So… what is ransomware? #SPICECORPS.

Slides:



Advertisements
Similar presentations
Keep Your PC Safe (Windows 7, Vista or XP) Nora Lucke 02/05/2012 Documents - security.
Advertisements

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Viruses and Spyware. What is a Virus? A virus can be defined as a computer program that can reproduce by changing other programs to include a copy of.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.
eScan Total Security Suite with Cloud Security
Cyber Patriot Training
Networking Security Chapter 8 powered by dj. Chapter Objectives  Explain various security threats  Monitor security in Windows Vista  Explain basic.
11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.
Windows 2003 Installation/Upgrade and Update. Checking Compatibility Supported Upgrade paths Using the MS Windows Upgrade Advisor HCL (Hardware Compatibility.
C HAPTER 2 Introduction to Windows XP Professional.
Virus and anti virus. Intro too anti virus Microsoft Anti-Virus (MSAV) was an antivirus program introduced by Microsoft for its MS-DOS operating system.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Kaspersky Small Office Security INTRODUCING New for 2014!
Overview Microsoft Windows XP Pro (SP2) Microsoft Windows Server 2003 User accounts and groups File sharing and file permissions Password/Lockout Policy.
Information Systems Design and Development Security Precautions Computing Science.
Cosc 4765 Antivirus Approaches. In a Perfect world The best solution to viruses and worms to prevent infected the system –Generally considered impossible.
Protecting Against Cyber Attacks PLEASE TAKE A MINUTE TO LOOK AT THIS IMPORTANT MESSAGE. THIS IS HAPPENING HERE AND NOW! LET US SAVE YOU AND YOUR INFORMATION.
ICAICT201A USE COMPUTER OPERATING SYSTEM. USING THE CONTROL PANEL The Control Panel contains many options for configuring your computer, including: adding.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Computer Maintenance Software Configuration: Evaluating Software Packages, Software Licensing, and Computer Protection through the Installation and Maintenance.
Tech Level Cyber Security Lesson 7
Chapter 40 Internet Security.
WannaCry/WannaCrypt Ransomware
Ransomware Guidance For Health Centers
CISOs Guide To Communicating WNCRY.
WannaCry/WannaCrypt Ransomware
Managing Windows Security
Three steps to prevent Malware infection
What they are and how to protect against them
Ransomware 12:00 Juwan harris.
Ilija Jovičić Sophos Consultant.
Working at a Small-to-Medium Business or ISP – Chapter 8
Critical Security Controls
Chapter 6 Application Hardening
Common Methods Used to Commit Computer Crimes
A+ Guide to Managing and Maintaining Your PC, 7e
Unit 4 IT Security.
Lesson 3 Safe Computing.
Systems Security Keywords Protecting Systems
CompTIA Server+ Certification (Exam SK0-004)
How to build a good reputation online
Trends in Ransomware Distribution
Threat Management Gateway
Home Computer Security
Microsoft Windows XP Inside Out Second Edition
Firewalls.
Rootkit A rootkit is a set of tools which take the ability to access a computer or computer network at administrator level. Generally, hackers install.
A Trojan is a computer program that contains the malicious code and it misleads users and user's computer. It aims to designed to perform something is.
Teaching Computing to GCSE
Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.
Call AVG Antivirus Support | Fix Your PC
How to Fix QuickBooks 2018 Installation Error? Call Us: +1(800)
Avast - Antivirus | Internet Security. Introduction Avast Antivirus is afamily of internet security application developed by Avast for windows,mac OS,
5 ways to keep your work safe and secure
Unit 27: Network Operating Systems
Nessus Vulnerability Scanning
Computer Maintenance Software Configuration: Evaluating Software Packages, Software Licensing, and Computer Protection through the Installation and Maintenance.
Information Security Session October 24, 2005
Healthcare Cloud Security Stack for Microsoft Azure
TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.
Pack Your Park by Modernizing Your Business Online
Watchdog Anti malware is reliable application and a multi engine scanner, which can detect various malicious files, worms, malware and other online threats.
Healthcare Cloud Security Stack for Microsoft Azure
Why Cyber Security is important to SME? Useful Tips on how you protect and secure your business. By Ronald Soh from Win-Pro Consultancy Pte Ltd
Cybersecurity Simplified: Ransomware
Presentation transcript:

So… what is ransomware? #SPICECORPS

#SPICECORPS

POLL: Who’s been hit by ransomware? #SPICECORPS

How an exploit kit works #SPICECORPS

Spiceworks surveyed over 300 IT pros about ransomware… here’s what we found... #SPICECORPS

#SPICECORPS

#SPICECORPS

#SPICECORPS

Now switching gears a bit… shout it out: What’s the difference between ransomware and regular malware? #SPICECORPS

#SPICECORPS

Shout it out if you know: What are examples of ransomware? What are the most notorious strains?(hint: Cryptowall & Cryptolocker) #SPICECORPS

Has anyone experienced Cryptowall? Has anyone experienced Cryptolocker? #SPICECORPS

#SPICECORPS

#SPICECORPS

Has anyone here experienced ransomware other than Cryptolocker and/or Cryptowall? #SPICECORPS

To pay, or not to pay? THAT IS THE QUESTION… #SPICECORPS

A lot of people say to pay because it’s quick to get files unlocked Others say DO NOT pay What would you do / what have you done? #SPICECORPS

AND… How can you protect against ransomware? First step: Look it in the face like so: AND… #SPICECORPS

Here are 11 ways to prevent it… #SPICECORPS

#SPICECORPS 1. Back up your data (duh) 2. Show hidden file-extensions One way Cryptolocker frequently arrives is in a file that is named with the extension “.PDF.EXE”, counting on Window’s default behavior of hiding known file-extensions. If you re-enable the ability to see the full file-extension, it can be easier to spot suspicious files. 3. Filter EXEs in email If your gateway mail scanner has the ability to filter files by extension, you may wish to deny mails sent with “.EXE” files, or to deny mails sent with files that have two file extensions, the last one being executable (“*.*.EXE” files, in filter-speak). If you do legitimately need to exchange executable files within your environment and are denying emails with “.EXE” files, you can do so with ZIP files (password-protected, of course) or via cloud services. #SPICECORPS

4. Disable files running from AppData/LocalAppData folders Create rules within Windows or with Intrusion Prevention Software, to disallow a particular, notable behavior used by Cryptolocker, which is to run its executable from the App Data or Local App Data folders. 5. Use the Cryptolocker Prevention Kit This kit automates the process of making a Group Policy to disable files running from the App Data and Local App Data folders, as well as disabling executable files from running from the Temp directory of various unzipping utilities. This tool updates as new techniques are discovered for Cryptolocker, so you will want to check in periodically to make sure you have the latest version. If you need to create exemptions to these rules, they provide this document that explains that process. 6. Disable RDP The Cryptolocker/Filecoder malware often accesses target machines using Remote Desktop Protocol (RDP), a Windows utility that allows others to access your desktop remotely. If you do not require the use of RDP, you can disable RDP to protect your machine from Filecoder and other RDP exploits. For instructions to do so, visit the appropriate Microsoft Knowledge Base article: Windows XP RDP disable | Windows 7 RDP disable | Windows 8 RDP disable #SPICECORPS

7. Patch or Update your software Update your software often 7. Patch or Update your software Update your software often. Some vendors release security updates on a regular basiis, but there are often “out-of-band” or unscheduled updates in case of emergency. Enable automatic updates if you can, or go directly to the software vendor’s website, as malware authors like to disguise their creations as software update notifications too. 8. Use a reputable security suite It is always a good idea to have both anti-malware software and a software firewall to help you identify threats or suspicious behavior. 9. Disconnect from WiFi or unplug from the network immediately 10. Use System Restore to get back to a known-clean state 11. Set the BIOS clock back Cryptolocker has a payment timer that is generally set to 72 hours, after which time the price for your decryption key goes up significantly. You can “beat the clock” somewhat, by setting the BIOS clock back to a time before the 72 hour window is up. #SPICECORPS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.