The information in this presentation is marked as:

Slides:



Advertisements
Similar presentations
Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.
Advertisements

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
© Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.
Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.
December 4 th 2015 Intelligence Briefing NOT PROTECTIVELY MARKED.
January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED.
©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.
Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.
1 Outline of this module By the end of this module you will be able to: Understand why computer security is important; Name the different threats to.
Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:
Protecting Against Cyber Attacks PLEASE TAKE A MINUTE TO LOOK AT THIS IMPORTANT MESSAGE. THIS IS HAPPENING HERE AND NOW! LET US SAVE YOU AND YOUR INFORMATION.
INSIDER THREATS BY: DENZEL GAY COSC 356. ROAD MAP What makes the insider threat important Types of Threats Logic bombs Ways to prevent.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
Important Information Provided by Information Technology Center
Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC
“How to Protect Yourself”
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Karsten Chearis Sales Engineer.
Security Issues in Information Technology
Leverage the Cloud to Minimize the Impact of Ransomware
CISOs Guide To Communicating WNCRY.
Ilija Jovičić Sophos Consultant.
Ransomware: 50 Shades of Pain
PHISHING Hi, The comms team asked if I could refresh everyone about Phishing after a fairly successful phishing circulated last week that led to.
[Internal Use] for Check Point employees​
What Does GDPR mean for you
Learn how to protect yourself against common attacks
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Michael Burke.
links and attachments: Help stop malware from spreading
Information Security.
The Legal System and Ethics in Information Security
I S P S loss Prevention.
Cyber Security & IT: What’s Next?
Cyber Security Awareness Workshop
Data Compromises: A Tax Practitioners “Nightmare”
Trends in Ransomware Distribution
How to Protect Yourself from ID Theft and Social Engineering
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them David Hood Director of Technology Marketing.
Joe, Larry, Josh, Susan, Mary, & Ken
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Michael Bird Team Lead, Account Executive.
ADVANCED PERSISTENT THREATS (APTs) - Simulation
Encryption Ransomware
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Michael Vanderhoff.
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Matthew Gardiner Product Marketing.
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
Cybersecurity Awareness
IT Security awareness Training.
Mary Kummer Jim McNall PRIMA Spring Training 2018
4 ways to stay safe online 1. Avoid viruses and phishing scams
Information Security Session October 24, 2005
Threat Landscape for Data Security
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Andrew Cotton.
Join In Be Secure Presentation
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Matthew Gardiner Product Marketing.
Network Security Best Practices
WannaCry Ransomware Overview
9 ways to avoid viruses and spyware
Anatomy of a Large Scale Attack
Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino
Business Compromise and Cyber Threat
OHIO GAS ASSOCIATION SECURITY AND THREAT INTELLIGENCE MARCH 2018
Cybersecurity Simplified: Phishing
Cybersecurity Simplified: Ransomware
“Workplace Behaviour: Activating your greatest security asset”
Online Safety; Privacy and Sharing
Presentation transcript:

The information in this presentation is marked as: 29/12/2018 The information in this presentation is marked as: Protection level eu-LISA PUBLIC 04/04/17 • IEBN Business Network Event

Ransomware The human factor 29/12/2018 04/04/17 • IEBN Business Network Event Protection level eu-LISA PUBLIC

29/12/2018 Digital extortion www.itvscience.com

Anatomy of the digital extortion 29/12/2018 Anatomy of the digital extortion Different families of ransomware Lifecycle includes: infection, installation, handshake with C², encryption Infections through the web or emails Might require the active participation of the victims

Phishing is the tool Use of the emotion (fear, curiosity, greediness) 29/12/2018 Phishing is the tool Use of the emotion (fear, curiosity, greediness) it can affect our ability to think critically Impact the decision making process Force you to click

29/12/2018 Coinbase phishing

29/12/2018 UPS Phishing

29/12/2018 RSA phishing

Awareness in eu-LISA Technology alone cannot keep you safe 29/12/2018 Awareness in eu-LISA Technology alone cannot keep you safe Systematic security briefing for the personnel (the weakest link) Security is a shared responsibility Keep company and employees safe Phishing is a real threat

Awareness in eu-LISA Critical thinking Is the sender someone I know? 29/12/2018 Awareness in eu-LISA Critical thinking Is the sender someone I know? Was the email awaited? Are the requests reasonable? Does it trigger any emotion? Does it request to take an (immediate) action?

Hover links through emails 29/12/2018 Awareness in eu-LISA Hover links through emails Move the mouse over the link But DO NOT CLICK! Reveals where the link wants you to go Make sure it is a legitimate address

Awareness in eu-LISA URL Deciphering 29/12/2018 Awareness in eu-LISA URL Deciphering Attackers may buy domains that resemble the real domain “–” instead of a “.” as a subdomain separator Trusted- … secure- … is a different domain! http://secure-YOURBANK.com

OhMyGod: I have clicked… 29/12/2018 Awareness in eu-LISA OhMyGod: I have clicked…

Awareness in eu-LISA Report it using the designated channel 29/12/2018 Awareness in eu-LISA Report it using the designated channel Thank you approach (no blame) Do not: Forward the suspected email Copy and paste links Delete the malicious email

Policy and procedures Encourage safe behavior 29/12/2018 Policy and procedures Encourage safe behavior Use of corporate email address Where to store relevant information Good, old, offline backups Convenient way to report incidents

Liaise with relevant authorities 29/12/2018 Liaise with relevant authorities CERTs Law enforcement Eu Agencies

29/12/2018 The Hamletic doubt A loud no! But…

The Hamletic doubt A loud no (in principle) 29/12/2018 The Hamletic doubt A loud no (in principle) The answer can be more complicated…

The Hamletic doubt Why do not: 29/12/2018 The Hamletic doubt Why do not: No guarantee that you will have your files back You would support the organised crime You would encourage perpetrators do continue As a good payer, you will be targeted soon again

The Hamletic doubt But that is not how the world works! 29/12/2018 The Hamletic doubt But that is not how the world works! What if restoring costs more that the ransom? Life or death matter (medical systems) Business critical systems Btw, how do we buy bitcoins?

29/12/2018 Conclusions Malware is not pastime for youngsters, it’s a real business! Phishing/malware is going to continue to be a problem Phishing/malware education in the security awareness program Develop a response program

Conclusions Understand regulatory reporting requirement 29/12/2018 Conclusions Understand regulatory reporting requirement Have a ransom strategy Exercise it! Whatever is the ransom strategy, plan ahead!

29/12/2018 QUESTIONS?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.