How to Protect Your Organization from the Ransomware Epidemic

11

Transcript of How to Protect Your Organization from the Ransomware Epidemic

Page 1: How to Protect Your Organization from the Ransomware Epidemic
Page 2: How to Protect Your Organization from the Ransomware Epidemic

2014 - 2016 – Cryptowall 1.0 - 4.0 Ransomware takes steroids.

• Distributed using various exploit kits, spam campaigns and

malvertising techniques.

• Exchanges encryption keys with C&C over L2P network via

heavily obfuscated URL’s using “Domain Generation

Algorithm” (DGA).

• Tor used to serve ransom notification and service website,

allowing victims to make payments, find out the status of a

payment, get one free decryption, and create support

requests.

• Uses multiple encryption algorithms.

• Observed using undocumented API calls to identify local

language settings of the compromised host for better C&C

upgrades.

• Disables and deletes all automatic Windows backup

mechanisms, and can bypass GPO.

• Polymorphic and leverages anti-VM and anti-emulation

techniques.

Page 3: How to Protect Your Organization from the Ransomware Epidemic
Page 4: How to Protect Your Organization from the Ransomware Epidemic
Page 5: How to Protect Your Organization from the Ransomware Epidemic

CIS Critical Security Controls

ISO 27000-series

NIST 800-53: Federal Information Systems

Management Act (FISMA)

Health Insurance Portability and Accountability Act

(HIPAA)

Payment Card Industry Data Security Standard (PCI

DSS)

Sarbanes-Oxley (SOX)

Page 6: How to Protect Your Organization from the Ransomware Epidemic

Inventory of Assets

Secure Configuration

LoggingMalware

Defense

Page 7: How to Protect Your Organization from the Ransomware Epidemic
Page 8: How to Protect Your Organization from the Ransomware Epidemic
Page 9: How to Protect Your Organization from the Ransomware Epidemic
Page 10: How to Protect Your Organization from the Ransomware Epidemic

tripwire.com | @TripwireInc

Page 11: How to Protect Your Organization from the Ransomware Epidemic

tripwire.com | @TripwireInc

[email protected]

www.tripwire.com

[email protected]


5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIMSS Presentation

5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIMSS Presentation

Trend Micro PROTECT YOUR ORGANIZATION FROM THE UNFORESEEN IMPLICATIONS OF RANSOMWARE · 2016-05-19 · Ransomware is increasingly targeting servers, including recent high profile

Trend Micro PROTECT YOUR ORGANIZATION FROM THE UNFORESEEN IMPLICATIONS OF RANSOMWARE · 2016-05-19 · Ransomware is increasingly targeting servers, including recent high profile

How to Help Your Customers Protect Themselves from Ransomware Attacks

How to Help Your Customers Protect Themselves from Ransomware Attacks

Ransomware today: How to protect against Locky and friends · • Exploit kits ○ Black market ... Anatomy of a ransomware attack And gone The ransomware will then delete itself

Ransomware today: How to protect against Locky and friends · • Exploit kits ○ Black market ... Anatomy of a ransomware attack And gone The ransomware will then delete itself

Get Smart about Ransomware: Protect Yourself and Organization

Get Smart about Ransomware: Protect Yourself and Organization

How to Protect Your Networks from Ransomare… · Protecting Your Networks from Ransomware . Protecting Your Networks from Ransomware . Ransomware is the fastest growing malware threat,

How to Protect Your Networks from Ransomare… · Protecting Your Networks from Ransomware . Protecting Your Networks from Ransomware . Ransomware is the fastest growing malware threat,

Protect your SMB Infrastructure from Ransomware

Protect your SMB Infrastructure from Ransomware

The Rise of Ransomware : Will you be the next target · Ransomware can be difficult to defeat. Prevention is the best cure. Here are a few advices to help you to protect from ransomware

The Rise of Ransomware : Will you be the next target · Ransomware can be difficult to defeat. Prevention is the best cure. Here are a few advices to help you to protect from ransomware

CYBERSECURITY & DATA PRIVACY: RANSOMWARE Elser_Ransomware... · 2017-09-12 · How do I protect against ransomware attacks? Back up your most critical data assets and make sure the

CYBERSECURITY & DATA PRIVACY: RANSOMWARE Elser_Ransomware... · 2017-09-12 · How do I protect against ransomware attacks? Back up your most critical data assets and make sure the

Trend Micro PROTECT YOUR ORGANIZATION FROM THE … · ransomware to your endpoints, including: • Behavior Monitoring: for suspicious behavior associated with ransomware, such as

Trend Micro PROTECT YOUR ORGANIZATION FROM THE … · ransomware to your endpoints, including: • Behavior Monitoring: for suspicious behavior associated with ransomware, such as

Ransomware, Malware and Viruses; How to Protect Yourself

Ransomware, Malware and Viruses; How to Protect Yourself

How to protect your organization from ransomware

How to protect your organization from ransomware

[How To] Protect your notebook from the ransomware ...2017-0808... · [How To] Protect your notebook from the ransomware WannaCry (WanaCrypt0r 2.0) This document applies to all MSI

[How To] Protect your notebook from the ransomware ...2017-0808... · [How To] Protect your notebook from the ransomware WannaCry (WanaCrypt0r 2.0) This document applies to all MSI

RESISTING RANSOMWARE: Strategies to protect your …ransomware attacks said their companies paid that ransom, and 20% of them paid more than $40,000. Due to the relatively low entry

RESISTING RANSOMWARE: Strategies to protect your …ransomware attacks said their companies paid that ransom, and 20% of them paid more than $40,000. Due to the relatively low entry

RANSOMWARE - Europol€¦ · THE MALWARE THAT HOLDS YOUR DATA HOSTAGE FOR A PRICE RANSOMWARE PROTECT YOURSELF INFECTED? WHAT TO DO NEXT HOW DOES IT SPREAD? Ransomware prevents or

RANSOMWARE - Europol€¦ · THE MALWARE THAT HOLDS YOUR DATA HOSTAGE FOR A PRICE RANSOMWARE PROTECT YOURSELF INFECTED? WHAT TO DO NEXT HOW DOES IT SPREAD? Ransomware prevents or

for publication Ransomware Threat Recovery€¦ · Source: Gartner, “Use These Five Backup and Recovery Best Practices to Protect Against Ransomware.” June 2016. “An effective

for publication Ransomware Threat Recovery€¦ · Source: Gartner, “Use These Five Backup and Recovery Best Practices to Protect Against Ransomware.” June 2016. “An effective

Trend Micro PROTECT YOUR ORGANIZATION FROM …vn.trendmicro.com/cloud-content/us/images/ransomware/...ransomware at the email and web gateway, you can prevent it from ever reaching

Trend Micro PROTECT YOUR ORGANIZATION FROM …vn.trendmicro.com/cloud-content/us/images/ransomware/...ransomware at the email and web gateway, you can prevent it from ever reaching

8 ways to protect your network against ransomware

8 ways to protect your network against ransomware

Ransomware - what is it, how to protect against it

Ransomware - what is it, how to protect against it

Ransomware Four Ways Protect Data › wp-content › uploads › 2018 › 07 › Blog-1-Ranso… · Here are four highly effective measures for reducing your exposure to ransomware

Ransomware Four Ways Protect Data › wp-content › uploads › 2018 › 07 › Blog-1-Ranso… · Here are four highly effective measures for reducing your exposure to ransomware