Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The Digital Hostage: Ransomware in the Workplace

Chris Cooper
July 05, 2017
Technology
0
99

The Digital Hostage: Ransomware in the Workplace

A talk about ransomware - particularly the impact of attacks on businesses. Takes the audience through the anatomy of ransomware and how it has evolved, culminating in the best ways to prevent, prepare for and respond to ransomware attacks.

The accompanying handout can be viewed here: https://goo.gl/ARHDPJ

Presented to The Insurance Institute of Sussex (a local section of the Chartered Insurance Institute) on 5th July 2017.

http://www.ciibrighton.org.uk/

Chris Cooper

July 05, 2017
Tweet

More Decks by Chris Cooper

See All by Chris Cooper
People Security and Social Engineering
itscooper
0
88
Keeping Your Data Secure: A Guide for Human Beings
itscooper
0
180
E-Safety: How technology can protect us from technology
itscooper
0
290
Social Engineering: How to Rob a Bank with a Phone
itscooper
0
170
The Cookie Monster (and other web security exploits)
itscooper
2
300
Hacking the Box (Joseph Sheridan)
itscooper
1
260
Breaking Stuff: What Ethical Hacking Has Taught Me
itscooper
1
140

Other Decks in Technology

See All in Technology
DroidKaigi 2023 Unleashing the Power of Android Studio
mhidaka
2
1.4k
kanto_kaggler_senkin13
senkin13
0
320
UIコンポーネントライブラリをうまく使うためにできること / components-with-designer
mottox2
3
1.6k
JPOUG Tech Talk Night #7 ASAHI
asahihidehiko
0
190
Create the DTO System of your Dreams: stateOptions + entityClass
weaverryan
0
320
hacomonoポストモーテムの取り組み(2023/09)
hacomono
1
500
Goで実装された高速な
仮想待合室サーバの実装と詳解
pyama86
13
5.5k
サーバーレスは死なぬ!みんなEDA(Event Driven Architecture)として使ってるでしょ?
cyberarchitect
2
250
アジャイルリーダークイズ王 2023 #scrummikawa / agile leader quiz king 2023
kyonmm
PRO
1
300
KARTEのAPIサーバ化
line_developers
PRO
1
210
The Evolution of GraphQL Code Generation
n1ru4l
0
270
[PHPカンファレンス沖縄2023]【実践編】良いプロダクト作りのための組織育成 健全なコードは健全な組織、健全なチームから
ikezoemakoto
0
180

Featured

See All Featured
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
239
20k
How To Stay Up To Date on Web Technology
chriscoyier
780
250k
Mobile First: as difficult as doing things right
swwweet
214
8.2k
Unsuck your backbone
ammeep
660
56k
The Pragmatic Product Professional
lauravandoore
23
4k
Support Driven Design
roundedbygravity
91
9.2k
Gamification - CAS2011
davidbonilla
75
4.3k
RailsConf 2023
tenderlove
0
230
Visualization
eitanlees
131
13k
Atom: Resistance is Futile
akmur
257
24k
Large-scale JavaScript Application Architecture
addyosmani
501
110k
Writing Fast Ruby
sferik
615
59k

Transcript

  1. 3"/40.8"3&
    JOUIF8PSLQMBDF
    $ISJT$PPQFSc4FDVSJUZ$POTVMUBOU

    View Slide

  2. 3BOTPNXBSFJTBUZQFPG
    NBMXBSFUIBUBJNTUPFYUPSU
    NPOFZGSPNUIFWJDUJN

    View Slide

  3. "/"50.:
    */'&$5*0/

    1":-0"%

    413&"%

    3"/40.

    View Slide

  4. "/"50.:
    */'&$5*0/

    1":-0"%

    413&"%

    3"/40.

    View Slide

  5. */'&$5*0/

    View Slide

  6. */'&$5*0/.&5)0%4

    View Slide

  7. */'&$5*0/.&5)0%4
    &."*-
    530+"/)034&7*"
    ","1)*4)*/(

    View Slide

  8. */'&$5*0/.&5)0%4
    64#
    530+"/)034&7*"
    %3*7&4
    ","#"*5*/(

    View Slide

  9. */'&$5*0/.&5)0%4
    */45"--&%
    530+"/)034&7*"
    40'58"3&

    View Slide

  10. */'&$5*0/.&5)0%4
    ."-*$064
    530+"/)034&7*"
    8*5&4

    View Slide

  11. */'&$5*0/.&5)0%4
    76-/&3"#*-*5*&4

    View Slide

  12. */'&$5*0/.&5)0%4
    */45"--&%40'58"3&
    &."*-
    64#%3*7&4
    ."-*$*0648*5&4
    76-/&3"#*-*5*&4

    View Slide

  13. "/"50.:
    */'&$5*0/

    1":-0"%

    413&"%

    3"/40.

    View Slide

  14. 1":-0"%

    View Slide

  15. 1":-0"%4

    View Slide

  16. 1":-0"%4
    4$"3&8"3&

    View Slide

  17. 1":-0"%4
    -0$,&3

    View Slide

  18. 1":-0"%4
    $3:150

    View Slide

  19. "*%45SPKBO

    View Slide

  20. (QDPEF",

    View Slide

  21. $SZQUP-PDLFS

    View Slide

  22. 1":-0"%4
    -&",8"3&

    View Slide

  23. &QJD

    View Slide

  24. 1":-0"%4
    4$"3&8"3&
    $3:150
    -0$,&3
    -&",8"3&

    View Slide

  25. "/"50.:
    */'&$5*0/

    1":-0"%

    413&"%

    3"/40.

    View Slide

  26. 413&"%

    View Slide

  27. %*44&.*/"5*0/.&5)0%4

    View Slide

  28. %*44&.*/"5*0/.&5)0%4
    /0/&
    -0$"-*/'&$5*0/0/-:

    View Slide

  29. %*44&.*/"5*0/.&5)0%4
    ."11&%
    /&5803,
    %3*7&4

    View Slide

  30. %*44&.*/"5*0/.&5)0%4
    6/."11&%
    /&5803,
    %3*7&4

    View Slide

  31. %*44&.*/"5*0/.&5)0%4
    5)&%*(*5"-,*/%
    803.4

    View Slide

  32. %*44&.*/"5*0/.&5)0%4
    /0/&
    6/."11&%%3*7&4
    ."11&%%3*7&4
    803.4

    View Slide

  33. "/"50.:
    */'&$5*0/

    1":-0"%

    413&"%

    3"/40.

    View Slide

  34. 3"/40.

    View Slide

  35. 1":.&/5.&5)0%4
    3BOTPNXBSFIBTIJTUPSJDBMMZ
    MFWFSBHFEBSBOHFPGQBZNFOU
    NFUIPETUIBUBSFIBSEUPUSBDF TVDI
    BT10#PYFTBOEQSFQBJEDBSET
    /PXBEBZT NPTUVTF#JUDPJOPSPUIFS
    DSZQUPDVSSFODJFT

    View Slide

  36. #*5$0*/
    #JUDPJOJTEFDFOUSBMJTFEBOEDBOCF
    MFWFSBHFEUPBDIJFWFBOPOZNJUZ
    EFTQJUFUIFQVCMJDMFEHFS

    #JUDPJOTDBOPGUFOCFMBVOEFSFEWJB
    NFUIPETUIBUBSFEJ⒏DVMUUPUSBDF

    View Slide

  37. View Slide

  38. "/"50.:
    */'&$5*0/

    1":-0"%

    413&"%

    3"/40.

    View Slide

  39. 3"/40.8"3&
    JNQBDUT
    #64*/&44&4
    1. by encrypting network shares
    and spreading
    2. by disrupting continuity
    3. by never recovering data

    View Slide

  40. “I don't know who you are.
    I don't know what you
    want. If you are looking for
    ransom, I can tell you I
    don't have money. But
    what I do have are a very
    particular set of skills,
    skills I have acquired over a
    very long career. Skills that
    make me a nightmare for
    people like you.”

    View Slide

  41. 13&7&/5
    XJUIHPPEEJHJUBMIZHJFOF
    1. keep software packages up-to-date
    2. guard against phishing
    3. guard against baiting
    4. employ caution when visiting websites
    5. employ caution when installing
    software
    6. install and maintain anti-virus

    View Slide

  42. 13&1"3&
    GPSUIFVOFYQFDUFE
    1. regularly backup
    2. check and test your backups
    3. employ the principle of least privilege
    4. consider having a playbook or
    procedure in-place

    View Slide

  43. 3&410/%
    UPBUUBDLT
    1. isolate infected machines
    2. protect backups
    3. do not pay the ransom
    4. report internally and to the police

    (http://www.actionfraud.police.uk/)

    View Slide

  44. 3"/40.8"3&
    JOUIF8PSLQMBDF
    $ISJT$PPQFSc4FDVSJUZ$POTVMUBOU

    View Slide