Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The Digital Hostage: Ransomware in the Workplace

Chris Cooper
July 05, 2017
Technology
0
110

The Digital Hostage: Ransomware in the Workplace

A talk about ransomware - particularly the impact of attacks on businesses. Takes the audience through the anatomy of ransomware and how it has evolved, culminating in the best ways to prevent, prepare for and respond to ransomware attacks.

The accompanying handout can be viewed here: https://goo.gl/ARHDPJ

Presented to The Insurance Institute of Sussex (a local section of the Chartered Insurance Institute) on 5th July 2017.

http://www.ciibrighton.org.uk/

Chris Cooper

July 05, 2017
Tweet

More Decks by Chris Cooper

See All by Chris Cooper
People Security and Social Engineering
itscooper
0
120
Keeping Your Data Secure: A Guide for Human Beings
itscooper
0
190
E-Safety: How technology can protect us from technology
itscooper
0
320
Social Engineering: How to Rob a Bank with a Phone
itscooper
0
210
The Cookie Monster (and other web security exploits)
itscooper
3
370
Hacking the Box (Joseph Sheridan)
itscooper
1
290
Breaking Stuff: What Ethical Hacking Has Taught Me
itscooper
1
150

Other Decks in Technology

See All in Technology
低レイヤを知りたいPHPerのためのCコンパイラ作成入門 / Building a C Compiler for PHPers Who Want to Dive into Low-Level Programming
tomzoh
0
210
AWSLambdaMCPServerを使ってツールとMCPサーバを分離する
tkikuchi
1
2.6k
フロントエンドも盛り上げたい!フロントエンドCBとAmplifyの軌跡
mkdev10
2
250
MCPを活用した検索システムの作り方/How to implement search systems with MCP #catalks
quiver
11
4.7k
7,000名規模の​ 人材サービス企業における​ プロダクト戦略・戦術と課題​ / Product strategy, tactics and challenges for a 7,000-employee staffing company
techtekt
0
270
ソフトウェア開発現代史: "LeanとDevOpsの科学"の「科学」とは何か? - DORA Report 10年の変遷を追って - #DevOpsDaysTokyo
takabow
0
200
”知のインストール”戦略:テキスト資産をAIの文脈理解に活かす
kworkdev
PRO
9
4.2k
AIと開発者の共創: エージェント時代におけるAIフレンドリーなDevOpsの実践
bicstone
1
250
SRE NEXT CfP チームが語る 聞きたくなるプロポーザルとは / Proposals by the SRE NEXT CfP Team that are sure to be accepted
chaspy
1
580
「それはhowなんよ〜」のガイドライン #orestudy
77web
9
2.4k
SREの視点で考えるSIEM活用術 〜AWS環境でのセキュリティ強化〜
coconala_engineer
1
260
ElixirがHW化され、最新CPU/GPU/NWを過去のものとする数万倍、高速+超省電力化されたWeb/動画配信/AIが動く日
piacerex
0
110

Featured

See All Featured
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
233
17k
Typedesign – Prime Four
hannesfritz
41
2.6k
The Power of CSS Pseudo Elements
geoffreycrofte
75
5.8k
GraphQLの誤解/rethinking-graphql
sonatard
71
10k
Optimizing for Happiness
mojombo
377
70k
Statistics for Hackers
jakevdp
798
220k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
19
1.1k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
104
19k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
13
660
Fireside Chat
paigeccino
37
3.4k
Scaling GitHub
holman
459
140k

Transcript

  1. 3"/40.8"3& JOUIF8PSLQMBDF $ISJT$PPQFSc4FDVSJUZ$POTVMUBOU

  2. 3BOTPNXBSFJTBUZQFPG NBMXBSFUIBUBJNTUPFYUPSU NPOFZGSPNUIFWJDUJN

  3. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  4. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  5. */'&$5*0/ 

  6. */'&$5*0/.&5)0%4

  7. */'&$5*0/.&5)0%4 &."*- 530+"/)034&7*" ","1)*4)*/(

  8. */'&$5*0/.&5)0%4 64# 530+"/)034&7*" %3*7&4 ","#"*5*/(

  9. */'&$5*0/.&5)0%4 */45"--&% 530+"/)034&7*" 40'58"3&

  10. */'&$5*0/.&5)0%4 ."-*$064 530+"/)034&7*" 8&#4*5&4

  11. */'&$5*0/.&5)0%4 76-/&3"#*-*5*&4

  12. */'&$5*0/.&5)0%4 */45"--&%40'58"3& &."*- 64#%3*7&4 ."-*$*0648&#4*5&4 76-/&3"#*-*5*&4

  13. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  14. 1":-0"% 

  15. 1":-0"%4

  16. 1":-0"%4 4$"3&8"3&

  17. 1":-0"%4 -0$,&3

  18. 1":-0"%4 $3:150

  19. "*%45SPKBO

  20. (QDPEF",

  21. $SZQUP-PDLFS

  22. 1":-0"%4 -&",8"3&

  23. &QJD

  24. 1":-0"%4 4$"3&8"3& $3:150 -0$,&3 -&",8"3&

  25. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  26. 413&"% 

  27. %*44&.*/"5*0/.&5)0%4

  28. %*44&.*/"5*0/.&5)0%4 /0/& -0$"-*/'&$5*0/0/-:

  29. %*44&.*/"5*0/.&5)0%4 ."11&% /&5803, %3*7&4

  30. %*44&.*/"5*0/.&5)0%4 6/."11&% /&5803, %3*7&4

  31. %*44&.*/"5*0/.&5)0%4 5)&%*(*5"-,*/% 803.4

  32. %*44&.*/"5*0/.&5)0%4 /0/& 6/."11&%%3*7&4 ."11&%%3*7&4 803.4

  33. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  34. 3"/40. 

  35. 1":.&/5.&5)0%4 3BOTPNXBSFIBTIJTUPSJDBMMZ MFWFSBHFEBSBOHFPGQBZNFOU NFUIPETUIBUBSFIBSEUPUSBDF TVDI BT10#PYFTBOEQSFQBJEDBSET /PXBEBZT NPTUVTF#JUDPJOPSPUIFS DSZQUPDVSSFODJFT

  36. #*5$0*/ #JUDPJOJTEFDFOUSBMJTFEBOEDBOCF MFWFSBHFEUPBDIJFWFBOPOZNJUZ EFTQJUFUIFQVCMJDMFEHFS  #JUDPJOTDBOPGUFOCFMBVOEFSFEWJB NFUIPETUIBUBSFEJ⒏DVMUUPUSBDF

  37. None

  38. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  39. 3"/40.8"3& JNQBDUT #64*/&44&4 1. by encrypting network shares and spreading

    2. by disrupting continuity 3. by never recovering data

  40. “I don't know who you are. I don't know what

    you want. If you are looking for ransom, I can tell you I don't have money. But what I do have are a very particular set of skills, skills I have acquired over a very long career. Skills that make me a nightmare for people like you.”

  41. 13&7&/5 XJUIHPPEEJHJUBMIZHJFOF 1. keep software packages up-to-date 2. guard against

    phishing 3. guard against baiting 4. employ caution when visiting websites 5. employ caution when installing software 6. install and maintain anti-virus

  42. 13&1"3& GPSUIFVOFYQFDUFE 1. regularly backup 2. check and test your

    backups 3. employ the principle of least privilege 4. consider having a playbook or procedure in-place

  43. 3&410/% UPBUUBDLT 1. isolate infected machines 2. protect backups 3.

    do not pay the ransom 4. report internally and to the police
 (http://www.actionfraud.police.uk/)

  44. 3"/40.8"3& JOUIF8PSLQMBDF $ISJT$PPQFSc4FDVSJUZ$POTVMUBOU