infecting systems and transforming into more sophisticated forms to promote easier attack delivery as the years rolled by. In Q3, about 60,000 new ransomware was discovered, which doubled to over 200,000 in Q3 of 2012.  The first version of CryptoLocker appeared in September 2013 and the first copycat software called Locker was introduced in December of that year.  Ransomware has been creatively defined by the U.S. Department of Justice as a new model of cybercrime with a potential to cause impacts on a global scale. Stats indicate that the use of ransomware is on a steady rise and according to Veeam, businesses had to pay $11.7 on average in 2017 due to ransomware attacks. Alarmingly, the annual ransomware-induced costs, including the ransom and the damages caused by ransomware attacks, are most likely to shoot beyond $11.5 billion by 2019
  • 5.
    Birth and Evolutionof Ransomware  Early Years 1. Born in 1989 and given the name “AIDS” 2. Focused attacks primarily in the healthcare industry 3. Encrypted files on a system and demanded ransom to decrypt them  Evolution and Adaptability 1. Utilization of more sophisticated algorithms such as RSA 2. Usage and ransom of cryptocurrencies like bitcoin to maintain anonymity. 3. Pre-built infrastructures and AES-256 encryption promote wide distribution.
  • 6.
    Types of RansomwareAttacks  Locker Ransomware Deny access to computing resources. Locks computer Displays official message Limits user’s capabilities  Crypto Ransomware Find and encrypt valuable data stored on user’s computer Makes data useless Computer does not have limited access Attacker uses information to extort the user into giving them money
  • 7.
     Jigsaw Ransomware Encryptsimportant information Starts deleting the files until ransom is paid 72 hour mark and the user loses all their information  KeRanger Ransomware Encrypt Mac users backup files Not able to recover anything Ransom of about $400  WannaCry Encrypts user’s data Ransom of about $300 using Bitcoins Increases ransom or delete the user’s files stored in the computer
  • 8.
    How Ransomware works Ransomware is a prominent and fast growing threat which takes user files, encrypts them and creates decryption key making the user’s files inaccessible until some sort of ransom is paid  Ransomware attacks work in that malware sent from the hacker can be spread through malicious email attachments, infected external storage devices and websites that are compromised
  • 9.
    Anatomy of ransomwareattack  A ransomware attack is a multi-step process. If the proper defenses are in place at the various steps of the attack, the impact can be greatly reduced.  Delivery and exploit: Ransomware is delivered through a certain mechanism (e.g.: phishing) and finds a vulnerability or a victim to attack  Install and disarm: Ransomware installs itself and lower the security poster of the victim machine  Occupy and encrypt: Establish communication with the command and control server and encrypt data files and mapped drivers  Demand ransom: Users attempt to access files and are alerted that the data has been encrypted  Decrypt: Decryption keys will only be provided on payment of a ransom
  • 10.
    Secure and Protect On the computer Do not store important data Backup important files After usage, disconnect from the cloud  In the Browser Remove plugins from your browser Adjust browser’s security settings Use an ad blocker  Security Tools Have a real time scanner Have your firewall on Use internet security suite’s
  • 11.
     Online Do notopen spam emails Never download attachments from spam email Only open emails from known recipients  Infected? Disconnect your computer Contact and IT professional Report the crime If absolutely necessary, pay the ransom
  • 12.
    Why backup testing& Having a DR plan  Many organizations recognize the need for a disaster recovery plan; however the majority don’t have one in place. Those that have a DR plan often don’t test it. • 80% of U.S. companies lack a DR plan • 50% of small and midsized businesses (SMBs) worldwide have no DR plan • 72% of SMBs worldwide that have a DR plan have never tested it • 25% of reported DR tests fail  So why aren’t DR plans being tested, or being tested more often? • 40% of SMBs fear that DR testing will impact their business operations and their customers • 27% of SMBs fear disruption to their sales and revenue • 48% of SMBs claim that they lack the resources to test their DR plans on a regular basis
  • 13.
    Building a disasterrecovery plan  Disaster recovery planning is the plan put in place to recover from a disaster or interruption of key services. The business continuity plan includes:  Creating of business continuity and disaster recovery policy  Business impact analysis  Classification of operations and criticality analysis  Development of a business continuity plan and disaster recover procedures  Training and awareness, Testing  Ongoing Monitoring
  • 14.
    Know your environmentand SLA’S • Recovery point objectives • How much lost data can you afford? • Data size/change rate (i.e. what is feasible?) • Recovery time objectives • How long can you afford to be down? • SLA’s Determine Which Cloud Provider • Depending on the recovery time, 4 different ways to choose: 3RD Party Cloud, Replication, DRaaS or Manufacturers Cloud
  • 15.
    Real world examplesof Ransomware