Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by Martin Šimek Ransomware, Internet of Things and Botnets vs. Control.

Published byAgatha French Modified over 8 years ago

Similar presentations

Presentation on theme: "Presented by Martin Šimek Ransomware, Internet of Things and Botnets vs. Control."— Presentation transcript:

1 Presented by Martin Šimek Ransomware, Internet of Things and Botnets vs. Control

2 Agenda Ransomware The Internet of Things Botnets

3 Ransomware

4 Ransomware – definition Ransom  The practice of holding a prisoner or item to extort money to secure their release. Ransomware  Malicious software holding your files as prisoners to extort money to secure their release.

5 Cryptolocker Encrypts your files  Files are present but unreadable  No need of transfer and remote storage  Files can be decrypted only by private key You must pay money to get the key  Bitcoins  TOR sites

6 Cryptolocker – Email infection “Image: works.jpeg” http://fickmonster.blogspot.cz/2015/09/how- ransomware-spreads-and-how-it-works.html

7 Cryptolocker – Fake update site

8 Cryptolocker – Ramification

9 Cryptolocker – sequels

10 Ransomware – workstation protection Up-to-date antivirus  Emails and websites are transferred encrypted  Endpoint workstation can see them plain Up-to-date software  Zero day vulnerabilities elimination Employee training  Learn to swim and don't swim in wild river

11 Ransomware – webfilter +

12 Ransomware – Intrusion prevention system

13 Ransomware – Application awareness

14 Ransomware – Protocol inspection

15 Ransomware – Antivirus

16 The Internet of Things

17 Home  Wi-fi router, fridge, lightbulb, printer, extension cord, thermostat Bussines  NAS, printer, IP phone, air condition, window blinds

18 The Internet of Things – pitfalls Low cost chips, small RAM, unprotected OS  No spare resources for self-defense Rapid development  Small to no focus on security Linux based  full-featured computer

19 The Internet of Things – Attack

20 The Internet of Things – Recovery Disconnect thing immediately Re-flash firmware or replace Thing Set strong password Perform system audit  Logs  Scan other systems

21 The Internet of Things – Prevention Strong password for Thing's administration Update Thing's firmware regularly Don’t buy second hand devices  Saving few euros might not pay off

22 The Internet of Things – Multiple interfaces

23 The Internet of Things – Access Don't expose Thing's web interface  Use VPN to access network behind firewall and then access Thing's web interface locally.  If exposing is necessary, use Reverse proxy

24 The Internet of Things – Reverse Proxy Only web port is exposed Firewall can see and filter all requests

25 Botnet

26 Set of computers enslaved by malware performing tasks assigned by master  Spam, DDoS Attack, Malware distribution, Bitcoin mining, clickfraud, spying on user Tasks are issued by command & control center

27 Botnet – attack “Image:Botnet.svg” https://commons.wikimedia.org/wiki/File:Botnet.svg

28 Botnet – recovery Scan computers in LAN by up-to-date antivirus Perform audit of firewall logs Negotiate blacklist removal if botnet operation gets your IP address there

29 Botnet – prevention Forbid access to the Internet underground  Webfilter & Content Rules Forbid botnet to call home  Blacklists, Security rules

30 Botnet – Blacklists & Security rules

31 Summary

Download ppt "Presented by Martin Šimek Ransomware, Internet of Things and Botnets vs. Control."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Guide to Network Defense and Countermeasures Third Edition

Guide to Network Defense and Countermeasures Third Edition
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Computerized Networking of HIV Providers Networking Fundamentals Presented by: Tom Lang – LCG Technologies Corp. May 8, 2003.

Computerized Networking of HIV Providers Networking Fundamentals Presented by: Tom Lang – LCG Technologies Corp. May 8, 2003.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

TECHNOLOGY GUIDE THREE Protecting Your Information Assets.
Trojan Virus By Forbes and Mark. What is a Trojan virus Trojans are malicious programs that perform actions that have not been authorised by the user.

Trojan Virus By Forbes and Mark. What is a Trojan virus Trojans are malicious programs that perform actions that have not been authorised by the user.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Similar presentations

Ads by Google