Upload
bigdataexpo
View
45
Download
0
Embed Size (px)
Citation preview
History of ransomware
You could recover without paying.✔Lockscreen ransomware died out fairly suddenly.
History of ransomware
Cryptoransomware makes more $£€✘Lockscreen ransomware died out fairly suddenly.
WYLX AGRH INLLQA YM 9$WWQLKA WPOS
RSA-2048 PUBLIC KEY
AES-128 KEY
(Aside) Do you have to pay?
YOUR FILE CONTENT IN CLEARTEXT FORM
WYLX AGRH INLLQA YM 9$WWQLKA WPOS
YOUR FILE CONTENT IN CLEARTEXT FORM
(Aside) Do you have to pay?
RSA-2048 PUBLIC KEY
AES-128 KEY
WYLX AGRH INLLQA YM 9$WWQLKA WPOS
YOUR FILE CONTENT IN CLEARTEXT FORM
AES-128 M@Q
(Aside) Do you have to pay?
RSA-2048 PUBLIC KEY
AES-128 KEY
WYLX AGRH INLLQA YM 9$WWQLKA WPOS
YOUR FILE CONTENT IN CLEARTEXT FORM
AES-128 M@Q
RSA-2048 PUBLIC KEY
AES-128 KEY
Only in memory
(Aside) Do you have to pay?
WYLX AGRH INLLQA YM 9$WWQLKA WPOS
AES-128 M@Q
RSA-2048 PUBLIC KEY
(Aside) Do you have to pay?Won't unlock
WYLX AGRH INLLQA YM 9$WWQLKA WPOS
AES-128 M@Q
RSA-2048 PRIV KEY
(Aside) Do you have to pay?
Crooks have this
WYLX AGRH INLLQA YM 9$WWQLKA WPOS
AES-128 M@Q
RSA-2048 PUBLIC KEY
Won't unlock
WYLX AGRH INLLQA YM 9$WWQLKA WPOS
RSA-2048 PRIV KEY
(Aside) Do you have to pay?
So they can sell
you back the key
WYLX AGRH INLLQA YM 9$WWQLKA WPOS
AES-128 M@Q
RSA-2048 PUBLIC KEY
Won't unlock
AES-128 KEY
What to do?
Backup regularly and keep a copy off-site.
Don't enable macros in emailed docs.
Tell Windows to show file extensions.
3
1
2
What to do?
Backup regularly and keep a copy off-site.
Don't enable macros in emailed docs.
Tell Windows to show file extensions.
Don't open script or shortcut files sent by email.
3
1
2
4
What to do?
Backup regularly and keep a copy off-site.
Don't enable macros in emailed docs.
Tell Windows to show file extensions.
Don't open script or shortcut files sent by email.
Limit your login power to what you need.
3
1
2
4
5
What to do?
Backup regularly and keep a copy off-site.
Don't enable macros in emailed docs.
Tell Windows to show file extensions.
Don't open script or shortcut files sent by email.
Limit your login power to what you need.
Patch early, patch often.
3
1
2
4
5
6