Download presentation
Presentation is loading. Please wait.
Published byRoland Gibson Modified over 9 years ago
1
A Growing Threat Debbie Russ 1/28/2015
2
What is Ransomware? A type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) to restore access. Encrypting - encrypts files on the victims computer and then demands money for a private key to decrypt the files. Non-encrypting - restricts access to the computer often by setting the Windows shell to itself or modifying the boot record until a “fix” is purchased from the creator(s).
3
Examples of Ransomware Reveton CryptoLocker Email threats
4
Reveton Nicknamed the “police trojan” Displays a message from “authorities” (local police station, FBI, etc.) saying that your computer has been locked because illegal material was found and the user must pay a fine to have it unlocked Pornographic material Pirated music, movies, etc. Often displays the correct name and logo for area authorities Can contain footage from the computer’s webcam to make the user believe their actions are being recorded All bad??
5
Reveton
6
CryptoLocker Displays a message saying that your computer has been encrypted and you must pay to obtain the key to decrypt your files If not paid within a certain amount of time (usually 72 hours) the key will be destroyed More recent versions allow users to decrypt a few files for free to prove they can be recovered Creator(s) have been known to make over $30 million in just a few months
7
CryptoLocker
8
Email Threats Sony Three days before the attacks that crippled Sony Pictures, the hackers sent an email to two executives that claimed to “do great damage to the company” if they weren’t paid Apparently they didn’t pay…. Clay County Hospital in Flora, Illinois The hospital received an email containing patient names, addresses, Social Security numbers and dates of birth The sender threatened to make the information public unless “a substantial payment from the hospital” was made
9
Predictions for 2015 The healthcare industry is at a particularly high risk The mandate to move to electronic records The sensitive nature of health care data The immaturity of the information security practices that exist in the health care industry today The cost of compromise could range from an inconvenience to loss of life Targeted extortion-ware An expansion on ransomware that targets users that have something to hide and threatens to expose evidence of infidelity, incriminating data, etc. Much more targeted but the payment amount requested will be much higher per victim Victims are much less likely to involve law enforcement due to the sensitive nature of the data
10
Predictions for 2015 cont… McAfee predicts that ransomware variants will specifically target endpoints that subscribe to cloud- based storage solutions Once the endpoint has been infected, the ransomware will attempt to exploit the logged-on user’s stored credentials to also infect backed-up cloud storage data McAfee also predicts a rise in ransomware targeting mobile devices using virtual currency as the ransom payment method. Bitcoin has become a very popular method for payment requests because the requestor can remain anonymous
11
Links SC Magizine - Expect more ransomware and 'extortionwoare' in 2015 SC Magizine - Expect more ransomware and 'extortionwoare' in 2015 McAfee Threats Predicitions The Sony Hack and the Rise of Cyber Ransoms New CTB-Locker Variant Allows Victims to Recover 5 Files for Free New CTB-Locker Variant Allows Victims to Recover 5 Files for Free Patient data held for ransom at rural Illinois hospital SentinelOne Labs - Advanced Threat Intelligence Report - 2015 Predictions SentinelOne Labs - Advanced Threat Intelligence Report - 2015 Predictions Ransomware to Target Cloud Storage in 2015 – Are You Ready? Ransomware to Target Cloud Storage in 2015 – Are You Ready?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.