Date post: | 15-Apr-2017 |
Category: |
Internet |
Upload: | eric-vanderburg |
View: | 101 times |
Download: | 5 times |
© 2016 JURINNOV, LLC All Rights Reserved.
RansomwareDECEMBER 7, 2016
LEARN ABOUT 2016’S GREATEST MALWARE THREAT
© 2016 JURINNOV, LLC All Rights Reserved.
Eric VanderburgDirector of CybersecurityVarious certifications including MCSE, CISSP and HISPLicensed private investigatorMBA from Kent State University18 years experience in IT and cybersecurityAuthor and regular presenter
© 2016 JURINNOV, LLC All Rights Reserved.
Topics• Definition• Target• Effects• Ransoms• Examples• Statistics• Threat Vectors
© 2016 JURINNOV, LLC All Rights Reserved.
What is Ransomware? Ransomware - Ransomware is a form of malware that infects a computer, encrypts data on the computer and sometimes attached network drives, and then demands a ransom payment to get the decryption keys. Ransomware as a Service (RaaS) – Ransomware authors license ransomware to distributors in a revenue sharing model.
© 2016 JURINNOV, LLC All Rights Reserved.
Target
Enterprise apps /
databases
Work product
Contacts
Photos
Multimedia
Data is the lifeblood of your business
© 2016 JURINNOV, LLC All Rights Reserved.
Effects of ransomware
Encrypted files Encrypted drives Encrypted databases
Encrypted backups
© 2016 JURINNOV, LLC All Rights Reserved.
Ransoms Ransoms range from 0.5 – 5 bitcoins
Bitcoin valued at 767 USD or 719 EUR as of December, 2016
Ransoms for organizations are far more
© 2016 JURINNOV, LLC All Rights Reserved.
Hollywood Presbyterian
Network offline for a week Email and patient data unavailable Had to use paper records and send some patients to other hospitals Paid $17,000 to decrypt filesDate:
February, 2016
Ransomware:LOCKY
© 2016 JURINNOV, LLC All Rights Reserved.
MedStar Health
Couldn’t update thousands of patient records. 10 hospitals and more than 250 outpatient centers to shut down their computers and email Paid $18,500 to decrypt filesDate:
March, 2016Ransomware:SAMSAM
© 2016 JURINNOV, LLC All Rights Reserved.
Kansas Heart Hospital
Widespread infection throughout the hospital Paid the ransom but did not get the decryption keys
Date:May, 2016Ransomware:SAMSAM
© 2016 JURINNOV, LLC All Rights Reserved.
San Francisco Municipal Transportation
No fares collected on Black FridayHad to use paper recordsExtortionist demanded $73,000 SFMTA refused to pay
Date:November, 2016Ransomware:HDDCryptor
© 2016 JURINNOV, LLC All Rights Reserved.
Hundreds of new ransomware variants just this year this year (over 400% increase since 2015)
Stats
KeRanger
PayCrypt
JobCryptor
HiBuddy
HydraCryptVipasana
UmbrecryptLOCKY
CryptoJocker
Nanolocker
LeChiffreMagic
Ginx
73v3n
Mamba
HDDCryptor
SAMSAMPowerware
Peyta
Jigsaw
Cerber
Radamant Rokku
© 2016 JURINNOV, LLC All Rights Reserved.
Hostage Data
System Vulnerabilities
Social Engineering
Malvertizing
EmailSocial media Instant
messaging
SMS
Drive by
Shared folders and cloud data
Threat vectors
© 2016 JURINNOV, LLC All Rights Reserved.
Questions?FOR MORE INFORMATION:WWW.JURINNOV.COM [email protected]