Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ransomware 12:00 Juwan harris.

Published byGillian Ryan Modified over 6 years ago

Similar presentations

Presentation on theme: "Ransomware 12:00 Juwan harris."— Presentation transcript:

1 ransomware 12:00 Juwan harris

2 What is ransomware? Ransomware is a form of malware that installs itself onto a device Ransomware denies a user access to Their files Their device The user can regain access if they play the ransom This ransom is normally paid in bit coins

3 History 1989 First ransomware Joseph L. Popp AIDS Trojan 2006
Archievus First ransomware that uses asymmetric encryption 2013 Cryptolocker Spread by compromised website Operation Tovar 2014 Koler First self-propagating ransomware CTB-locker First ransomware that deletes shadow copies

4 Ransomware trends Ransomware overall are on the rise
Spikes represent the release of a new Ransomware

5 Ransomware trends The amount of ransomware created has been on the rise Mostly due to the success of crypto-ransomware How easy it is to create locks and crypto ransomware

6 Categories of ransomware
Ransomware is divided into four categories Misleading apps- ransomware that pretends to be another app Locker – ransomware that denies user access to their device Ex FBI MoneyPak Fake antivirus – ransomware that pretend to be an antivirus program Ex Security Essentials 2010 Cryto-ransomware – encrypts users files to prevent access to user files. Ex locky

7 Biggest ransomware Most successful ransomware are the ones that have complex exploit and large phishing campaigns

8 Tescrypt Alert level severe
Copies itself to appdata, userprofile and systemroot folders uses a random seven character name for its exe Changes registry key Encrypts and renames file with a certain extension Also deletes shadow copy Intel has a tool that can decrypt certain files Accesses game related files Store user information to servers

9 Lockey Encrypt files and renames them to be a .locky file
Encrypts network drives Encrypt bit coin files Spread with a huge campaign pretends to be an invoice Changes registry to run on start up Hard coded with the option to not run on Russian pc Removes the windows flag that marks a file downloaded from the internet Has a lot of similarities to Dridex

10 Chimera Spread through emails encrypts user’s data
Publishes users data if the ransom is not paid Keys was leaked

11 FBI MoneyPak Example of a locker
Relies on tricking the users to pay the fine Does not encrypt files Can be remove without the lost of data

12 Security Essentials 2010/Fakeinit
Tries to mimic Microsoft Security Essentials Pretends that other real antivirus and there program are viruses Askes for payment for the full version Monitors web traffic and blocks certain sites

13 ransomware Attack vectors
Exploit kit – attacks by using a vulnerabilities mostly happens by using advertisements Malicious attachments Portable executable Malicious macro Malicious link

14 Ways to protect yourself from ransomware
Back up important file Be care on what links you click and attachment you open Disable files running from AppData/LocalAppData folders Make sure everything is updated Install Microsoft Office viewers Do not pay the ransom Educate other user about ransomware

15 Who Pays?

16 Analytic in cyber security
Was not seen as a big way to fight cybercrime until recently Uses data created from previous attacks to prevent future ones Question answered by analytic What will happen? What happened? why did it happen? What should you do when this happens?

17 Evolution of analytics
1.0 (outdated) Released sometime in 2008 Uses Internal company data only Mostly reactive 2.0 current Uses data from outside sources via big data 3.0 leading/future uses machine learning and big data to prevent attacks Proactive

18 Ransomware target The consumer is the biggest target of ransomware
Lack of advance protection, threat analysis, Lack of knowledge on the subject Services are the biggest target organization Has large amount of internet usage Does not require the security protection that finance and utilities need

19 Hospital as an attack target
Hospital faces a large threat from ransomware Lack of centralize network Modernize ER room large amount all ransomware attack target hospitals. Ransomware can deny hospital access to important patient data For example a hospital in California had to pay $17,000 to get a ransomware removed. Another hospital in Texas lost thousands of patient data for failing to pay the ransom.

20 Future of ransomware attacks
Target internet of things devices New ways to infect users

21 Work cited

Download ppt "Ransomware 12:00 Juwan harris."

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Data Security.

Data Security.
Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.

Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Unit 2 - Hardware Computer Security.

Unit 2 - Hardware Computer Security.
Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.

Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.
Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.

Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.
Computer Viruses and Worms By: Monika Gupta Monika Gupta.

Computer Viruses and Worms By: Monika Gupta Monika Gupta.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Malicious Software.

Malicious Software.
Module 2.2 1. 2  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.

n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.
Copyright © 2015 Cyberlight Global Associates Cyberlight GEORGIAN CYBER SECURITY & ICT INNOVATION EVENT 2015 Tbilisi, Georgia19-20 November 2015 Hardware.

Copyright © 2015 Cyberlight Global Associates Cyberlight GEORGIAN CYBER SECURITY & ICT INNOVATION EVENT 2015 Tbilisi, Georgia19-20 November 2015 Hardware.
January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED.

January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED.
W elcome to our Presentation. Presentation Topic Virus.

W elcome to our Presentation. Presentation Topic Virus.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Similar presentations

Ads by Google