Upload File

ransomware: 2016's greatest malware threat

14
© 2016 JURINNOV, LLC All Rights Reserved. Ransomware DECEMBER 7, 2016 LEARN ABOUT 2016’S GREATEST MALWARE THREAT

Upload: eric-vanderburg

Post on 15-Apr-2017

99 views

Category:

Internet


5 download

Report

TRANSCRIPT

Page 1: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

RansomwareDECEMBER 7, 2016

LEARN ABOUT 2016’S GREATEST MALWARE THREAT

Page 2: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Eric VanderburgDirector of CybersecurityVarious certifications including MCSE, CISSP and HISPLicensed private investigatorMBA from Kent State University18 years experience in IT and cybersecurityAuthor and regular presenter

Page 3: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Topics• Definition• Target• Effects• Ransoms• Examples• Statistics• Threat Vectors

Page 4: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

What is Ransomware? Ransomware - Ransomware is a form of malware that infects a computer, encrypts data on the computer and sometimes attached network drives, and then demands a ransom payment to get the decryption keys. Ransomware as a Service (RaaS) – Ransomware authors license ransomware to distributors in a revenue sharing model.

Page 5: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Target

Email

Enterprise apps /

databases

Work product

Contacts

Photos

Multimedia

Data is the lifeblood of your business

Page 6: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Effects of ransomware

Encrypted files Encrypted drives Encrypted databases

Encrypted backups

Page 7: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Ransoms Ransoms range from 0.5 – 5 bitcoins

Bitcoin valued at 767 USD or 719 EUR as of December, 2016

Ransoms for organizations are far more

Page 8: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Hollywood Presbyterian

Network offline for a week Email and patient data unavailable Had to use paper records and send some patients to other hospitals Paid $17,000 to decrypt filesDate:

February, 2016

Ransomware:LOCKY

Page 9: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

MedStar Health

Couldn’t update thousands of patient records. 10 hospitals and more than 250 outpatient centers to shut down their computers and email Paid $18,500 to decrypt filesDate:

March, 2016Ransomware:SAMSAM

Page 10: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Kansas Heart Hospital

Widespread infection throughout the hospital Paid the ransom but did not get the decryption keys

Date:May, 2016Ransomware:SAMSAM

Page 11: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

San Francisco Municipal Transportation

No fares collected on Black FridayHad to use paper recordsExtortionist demanded $73,000 SFMTA refused to pay

Date:November, 2016Ransomware:HDDCryptor

Page 12: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Hundreds of new ransomware variants just this year this year (over 400% increase since 2015)

Stats

KeRanger

PayCrypt

JobCryptor

HiBuddy

HydraCryptVipasana

UmbrecryptLOCKY

CryptoJocker

Nanolocker

LeChiffreMagic

Ginx

73v3n

Mamba

HDDCryptor

SAMSAMPowerware

Peyta

Jigsaw

Cerber

Radamant Rokku

Page 13: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Hostage Data

System Vulnerabilities

Social Engineering

Malvertizing

EmailSocial media Instant

messaging

SMS

Drive by

Shared folders and cloud data

Threat vectors

Page 14: Ransomware: 2016's Greatest Malware Threat

© 2016 JURINNOV, LLC All Rights Reserved.

Questions?FOR MORE INFORMATION:WWW.JURINNOV.COM [email protected]

http://www.jurinnov.com/

Cyberbit GmbH München - Infinigate Deutschland GmbH · Malware Prevention |Prevent known and unknown threats 9 EDR Malware Prevention Anti-Ransomware • Block pre-execution •

404427 - Ransomware Campaign Q1 - Infographic-FINALdiscover.zyxel.com/rs/471-TTL-126/images/404427 - Ransomware Ca… · 2015 Begin Security Audit New malware files detected daily

Uncovering the Face of Ransomware€¦ · Computer Virus Emergency Response Center, there are 581 infections from this malware and its variants. Another ransomware QiaoZhaz emerged

Ransomware Teslacrypt Uncovered - Malware Analysis

Atasi Seragan Malware Ransomware Wannacryptnews.gunadarma.ac.id/wp-content/uploads/2017/05/Langkah-Mitigasi... · 1 LANGKAH-LANGKAH ASI Atasi Seragan Malware Ransomware Wannacrypt

HC3 Intelligence Briefing Dridex Malware...2020/06/25  · malware, as is DoppelPaymer ransomware, an updated variant of BitPaymer. • WastedLocker ransomware, first detected last

Cybersecurity Tips and Best Practices€¦ · Ransomware Attack Threats • Fastest growing malware threat for all users on all types of computers • Multiple types of ransomware

Best practices for escaping ransomware · Record ransomware volumes in 2017 • According to the Malwarebytes' 2017 State of Malware Report, ransomware attacks against consumers went

Email keeps getting us pwned - Avoiding Ransomware and malware

Fraud Mitigation Strategies for Business · •Ransomware •Email Account Ransom •Webcam Image Extortion. Ransomware 14 Ransomware is a form of malware that restricts the target

FIGHTING RANSOMWARE · Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in

Carbon Black Threat Report: Non-Malware Attacks and Ransomware Take Center Stage in 2016

Understanding and Responding to Ransomware Attacks · Understanding and Responding to Ransomware Attacks Ransomware is a malware, which prevents users from accessing the system or

Ransomware (R)evolution - Pronto Marketing · – Ransomware Rivalry ... Analyzed millions of new/updated mobile apps for malicious behavior So far, Webroot has: Studied major malware

Benchmarking Deception Technologies - FireCompass · Malware (including ransomware): Deception solutions can help prevent the spread of malware/ransomware by luring the malware to

Ransomware in the Wild - Atlantic.Net · 888-618-DATA (3282) [email protected] Ransomware in the Wild 3 Ransomware is an increasingly common type of malware that infects vulnerable

WannaCry Ransomware - NKSC · WannaCry Ransomware 3 Malware names Wana Decrypt0r, WCry, WannaCry, WannaCrypt, and WanaCrypt0r Management summary WannaCry is a unique form of ransomware

Advanced Malware Protection Against ransomware//blogs.cisco.com/security/ransomware-the-race-you-dont-want-to-lose ... • Non-native document rendering PDF + Office • Users run

SophosLabs 2018 Malware Forecast - netcetera.ca · The malware we protect customers from transcends operating systems. Ransomware in particular targets Android, Mac, Windows and Linux

Challenges in cyber security - Ransomware Phenomenon · Challenges in cyber security - Ransomware Phenomenon 5 The malware uses the function VirtualAlloc to allocate space in the

Defeating Ransomware with Isla Web Malware Isolationinterchangegroup.com/files/IC_Cyberinc-ransomware-white_paper.pdfThe Isla Web Malware Isolation System ... Phishing attacks generally

Defend Your Data from Ransomware Attacksdiscover.zyxel.com/rs/471-TTL-126/images/Ransomware... · Suddenly malware was not about slowing down or compromising a few work stations

Ransomware: A Billion Dollars a Year Cyber Crime · Ransomware: A Billion Dollars a Year Cyber Crime Ransomware is a form of malware that renders a computer, or personal data stored

Android Ransomware and SMS-Sending Trojans …download.bitdefender.com/.../85/Android-Malware-Threat-Report-H2-2… · Android Ransomware and SMS-Sending Trojans Remain a Growing

Stopping Ransomware and Polymorphic Malware Solution Brief · Malware needs an attack vector to establish its presence on an endpoint. After presence is established, malware stays

Deep Malware Analysis - Joe Sandbox Sandbox Cloud Feature... · Sandbox Cloud Deep Malware Analysis Classification Ransomware Spreading Phishing Banker Adware Trojan / Bot Spyware

W Ransomware Prevention Is Possible - Cylance Inc. · Ransomware Prevention Is Possible | 2. Anatomy of an Enterprise Attack ... In years past, expert malware authors would package

Genetic Malware Analysis for Threat Intelligence · Malware Family Classification Understanding if a threat is a generic malware, ransomware, or a nation-state sponsored attack,

Ransomware - peakresources.com...•Ransomware is Malware -Malicious software that encrypts and holds data/systems hostage for a ransom payment. •Organizations will use Bitcoin or

Understanding internal structure of the SNAKE … Ransomware Analysis...MBSD Blog Understanding internal structure of the SNAKE (EKANS) ransomware Takashi Yoshikawa Senior Malware

AntiVirus, AntiSpyware, AntiMalware, AntiRansomware 2019 ... · Anti-Virus • Anti-Spyware Anti-Malware • Anti-Ransomware protezione Crypto-Malware Vir.IT eXplorer PRO è costituito

Protecting Your Network from Malware - Akamai...Protecting Your Network from Malware The threat landscape is becoming increasingly hostile. Malware and ransomware campaigns, phishing

How to Protect Your Networks from Ransomare… · Protecting Your Networks from Ransomware . Protecting Your Networks from Ransomware . Ransomware is the fastest growing malware threat,

Ransomware, Malware and Viruses; How to Protect Yourself

SPLUNK SECURITY USE CASE DETECTING UNKNOWN … · WHITE PAPER SPLUNK SECURITY USE CASE DETECTING UNKNOWN MALWARE AND RANSOMWARE Detecting unknown malware and ransomware…