SlideShare a Scribd company logo
Defend Your
Company
Against
Ransomware!
• What is Ransomware?
• How does it affect you?
• Real world example
• What to do if you are a victim of
Ransomware?
• General Security Best Tips
Agenda
Ransomware is a type of malicious software that restricts
access to a victim’s infected computer while demanding that
the victim pay money to the operators of the malicious software
before that software is removed and access is regained.
What is Ransomware?
Ransomware can:
 Prevent you from accessing your operating system
 Encrypt all of your files
 Prevent you from running an application (like a browser)
 Disrupt your use of a smart TV, smart watch, or other smart
appliances
Once one of the above happens, there is no guarantee that
paying the demanded ransom will restore your machine back to
normal.
– Payment is always the goal of
the attackers
– …..(but restoring access to a
computer once the payment
has been made is not always
possible)
– The return on investment for
the attackers is very high with
this type of attack.
What is the goal of attacks?
Reason #1:
Ease of use
Reason #2:
Propagation of Bitcoins
(an increasingly common type of internet currency that is often demanded as
ransom due to its untraceable nature)
Reason #3:
Often, the ransom the attackers demand to clean up the damage is cheaper
than hiring a security team to attempt to remove the malware.
Why has Ransomware become so popular
among cyber thieves?
Source: https://www.microsoft.com/en-
us/security/portal/mmpc/shared/ransomware.aspx
Ransomware comes in many forms
Ransomware 2016 Highlights
Source: https://www.trendmicro.com/vinfo/us/security/definition/ransomware
Attackers can restrict access to an infected
computer
How? By…
– Encrypting the hard drive with a encryption key
known only to the attackers
– Taking control of the operating system using a
vulnerability present in the operating system and
then displaying a message to the user telling
them they have been locked out
How Does It Affect You
Ransomware can be installed onto a victim’s machine
How? By…
– Tricking the user into opening a malicious attachment
– Copying a file to a machine that appears to be legitimate
– Downloading a malicious application
– Visiting a malicious website or a website that has been hacked
– Clicking on malicious links found in emails, social media websites,
and messaging apps.
Curiosity killed the cat
….and helps the bad guys install ransomware on victims’ computers.
How Does It Affect You
Real World Example
• Recently, large urban hospitals have been
targets of ransomware...
• March 2016: Hollywood Presbyterian
Hospital in Los Angeles paid $17,000 to
regain access to its computers
• March 2016: The largest healthcare
provider in Washington DC, MedStar
Health, was ransomed for over $18,000 to
gain access to its systems.
• This form of extortion can be painful to
organization not only for the monetary
loss, but also due to loss of reputation as
their company names are made public)
Target Spotlight: Large Hospitals
Real World Example
• How was it made?
– This ransomware was propagated using malicious email attachments. It also used an existing botnet called “Zeus” for
command and control of the malicious software.
• What did it do?
– CryptoLocker would encrypt certain types of files that were stored locally or on mounted network drives using a public
encryption key. CryptoLocker targeted computers running Windows.
Ransomware Spotlight: CryptoLocker
• Why was it hard to recover encrypted data?
– The private key that could decrypt the data was stored on the botnet’s
command and control servers. The malware was easy to
remove…but that wasn’t the point. Once the data was encrypted, the
damage was done.
• What was the ransom threat?
– then the private key needed to decrypt their data would be
deleted…or the ransom would increase by a significant amount
Ransomware Spotlight: CryptoLocker
• How was it beaten?
– The original version of CryptoLocker was taken down when an international operation consisting of law enforcement
agencies, security companies, and academic researchers was able to destroy the ZeuS botnet which had been used to
propagate CryptoLocker.
– “Operation Tovar” was able to sever the ZeuS botnet from its “command-and-control” servers. These servers had been
used to send commands to machines infected with CryptoLocker and other forms of malware.
– Security firms were then able to create a portal called “Decrypt CryptoLocker”, which enabled over 500,000 victims to
submit a file encrypted by CryptoLocker. The portal would then test that file against all of the encryption keys that had
been stored by the command-and-control servers to find the one that would decrypt the victim’s files.
• Keep An Eye Out…
– ...Updated versions of CryptoLocker and many other forms of ransomware have now become popular amongst cyber
criminals, so the threat still remains.
Ransomware Spotlight: CryptoLocker
What if YOU were the victim?
If your computer has been locked by malware or the files have been
encrypted…
Step 1:
Don’t Click On Anything!!
What if YOU were the victim?
Step 2:
Don’t Believe Scare Tactics
Older versions of ransomware would often claim that you had done
something illegal with your computer. This is a scare tactic to trick
victims into paying the ransom and not alerting the authorities.
…Don’t believe it!
What if YOU were the victim?
Step 3:
If at all possible, Don’t Pay the Ransom.
The fewer people and organizations that pay, the less likely that
ransomware will stay as profitable as it is now.
What if YOU were the victim?
Option 1:
• If you feel you are technically savvy, you can visit Microsoft’s
website for steps that might help decrypt your files.
Option 2:
• If you don’t feel comfortable trying that, we recommend taking
your computer to a well known computer repair shop that has
experience with removing ransomware and restoring files.
Implementing a multiple layer of defense technique is required to
defend computers against the crippling effects of ransomware.
My Recommendation:
Implement User Education
Train your staff in security awareness best practices, especially email and malware!
General Security Tips
What to Know About Malicious Software Detection Tools
 **Keep in Mind**...While these tools are useful, they may not be able to stop the most recent versions of this
malicious software because they are only able to identify the versions of the malicious software they
recognize
 Keep all of your software up to date, especially your browsers
 If possible, have a pop-up blocker running on your browsers
General Security Tips
Maintain a consistent data backup
policy
 This is the MOST IMPORTANT layer of defense.
 It is important to have a data backup policy where
system backups are stored in a location that is
inaccessible to the infected machine, preventing the
ransomware from encrypting the backups.
 The backups should be stored on removable media
or a drive that wasn’t connected when the
ransomware was installed and executed.
General Security Tips
In partnership with Security Innovation, Emenda can offer over
120 courses to help protect your business. To download our
latest course list, click here
For further information or to get in touch:
Contact Us
Visit Our Website
Further Information

More Related Content

What's hot

Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
OPSWAT
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
Arpit Mittal
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
Amjad Bhutto
 
Malicious software
Malicious softwareMalicious software
Malicious software
rajakhurram
 
Malicious Software and Virus
Malicious Software and Virus Malicious Software and Virus
Malicious Software and Virus
Tasif Tanzim
 
WHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareWHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of Ransomware
Symantec
 
Malicious software
Malicious softwareMalicious software
Malicious software
Dr.Florence Dayana
 
Malewareanalysis
Malewareanalysis Malewareanalysis
Malewareanalysis
ahmad abdelhafeez
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remedies
Manish Kumar
 
Virus (Trojan Horse,Salami Attack)
Virus (Trojan Horse,Salami Attack)Virus (Trojan Horse,Salami Attack)
Virus (Trojan Horse,Salami Attack)
Ferellica
 
Viruses & security threats
Viruses & security threatsViruses & security threats
Viruses & security threats
wardjo
 
Malware
MalwareMalware
Malware forensic
Malware forensicMalware forensic
Malware forensic
SumeraHangi
 
Modern Malware and Threats
Modern Malware and ThreatsModern Malware and Threats
Modern Malware and Threats
MarketingArrowECS_CZ
 
Counter Measures Of Virus
Counter Measures Of VirusCounter Measures Of Virus
Counter Measures Of Virus
shusrusha
 
Zero day exploit
Zero day exploitZero day exploit
Zero day exploit
Aashiq Ahamed N
 
Malicious software
Malicious softwareMalicious software
Malicious software
CAS
 
Lecture 12 malicious software
Lecture 12 malicious software Lecture 12 malicious software
Lecture 12 malicious software
rajakhurram
 
Ransomware: Prevention, privacy and your options post-breach
Ransomware: Prevention, privacy and your options post-breachRansomware: Prevention, privacy and your options post-breach
Ransomware: Prevention, privacy and your options post-breach
Gowling WLG
 
Trojan horse and salami attack
Trojan horse and salami attackTrojan horse and salami attack
Trojan horse and salami attack
guestc8c7c02bb
 

What's hot (20)

Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
Malicious Software and Virus
Malicious Software and Virus Malicious Software and Virus
Malicious Software and Virus
 
WHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareWHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of Ransomware
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
Malewareanalysis
Malewareanalysis Malewareanalysis
Malewareanalysis
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remedies
 
Virus (Trojan Horse,Salami Attack)
Virus (Trojan Horse,Salami Attack)Virus (Trojan Horse,Salami Attack)
Virus (Trojan Horse,Salami Attack)
 
Viruses & security threats
Viruses & security threatsViruses & security threats
Viruses & security threats
 
Malware
MalwareMalware
Malware
 
Malware forensic
Malware forensicMalware forensic
Malware forensic
 
Modern Malware and Threats
Modern Malware and ThreatsModern Malware and Threats
Modern Malware and Threats
 
Counter Measures Of Virus
Counter Measures Of VirusCounter Measures Of Virus
Counter Measures Of Virus
 
Zero day exploit
Zero day exploitZero day exploit
Zero day exploit
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
Lecture 12 malicious software
Lecture 12 malicious software Lecture 12 malicious software
Lecture 12 malicious software
 
Ransomware: Prevention, privacy and your options post-breach
Ransomware: Prevention, privacy and your options post-breachRansomware: Prevention, privacy and your options post-breach
Ransomware: Prevention, privacy and your options post-breach
 
Trojan horse and salami attack
Trojan horse and salami attackTrojan horse and salami attack
Trojan horse and salami attack
 

Viewers also liked

What is so special about Ratnagiri Alfonso?
What is so special about Ratnagiri Alfonso?What is so special about Ratnagiri Alfonso?
What is so special about Ratnagiri Alfonso?
Gouri Jadhav
 
Sir John Ellis Prize 2015 - KCL MBBS 2020 Curriculum Review
Sir John Ellis Prize 2015 - KCL MBBS 2020 Curriculum ReviewSir John Ellis Prize 2015 - KCL MBBS 2020 Curriculum Review
Sir John Ellis Prize 2015 - KCL MBBS 2020 Curriculum Review
therajivsethi
 
2 april 2017
2 april 20172 april 2017
2 april 2017
Niranjan Goyal
 
Aprendizaje por proyectos.
Aprendizaje por proyectos. Aprendizaje por proyectos.
Aprendizaje por proyectos.
Graciela Bertancud
 
Risk Management & Contingency Guideline Training Workshop
Risk Management & Contingency Guideline Training WorkshopRisk Management & Contingency Guideline Training Workshop
Risk Management & Contingency Guideline Training Workshop
Pedram Danesh-Mand
 
SSI WaterChat TM
SSI WaterChat TMSSI WaterChat TM
SSI WaterChat TM
TomFrankel
 
Creating Effective Data Visualizations for Online Learning
Creating Effective Data Visualizations for Online Learning Creating Effective Data Visualizations for Online Learning
Creating Effective Data Visualizations for Online Learning
Shalin Hai-Jew
 
Génesis y desarrollo de un proyecto eTwinning
Génesis y desarrollo de un proyecto eTwinningGénesis y desarrollo de un proyecto eTwinning
Génesis y desarrollo de un proyecto eTwinning
Angel Turrado
 
Consumption pattern & attitude of beer consumers
Consumption pattern & attitude of beer consumersConsumption pattern & attitude of beer consumers
Consumption pattern & attitude of beer consumers
Ajay Prathap
 
Organizational Network Analyses: a disruptive approach with HOW4
Organizational Network Analyses: a disruptive approach with HOW4Organizational Network Analyses: a disruptive approach with HOW4
Organizational Network Analyses: a disruptive approach with HOW4
Michela Visciola
 
SharePoint Saturday Warsaw: Seek a Modern and Intelligent Foundation for your...
SharePoint Saturday Warsaw: Seek a Modern and Intelligent Foundation for your...SharePoint Saturday Warsaw: Seek a Modern and Intelligent Foundation for your...
SharePoint Saturday Warsaw: Seek a Modern and Intelligent Foundation for your...
Vlad Catrinescu
 
R. Villano - Colophon libro Antibioticoresistenza
R. Villano - Colophon libro AntibioticoresistenzaR. Villano - Colophon libro Antibioticoresistenza
R. Villano - Colophon libro Antibioticoresistenza
Raimondo Villano
 
R. Villano - S.M.O.M.: Acismom
 R. Villano - S.M.O.M.: Acismom R. Villano - S.M.O.M.: Acismom
R. Villano - S.M.O.M.: Acismom
Raimondo Villano
 
Taiwan's Social Protection: Shift to Asset Accumulation Welfare Provision
Taiwan's Social Protection: Shift to Asset Accumulation Welfare ProvisionTaiwan's Social Protection: Shift to Asset Accumulation Welfare Provision
Taiwan's Social Protection: Shift to Asset Accumulation Welfare Provision
Mark Raygan Garcia
 
R. Villano - Las fotos (es p.9)
R. Villano - Las fotos (es p.9)R. Villano - Las fotos (es p.9)
R. Villano - Las fotos (es p.9)
Raimondo Villano
 
e-Commerce gio fatarella
e-Commerce gio fatarellae-Commerce gio fatarella
e-Commerce gio fatarella
Giorgio Fatarella
 

Viewers also liked (16)

What is so special about Ratnagiri Alfonso?
What is so special about Ratnagiri Alfonso?What is so special about Ratnagiri Alfonso?
What is so special about Ratnagiri Alfonso?
 
Sir John Ellis Prize 2015 - KCL MBBS 2020 Curriculum Review
Sir John Ellis Prize 2015 - KCL MBBS 2020 Curriculum ReviewSir John Ellis Prize 2015 - KCL MBBS 2020 Curriculum Review
Sir John Ellis Prize 2015 - KCL MBBS 2020 Curriculum Review
 
2 april 2017
2 april 20172 april 2017
2 april 2017
 
Aprendizaje por proyectos.
Aprendizaje por proyectos. Aprendizaje por proyectos.
Aprendizaje por proyectos.
 
Risk Management & Contingency Guideline Training Workshop
Risk Management & Contingency Guideline Training WorkshopRisk Management & Contingency Guideline Training Workshop
Risk Management & Contingency Guideline Training Workshop
 
SSI WaterChat TM
SSI WaterChat TMSSI WaterChat TM
SSI WaterChat TM
 
Creating Effective Data Visualizations for Online Learning
Creating Effective Data Visualizations for Online Learning Creating Effective Data Visualizations for Online Learning
Creating Effective Data Visualizations for Online Learning
 
Génesis y desarrollo de un proyecto eTwinning
Génesis y desarrollo de un proyecto eTwinningGénesis y desarrollo de un proyecto eTwinning
Génesis y desarrollo de un proyecto eTwinning
 
Consumption pattern & attitude of beer consumers
Consumption pattern & attitude of beer consumersConsumption pattern & attitude of beer consumers
Consumption pattern & attitude of beer consumers
 
Organizational Network Analyses: a disruptive approach with HOW4
Organizational Network Analyses: a disruptive approach with HOW4Organizational Network Analyses: a disruptive approach with HOW4
Organizational Network Analyses: a disruptive approach with HOW4
 
SharePoint Saturday Warsaw: Seek a Modern and Intelligent Foundation for your...
SharePoint Saturday Warsaw: Seek a Modern and Intelligent Foundation for your...SharePoint Saturday Warsaw: Seek a Modern and Intelligent Foundation for your...
SharePoint Saturday Warsaw: Seek a Modern and Intelligent Foundation for your...
 
R. Villano - Colophon libro Antibioticoresistenza
R. Villano - Colophon libro AntibioticoresistenzaR. Villano - Colophon libro Antibioticoresistenza
R. Villano - Colophon libro Antibioticoresistenza
 
R. Villano - S.M.O.M.: Acismom
 R. Villano - S.M.O.M.: Acismom R. Villano - S.M.O.M.: Acismom
R. Villano - S.M.O.M.: Acismom
 
Taiwan's Social Protection: Shift to Asset Accumulation Welfare Provision
Taiwan's Social Protection: Shift to Asset Accumulation Welfare ProvisionTaiwan's Social Protection: Shift to Asset Accumulation Welfare Provision
Taiwan's Social Protection: Shift to Asset Accumulation Welfare Provision
 
R. Villano - Las fotos (es p.9)
R. Villano - Las fotos (es p.9)R. Villano - Las fotos (es p.9)
R. Villano - Las fotos (es p.9)
 
e-Commerce gio fatarella
e-Commerce gio fatarellae-Commerce gio fatarella
e-Commerce gio fatarella
 

Similar to Defend Your Company Against Ransomware

Get Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and OrganizationGet Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and Organization
Security Innovation
 
lecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptxlecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptx
Zarwashgulrez
 
Ransomware and email security ver - 1.3
Ransomware and email security   ver - 1.3Ransomware and email security   ver - 1.3
Ransomware and email security ver - 1.3
Denise Bailey
 
Malicious
MaliciousMalicious
Malicious
Khyati Rajput
 
Computer virus
Computer virusComputer virus
Computer virus
sajeena81
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manual
Roel Palmaers
 
The Rise of Ransomware
The Rise of RansomwareThe Rise of Ransomware
The Rise of Ransomware
Tharindu Edirisinghe
 
What is Ransomware
What is RansomwareWhat is Ransomware
What is Ransomware
jeetendra mandal
 
Virus and its types 2
Virus and its types 2Virus and its types 2
Virus and its types 2
Saud G
 
NCERT Ransomeware and malware attacks.pdf
NCERT Ransomeware and malware attacks.pdfNCERT Ransomeware and malware attacks.pdf
NCERT Ransomeware and malware attacks.pdf
AkashKumar1733
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
William Mann
 
Ransomware Attack.pptx
Ransomware Attack.pptxRansomware Attack.pptx
Ransomware Attack.pptx
IkramSabir4
 
Information about malwares and Attacks.pptx
Information about malwares and Attacks.pptxInformation about malwares and Attacks.pptx
Information about malwares and Attacks.pptx
malikmuzammil2326
 
Ransomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptxRansomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptx
Infosectrain3
 
Computer viruses
Computer virusesComputer viruses
Computer viruses
Dark Side
 
Ransomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesRansomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation Techniques
Avinash Sinha
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous Malware
HTS Hosting
 
Malware Infections
Malware InfectionsMalware Infections
Malware Infections
Jessica Howard
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
LakshayNRReddy
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpur
Mohsin Dahar
 

Similar to Defend Your Company Against Ransomware (20)

Get Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and OrganizationGet Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and Organization
 
lecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptxlecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptx
 
Ransomware and email security ver - 1.3
Ransomware and email security   ver - 1.3Ransomware and email security   ver - 1.3
Ransomware and email security ver - 1.3
 
Malicious
MaliciousMalicious
Malicious
 
Computer virus
Computer virusComputer virus
Computer virus
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manual
 
The Rise of Ransomware
The Rise of RansomwareThe Rise of Ransomware
The Rise of Ransomware
 
What is Ransomware
What is RansomwareWhat is Ransomware
What is Ransomware
 
Virus and its types 2
Virus and its types 2Virus and its types 2
Virus and its types 2
 
NCERT Ransomeware and malware attacks.pdf
NCERT Ransomeware and malware attacks.pdfNCERT Ransomeware and malware attacks.pdf
NCERT Ransomeware and malware attacks.pdf
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Ransomware Attack.pptx
Ransomware Attack.pptxRansomware Attack.pptx
Ransomware Attack.pptx
 
Information about malwares and Attacks.pptx
Information about malwares and Attacks.pptxInformation about malwares and Attacks.pptx
Information about malwares and Attacks.pptx
 
Ransomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptxRansomware- A reality check (Part 1).pptx
Ransomware- A reality check (Part 1).pptx
 
Computer viruses
Computer virusesComputer viruses
Computer viruses
 
Ransomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation TechniquesRansomware Trends 2017 & Mitigation Techniques
Ransomware Trends 2017 & Mitigation Techniques
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous Malware
 
Malware Infections
Malware InfectionsMalware Infections
Malware Infections
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpur
 

Recently uploaded

Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
Baishakhi Ray
 
Finetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and DefendingFinetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and Defending
Priyanka Aash
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
janagijoythi
 
Accelerating Migrations = Recommendations
Accelerating Migrations = RecommendationsAccelerating Migrations = Recommendations
Accelerating Migrations = Recommendations
isBullShit
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
ldtexsolbl
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
Jimmy Lai
 
Acumatica vs. Sage Intacct _Construction_July (1).pptx
Acumatica vs. Sage Intacct _Construction_July (1).pptxAcumatica vs. Sage Intacct _Construction_July (1).pptx
Acumatica vs. Sage Intacct _Construction_July (1).pptx
BrainSell Technologies
 
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdfLeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
SelfMade bd
 
Communications Mining Series - Zero to Hero - Session 3
Communications Mining Series - Zero to Hero - Session 3Communications Mining Series - Zero to Hero - Session 3
Communications Mining Series - Zero to Hero - Session 3
DianaGray10
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
shanihomely
 
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
FIDO Alliance
 
The Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - CoatueThe Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - Coatue
Razin Mustafiz
 
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
alexjohnson7307
 
Perth MuleSoft Meetup July 2024
Perth MuleSoft Meetup July 2024Perth MuleSoft Meetup July 2024
Perth MuleSoft Meetup July 2024
Michael Price
 
NVIDIA at Breakthrough Discuss for Space Exploration
NVIDIA at Breakthrough Discuss for Space ExplorationNVIDIA at Breakthrough Discuss for Space Exploration
NVIDIA at Breakthrough Discuss for Space Exploration
Alison B. Lowndes
 
Camunda Chapter NY Meetup July 2024.pptx
Camunda Chapter NY Meetup July 2024.pptxCamunda Chapter NY Meetup July 2024.pptx
Camunda Chapter NY Meetup July 2024.pptx
ZachWylie3
 
The History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal EmbeddingsThe History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal Embeddings
Zilliz
 
Generative AI Reasoning Tech Talk - July 2024
Generative AI Reasoning Tech Talk - July 2024Generative AI Reasoning Tech Talk - July 2024
Generative AI Reasoning Tech Talk - July 2024
siddu769252
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
Google Developer Group - Harare
 
What's New in Teams Calling, Meetings, Devices June 2024
What's New in Teams Calling, Meetings, Devices June 2024What's New in Teams Calling, Meetings, Devices June 2024
What's New in Teams Calling, Meetings, Devices June 2024
Stephanie Beckett
 

Recently uploaded (20)

Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
 
Finetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and DefendingFinetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and Defending
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
 
Accelerating Migrations = Recommendations
Accelerating Migrations = RecommendationsAccelerating Migrations = Recommendations
Accelerating Migrations = Recommendations
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
 
Acumatica vs. Sage Intacct _Construction_July (1).pptx
Acumatica vs. Sage Intacct _Construction_July (1).pptxAcumatica vs. Sage Intacct _Construction_July (1).pptx
Acumatica vs. Sage Intacct _Construction_July (1).pptx
 
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdfLeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
 
Communications Mining Series - Zero to Hero - Session 3
Communications Mining Series - Zero to Hero - Session 3Communications Mining Series - Zero to Hero - Session 3
Communications Mining Series - Zero to Hero - Session 3
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
 
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
 
The Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - CoatueThe Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - Coatue
 
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
leewayhertz.com-Generative AI tech stack Frameworks infrastructure models and...
 
Perth MuleSoft Meetup July 2024
Perth MuleSoft Meetup July 2024Perth MuleSoft Meetup July 2024
Perth MuleSoft Meetup July 2024
 
NVIDIA at Breakthrough Discuss for Space Exploration
NVIDIA at Breakthrough Discuss for Space ExplorationNVIDIA at Breakthrough Discuss for Space Exploration
NVIDIA at Breakthrough Discuss for Space Exploration
 
Camunda Chapter NY Meetup July 2024.pptx
Camunda Chapter NY Meetup July 2024.pptxCamunda Chapter NY Meetup July 2024.pptx
Camunda Chapter NY Meetup July 2024.pptx
 
The History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal EmbeddingsThe History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal Embeddings
 
Generative AI Reasoning Tech Talk - July 2024
Generative AI Reasoning Tech Talk - July 2024Generative AI Reasoning Tech Talk - July 2024
Generative AI Reasoning Tech Talk - July 2024
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
 
What's New in Teams Calling, Meetings, Devices June 2024
What's New in Teams Calling, Meetings, Devices June 2024What's New in Teams Calling, Meetings, Devices June 2024
What's New in Teams Calling, Meetings, Devices June 2024
 

Defend Your Company Against Ransomware

  • 2. • What is Ransomware? • How does it affect you? • Real world example • What to do if you are a victim of Ransomware? • General Security Best Tips Agenda
  • 3. Ransomware is a type of malicious software that restricts access to a victim’s infected computer while demanding that the victim pay money to the operators of the malicious software before that software is removed and access is regained. What is Ransomware?
  • 4. Ransomware can:  Prevent you from accessing your operating system  Encrypt all of your files  Prevent you from running an application (like a browser)  Disrupt your use of a smart TV, smart watch, or other smart appliances Once one of the above happens, there is no guarantee that paying the demanded ransom will restore your machine back to normal.
  • 5. – Payment is always the goal of the attackers – …..(but restoring access to a computer once the payment has been made is not always possible) – The return on investment for the attackers is very high with this type of attack. What is the goal of attacks?
  • 6. Reason #1: Ease of use Reason #2: Propagation of Bitcoins (an increasingly common type of internet currency that is often demanded as ransom due to its untraceable nature) Reason #3: Often, the ransom the attackers demand to clean up the damage is cheaper than hiring a security team to attempt to remove the malware. Why has Ransomware become so popular among cyber thieves?
  • 8. Ransomware 2016 Highlights Source: https://www.trendmicro.com/vinfo/us/security/definition/ransomware
  • 9. Attackers can restrict access to an infected computer How? By… – Encrypting the hard drive with a encryption key known only to the attackers – Taking control of the operating system using a vulnerability present in the operating system and then displaying a message to the user telling them they have been locked out How Does It Affect You
  • 10. Ransomware can be installed onto a victim’s machine How? By… – Tricking the user into opening a malicious attachment – Copying a file to a machine that appears to be legitimate – Downloading a malicious application – Visiting a malicious website or a website that has been hacked – Clicking on malicious links found in emails, social media websites, and messaging apps. Curiosity killed the cat ….and helps the bad guys install ransomware on victims’ computers. How Does It Affect You
  • 12. • Recently, large urban hospitals have been targets of ransomware... • March 2016: Hollywood Presbyterian Hospital in Los Angeles paid $17,000 to regain access to its computers • March 2016: The largest healthcare provider in Washington DC, MedStar Health, was ransomed for over $18,000 to gain access to its systems. • This form of extortion can be painful to organization not only for the monetary loss, but also due to loss of reputation as their company names are made public) Target Spotlight: Large Hospitals
  • 14. • How was it made? – This ransomware was propagated using malicious email attachments. It also used an existing botnet called “Zeus” for command and control of the malicious software. • What did it do? – CryptoLocker would encrypt certain types of files that were stored locally or on mounted network drives using a public encryption key. CryptoLocker targeted computers running Windows. Ransomware Spotlight: CryptoLocker
  • 15. • Why was it hard to recover encrypted data? – The private key that could decrypt the data was stored on the botnet’s command and control servers. The malware was easy to remove…but that wasn’t the point. Once the data was encrypted, the damage was done. • What was the ransom threat? – then the private key needed to decrypt their data would be deleted…or the ransom would increase by a significant amount Ransomware Spotlight: CryptoLocker
  • 16. • How was it beaten? – The original version of CryptoLocker was taken down when an international operation consisting of law enforcement agencies, security companies, and academic researchers was able to destroy the ZeuS botnet which had been used to propagate CryptoLocker. – “Operation Tovar” was able to sever the ZeuS botnet from its “command-and-control” servers. These servers had been used to send commands to machines infected with CryptoLocker and other forms of malware. – Security firms were then able to create a portal called “Decrypt CryptoLocker”, which enabled over 500,000 victims to submit a file encrypted by CryptoLocker. The portal would then test that file against all of the encryption keys that had been stored by the command-and-control servers to find the one that would decrypt the victim’s files. • Keep An Eye Out… – ...Updated versions of CryptoLocker and many other forms of ransomware have now become popular amongst cyber criminals, so the threat still remains. Ransomware Spotlight: CryptoLocker
  • 17. What if YOU were the victim? If your computer has been locked by malware or the files have been encrypted…
  • 18. Step 1: Don’t Click On Anything!! What if YOU were the victim?
  • 19. Step 2: Don’t Believe Scare Tactics Older versions of ransomware would often claim that you had done something illegal with your computer. This is a scare tactic to trick victims into paying the ransom and not alerting the authorities. …Don’t believe it! What if YOU were the victim?
  • 20. Step 3: If at all possible, Don’t Pay the Ransom. The fewer people and organizations that pay, the less likely that ransomware will stay as profitable as it is now. What if YOU were the victim?
  • 21. Option 1: • If you feel you are technically savvy, you can visit Microsoft’s website for steps that might help decrypt your files. Option 2: • If you don’t feel comfortable trying that, we recommend taking your computer to a well known computer repair shop that has experience with removing ransomware and restoring files.
  • 22. Implementing a multiple layer of defense technique is required to defend computers against the crippling effects of ransomware. My Recommendation: Implement User Education Train your staff in security awareness best practices, especially email and malware! General Security Tips
  • 23. What to Know About Malicious Software Detection Tools  **Keep in Mind**...While these tools are useful, they may not be able to stop the most recent versions of this malicious software because they are only able to identify the versions of the malicious software they recognize  Keep all of your software up to date, especially your browsers  If possible, have a pop-up blocker running on your browsers General Security Tips
  • 24. Maintain a consistent data backup policy  This is the MOST IMPORTANT layer of defense.  It is important to have a data backup policy where system backups are stored in a location that is inaccessible to the infected machine, preventing the ransomware from encrypting the backups.  The backups should be stored on removable media or a drive that wasn’t connected when the ransomware was installed and executed. General Security Tips
  • 25. In partnership with Security Innovation, Emenda can offer over 120 courses to help protect your business. To download our latest course list, click here For further information or to get in touch: Contact Us Visit Our Website Further Information

Editor's Notes

  1. How are you exposed to ransomware? - Phishine attacks Fake advertisements that are infected with malware Exploit kits that are delivered through vulnerabilities in Flash
  2. Who is safe? No one – Ransomware targets mobile devices, Windows, Linux and OSx systems, and some ransomware even attacks cloud storage. In Q1 of 2016, Anti-Virus vendor Kaspersky Lab’s software blocked ransomware attacks on 34,900 devices and detected nearly 2900 mobile ransomware threats
  3. Tell the story of the 6K investment and the 180K return. Cryptowall (a type of ransomware) reportedly made over $325M from US victims in 2015, which is more than the value of many of the companies that exist to combat ransomware and cybercrime!
  4. Can’t I just call the Police/Geek Squad/Symantec/Computer manufacturer to get help with removal? No, ransomware works by encrypting your data, and no one can unencrypt that data except the person with the right decryption key (attacker). Even the FBI recommends victims of ransomware to pay the ransom if they want their content back!