440890252-RANSOMWARE.cybersecurity-ppt.pptx
sammadbasheer5
84 views
17 slides
Jun 08, 2024
Slide 1 of 17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
About This Presentation
Ransomware PPT
Slide Content
RANSOMWARE Cyber security
Overview Below is what we will be going over in our presentation. Introduction of Ransomware. Background and history of Ransomware. Types of Ransomware attacks. What you can do to protect yourself from Ransomware. Backup and DR planning. Real world examples of Ransomware.
What is Ransomware? One of the most prominent and fast growing threats which: 1.Takes users files 2. Encrypts them 3. And creates a decryption key This makes the user’s files inaccessible until some sort of Ransom is paid. Two main types of Ransomware. 1. Encryptors- which incorporate encryption algorithm s to black system files and demand some sort of payment to be able to access the key to decrypt victims files. 2. Locker – completely locks users out of their devices by not allowing them to or locking them out of their operating system until the desired ransom is paid.
History of Ransomware It’s been said that Ransomware was introduced as an AIDS Trojan in 1989 when Harvard-educated biologist Joseph L. Popp sent 20,000 compromised diskettes named “AIDS Information – Introductory Diskettes” to attendees of the internal AIDS conference organized by the World Health Organization. The Trojan worked by encrypting the file names on the customers’ computer and hiding directories. The victims were asked to pay $189 to PC Cyborg Corp. at a mailbox in Panama. From 2006 and on, cybercriminals have become more active and started using asymmetric RSA encryption. They launched the Archives Trojan that encrypted the files of the My Documents directory. Victims were promised access to the 30-digit password only if they decided to purchase from an online pharmacy. After 2012, ransomware started spreading worldwide, infecting systems and transforming into more sophisticated forms to promote easier attack delivery as the years rolled by. In Q3, about 60,000 new ransomware was discovered, which doubled to over 200,000 in Q3 of 2012. The first version of CryptoLocker appeared in September 2013 and the first copycat software called Locker was introduced in December of that year. Ransomware has been creatively defined by the U.S. Department of Justice as a new model of cybercrime with a potential to cause impacts on a global scale . Stats indicate that the use of ransomware is on a steady rise and according to Veeam, businesses had to pay $11.7 on average in 2017 due to ransomware attacks. Alarmingly, the annual ransomware-induced costs, including the ransom and the damages caused by ransomware attacks, are most likely to shoot beyond $11.5 billion by 2019
Birth and Evolution of Ransomware Early Years 1. Born in 1989 and given the name “AIDS” 2. Focused attacks primarily in the healthcare industry 3. Encrypted files on a system and demanded ransom to decrypt them Evolution and Adaptability 1. Utilization of more sophisticated algorithms such as RSA 2. Usage and ransom of cryptocurrencies like bitcoin to maintain anonymity. 3. Pre-built infrastructures and AES-256 encryption promote wide distribution.
Types of Ransomware Attacks Locker Ransomware Deny access to computing resources. Locks computer Displays official message Limits user’s capabilities Crypto Ransomware Find and encrypt valuable data stored on user’s computer Makes data useless Computer does not have limited access Attacker uses information to extort the user into giving them money
Jigsaw Ransomware Encrypts important information Starts deleting the files until ransom is paid 72 hour mark and the user loses all their information KeRanger Ransomware Encrypt Mac users backup files Not able to recover anything Ransom of about $400 WannaCry Encrypts user’s data Ransom of about $300 using Bitcoins Increases ransom or delete the user’s files stored in the computer
How Ransomware works Ransomware is a prominent and fast growing threat which takes user files, encrypts them and creates decryption key making the user’s files inaccessible until some sort of ransom is paid Ransomware attacks work in that malware sent from the hacker can be spread through malicious email attachments, infected external storage devices and websites that are compromised
Anatomy of ransomware attack A ransomware attack is a multi-step process. If the proper defenses are in place at the various steps of the attack, the impact can be greatly reduced. Delivery and exploit: Ransomware is delivered through a certain mechanism (e.g.: phishing) and finds a vulnerability or a victim to attack Install and disarm: Ransomware installs itself and lower the security poster of the victim machine Occupy and encrypt: Establish communication with the command and control server and encrypt data files and mapped drivers Demand ransom: Users attempt to access files and are alerted that the data has been encrypted Decrypt: Decryption keys will only be provided on payment of a ransom
Secure and Protect On the computer Do not store important data Backup important files After usage, disconnect from the cloud In the Browser Remove plugins from your browser Adjust browser’s security settings Use an ad blocker Security Tools Have a real time scanner Have your firewall on Use internet security suite’s
Online Do not open spam emails Never download attachments from spam email Only open emails from known recipients Infected? Disconnect your computer Contact and IT professional Report the crime If absolutely necessary, pay the ransom
Why backup testing & Having a DR plan Many organizations recognize the need for a disaster recovery plan; however the majority don’t have one in place. Those that have a DR plan often don’t test it. 80% of U.S. companies lack a DR plan 50% of small and midsized businesses (SMBs) worldwide have no DR plan 72% of SMBs worldwide that have a DR plan have never tested it 25% of reported DR tests fail So why aren’t DR plans being tested, or being tested more often? 40% of SMBs fear that DR testing will impact their business operations and their customers 27% of SMBs fear disruption to their sales and revenue 48% of SMBs claim that they lack the resources to test their DR plans on a regular basis
Building a disaster recovery plan Disaster recovery planning is the plan put in place to recover from a disaster or interruption of key services. The business continuity plan includes: Creating of business continuity and disaster recovery policy Business impact analysis Classification of operations and criticality analysis Development of a business continuity plan and disaster recover procedures Training and awareness, Testing Ongoing Monitoring
Know your environment and SLA’S Recovery point objectives How much lost data can you afford? Data size/change rate (i.e. what is feasible?) Recovery time objectives How long can you afford to be down? SLA’s Determine Which Cloud Provider Depending on the recovery time, 4 different ways to choose: 3 RD Party Cloud, Replication, DRaaS or Manufacturers Cloud
Real world examples of Ransomware
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 84
- Slides 17
- Age 542 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
46 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
46 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
21 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views