Ransomware is a type of malware that encrypts data on infected computers and demands ransom for decryption keys. Industries are increasingly targeted, experiencing significant impacts, as demonstrated by high-profile cases like Hollywood Presbyterian and MedStar Health. The prevalence of ransomware variants has surged dramatically, reflecting a 400% increase since 2015, highlighting growing vulnerabilities and new threat vectors.

1. © 2016 JURINNOV, LLC All Rights Reserved.
Ransomware
DECEMBER 7, 2016
LEARN ABOUT 2016’S GREATEST MALWARE
THREAT

2. © 2016 JURINNOV, LLC All Rights Reserved.
Eric Vanderburg
Director of Cybersecurity
Various certifications including MCSE, CISSP and HISP
Licensed private investigator
MBA from Kent State University
18 years experience in IT and cybersecurity
Author and regular presenter

3. © 2016 JURINNOV, LLC All Rights Reserved.
Topics
• Definition
• Target
• Effects
• Ransoms
• Examples
• Statistics
• Threat Vectors

4. © 2016 JURINNOV, LLC All Rights Reserved.
What is Ransomware?
Ransomware - Ransomware is a form of malware that
infects a computer, encrypts data on the computer and
sometimes attached network drives, and then demands a
ransom payment to get the decryption keys.
Ransomware as a Service (RaaS) – Ransomware authors
license ransomware to distributors in a revenue sharing
model.

5. © 2016 JURINNOV, LLC All Rights Reserved.
Target
Email
Enterprise apps
/ databases
Work product
Contacts
Photos
Multimedia
Data is the lifeblood of your business

6. © 2016 JURINNOV, LLC All Rights Reserved.
Effects of ransomware

7. © 2016 JURINNOV, LLC All Rights Reserved.
Ransoms
Ransoms range from 0.5 – 5 bitcoins
Bitcoin valued at 767 USD or 719 EUR as of
December, 2016
Ransoms for organizations are far
more

8. © 2016 JURINNOV, LLC All Rights Reserved.
Hollywood
Presbyterian
Network offline for a week
Email and patient data unavailable
Had to use paper records and send
some patients to other hospitals
Paid $17,000 to decrypt filesDate:
February, 2016
Ransomware:
LOCKY

9. © 2016 JURINNOV, LLC All Rights Reserved.
MedStar
Health
Couldn’t update thousands of patient
records.
10 hospitals and more than 250
outpatient centers to shut down their
computers and email
Paid $18,500 to decrypt files
Date:
March, 2016
Ransomware:
SAMSAM

10. © 2016 JURINNOV, LLC All Rights Reserved.
Kansas Heart
Hospital
Widespread infection throughout
the hospital
Paid the ransom but did not get
the decryption keys
Date:
May, 2016
Ransomware:
SAMSAM

11. © 2016 JURINNOV, LLC All Rights Reserved.
San Francisco
Municipal
Transportation
No fares collected on Black
Friday
Had to use paper records
Extortionist demanded
$73,000
SFMTA refused to pay
Date:
November, 2016
Ransomware:
HDDCryptor

12. © 2016 JURINNOV, LLC All Rights Reserved.
Hundreds of new ransomware variants just this year this year
(over 400% increase since 2015)
Stats
KeRanger
PayCrypt
JobCryptor
HiBuddy
HydraCryptVipasana
Umbrecrypt
LOCKY
CryptoJocker
Nanolocker
LeChiffre
Magic
Ginx
73v3n
Mamba
HDDCryptor
SAMSAM
Powerware
Peyta
Jigsaw
Cerber
Radamant Rokku

13. © 2016 JURINNOV, LLC All Rights Reserved.
Hostage
Data
System
Vulnerabilities
Social
Engineering
Malvertizing
Email
Social
media Instant
messaging
SMS
Drive by
Shared folders and
cloud data
Threat vectors

14. © 2016 JURINNOV, LLC All Rights Reserved.
Questions?
FOR MORE INFORMATION:
WWW.JURINNOV.COM
ERIC.VANDERBURG@JURINNOV.COM
216-664-1100