SlideShare a Scribd company logo

Ransomware - Friend or Foe

Download as PPTX, PDF
Srinivas Thimmaiah
Srinivas Thimmaiah

Overview of Ransomware

Internet
1 of 15
RANSOMWARE By: Srinivas Thimmaiah Date: 14Feb 2017 Srinivas Thimmaiah | Ransomware | 14 Feb 2017 1
About me An seasoned Information Security professional, speaker & blogger having around 13+ years of rich and insightful work experience in the areas of Information Security Assurance, Governance, Risk Management, BCM, Supplier Management, Awareness, IT Security, operational excellence and also in influencing team members and management. CISM, ISO 27001 certified, CISCO certified Information Security & IT Security experienced professional. Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 2
Agenda  Whatis ransomware  Evolutionofransomware  Typesofransomware  Whoaremy target  Top3 ransomwarestrainsof2016  Trendsof2016& ‘17  Casestudy  Protectyourself  Conclusion Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 3
What is Ransomware Ransomware is computer malware that installs covertly on a victim's device (computer, smartphone, etc), executes a cryptovirology attack that adversely affects it, and demands a ransom payment to decrypt it or not publish it. Ran some where Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 4 Source: https://en.wikipedia.org/wiki/Ransomware
Evolutionof ransomware Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 5 Source: https://blog.knowbe4.com/a-short-history-evolution-of-ransomware 1989 AIDS/PC Cyborg trojan 2006 PGP Coder Encryption trojan 2014 Cryptodenfense ransomware 2016 Locky ransomware
Types ofRansomware Lock Screen Ransomware Encryptsfiles/folders Lock screen and demand payments Interruptsthe normal boot process Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 6
Who are my target Youever can Pay Ransom are my“Target” Businessusers • Technologydependent • Data(customer) • Stakeholdermanagement Public/Government agencies • Data(confidential/secret) • Technicalsupport • Reputation *.wb2*.mdf*.dbf*.psd*.pdd*.eps*.ai*.indd *.cdr*.dng *.3fr*.arw*.srf*.sr2*.bay*.crw Home users • Personaldata • Databackup • Technicalsupport Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 7 Source:Symantec
Top3 Ransomware Strainsof 2016 1. Locky Locky isransomwaremalware releasedin2016.It isdeliveredby email(that wasallegedlyaninvoice requiringpayment)with anattachedMicrosoftWorddocumentthat containsmaliciousmacros Researchers detected the first sample of Locky in February 2016. Shortly thereafter, it made a name for itself when it infected the computer systems at Hollywood Presbyterian Medical Center in southern California. Officials chose to temporarily shut down the hospital’s IT system while they worked to remove the ransomware, a decision which caused several departments to close and patients to be diverted elsewhere. But without working databackups,the executivesat HollywoodPresbyterianultimatelydecidedtopaytheransom. 2.Teslacrypt TeslaCryptisa maliciousprogram thatencryptsusers'filesusing AES encryption. After months of tracking TeslaCrypt across spam campaigns and exploit kit attacks, security researchers at the Slovakian IT security firm ESET learned its developers intended to abandon the ransomware. The researchers contacted the developers and requested the master decryption key. In response, TeslaCrypt’s authors published the key, which ESET used to make a free decryption utility. Victims of the ransomware can now use this tool toregainaccesstotheirfiles. 3.Hddcryptor HDDCryptoris a nastyfamilyof ransomware.It’scapableof enumeratingexistingmounteddrivesandencryptingallfilesaswell asfindingandaccessingpreviouslyconnecteddrivesanddisconnectednetworkpaths. Researchers first detected HDDCryptor in September 2016. Two months later, the ransomware made headlines when it infected 2,000 systems at the San Francisco Municipal Transport Agency (SFMTA), or “Muni,” and demandedransom.Fortunately,theattack didnot affectSFMTA’srail andbusservice, andthe publicagencysaidit woulduseits workingbackupstorestoreaccesstoitssystems. Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 8 Source: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/top-10-ransomware-strains-2016/
Trends of2016 & ‘17 Source:proofpoint.com GrowthinDistribution Total ransomware has grown 80% in 2016 Ransomware2016 Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 9 Ransomware2017 Projection
Cont.. Source: http://www.slideshare.net/JohnCABambenek/cryptolocker-andfriends-bhusa14 http://www.darkreading.com/ransomware-attack-on-cctv-cameras-in-washington-dc-ahead-of-trump-inauguration/d/d-id/1328016 Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 10 Ransomware Attack On CCTV Cameras In Washington DC Ahead Of Trump Inauguration Hotel hit by ransomware attack, report of guests trapped
Case study Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 11 Real TimeExperience
Protect yourself  Awareness Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 12  Don’t gettricked  Effective Backup Management  UseofAntimalware software  Whitelisting program  Effective Patch Management
Conclusion Reason whywe should pay…  Data is costlier than I pay ransom  Business priorities  To avoid reputation loss  Interest over time Reason whywe should NOT pay…  Mayrepeat again  Next ransom will be higher  Criminalcan’t be trusted  Encouraging criminals may be yes maybe no maybe yes and no Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 13
Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 14 Questions
Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 15

Recommended

Ransomware attacks reveton
Ransomware attacks revetonRansomware attacks reveton
Ransomware attacks revetonMumbere Joab
 
Ransomware
RansomwareRansomware
RansomwareDevAkabari
 
Flashpoint ransomware april2016
Flashpoint ransomware april2016Flashpoint ransomware april2016
Flashpoint ransomware april2016Andrey Apuhtin
 
Ransomware
RansomwareRansomware
RansomwareChaitali Sharma
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?Datto
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing ThreatNick Miller
 
What is wanna cry ransomware attack
What is wanna cry ransomware attackWhat is wanna cry ransomware attack
What is wanna cry ransomware attacki-engage
 
Ransomware
RansomwareRansomware
RansomwareAkshita Pillai
 

Recommended

Ransomware attacks reveton
Ransomware attacks revetonRansomware attacks reveton
Ransomware attacks revetonMumbere Joab
 
Ransomware
RansomwareRansomware
RansomwareDevAkabari
 
Flashpoint ransomware april2016
Flashpoint ransomware april2016Flashpoint ransomware april2016
Flashpoint ransomware april2016Andrey Apuhtin
 
Ransomware
RansomwareRansomware
RansomwareChaitali Sharma
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?Datto
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing ThreatNick Miller
 
What is wanna cry ransomware attack
What is wanna cry ransomware attackWhat is wanna cry ransomware attack
What is wanna cry ransomware attacki-engage
 
Ransomware
RansomwareRansomware
RansomwareAkshita Pillai
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
Wannacry
WannacryWannacry
WannacryGunther Clauwaert
 
Ransomware 2017: New threats emerge
Ransomware 2017: New threats emergeRansomware 2017: New threats emerge
Ransomware 2017: New threats emergeSymantec Security Response
 
WannaCry Ransomware
WannaCry Ransomware WannaCry Ransomware
WannaCry RansomwareZoho Corporation
 
Wannacry-A Ransomware Attack
Wannacry-A Ransomware AttackWannacry-A Ransomware Attack
Wannacry-A Ransomware AttackMahimaVerma28
 
Threat and Mitigation
Threat and MitigationThreat and Mitigation
Threat and MitigationNoel Waterman
 
13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data ProtectionDatto
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Lessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyondLessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyondAPNIC
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attackIcomm Technologies
 
Dragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupDragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupSymantec Security Response
 
Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Symantec Security Response
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 
Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.
Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.
Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.Michelle Bruno
 
Ransomware
RansomwareRansomware
RansomwareDeepakKumar4980
 
Cyber Attacks
Cyber AttacksCyber Attacks
Cyber AttacksInsiya Tarwala
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomwareOsirium Limited
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber AttacksVenafi
 
What is a malware attack?
What is a malware attack?What is a malware attack?
What is a malware attack?AariyaRathi
 
CIO - The top 3 challenges
CIO - The top 3 challengesCIO - The top 3 challenges
CIO - The top 3 challengesSrinivas Thimmaiah
 
Ransomware : Sequestro De Dados Digitais
Ransomware : Sequestro De Dados DigitaisRansomware : Sequestro De Dados Digitais
Ransomware : Sequestro De Dados DigitaisMarcelo Lau
 

More Related Content

What's hot

Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
Wannacry-A Ransomware Attack
Wannacry-A Ransomware AttackWannacry-A Ransomware Attack
Wannacry-A Ransomware AttackMahimaVerma28
 
Threat and Mitigation
Threat and MitigationThreat and Mitigation
Threat and MitigationNoel Waterman
 
13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data ProtectionDatto
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Lessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyondLessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyondAPNIC
 
Dragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupDragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupSymantec Security Response
 
Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Symantec Security Response
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Roger Hagedorn
 
Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.
Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.
Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.Michelle Bruno
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomwareOsirium Limited
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber AttacksVenafi
 
What is a malware attack?
What is a malware attack?What is a malware attack?
What is a malware attack?AariyaRathi
 

What's hot (20)

Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomware
 
Wannacry
WannacryWannacry
Wannacry
 
Ransomware 2017: New threats emerge
Ransomware 2017: New threats emergeRansomware 2017: New threats emerge
Ransomware 2017: New threats emerge
 
WannaCry Ransomware
WannaCry Ransomware WannaCry Ransomware
WannaCry Ransomware
 
Wannacry-A Ransomware Attack
Wannacry-A Ransomware AttackWannacry-A Ransomware Attack
Wannacry-A Ransomware Attack
 
Threat and Mitigation
Threat and MitigationThreat and Mitigation
Threat and Mitigation
 
13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
 
Lessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyondLessons learned from 2017 cybersecurity incidents, 2018 and beyond
Lessons learned from 2017 cybersecurity incidents, 2018 and beyond
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
 
Dragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack groupDragonfly: Western energy sector targeted by sophisticated attack group
Dragonfly: Western energy sector targeted by sophisticated attack group
 
Threat landscape update: June to September 2017
Threat landscape update: June to September 2017Threat landscape update: June to September 2017
Threat landscape update: June to September 2017
 
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
Your Money or Your Data: Ransomware, Cyber Security and Today’s Threat Landsc...
 
Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.
Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.
Getting Hacked is a Nasty Business. Events are in for a Rude Awakening.
 
Ransomware
RansomwareRansomware
Ransomware
 
Cyber Attacks
Cyber AttacksCyber Attacks
Cyber Attacks
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomware
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber Attacks
 
What is a malware attack?
What is a malware attack?What is a malware attack?
What is a malware attack?
 

Viewers also liked

Ransomware : Sequestro De Dados Digitais
Ransomware : Sequestro De Dados DigitaisRansomware : Sequestro De Dados Digitais
Ransomware : Sequestro De Dados DigitaisMarcelo Lau
 
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareJeremiah Grossman
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFAndy Thompson
 
How to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware AttacksHow to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware AttacksSolarwinds N-able
 
Cloud Security - Reality or Illusion
Cloud Security - Reality or IllusionCloud Security - Reality or Illusion
Cloud Security - Reality or IllusionSrinivas Thimmaiah
 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike
 

Viewers also liked (7)

CIO - The top 3 challenges
CIO - The top 3 challengesCIO - The top 3 challenges
CIO - The top 3 challenges
 
Ransomware : Sequestro De Dados Digitais
Ransomware : Sequestro De Dados DigitaisRansomware : Sequestro De Dados Digitais
Ransomware : Sequestro De Dados Digitais
 
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDF
 
How to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware AttacksHow to Help Your Customers Protect Themselves from Ransomware Attacks
How to Help Your Customers Protect Themselves from Ransomware Attacks
 
Cloud Security - Reality or Illusion
Cloud Security - Reality or IllusionCloud Security - Reality or Illusion
Cloud Security - Reality or Illusion
 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
 

Similar to Ransomware - Friend or Foe

Combating RANSOMWare
Combating RANSOMWareCombating RANSOMWare
Combating RANSOMWareUmer Saeed
 
Ransomware (1).pdf
Ransomware (1).pdfRansomware (1).pdf
Ransomware (1).pdfHiYeti1
 
Nominum 2016 Fall Data Revelations Security Report
Nominum 2016 Fall Data Revelations Security ReportNominum 2016 Fall Data Revelations Security Report
Nominum 2016 Fall Data Revelations Security ReportYuriy Yuzifovich
 
5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public SectorSeqrite
 
Nominum Data Science Security Report, Fall 2016
Nominum Data Science Security Report, Fall 2016Nominum Data Science Security Report, Fall 2016
Nominum Data Science Security Report, Fall 2016Brian Metzger
 
3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against MalwareAkamai Technologies
 
All your files now belong to us
All your files now belong to usAll your files now belong to us
All your files now belong to usPeter Wood
 
The State of Data Security
The State of Data SecurityThe State of Data Security
The State of Data SecurityRazor Technology
 
Prevent Phishing Attacks – CRI Advantage
Prevent Phishing Attacks – CRI AdvantagePrevent Phishing Attacks – CRI Advantage
Prevent Phishing Attacks – CRI AdvantageCRI Advantage
 
Istr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecIstr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecSoluciona Facil
 
In a digital age where computers are connected via network and data ar.pdf
In a digital age where computers are connected via network and data ar.pdfIn a digital age where computers are connected via network and data ar.pdf
In a digital age where computers are connected via network and data ar.pdfasarudheen07
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudGGV Capital
 
An Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware OutbreakAn Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware OutbreakCrowdStrike
 
Cyber threats landscape and defense
Cyber threats landscape and defenseCyber threats landscape and defense
Cyber threats landscape and defensefantaghost
 

Similar to Ransomware - Friend or Foe (20)

Combating RANSOMWare
Combating RANSOMWareCombating RANSOMWare
Combating RANSOMWare
 
Ransomware (1).pdf
Ransomware (1).pdfRansomware (1).pdf
Ransomware (1).pdf
 
Escan advisory wannacry ransomware
Escan advisory wannacry ransomwareEscan advisory wannacry ransomware
Escan advisory wannacry ransomware
 
Nominum 2016 Fall Data Revelations Security Report
Nominum 2016 Fall Data Revelations Security ReportNominum 2016 Fall Data Revelations Security Report
Nominum 2016 Fall Data Revelations Security Report
 
5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector
 
Nominum Data Science Security Report, Fall 2016
Nominum Data Science Security Report, Fall 2016Nominum Data Science Security Report, Fall 2016
Nominum Data Science Security Report, Fall 2016
 
3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware
 
All your files now belong to us
All your files now belong to usAll your files now belong to us
All your files now belong to us
 
The State of Data Security
The State of Data SecurityThe State of Data Security
The State of Data Security
 
What is ransomware?
What is ransomware?What is ransomware?
What is ransomware?
 
Prevent Phishing Attacks – CRI Advantage
Prevent Phishing Attacks – CRI AdvantagePrevent Phishing Attacks – CRI Advantage
Prevent Phishing Attacks – CRI Advantage
 
Istr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecIstr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantec
 
In a digital age where computers are connected via network and data ar.pdf
In a digital age where computers are connected via network and data ar.pdfIn a digital age where computers are connected via network and data ar.pdf
In a digital age where computers are connected via network and data ar.pdf
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
SECURITY IN COMPUTING.pptx
SECURITY IN COMPUTING.pptxSECURITY IN COMPUTING.pptx
SECURITY IN COMPUTING.pptx
 
An Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware OutbreakAn Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware Outbreak
 
Understanding ransomware
Understanding ransomwareUnderstanding ransomware
Understanding ransomware
 
Understanding ransomware
Understanding ransomwareUnderstanding ransomware
Understanding ransomware
 
Cyber threats landscape and defense
Cyber threats landscape and defenseCyber threats landscape and defense
Cyber threats landscape and defense
 

Recently uploaded

Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.soniya singh
 
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.CarlotaBedoya1
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 

Recently uploaded (20)

(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
INDIVIDUAL ASSIGNMENT #3 CBG, PRESENTATION.
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 

Ransomware - Friend or Foe

  • 1. RANSOMWARE By: Srinivas Thimmaiah Date: 14Feb 2017 Srinivas Thimmaiah | Ransomware | 14 Feb 2017 1
  • 2. About me An seasoned Information Security professional, speaker & blogger having around 13+ years of rich and insightful work experience in the areas of Information Security Assurance, Governance, Risk Management, BCM, Supplier Management, Awareness, IT Security, operational excellence and also in influencing team members and management. CISM, ISO 27001 certified, CISCO certified Information Security & IT Security experienced professional. Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 2
  • 3. Agenda  Whatis ransomware  Evolutionofransomware  Typesofransomware  Whoaremy target  Top3 ransomwarestrainsof2016  Trendsof2016& ‘17  Casestudy  Protectyourself  Conclusion Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 3
  • 4. What is Ransomware Ransomware is computer malware that installs covertly on a victim's device (computer, smartphone, etc), executes a cryptovirology attack that adversely affects it, and demands a ransom payment to decrypt it or not publish it. Ran some where Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 4 Source: https://en.wikipedia.org/wiki/Ransomware
  • 5. Evolutionof ransomware Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 5 Source: https://blog.knowbe4.com/a-short-history-evolution-of-ransomware 1989 AIDS/PC Cyborg trojan 2006 PGP Coder Encryption trojan 2014 Cryptodenfense ransomware 2016 Locky ransomware
  • 6. Types ofRansomware Lock Screen Ransomware Encryptsfiles/folders Lock screen and demand payments Interruptsthe normal boot process Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 6
  • 7. Who are my target Youever can Pay Ransom are my“Target” Businessusers • Technologydependent • Data(customer) • Stakeholdermanagement Public/Government agencies • Data(confidential/secret) • Technicalsupport • Reputation *.wb2*.mdf*.dbf*.psd*.pdd*.eps*.ai*.indd *.cdr*.dng *.3fr*.arw*.srf*.sr2*.bay*.crw Home users • Personaldata • Databackup • Technicalsupport Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 7 Source:Symantec
  • 8. Top3 Ransomware Strainsof 2016 1. Locky Locky isransomwaremalware releasedin2016.It isdeliveredby email(that wasallegedlyaninvoice requiringpayment)with anattachedMicrosoftWorddocumentthat containsmaliciousmacros Researchers detected the first sample of Locky in February 2016. Shortly thereafter, it made a name for itself when it infected the computer systems at Hollywood Presbyterian Medical Center in southern California. Officials chose to temporarily shut down the hospital’s IT system while they worked to remove the ransomware, a decision which caused several departments to close and patients to be diverted elsewhere. But without working databackups,the executivesat HollywoodPresbyterianultimatelydecidedtopaytheransom. 2.Teslacrypt TeslaCryptisa maliciousprogram thatencryptsusers'filesusing AES encryption. After months of tracking TeslaCrypt across spam campaigns and exploit kit attacks, security researchers at the Slovakian IT security firm ESET learned its developers intended to abandon the ransomware. The researchers contacted the developers and requested the master decryption key. In response, TeslaCrypt’s authors published the key, which ESET used to make a free decryption utility. Victims of the ransomware can now use this tool toregainaccesstotheirfiles. 3.Hddcryptor HDDCryptoris a nastyfamilyof ransomware.It’scapableof enumeratingexistingmounteddrivesandencryptingallfilesaswell asfindingandaccessingpreviouslyconnecteddrivesanddisconnectednetworkpaths. Researchers first detected HDDCryptor in September 2016. Two months later, the ransomware made headlines when it infected 2,000 systems at the San Francisco Municipal Transport Agency (SFMTA), or “Muni,” and demandedransom.Fortunately,theattack didnot affectSFMTA’srail andbusservice, andthe publicagencysaidit woulduseits workingbackupstorestoreaccesstoitssystems. Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 8 Source: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/top-10-ransomware-strains-2016/
  • 9. Trends of2016 & ‘17 Source:proofpoint.com GrowthinDistribution Total ransomware has grown 80% in 2016 Ransomware2016 Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 9 Ransomware2017 Projection
  • 10. Cont.. Source: http://www.slideshare.net/JohnCABambenek/cryptolocker-andfriends-bhusa14 http://www.darkreading.com/ransomware-attack-on-cctv-cameras-in-washington-dc-ahead-of-trump-inauguration/d/d-id/1328016 Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 10 Ransomware Attack On CCTV Cameras In Washington DC Ahead Of Trump Inauguration Hotel hit by ransomware attack, report of guests trapped
  • 11. Case study Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 11 Real TimeExperience
  • 12. Protect yourself  Awareness Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 12  Don’t gettricked  Effective Backup Management  UseofAntimalware software  Whitelisting program  Effective Patch Management
  • 13. Conclusion Reason whywe should pay…  Data is costlier than I pay ransom  Business priorities  To avoid reputation loss  Interest over time Reason whywe should NOT pay…  Mayrepeat again  Next ransom will be higher  Criminalcan’t be trusted  Encouraging criminals may be yes maybe no maybe yes and no Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 13
  • 14. Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 14 Questions
  • 15. Srinivas Thimmaiah | Ransomware | 14 Feb 2017 Page 15