Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The Digital Hostage: Ransomware in the Workplace

Chris Cooper
July 05, 2017
Technology
0
100

The Digital Hostage: Ransomware in the Workplace

A talk about ransomware - particularly the impact of attacks on businesses. Takes the audience through the anatomy of ransomware and how it has evolved, culminating in the best ways to prevent, prepare for and respond to ransomware attacks.

The accompanying handout can be viewed here: https://goo.gl/ARHDPJ

Presented to The Insurance Institute of Sussex (a local section of the Chartered Insurance Institute) on 5th July 2017.

http://www.ciibrighton.org.uk/

Chris Cooper

July 05, 2017
Tweet

More Decks by Chris Cooper

See All by Chris Cooper
People Security and Social Engineering
itscooper
0
110
Keeping Your Data Secure: A Guide for Human Beings
itscooper
0
180
E-Safety: How technology can protect us from technology
itscooper
0
300
Social Engineering: How to Rob a Bank with a Phone
itscooper
0
190
The Cookie Monster (and other web security exploits)
itscooper
2
320
Hacking the Box (Joseph Sheridan)
itscooper
1
270
Breaking Stuff: What Ethical Hacking Has Taught Me
itscooper
1
140

Other Decks in Technology

See All in Technology
【SORACOM UG】SIM Deep Dive セキュアエレメント編
soracom
PRO
0
180
コンパウンドスタートアップのためのスケーラブルでセキュアなInfrastructure as Codeパイプラインを考える / Scalable and Secure Infrastructure as Code Pipeline for a Compound Startup
yuyatakeyama
3
1.7k
[2024年3月版] Databricksのシステムアーキテクチャ
databricksjapan
7
1.8k
Microsoft Cloudで 開発ライフサイクルを保護する
kkamegawa
0
140
ログラスにおけるコード品質でビジネスに貢献する仕組み・カルチャー / A system and culture that contributes to business through code quality in Loglass
yoshikiiida
11
1.6k
スタートアップの技術顧問を3年間続けて発生した事と気付き
biwakonbu
0
150
Oracle Exadata Database Service on Cloud@Customer (ExaDB-C@C) - UI スクリーン・キャプチャ集
oracle4engineer
PRO
1
1.1k
長期運用プロジェクトでのMySQLからTiDB移行の検証
colopl
1
120
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
1
1.4k
Algyan イベント振り返り
linyixian
0
170
HEXA OSINT CTF V3 作戦会議
meow_noisy
0
100
SREとその組織類型
tatsuo48
8
1.4k

Featured

See All Featured
Building Effective Engineering Teams - LeadDev
addyosmani
26
1.8k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
20
1.6k
Adopting Sorbet at Scale
ufuk
67
8.6k
Agile that works and the tools we love
rasmusluckow
323
20k
Code Review Best Practice
trishagee
54
15k
Gamification - CAS2011
davidbonilla
76
4.6k
Six Lessons from altMBA
skipperchong
19
3k
The Brand Is Dead. Long Live the Brand.
mthomps
48
27k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
60
14k
Thoughts on Productivity
jonyablonski
57
3.8k
Side Projects
sachag
451
41k
How to train your dragon (web standard)
notwaldorf
71
5.1k

Transcript

  1. 3"/40.8"3& JOUIF8PSLQMBDF $ISJT$PPQFSc4FDVSJUZ$POTVMUBOU

  2. 3BOTPNXBSFJTBUZQFPG NBMXBSFUIBUBJNTUPFYUPSU NPOFZGSPNUIFWJDUJN

  3. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  4. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  5. */'&$5*0/ 

  6. */'&$5*0/.&5)0%4

  7. */'&$5*0/.&5)0%4 &."*- 530+"/)034&7*" ","1)*4)*/(

  8. */'&$5*0/.&5)0%4 64# 530+"/)034&7*" %3*7&4 ","#"*5*/(

  9. */'&$5*0/.&5)0%4 */45"--&% 530+"/)034&7*" 40'58"3&

  10. */'&$5*0/.&5)0%4 ."-*$064 530+"/)034&7*" 8&#4*5&4

  11. */'&$5*0/.&5)0%4 76-/&3"#*-*5*&4

  12. */'&$5*0/.&5)0%4 */45"--&%40'58"3& &."*- 64#%3*7&4 ."-*$*0648&#4*5&4 76-/&3"#*-*5*&4

  13. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  14. 1":-0"% 

  15. 1":-0"%4

  16. 1":-0"%4 4$"3&8"3&

  17. 1":-0"%4 -0$,&3

  18. 1":-0"%4 $3:150

  19. "*%45SPKBO

  20. (QDPEF",

  21. $SZQUP-PDLFS

  22. 1":-0"%4 -&",8"3&

  23. &QJD

  24. 1":-0"%4 4$"3&8"3& $3:150 -0$,&3 -&",8"3&

  25. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  26. 413&"% 

  27. %*44&.*/"5*0/.&5)0%4

  28. %*44&.*/"5*0/.&5)0%4 /0/& -0$"-*/'&$5*0/0/-:

  29. %*44&.*/"5*0/.&5)0%4 ."11&% /&5803, %3*7&4

  30. %*44&.*/"5*0/.&5)0%4 6/."11&% /&5803, %3*7&4

  31. %*44&.*/"5*0/.&5)0%4 5)&%*(*5"-,*/% 803.4

  32. %*44&.*/"5*0/.&5)0%4 /0/& 6/."11&%%3*7&4 ."11&%%3*7&4 803.4

  33. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  34. 3"/40. 

  35. 1":.&/5.&5)0%4 3BOTPNXBSFIBTIJTUPSJDBMMZ MFWFSBHFEBSBOHFPGQBZNFOU NFUIPETUIBUBSFIBSEUPUSBDF TVDI BT10#PYFTBOEQSFQBJEDBSET /PXBEBZT NPTUVTF#JUDPJOPSPUIFS DSZQUPDVSSFODJFT

  36. #*5$0*/ #JUDPJOJTEFDFOUSBMJTFEBOEDBOCF MFWFSBHFEUPBDIJFWFBOPOZNJUZ EFTQJUFUIFQVCMJDMFEHFS  #JUDPJOTDBOPGUFOCFMBVOEFSFEWJB NFUIPETUIBUBSFEJ⒏DVMUUPUSBDF

  37. None

  38. "/"50.: */'&$5*0/  1":-0"%  413&"%  3"/40. 

  39. 3"/40.8"3& JNQBDUT #64*/&44&4 1. by encrypting network shares and spreading

    2. by disrupting continuity 3. by never recovering data

  40. “I don't know who you are. I don't know what

    you want. If you are looking for ransom, I can tell you I don't have money. But what I do have are a very particular set of skills, skills I have acquired over a very long career. Skills that make me a nightmare for people like you.”

  41. 13&7&/5 XJUIHPPEEJHJUBMIZHJFOF 1. keep software packages up-to-date 2. guard against

    phishing 3. guard against baiting 4. employ caution when visiting websites 5. employ caution when installing software 6. install and maintain anti-virus

  42. 13&1"3& GPSUIFVOFYQFDUFE 1. regularly backup 2. check and test your

    backups 3. employ the principle of least privilege 4. consider having a playbook or procedure in-place

  43. 3&410/% UPBUUBDLT 1. isolate infected machines 2. protect backups 3.

    do not pay the ransom 4. report internally and to the police
 (http://www.actionfraud.police.uk/)

  44. 3"/40.8"3& JOUIF8PSLQMBDF $ISJT$PPQFSc4FDVSJUZ$POTVMUBOU