SlideShare a Scribd company logo

603535ransomware

Download as PPTX, PDF
Alexander Constantinou
Alexander Constantinou
1 of 13
The growing threat of Ransomware C Y B E R C R I M E , S E C U R I T Y A N D R I S K M A N A G E M E N T ( 2 0 1 5 ) A L E X A N D E R C O N S T A N T I N O U M S C F O R E N S I C I N F O R M A T I O N T E C H N O L O G Y 6 0 3 5 5 8
Key areas 1. What is Cyber crime – Definition & Explanation 2. What is ransomware - Focus is on CryptoLocker 3. Future predictions for ransomware attacks 4. Reducing the risk of ransomware attacks
1.What is Cyber crime – Definition & Explanation Defining Cyber Crime Information technology experts, police, lawyers, criminologists, and security experts comprehend the concept of ‘cyber crime’ differently. (Brown, 2015) Example definitions: “the use of computers or other electronic devices via information systems to facilitate illegal behaviours” (McQuade, 2006, p. 2) “the illegal activities undertaken by criminals for financial gain, which exploit vulnerabilities in the use of the Internet and other electronic systems to illicitly access or attack information and services used by citizens, business and government” (Detica ,2011, p.1)
2.1 What is Ransomware? • Ransomware is malware that asks for a sum of money in order to reverse the effects that have occurred on the victim(s) system. (Garber, 2013) • Ransomware typically circulates as a Trojan horse - by opening a seemingly harmless file - install a backdoor to a command and control server • CryptoLocker today is considered one the most notorious strands of ransomware. (Smeby, Chapple & Seidl, 2014)
2.2Why CryptoLocker was successful 1/2 1. Infect 250,000 windows based systems during first 100 days (Dell SercureWorks, 2013) 2. Ransom accumulation: approximately $380,000 (Jarvis, 2013) 3. CryptoLocker distinction: ◦ Uses a combination of asymmetric RSA 2048 bit encryption and AES 256 symmetric encryption. CryptoLocker prevents system restore and deletes all shadow volumes on all mapped drives ◦ "C:WindowsSYsWOW64cmd.exe" /C "C:WindowsSysnativevssadmin.exe" Delete Shadows /All /Quiet
Desktop Operating System Market Share
2.2Why CryptoLocker was successful 2/2 1. A viable business model for criminals - estimated $100 million (Fanning, 2015) 2. Through anonymous payment bitcoin (low risk and high reward) -Rational Choice theory 3. Hidden server only accessible to the cybercriminal (Anonymity and irreversible)
RSA public encryption
3.Future predictions for ransomware attacks 1/2 Android ransomware detection statistics, according to ESET LiveGrid http://www.welivesecurity.com/wp- content/uploads/2016/02/Rise_of_Android_Ransomware.pdf
3.Future predictions for ransomware attacks 2/2 Cross platform ransomware -Ransom32 ( first of its kind) January 3 2016 -Uses a Node.js runtime environment (JavaScript) -Encrypts with AES 128bit •Cloud -Services to be held at ransom? -Further research required
4. Reducing the risk of ransomware attacks 1. Frequently backup data, on multiple backup devices 2. Frequently install important security updates 3. Invest in a strong Antivirus , one that prevents registry changes without consent 4. Be wary when opening files One way to know if a file is legitimate is to disable “hide known file types” in folder options Example: Disabled hide known file types it would appear like this “importantdocument.pdf.exe “ easily can tell its not pdf Left enabled hide known file types it would appear like this : “importantdocument.pdf” contains CryptoLocker but appears to be pdf
Simple step but effective
References •Brown, C. S. (2015). Investigating and Prosecuting Cyber Crime: Forensic Dependencies and Barriers to Justice. International Journal of Cyber Criminology, 9(1), 55-119 •Dell SercureWorks. (2013). CryptoLocker Ransomware. Dell SecureWorks. Retrieved 24 February 2016, from http://www.secureworks.com/cyber-threatintelligence/threats/cryptolocker-ransomware •Detica. (2011).The Cost of Cyber Crime. Retrieved 24 February 2016, from https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60943/the-cost-of-cyber-crime- full-report.pdf •MediaCenter Panda Security,. (2016). CryptoLocker - What Is and How to Avoid the malware. Pandasecurity.com. Retrieved 24 February 2016, from http://www.pandasecurity.com/mediacenter/malware/cryptolocker/ •McQuade, Samuel (2011). Cybercrime. In The Oxford Handbook of Crime and Public Policy, by Michael Tonry. Oxford University Press. •Smeby, C., Chapple, M., & Seidl, D. (2014). Cyberwarfare. Jones & Bartlett Learning, LLC

Recommended

Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanMalware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanCyphort
 
Blackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareBlackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareJohn Bambenek
 
Ransomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataRansomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataInderjeet Singh
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing RansomwareNapier University
 
Cryptolocker Ransomware Attack
Cryptolocker Ransomware AttackCryptolocker Ransomware Attack
Cryptolocker Ransomware AttackKeval Bhogayata
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing ThreatNick Miller
 
Ransomware
RansomwareRansomware
RansomwareAkshita Pillai
 
Ransomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, PreventionRansomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, PreventionMohammad Yahya
 

Recommended

Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanMalware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanCyphort
 
Blackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareBlackhat USA 2014 - The New Scourge of Ransomware
Blackhat USA 2014 - The New Scourge of RansomwareJohn Bambenek
 
Ransomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataRansomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataInderjeet Singh
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing RansomwareNapier University
 
Cryptolocker Ransomware Attack
Cryptolocker Ransomware AttackCryptolocker Ransomware Attack
Cryptolocker Ransomware AttackKeval Bhogayata
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing ThreatNick Miller
 
Ransomware
RansomwareRansomware
RansomwareAkshita Pillai
 
Ransomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, PreventionRansomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, PreventionMohammad Yahya
 
How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareKaspersky
 
Ransomware attacks 2017
Ransomware attacks 2017Ransomware attacks 2017
Ransomware attacks 2017Thesis Scientist Private Limited
 
Ransomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessRansomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessCalyptix Security
 
Ransomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceRansomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceZubair Baig
 
Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?Aaron Lancaster
 
"There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow""There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow"Christiaan Beek
 
WannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareWannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareAyoub Rouzi
 
Ransomware: Mitigation Through Preparation
Ransomware: Mitigation Through PreparationRansomware: Mitigation Through Preparation
Ransomware: Mitigation Through PreparationHostway|HOSTING
 
Ransomware
Ransomware Ransomware
Ransomware Armor
 
Ransomware
RansomwareRansomware
RansomwareNick Miller
 
Ransomware: Wannacry
Ransomware: WannacryRansomware: Wannacry
Ransomware: WannacryMikel Solabarrieta
 
Ransomware Attack
Ransomware AttackRansomware Attack
Ransomware Attackdoiss delhi
 
WannaCry ransomware attack
WannaCry ransomware attackWannaCry ransomware attack
WannaCry ransomware attackAbdelhakim Salama
 
Wannacry
WannacryWannacry
WannacryGunther Clauwaert
 
What is wanna cry ransomware attack
What is wanna cry ransomware attackWhat is wanna cry ransomware attack
What is wanna cry ransomware attacki-engage
 
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...ClearDATACloud
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFAndy Thompson
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 
Policy brief-pena-psap-konphalindo-indonesian
Policy brief-pena-psap-konphalindo-indonesianPolicy brief-pena-psap-konphalindo-indonesian
Policy brief-pena-psap-konphalindo-indonesianAksi SETAPAK
 
Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...
Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...
Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...Nexie_verena
 

More Related Content

What's hot

How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareKaspersky
 
Ransomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessRansomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessCalyptix Security
 
Ransomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceRansomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceZubair Baig
 
Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?Aaron Lancaster
 
"There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow""There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow"Christiaan Beek
 
WannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareWannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareAyoub Rouzi
 
Ransomware: Mitigation Through Preparation
Ransomware: Mitigation Through PreparationRansomware: Mitigation Through Preparation
Ransomware: Mitigation Through PreparationHostway|HOSTING
 
Ransomware
Ransomware Ransomware
Ransomware Armor
 
Ransomware Attack
Ransomware AttackRansomware Attack
Ransomware Attackdoiss delhi
 
What is wanna cry ransomware attack
What is wanna cry ransomware attackWhat is wanna cry ransomware attack
What is wanna cry ransomware attacki-engage
 
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...ClearDATACloud
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFAndy Thompson
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 

What's hot (20)

How to protect your business from Wannacry Ransomware
How to protect your business from Wannacry RansomwareHow to protect your business from Wannacry Ransomware
How to protect your business from Wannacry Ransomware
 
Ransomware attacks 2017
Ransomware attacks 2017Ransomware attacks 2017
Ransomware attacks 2017
 
Ransomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessRansomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT business
 
Ransomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceRansomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion Menace
 
Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?
 
"There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow""There's a pot of Bitcoins behind the ransomware rainbow"
"There's a pot of Bitcoins behind the ransomware rainbow"
 
WannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt RansomwareWannaCry / Wannacrypt Ransomware
WannaCry / Wannacrypt Ransomware
 
Ransomware: Mitigation Through Preparation
Ransomware: Mitigation Through PreparationRansomware: Mitigation Through Preparation
Ransomware: Mitigation Through Preparation
 
Ransomware
Ransomware Ransomware
Ransomware
 
Ransomware
RansomwareRansomware
Ransomware
 
Ransomware: Wannacry
Ransomware: WannacryRansomware: Wannacry
Ransomware: Wannacry
 
Ransomware Attack
Ransomware AttackRansomware Attack
Ransomware Attack
 
WannaCry ransomware attack
WannaCry ransomware attackWannaCry ransomware attack
WannaCry ransomware attack
 
Wannacry
WannacryWannacry
Wannacry
 
What is wanna cry ransomware attack
What is wanna cry ransomware attackWhat is wanna cry ransomware attack
What is wanna cry ransomware attack
 
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomware
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry Ransomware
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDF
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
 

Viewers also liked

Policy brief-pena-psap-konphalindo-indonesian
Policy brief-pena-psap-konphalindo-indonesianPolicy brief-pena-psap-konphalindo-indonesian
Policy brief-pena-psap-konphalindo-indonesianAksi SETAPAK
 
Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...
Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...
Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...Nexie_verena
 
Rutina de ingles geraldine
Rutina de ingles geraldineRutina de ingles geraldine
Rutina de ingles geraldinegeraldine220612
 
Presentación DHTIC
Presentación DHTICPresentación DHTIC
Presentación DHTICadareli20
 
Пьецух В. "Что такое литература, и как это делается"
Пьецух В. "Что такое литература, и как это делается"Пьецух В. "Что такое литература, и как это делается"
Пьецух В. "Что такое литература, и как это делается"инна ветрова
 
NextCarPrediction
NextCarPredictionNextCarPrediction
NextCarPredictionJawed Khan
 
B.i.g. paint system delivers unprecedented results to protect your investment
B.i.g. paint system delivers unprecedented results to protect your investmentB.i.g. paint system delivers unprecedented results to protect your investment
B.i.g. paint system delivers unprecedented results to protect your investmentNexie_verena
 
Vertikalna farma
Vertikalna farmaVertikalna farma
Vertikalna farmaJoso Marich
 
SeedInvest Overview
SeedInvest OverviewSeedInvest Overview
SeedInvest OverviewSeedInvest
 
Qu'est que le Saint-Esprit ?
Qu'est que le Saint-Esprit ?Qu'est que le Saint-Esprit ?
Qu'est que le Saint-Esprit ?Pierrot Caron
 
The Kite Runner - Introduction to the book
The Kite Runner - Introduction to the bookThe Kite Runner - Introduction to the book
The Kite Runner - Introduction to the bookVisionary01
 
Korsup minerba-medan-sampul-dan-isi
Korsup minerba-medan-sampul-dan-isiKorsup minerba-medan-sampul-dan-isi
Korsup minerba-medan-sampul-dan-isiAksi SETAPAK
 

Viewers also liked (15)

Policy brief-pena-psap-konphalindo-indonesian
Policy brief-pena-psap-konphalindo-indonesianPolicy brief-pena-psap-konphalindo-indonesian
Policy brief-pena-psap-konphalindo-indonesian
 
Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...
Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...
Hardening the Perimeter: The Role of the Guard Booth, Security Solutions and ...
 
Rutina de ingles geraldine
Rutina de ingles geraldineRutina de ingles geraldine
Rutina de ingles geraldine
 
FIBRES TÈXTILS
FIBRES TÈXTILSFIBRES TÈXTILS
FIBRES TÈXTILS
 
Presentación DHTIC
Presentación DHTICPresentación DHTIC
Presentación DHTIC
 
MVRE
MVREMVRE
MVRE
 
Пьецух В. "Что такое литература, и как это делается"
Пьецух В. "Что такое литература, и как это делается"Пьецух В. "Что такое литература, и как это делается"
Пьецух В. "Что такое литература, и как это делается"
 
NextCarPrediction
NextCarPredictionNextCarPrediction
NextCarPrediction
 
B.i.g. paint system delivers unprecedented results to protect your investment
B.i.g. paint system delivers unprecedented results to protect your investmentB.i.g. paint system delivers unprecedented results to protect your investment
B.i.g. paint system delivers unprecedented results to protect your investment
 
Vertikalna farma
Vertikalna farmaVertikalna farma
Vertikalna farma
 
SeedInvest Overview
SeedInvest OverviewSeedInvest Overview
SeedInvest Overview
 
MusicFIRST
MusicFIRSTMusicFIRST
MusicFIRST
 
Qu'est que le Saint-Esprit ?
Qu'est que le Saint-Esprit ?Qu'est que le Saint-Esprit ?
Qu'est que le Saint-Esprit ?
 
The Kite Runner - Introduction to the book
The Kite Runner - Introduction to the bookThe Kite Runner - Introduction to the book
The Kite Runner - Introduction to the book
 
Korsup minerba-medan-sampul-dan-isi
Korsup minerba-medan-sampul-dan-isiKorsup minerba-medan-sampul-dan-isi
Korsup minerba-medan-sampul-dan-isi
 

Similar to 603535ransomware

Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Chema Alonso
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...AshishDPatel1
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...RSIS International
 
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...RSIS International
 
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...Jay Beale
 
3 Tips to Stay Safe Online in 2017
3 Tips to Stay Safe Online in 20173 Tips to Stay Safe Online in 2017
3 Tips to Stay Safe Online in 2017Bret Piatt
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52Felipe Prado
 
Nominum 2016 Fall Data Revelations Security Report
Nominum 2016 Fall Data Revelations Security ReportNominum 2016 Fall Data Revelations Security Report
Nominum 2016 Fall Data Revelations Security ReportYuriy Yuzifovich
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Nominum Data Science Security Report, Fall 2016
Nominum Data Science Security Report, Fall 2016Nominum Data Science Security Report, Fall 2016
Nominum Data Science Security Report, Fall 2016Brian Metzger
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
 
Slingshot APT - Critical Vulnerability through routers
Slingshot APT - Critical Vulnerability through routersSlingshot APT - Critical Vulnerability through routers
Slingshot APT - Critical Vulnerability through routersK. A. M Lutfullah
 
Ransomware (1).pdf
Ransomware (1).pdfRansomware (1).pdf
Ransomware (1).pdfHiYeti1
 
Cyber Security DepartmentGraduation Project (407422)
Cyber Security DepartmentGraduation Project (407422)Cyber Security DepartmentGraduation Project (407422)
Cyber Security DepartmentGraduation Project (407422)OllieShoresna
 
Meeting02_RoT.pptx
Meeting02_RoT.pptxMeeting02_RoT.pptx
Meeting02_RoT.pptxothmanomar13
 
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary ReadingThe Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary ReadingMuhammad FAHAD
 
WHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareWHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareSymantec
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manualRoel Palmaers
 

Similar to 603535ransomware (20)

Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64
 
Ransomware ly
Ransomware lyRansomware ly
Ransomware ly
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
 
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
 
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
Crypto-Jacking, Ransomware & Worming Malware's Frightening Future (Keynote an...
 
3 Tips to Stay Safe Online in 2017
3 Tips to Stay Safe Online in 20173 Tips to Stay Safe Online in 2017
3 Tips to Stay Safe Online in 2017
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52
 
Nominum 2016 Fall Data Revelations Security Report
Nominum 2016 Fall Data Revelations Security ReportNominum 2016 Fall Data Revelations Security Report
Nominum 2016 Fall Data Revelations Security Report
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Nominum Data Science Security Report, Fall 2016
Nominum Data Science Security Report, Fall 2016Nominum Data Science Security Report, Fall 2016
Nominum Data Science Security Report, Fall 2016
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
Slingshot APT - Critical Vulnerability through routers
Slingshot APT - Critical Vulnerability through routersSlingshot APT - Critical Vulnerability through routers
Slingshot APT - Critical Vulnerability through routers
 
Ransomware (1).pdf
Ransomware (1).pdfRansomware (1).pdf
Ransomware (1).pdf
 
Cyber Security DepartmentGraduation Project (407422)
Cyber Security DepartmentGraduation Project (407422)Cyber Security DepartmentGraduation Project (407422)
Cyber Security DepartmentGraduation Project (407422)
 
Meeting02_RoT.pptx
Meeting02_RoT.pptxMeeting02_RoT.pptx
Meeting02_RoT.pptx
 
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary ReadingThe Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
 
Web Security.pptx
Web Security.pptxWeb Security.pptx
Web Security.pptx
 
WHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareWHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of Ransomware
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manual
 

603535ransomware

  • 1. The growing threat of Ransomware C Y B E R C R I M E , S E C U R I T Y A N D R I S K M A N A G E M E N T ( 2 0 1 5 ) A L E X A N D E R C O N S T A N T I N O U M S C F O R E N S I C I N F O R M A T I O N T E C H N O L O G Y 6 0 3 5 5 8
  • 2. Key areas 1. What is Cyber crime – Definition & Explanation 2. What is ransomware - Focus is on CryptoLocker 3. Future predictions for ransomware attacks 4. Reducing the risk of ransomware attacks
  • 3. 1.What is Cyber crime – Definition & Explanation Defining Cyber Crime Information technology experts, police, lawyers, criminologists, and security experts comprehend the concept of ‘cyber crime’ differently. (Brown, 2015) Example definitions: “the use of computers or other electronic devices via information systems to facilitate illegal behaviours” (McQuade, 2006, p. 2) “the illegal activities undertaken by criminals for financial gain, which exploit vulnerabilities in the use of the Internet and other electronic systems to illicitly access or attack information and services used by citizens, business and government” (Detica ,2011, p.1)
  • 4. 2.1 What is Ransomware? • Ransomware is malware that asks for a sum of money in order to reverse the effects that have occurred on the victim(s) system. (Garber, 2013) • Ransomware typically circulates as a Trojan horse - by opening a seemingly harmless file - install a backdoor to a command and control server • CryptoLocker today is considered one the most notorious strands of ransomware. (Smeby, Chapple & Seidl, 2014)
  • 5. 2.2Why CryptoLocker was successful 1/2 1. Infect 250,000 windows based systems during first 100 days (Dell SercureWorks, 2013) 2. Ransom accumulation: approximately $380,000 (Jarvis, 2013) 3. CryptoLocker distinction: ◦ Uses a combination of asymmetric RSA 2048 bit encryption and AES 256 symmetric encryption. CryptoLocker prevents system restore and deletes all shadow volumes on all mapped drives ◦ "C:WindowsSYsWOW64cmd.exe" /C "C:WindowsSysnativevssadmin.exe" Delete Shadows /All /Quiet
  • 7. 2.2Why CryptoLocker was successful 2/2 1. A viable business model for criminals - estimated $100 million (Fanning, 2015) 2. Through anonymous payment bitcoin (low risk and high reward) -Rational Choice theory 3. Hidden server only accessible to the cybercriminal (Anonymity and irreversible)
  • 9. 3.Future predictions for ransomware attacks 1/2 Android ransomware detection statistics, according to ESET LiveGrid http://www.welivesecurity.com/wp- content/uploads/2016/02/Rise_of_Android_Ransomware.pdf
  • 10. 3.Future predictions for ransomware attacks 2/2 Cross platform ransomware -Ransom32 ( first of its kind) January 3 2016 -Uses a Node.js runtime environment (JavaScript) -Encrypts with AES 128bit •Cloud -Services to be held at ransom? -Further research required
  • 11. 4. Reducing the risk of ransomware attacks 1. Frequently backup data, on multiple backup devices 2. Frequently install important security updates 3. Invest in a strong Antivirus , one that prevents registry changes without consent 4. Be wary when opening files One way to know if a file is legitimate is to disable “hide known file types” in folder options Example: Disabled hide known file types it would appear like this “importantdocument.pdf.exe “ easily can tell its not pdf Left enabled hide known file types it would appear like this : “importantdocument.pdf” contains CryptoLocker but appears to be pdf
  • 12. Simple step but effective
  • 13. References •Brown, C. S. (2015). Investigating and Prosecuting Cyber Crime: Forensic Dependencies and Barriers to Justice. International Journal of Cyber Criminology, 9(1), 55-119 •Dell SercureWorks. (2013). CryptoLocker Ransomware. Dell SecureWorks. Retrieved 24 February 2016, from http://www.secureworks.com/cyber-threatintelligence/threats/cryptolocker-ransomware •Detica. (2011).The Cost of Cyber Crime. Retrieved 24 February 2016, from https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60943/the-cost-of-cyber-crime- full-report.pdf •MediaCenter Panda Security,. (2016). CryptoLocker - What Is and How to Avoid the malware. Pandasecurity.com. Retrieved 24 February 2016, from http://www.pandasecurity.com/mediacenter/malware/cryptolocker/ •McQuade, Samuel (2011). Cybercrime. In The Oxford Handbook of Crime and Public Policy, by Michael Tonry. Oxford University Press. •Smeby, C., Chapple, M., & Seidl, D. (2014). Cyberwarfare. Jones & Bartlett Learning, LLC