prepping for ransomware in 2017
play

Prepping for Ransomware in 2017 Risks change, and so should you. - PowerPoint PPT Presentation

Nov 16, 2022 •304 likes •691 views

Prepping for Ransomware in 2017 Risks change, and so should you. THM Group & Infrascale ABOUT THM GROUP Providing custom end-to-end voice & data solu4ons At a Glance Key Focus Founded: 20 years ago HQ: Barrie, Ontario Businesses

  1. Prepping for Ransomware in 2017 Risks change, and so should you. THM Group & Infrascale

  2. ABOUT THM GROUP Providing custom end-to-end voice & data solu4ons At a Glance Key Focus Founded: 20 years ago HQ: Barrie, Ontario Businesses Served: All sizes of Companies SMB to Enterprise Focus Areas : Secure reliable back up and rapid recovery soluEons Business voice & internet soluEons Custom Voice & Audio ProducEons

  3. ABOUT INFRASCALE Unrivaled initial backup speed and a full set of features and tools make it a top choice for off-site data protection. INFRASCALE AT A GLANCE THIRD PARTY VALIDATION Founded: 2011 VISIONARY HQ: Los Angeles, CA Disaster Recovery Partners: 1,000 as a Service Customers: 1M devices protected & counting Data Centers: 7 global data centers Data Protected: 100+ petabytes of data

  4. AGENDA 1 2 3 4 THE MISSION & Q&A AND WHAT SHOULD WHY US? RANSOMWARE PRIZE GIVEAWAY YOU DO TO PREPARE?

  5. OUR MISSION ERADICATE DOWNTIME & DATA-LOSS

  6. THE COST OF DOWNTIME IT downtime costs North American businesses $700 billion annually, mostly due to loss of employee productivity. COST TO FIX [VALU REVENUE LOSS E]% [VALU E]% ANNUAL AGGREGATE COSTS: $700 BILLION PRODUCTIVITY LOSS Source: The Cost of Server, Applicatio [VALU Network Downtime: North American E]% Enterprise Survey and Calculator, IHS I (January 2016)

  7. THE UBIQUITY OF DOWNTIME PERVASIVENESS OF DOWNTIME TOP CAUSES OF DOWNTIME 91 91% % 55% 60% 50% Of those surveyed have 40% had a data center outage in the past 24 months. 30% 22% 18% 20% 47% 47 % [VAL 10% 0% Hardware Human Error SoYware Natu Of companies experienced failure Failure Disas an outage or downtime THIS year. Sources: Ponemon Researc Quorum DR Repo

  8. THE THREAT OF RANSOMWARE How ransomware has become the leading cyber crime in history

  9. HOW BAD IS RANSOMWARE? 2,900 new malware modifications were detected in Q1 2016. Of ransomware victims were 72 % unable to access their data for 3 to 5 days causing $70B in downtime losses. $ 1B+ In ransoms have been paid in 2016 alone and continues to accelerate. 34 % Of SMBs fell prey to phishing emails in 2015. Source : ThreaTrack Security, March 2015 Kaspersky Lab Q1 Threat EvoluEon Report, May 2016) Verizon 2015 Data Breach InvesEgaEons Report Intermedia 2016 Crypto-Ransomware Report

  10. EVOLUTION OF RANSOMWARE PC Cyborg/ High Speed Encryp^on Cryptolocker AIDS The first The evolution of RSA-1024 and A ransomware trojan that ransomware, AES-256 made it easier for bad targeted computers running was delivered actors to encrypt more files, fast. Microsoft Windows via floppy discs. 2006 2014 2010 2016 1986 1989 Locky GPCoder CPcode.ak Cryptowall t & Amjad Malware (aka PGPCoder) Non-encrypted I nfiltrates users‘ rooq Alvi aggressively ransomware Utilized symmetric operating systems via massive sp ded a special that took encryption infected email campaigns m” message in control of the which made it fairly messages and fake compromi ir software to whole easy to hack . downloads ntify piracy. website computer The rise of Bitcoin as cryptocurrency

  11. THREE ALARMING TRENDS WORLDWI TARGETIN NETWOR DE G K REACH BUSINES EFFECT SES Massive phishing attack sent Recent attack crippled the Locky has the ability to to as many as 100 million Hollywood Presbyterian Medical encrypt network shares and email addresses claiming to Center and compelled the drives that your workstation be an Amazon shipping order hospital to pay $17,000. may not normally have update. access to. Ransomware extortionists will wreak havoc on corporate IT infrastructures in 2016 like never before.”

  12. HOW RANSOMWARE ATTACKS Another Business END USER Sync & Share Tools END USER ADMIN END USER Critical Applications & Network Backups

  13. LIMITED OPTIONS There are only two options at this point: Pay the ransom Restore systems Hope they provide the encryption Restore systems to a point key to unlock systems & files BEFORE the infection How long would it take you to restore systems to pre- infection? Would the downtime be costlier or more disastrous than paying the ransom?

  14. DEFENDING FROM RANSOMWARE We know the risk, what can you do about it?

  15. ISN’T ANTI-VIRUS PROTECTION ENOUGH? Antivirus AV software is signature-based is only 47% New threats are created at a rate of 3.5 per second effective. The rise of “crypting” (metamorphic malware Users always have bad digital hygiene (and always will) Needs to be a part of a layered approach

  16. GARTNER’S GUIDANCE 1 Assemble a crisis team 2 Perform regular backups 3 Document storage repositories 4 Evaluate the risk 5 Create a recovery plan Source: Gartner, Use These Five Backup and Recovery Best Prac4ces to Protect Against Ransomware, June 2016

  17. I've never figured out the fuss over ransomware…The single most important thing any company or individual can do to improve security is have a good backup strategy. It's been true for decades, and it's s4ll true today. - Bruce Schneier, Security Guru Infrascale Board MeeEng: April 2016 17

  18. YOU NEED THE 1-2 PUNCH Security Backup & DR Outer- � Must be able perimeter restore files Inner- surgically perimeter � Must be able bring back en Anti Backup systems � Must be fast! virus & DR

  19. HOW TO SURVIVE AN INFECTION Recovering your data when you get Infected

  20. DATA TAKEN? We are the guy you call to get your data back!

  21. WHAT TO DO IF YOU GET INFECTED? 1 2 3 Remove the Figure out Roll back from infected when you a previous machine from were backup (or the infected image) network

  22. RESTORING CRITICAL SYSTEMS Is DB part of a cluster? Repeat each of these steps for each machine connected to 1 2 3 4 5 6 7 8 Ransomware Power down Determine Rebuild server Reconfigure Restore clean Inject old DB (from Establish InfecEon machine date/Eme (OS and soYware DB services DB files restored backup) connecEvity of infecEon installaEon) from backup to rebuilt DB (DB & input sv TOTAL DOWNTIME (BEST CASE): 4-5 hours 1 2 3 4 5 Power down Determine date/Eme Log into DRaaS Boot VM (from last Ransomware machine of infecEon dashboard clean backup) InfecEon TOTAL DOWNTIME: 1-2 minutes

  23. ANOMALY DETECTION

  24. TURN BACK TIME Roll back 2 days or 4 years

  25. DIFFERENCE BETWEEN DRAAS & BACKUP? Disaster Happens Back up and running BACKUP BACKUP RESTORE RUN Hours Hours - Days Disaster Happens Back up and running DISASTER RECOVERY BACKUP RUN RESTORE Hours Minutes Hours - Days

  26. OUR SOLUTION INFRASCALE GUARANTEES SYSTEM FAILOVER FROM ANY DISASTER IN 15 MINS OR LESS AT A FRACTION OF THE COST.

  27. TRADITIONAL DR TRADEOFFS DRaaS Nirvana Warm Site DR SECOND S Hot Site DR RECOVERY TIME Appliance Backup Cold Site DR Offsite Tape Backup Cloud DAYS Backup $$$$$ $ COST

  28. DRAMATICALLY MORE AFFORDABLE OLD WAY On-Premises (ProducEon) Secondary (standby) datacenter <1 Minute Failover People Bandwidth ers | Databases | Load Balancers Servers | Databases | Load Balancers + + = Primary Secondary Opex TOTAL $$$$$ $$$$$ $$$$$ $$$ e Costs: Site Costs: Costs: DR COSTS: 10:1 COST DIFFERENCE NEW WAY On-Premises (ProducEon) Private/Public Cloud <15 Minute People Bandwidth Failover ers | Databases | Load Balancers + + = TOTAL Primary Secondary Opex Included $ $ $ e Costs: Site Costs: Costs: DR COSTS:

  29. THE NEW ROAD TO RECOVERY 3. Users keep working 2. Recover & Virtualize END USER 1. When Ransomwar e attacks…

  30. HOW MUCH OUR CUSTOMERS PAID IN RANSOMWARE 0 $

  31. A TALE OF TWO UNIVERSITIES With Infrascale, I quickly and easily recovered clean versions of our encrypted files with minimal user impact. It was easy-peasey.” University of Virginia Alumni Association TARGET Charlottesville, VA LOCATION Ellen McCree Systems Analyst University of Virg Total downtime: 1.5 hours Alumni Associa IMPACT

  32. PROTECT ALL SYSTEMS BUILT-IN SECURITY SUPPORT ANY OS STORE IN ANY CLOUD RECOVER ANYTHING PROTECT ANY DEVICE FAILBACK ANYTIME BOOT ANYWHERE

  33. THE DATA VALUE PYRAMID Usually Mission critical Protected HQ Core DC Usually Exposed Remote/Branch Offices End-points

  34. YOU NEED A COMPLETE SOLUTION… Infrascale Disaster Recovery Mission critical HQ Core DC Infrascale Remote/Branch Offices Cloud Backup End-points

  35. PROTECT AGAINST MICRO & MACRO DISASTERS HOME (PRIMARY) SITE OFFSITE (SECONDARY) SITE Paired appliance, Cloud, AWS, Azure Physical Servers Virtual Servers Desktops Laptops Databases Deduplication FAILOVER & compression 1024 AES ENCRYPTED Encryption 010010101010111 TRANSFER 256 AES 110001101000110 FAILBACK Cloud Failover Spin Up Spin Up Appliance Server Server

  36. TICKING OFF THE COMPLIANCE MANDATES FIPS SOX HIPAA SSAE 16 CJIS

  37. POLL Would you like to learn more about prepping for Ransomware? A Yes, I’d like to learn more. B Yes, but not immediately. C Not yet, but maybe later.

  38. CALL NOW 1-866-233-7464 GET YOUR FREE EVALUATION 4 3 1 2 5 4 TECT YOUR PROTECT PROTECT MULTI-LAYERED PROTEC BUDGET ALL SYSTEMS AGAINST MICRO NETWORK SECURITY AGAINST & MACRO RANSOMW DISASTERS

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 February 4, 2020 Ransomware works Who: Ransomware is a threat vector that is rife for bad

1 February 4, 2020 Ransomware works Who: Ransomware is a threat vector that is rife for bad

Geoff Hale 1 February 4, 2020 Ransomware works Who: Ransomware is a threat vector that is rife for bad actors, both criminal enterprises and nation-states have made use of ransomware. What: Ransomware is a type of malware that encrypts

358 views • 6 slides
Responding To Ransomware Ransomware Nightmares X by Invincea Ransomware is getting more

Responding To Ransomware Ransomware Nightmares X by Invincea Ransomware is getting more

X by Invincea Responding To Ransomware Ransomware Nightmares X by Invincea Ransomware is getting more sophisticated, and shifting to an enterprise threat Ransomware Nightmares X by Invincea To Pay Or Not To Pay? X by Invincea Your money or

780 views • 23 slides
On Deception-Based Protection Against Cryptographic Ransomware Ziya Alper Gen, Gabriele

On Deception-Based Protection Against Cryptographic Ransomware Ziya Alper Gen, Gabriele

On Deception-Based Protection Against Cryptographic Ransomware Ziya Alper Gen, Gabriele Lenzini, and Daniele Sgandurra June 20, 2019 Ransomware Threat 1 Ransomware Threat 1 Deception-Based Anti-Ransomware In the context of ransomware,

507 views • 22 slides
Redemption: Real-Time Protection Against Ransomware at End-Hosts WRITTEN BY: PRESENTED BY: AMIN

Redemption: Real-Time Protection Against Ransomware at End-Hosts WRITTEN BY: PRESENTED BY: AMIN

Redemption: Real-Time Protection Against Ransomware at End-Hosts WRITTEN BY: PRESENTED BY: AMIN KHARRAZ NICHOLAS BURTON ENGIN KIRDA What is Ransomware? What is Ransomware? u Ransomware is malicious software that encrypts user data, and

718 views • 33 slides
Prepping for the Prepping for the 2019 Grain Markets 2019 Grain Markets THE BASICS Nebraska

Prepping for the Prepping for the 2019 Grain Markets 2019 Grain Markets THE BASICS Nebraska

Elaine Kub 605.644.6KUB elaine@masteringthegrainmarkets.com @elainekub Prepping for the Prepping for the 2019 Grain Markets 2019 Grain Markets THE BASICS Nebraska Women in Agriculture Kearney, NE February 22, 2019 $3.77 $0.50 $3.27

588 views • 11 slides
Smoking the Locky Ransomware Code Floser Bacurio Jr and Rommel Joven Anti-Virus Analysts,

Smoking the Locky Ransomware Code Floser Bacurio Jr and Rommel Joven Anti-Virus Analysts,

Locky Strike: Smoking the Locky Ransomware Code Floser Bacurio Jr and Rommel Joven Anti-Virus Analysts, FortiGuard Lion Team September 1, 2017 1 Cryptowall 2 This one? 3 Prevalence: Global ransomware Global Ransomware IPS Hits - February

647 views • 49 slides
Prepping for the Prepping for the 2019 Grain Markets 2019 Grain Markets Nebraska Women in

Prepping for the Prepping for the 2019 Grain Markets 2019 Grain Markets Nebraska Women in

Elaine Kub 605.644.6KUB elaine@masteringthegrainmarkets.com @elainekub Prepping for the Prepping for the 2019 Grain Markets 2019 Grain Markets Nebraska Women in Agriculture Kearney, NE February 22, 2019 Will the grain exist Should you

134 views • 11 slides
Ransomware Overview Our analysis leads us to expect increased ransomware activity over 2016 (new

Ransomware Overview Our analysis leads us to expect increased ransomware activity over 2016 (new

Ransomware Overview Our analysis leads us to expect increased ransomware activity over 2016 (new attacker entrants, lower cost through kit automation, etc.) Take consumer and enterprise digital assets hostage using high- strength encryption

365 views • 18 slides
Ransomware Eradication using Biomorphic Perimeterisation Introduction Types of

Ransomware Eradication using Biomorphic Perimeterisation Introduction Types of

Ransomware Eradication using Biomorphic Perimeterisation Introduction Types of Ransomware Technology Perspective and Attacked Devices Ransomware Economy Security Conditions Biomorphic Perimeterisation How to generate a

860 views • 61 slides
Preparing for a Ransomware Attack MCCA Global TEC Forum June 19, 2017 Monica Patel, IBM

Preparing for a Ransomware Attack MCCA Global TEC Forum June 19, 2017 Monica Patel, IBM

Preparing for a Ransomware Attack MCCA Global TEC Forum June 19, 2017 Monica Patel, IBM Aravind Swaminathan, Orrick, Herrington &amp; Sutcliffe Darren Teshima, Orrick, Herrington &amp; Sutcliffe What is ransomware? Malicious software

200 views • 17 slides
Ransomware Threats to Storage(NAS/SAN/Cloud) and possible mitigation Tuesday, May 23, 2017

Ransomware Threats to Storage(NAS/SAN/Cloud) and possible mitigation Tuesday, May 23, 2017

Ransomware Threats to Storage(NAS/SAN/Cloud) and possible mitigation Tuesday, May 23, 2017 Anupam Jagdish Chomal Tech Lead/Principal Software Engineer DellEMC Isilon 1 Who am I? The Eternal Question Who am I? Principal

636 views • 18 slides
Update on Ransomware Technology 60 Minutes Video ransomware ( noun) A type of malware that

Update on Ransomware Technology 60 Minutes Video ransomware ( noun) A type of malware that

Update on Ransomware Technology 60 Minutes Video ransomware ( noun) A type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users files unless a ransom is paid.

517 views • 30 slides
Troubling Times: Ransomware Across Texas Deputy Chief Information Security Officer Andy

Troubling Times: Ransomware Across Texas Deputy Chief Information Security Officer Andy

Troubling Times: Ransomware Across Texas Deputy Chief Information Security Officer Andy Bennett 2019 Cybersecurity Awareness Month Event October 22, 2019 2019 Texas Headlines Ransomware Ransomware Cyber criminals holding your data and

450 views • 23 slides
How To Not Be A Victim Of Ransomware The thoughtful integration of healthcare and technology How

How To Not Be A Victim Of Ransomware The thoughtful integration of healthcare and technology How

How To Not Be A Victim Of Ransomware The thoughtful integration of healthcare and technology How Healthcare IT Differs From General IT Agenda The Growing Threat of Ransomware What You Can Do Today To Protect Your Business How Healthcare IT

440 views • 32 slides
Tracking Ransomware End-to-end Danny Y. Huang Maxwell Matthaios Aliapoulios, Vector Guo Li Luca

Tracking Ransomware End-to-end Danny Y. Huang Maxwell Matthaios Aliapoulios, Vector Guo Li Luca

Tracking Ransomware End-to-end Danny Y. Huang Maxwell Matthaios Aliapoulios, Vector Guo Li Luca Invernizzi, Elie Bursztein, Kylie McRoberts, Jonathan Levin Kirill Levchenko, Alex C. Snoeren, Damon McCoy Ransomware causes financial damages

798 views • 54 slides
UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko

UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware Paul Weliczko https://arstechnica.com/information-technology/2012/11/mushrooming-growth-of-ransomware- extorts-5-million-a-year/

298 views • 13 slides
Ross Young #GoogleEdu Googles mission is to organize the worlds information and make it

Ross Young #GoogleEdu Googles mission is to organize the worlds information and make it

Ross Young #GoogleEdu Googles mission is to organize the worlds information and make it universally accessible and useful. 3 Google confidential | Do not distribute The best of Google, for educators and students. Google Apps Google

874 views • 33 slides
Nandeeshwar.B CDAC Hyderabad 29.04.2020 Why Security ? &quot; The olden phrase is always

Nandeeshwar.B CDAC Hyderabad 29.04.2020 Why Security ? &quot; The olden phrase is always

Nandeeshwar.B CDAC Hyderabad 29.04.2020 Why Security ? &quot; The olden phrase is always golden... Prevention is Better than Cure.&quot; Desktop Security BIOS Settings BIOS (Basic Input / Output System) Settings Computers BIOS is

842 views • 68 slides
and Emory/UNMC EVD Training Arizona Department of Health Services August 19, 2015 azdhs.gov

and Emory/UNMC EVD Training Arizona Department of Health Services August 19, 2015 azdhs.gov

Infectious Disease Certification Program and Emory/UNMC EVD Training Arizona Department of Health Services August 19, 2015 azdhs.gov Health and Wellness for all Arizonans Infectious Disease Certification Program Certification for

835 views • 61 slides
IPAD INFORMATION EVENING FOR INCOMING 1ST YEAR PARENTS Wednesday 30th May 2018 IPAD INFORMATION

IPAD INFORMATION EVENING FOR INCOMING 1ST YEAR PARENTS Wednesday 30th May 2018 IPAD INFORMATION

IPAD INFORMATION EVENING FOR INCOMING 1ST YEAR PARENTS Wednesday 30th May 2018 IPAD INFORMATION EVENING Annemaria Egan Principal Paul Noone - ICT Coordinator Tom Callanan - Galmac Gomputers IPAD INFORMATION EVENING What are

281 views • 24 slides
Information meeting on Ipad/Tablets. 5 th February 2018. Programme Schools experience to date

Information meeting on Ipad/Tablets. 5 th February 2018. Programme Schools experience to date

Information meeting on Ipad/Tablets. 5 th February 2018. Programme Schools experience to date and proposal for this year and the future. Presentation by teachers: Ms Fogarty, Mr. McGinn. Students View: Alex OFarrell.

466 views • 25 slides
Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control

Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control

Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control Plane To support data delivery (efficiently, reliably, and etc.) Routing information exchange In some sense, every protocol except data

751 views • 51 slides
Internet Infrastructure Security Internet Infrastructure Security Simon Fraser University Scott

Internet Infrastructure Security Internet Infrastructure Security Simon Fraser University Scott

Internet Infrastructure Security Internet Infrastructure Security Simon Fraser University Scott Wakelin 4/27/2004 1 Road Map Road Map Project Goals and Overview Project Status Network Infrastructure ISP Topology ISP

554 views • 30 slides
Resilience of the Domain Name System: A case study for .nl Lars Bade | Radboud University

Resilience of the Domain Name System: A case study for .nl Lars Bade | Radboud University

Resilience of the Domain Name System: A case study for .nl Lars Bade | Radboud University Nijmegen, SIDN 21 March 2016, ICT.Open Agenda 1. Research question 2. Domain Name System 3. Methodology &amp; Results 4. Conclusion 5. Time for asking

525 views • 38 slides

More recommend