Presentation is loading. Please wait.

Presentation is loading. Please wait.

The information in this presentation is marked as:

Published byErika Cummings Modified over 5 years ago

Similar presentations

Presentation on theme: "The information in this presentation is marked as:"— Presentation transcript:

1 The information in this presentation is marked as:
29/12/2018 The information in this presentation is marked as: Protection level eu-LISA PUBLIC 04/04/17 • IEBN Business Network Event

2 Ransomware The human factor 29/12/2018
04/04/17 • IEBN Business Network Event Protection level eu-LISA PUBLIC

3 29/12/2018 Digital extortion

4 Anatomy of the digital extortion
29/12/2018 Anatomy of the digital extortion Different families of ransomware Lifecycle includes: infection, installation, handshake with C², encryption Infections through the web or s Might require the active participation of the victims

5 Phishing is the tool Use of the emotion (fear, curiosity, greediness)
29/12/2018 Phishing is the tool Use of the emotion (fear, curiosity, greediness) it can affect our ability to think critically Impact the decision making process Force you to click

6 29/12/2018 Coinbase phishing

7 29/12/2018 UPS Phishing

8 29/12/2018 RSA phishing

9 Awareness in eu-LISA Technology alone cannot keep you safe
29/12/2018 Awareness in eu-LISA Technology alone cannot keep you safe Systematic security briefing for the personnel (the weakest link) Security is a shared responsibility Keep company and employees safe Phishing is a real threat

10 Awareness in eu-LISA Critical thinking Is the sender someone I know?
29/12/2018 Awareness in eu-LISA Critical thinking Is the sender someone I know? Was the awaited? Are the requests reasonable? Does it trigger any emotion? Does it request to take an (immediate) action?

11 Hover links through emails
29/12/2018 Awareness in eu-LISA Hover links through s Move the mouse over the link But DO NOT CLICK! Reveals where the link wants you to go Make sure it is a legitimate address

12 Awareness in eu-LISA URL Deciphering
29/12/2018 Awareness in eu-LISA URL Deciphering Attackers may buy domains that resemble the real domain “–” instead of a “.” as a subdomain separator Trusted- … secure- … is a different domain!

13 OhMyGod: I have clicked…
29/12/2018 Awareness in eu-LISA OhMyGod: I have clicked…

14 Awareness in eu-LISA Report it using the designated channel
29/12/2018 Awareness in eu-LISA Report it using the designated channel Thank you approach (no blame) Do not: Forward the suspected Copy and paste links Delete the malicious

15 Policy and procedures Encourage safe behavior
29/12/2018 Policy and procedures Encourage safe behavior Use of corporate address Where to store relevant information Good, old, offline backups Convenient way to report incidents

16 Liaise with relevant authorities
29/12/2018 Liaise with relevant authorities CERTs Law enforcement Eu Agencies

17 29/12/2018 The Hamletic doubt A loud no! But…

18 The Hamletic doubt A loud no (in principle)
29/12/2018 The Hamletic doubt A loud no (in principle) The answer can be more complicated…

19 The Hamletic doubt Why do not:
29/12/2018 The Hamletic doubt Why do not: No guarantee that you will have your files back You would support the organised crime You would encourage perpetrators do continue As a good payer, you will be targeted soon again

20 The Hamletic doubt But that is not how the world works!
29/12/2018 The Hamletic doubt But that is not how the world works! What if restoring costs more that the ransom? Life or death matter (medical systems) Business critical systems Btw, how do we buy bitcoins?

21 29/12/2018 Conclusions Malware is not pastime for youngsters, it’s a real business! Phishing/malware is going to continue to be a problem Phishing/malware education in the security awareness program Develop a response program

22 Conclusions Understand regulatory reporting requirement
29/12/2018 Conclusions Understand regulatory reporting requirement Have a ransom strategy Exercise it! Whatever is the ransom strategy, plan ahead!

23 29/12/2018 QUESTIONS?

Download ppt "The information in this presentation is marked as:"

Similar presentations

Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.

Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.

Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
© 2008. Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.

© Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.
Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.

Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.
December 4 th 2015 Intelligence Briefing NOT PROTECTIVELY MARKED.

December 4 th 2015 Intelligence Briefing NOT PROTECTIVELY MARKED.
January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED.

January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED.
©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.

©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.
Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.

Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.
1 Outline of this module By the end of this module you will be able to: Understand why computer security is important; Name the different threats to.

1 Outline of this module By the end of this module you will be able to: Understand why computer security is important; Name the different threats to.
Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:

Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:
Protecting Against Cyber Attacks PLEASE TAKE A MINUTE TO LOOK AT THIS IMPORTANT MESSAGE. THIS IS HAPPENING HERE AND NOW! LET US SAVE YOU AND YOUR INFORMATION.

Protecting Against Cyber Attacks PLEASE TAKE A MINUTE TO LOOK AT THIS IMPORTANT MESSAGE. THIS IS HAPPENING HERE AND NOW! LET US SAVE YOU AND YOUR INFORMATION.
INSIDER THREATS BY: DENZEL GAY COSC 356. ROAD MAP What makes the insider threat important Types of Threats Logic bombs Ways to prevent.

INSIDER THREATS BY: DENZEL GAY COSC 356. ROAD MAP What makes the insider threat important Types of Threats Logic bombs Ways to prevent.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.

PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
Important Information Provided by Information Technology Center

Important Information Provided by Information Technology Center
Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC

Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC
“How to Protect Yourself”

“How to Protect Yourself”

Similar presentations

Ads by Google