More Related Content Similar to How to Take the Ransom Out of Ransomware (20) More from marketingunitrends (20) How to Take the Ransom Out of Ransomware3. © 2016 Unitrends 3
"To be honest, we often advise people just to pay the
ransom."
Joseph Bonavolonta, Asst. Special Agent, FBI Cybercrime Boston
Division
5. © 2016 Unitrends 5
Encrypts victims files with
strong unbreakable encryption
Demands payment for private
key to unlock data
Payment typically around
$200 to $500 in bitcoins
Ransomware Malware
6. © 2016 Unitrends 6
Ransomware is not new
Recent advances have made it a much larger risk
Early ransomware was “scareware” and “nagware”
Didn’t permanently lock files.
Was easily removed or avoided
Criminals had difficulty in collecting fees anonymously
Hacker community not as organized
Long History of Ransomware
8. © 2016 Unitrends 8
Cryptolocker
TorrentLocker
CryptoWall
CBT-Locker
TeslaCrypt
Locky
Etc.
Many Variations and Copycats
9. © 2016 Unitrends 9
Popular Tools of Ransomware Variants
Anonymity Online
Electronic Payment
Unbreakable Encryption
• AES
• RSA
• “Curve” ECC
Network to C&C Server
• Tor
• I2P
• POST/HTTPS
• Hardcoded URLs
11. © 2016 Unitrends 11
Spam Email Campaigns
CBT Locker & Torrent Locker
preferred vector
Requires interaction from user
Can affect fully patched systems
Exploit Kits
CryptoWall and TelsaCrypt
preferred vector
Does not require any interaction
Uses vulnerable installed
software
Infection Vectors
BOTH ARE HIGHLY EFFECTIVE WAYS INTO YOUR SYSTEMS
12. © 2016 Unitrends 12
Get 1 Free
Macs
vulnerable
Voice Enabled
Highly
Localized
Ransomware Continuing to Advance
13. © 2016 Unitrends 13
How does an enterprise make
sure they never have to pay?
14. © 2016 Unitrends 14
Play Defense
Play Offense
Don’t forget about your backup players
15. © 2016 Unitrends 15
Keep software up to date
Use virus detection and antivirus prevention
Educated users on security protocols such
Avoid clicking untrusted emails and attachments
Watch out for obvious and not so obvious file
extensions
Offense: Start With Basic Protection
16. © 2016 Unitrends 16
Disable Active-X content in Microsoft offices apps
Have firewalls block Tor, I2P and restrict ports
Block active ransomware variants from calling home to encryption key
servers
Block binaries from running from popular ransomware installation
paths (e.g. %TEMP%)
Defense: Be Proactive with counter-measures
19. © 2016 Unitrends 19
3 copies of your data
2 different types of media
1 copy off-site
Start With The Rule of Three
20. © 2016 Unitrends 20
Backup all data on all systems – not just critical data
Replication and Continuous Data Protection is great for low RTO/RPO but
can backup the malware with your data
Create archives that are physically isolated from your production systems
You can use the archive to go back in time if necessary
Create “bare metal” images of core systems so you can get back to a
known systems state quickly
Setup DR Services so you can spin up new VMs for critical systems while
you recover your local production systems
Prepare NOW! Don’t wait until it too late!
Backup Best Practices: Make Sure You Never Pay
21. © 2016 Unitrends 21
Local
On
Premise
or
Physical
Appliance
2nd
Site
Public &
Private
Cloud
Local backup for fast recovery
Archiving to Cloud offsite
Fully automated
Can be isolated
Cloud Can Help
22. © 2016 Unitrends 22
Instant Recovery Capabilities
Be able to spin up workloads from backups in minutes while productions is
cleaned
Ability to protect Windows, Windows Server, Apple Macs, etc.
Linux based backup software – not Windows based
Make sure your backups don’t get encrypted too!
Differentiating Feature Of Backup Solution Against
Ransomware
23. © 2016 Unitrends 23
Unitrends cloud-empowered all-in-one continuity solutions increase your IT
confidence
Keep Your Business
Running With Unitrends
24. © 2016 Unitrends 24
Re-imagine Recovery for your digital world
Unitrends Connected Continuity Platform™ brings together the
industry’s leading portfolio of cloud-empowered continuity
services in a single, super intuitive platform that gives you
unmatched flexibility as your business needs evolve.
Discover the power of the platform to capitalize on the potential of cloud,
reduce your overall spend on IT and gain total confidence in the
recovery point to come.
25. © 2016 Unitrends 25
Unitrends cloud-empowered all-in-one continuity solutions increase your IT
confidence
26. © 2016 Unitrends 26
Protect Everything You Have
Everywhere You Need Continuity
Guaranteed Recovery and Continuity
Within a Single Intuitive Platform
Unitrends Connected Continuity Platform
27. © 2016 Unitrends 27
Protect Everything You Have
Protect your ideas/business
Protect Your Ideas/Business
28. © 2016 Unitrends 28
Everywhere you need continuity
Local
On Premise or
Physical
Appliance Virtual Appliance
/ Software
2nd Site
Public &
Private
Cloud
29. © 2016 Unitrends 29
Recovery Assurance allows you to have absolute certainty in your
recovery
Usable in your local environment, your DR site, or the Unitrends Cloud
Fully automated, flexible application-aware testing
Recover confidently from Certified Recovery Points
Guaranteed Recovery via Recover Assurance
Recovery
Assurance
31. © 2016 Unitrends 31
Transforming Continuity
On Premise All-In-One Data Protection
• Deploy as a virtual or physical backup appliance
• Adaptive inline deduplication (20 to 1 ratio)
• Instant Recovery Options for VMs and windows
• Built-in real-time replication engine
DRaaS
Spinup critical workloads in
less than 1 hour
Forever Cloud
Best value for cloud storage &
long term retentionRecovery Assurance
• Automated Backup &
DR failover testing
• Assured recovery in
the cloud & on
premise
32. © 2016 Unitrends 32
Scalable and Flexible
Industry’s #1 hybrid cloud
solution
Deployment options to fit any
environment
All-in-one software that runs on
your hardware
Recovery Assurance
Automated testing of
backup and DR
100% confidence in the
recovery point to come
RPO/RTO Actual reporting
Intuitive UI
One simple interface
Real time alerts and
reporting
Enterprise
management
What Makes Unitrends Unique
33. © 2016 Unitrends 33
About Unitrends
15,000+ customers globally
8,000+ registered partners globally
EBs of data protected
30PB+ of Cloud Data Managed
Industry leading 98% Customer Satisfaction
Worldwide HQ: Burlington, MA
International HQ: London, UK
Global Datacenter Presence
USA (multiple), Canada, U.K., Germany, Australia
Canada
USA (Multiple)
UK
GermanyMadrid
Sydney
34. © 2016 Unitrends 34
Unitrends is Redefining Recovery For Your
Digital World
How can we help you protect what matters most to you?
Are you ready to never
worry about recovery
again?
Can you imagine not
spending time on
“backup”?
35. © 2016 Unitrends 35
Try Us Out – Visit www.Unitrends.com
Unitrends
Enterprise
Backup
Get a free trial
7 New Rules of
Recovery
Download now