update on ransomware technology · example 1 example 2 beware of attachments! beware of sender...
TRANSCRIPT
![Page 1: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/1.jpg)
Update on Ransomware Technology
60 Minutes Video
![Page 2: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/2.jpg)
Update on Ransomware Technology
A type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the user’s files unless a ransom is paid.
ran·som·ware (noun)
![Page 3: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/3.jpg)
Update on Ransomware Technology
Popular Targets• Computers• Endpoints on company network• Servers
Prevents you from using your PC
You will be asked to do something before you can use your PC
RANSOMWARE CHARACTERISTICS
![Page 4: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/4.jpg)
Update on Ransomware Technology
No Guarantees• No guarantee that paying the fine or doing what the ransomware tells
you will give access to your PC or files again• Usually impossible to reverse-engineer the encryption or “crack” the
files without the original encryption key – only the attackers have access to
How it works…
Infiltrates Your PC, Network or Servers• Prevents you from accessing Windows• Encrypts files so you can't use them• Stops certain apps from running (like your web browser)
“Ransom” Demand• Demands that you pay money (a “ransom”) to get access to your PC or
files• Some make you complete surveys
![Page 5: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/5.jpg)
Update on Ransomware Technology Internal Use OnlyThe Rise of Ransomware: Is Your Organization Prepared?
![Page 6: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/6.jpg)
Update on Ransomware Technology
Quick Question
Have you had a security breach?
6
![Page 7: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/7.jpg)
Update on Ransomware Technology
Ponemon Institute
What are the odds of…
![Page 8: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/8.jpg)
Update on Ransomware Technology
It’s affecting everyone – 2018 breaches
![Page 9: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/9.jpg)
Update on Ransomware Technology
Source: Datto
![Page 10: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/10.jpg)
Update on Ransomware Technology
Source: Datto
![Page 11: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/11.jpg)
Update on Ransomware Technology
Source: Datto
![Page 12: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/12.jpg)
Update on Ransomware Technology
91% Of Cyber Attacks Start With A Phishing Email
![Page 13: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/13.jpg)
Update on Ransomware Technology
Source: Datto
SPAM/Phishing Emails
Lack of Employee Training
Malicious Websites/Web Ads
Other
Lack of Security
![Page 14: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/14.jpg)
Update on Ransomware Technology
Phishing Emails
Example 1 Example 2
Beware of attachments! Beware of sender & links!
![Page 15: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/15.jpg)
Update on Ransomware Technology
Sample Ransom Demand
![Page 16: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/16.jpg)
Whaling Emails
Enter confidential company information and passwords to carry
out fraudulent activities
Convince executive that the email requires urgent action by following
a link to a fake website
![Page 17: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/17.jpg)
Update on Ransomware Technology
Whaling Executives
TheWindowsClub.com
![Page 18: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/18.jpg)
Update on Ransomware Technology
SMS Text Cyber Attacks
![Page 19: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/19.jpg)
Update on Ransomware Technology
• Valuable data to target
Credit card information
Client data
Employee records
Financial reports
• Organizations with inadequate protection
• SMB’s as a gateway to large corporations
What do Hackers target?
![Page 20: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/20.jpg)
Update on Ransomware Technology
Risk Prevention Best Practices
![Page 21: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/21.jpg)
Update on Ransomware Technology
Steps to Cyber Security
Network Security• Protect network from external and
internal attack
Malware Prevention• Policies and defenses across entire
organization
Monitoring• Continuously monitor all systems
and networks for unusual activities
Incident Management• Establish incidence response and
disaster recovery capabilities
Home & Mobile Working• Develop mobile working policy and
train staff to adhere to it
Secure Configuration• Apply security patches and maintain
secure configurations
Removable Media Controls• Policy to control access to removable media• Scan all media before importing into corporate
systems
Managing User Privileges• Limit user privileges and monitor user
activity
User Education and Awareness• Staff Training program• Maintain user awareness of cyber risks
![Page 22: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/22.jpg)
Update on Ransomware Technology
EDUCATION PROTECTION RECOVERY
Enhanced Risk Mitigation
Popular Precautionary Measures:
1. Identify Vulnerabilities - Risk Assessment2. Train People - 1st Line of Defense3. Deploy Intrusion Detection & Intrusion Prevention Solutions4. Backup…Backup….Backup – Constantly & Frequently5. Test Recovery - Data restoral process & results
![Page 23: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/23.jpg)
Update on Ransomware Technology
User Awareness Training
![Page 24: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/24.jpg)
Update on Ransomware Technology
WEBSITES: Avoid visiting unsafe, suspicious, or fake websites
WEB PAGES: Don’t click on a link on a webpage unless you absolutely trust the page or sender
EMAIL: Don’t open emails and email attachments from people you don’t know, or that you weren’t expecting
SOCIAL MEDIA: Don’t click on malicious or potentially bad links on Facebook, Twitter and other social media posts
LOOK FOR TYPOS: Often fake emails and webpages have bad spelling, unusual spaces, odd symbols / punctuation or just look unusual.
• Ex:“PayePal” instead of “PayPal” • Ex. “iTunesCustomer Service” instead of “iTunes Customer
Service”
General Rule:
If you’re unsure – don’t click it!
END USER RISK MITIGATIONBEST PRACTICES
![Page 25: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/25.jpg)
Update on Ransomware Technology
Detect | Prevent | Mitigate
System Mitigation Tools
![Page 26: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/26.jpg)
Update on Ransomware Technology
rethink BACKUP
start thinkingCONTINUITY
![Page 27: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/27.jpg)
Update on Ransomware Technology
Source: Datto
![Page 28: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/28.jpg)
Update on Ransomware Technology
Engage Security Experts
Conduct Security Risk AssessmentTrain your EmployeesProtect network and devicesKeep software up to dateCreate cybersecurity policiesBack up data frequentlyTest restoresEnable Uptime
Option 1
Where do we go from here?
Option 2
![Page 29: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/29.jpg)
Update on Ransomware Technology
✔ Assess
✔ Educate
✔ Reinforce Awareness
✔ Measure Your Employee’s Security Effectiveness
✔ Create Human Firewalls
✔ Create a security awareness culture
Risk MitigationBest Practices
![Page 30: Update on Ransomware Technology · Example 1 Example 2 Beware of attachments! Beware of sender & links! Update on Ransomware Technology Sample Ransom Demand. Whaling Emails Enter](https://reader034.vdocument.in/reader034/viewer/2022051919/600c077545684039426698a5/html5/thumbnails/30.jpg)
Update on Ransomware Technology
Contact Information
Justin [email protected]
Brian T [email protected]