> think like a hacker · > think like a hacker as ransomware grows attackers will be...
TRANSCRIPT
![Page 1: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/1.jpg)
> think like a hacker
![Page 2: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/2.jpg)
https://goo.gl/Pwr2Uy
> think like a hacker
![Page 3: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/3.jpg)
> think like a hacker
![Page 4: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/4.jpg)
pope @blesstheInfoS
ec
james
dir. IT
> think like a hacker
![Page 5: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/5.jpg)
pope @blesstheInfoS
ec
james partner
> think like a hacker
![Page 6: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/6.jpg)
DC801/DC435
SAINTcon, BSidesSLC, BlackHat NATO tech, NATO CyberSecurity
degrees/certs
pope @blesstheInfoS
ec
james
> think like a hacker
![Page 7: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/7.jpg)
> think like a hacker
![Page 8: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/8.jpg)
> think like a hacker
![Page 9: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/9.jpg)
lockpick
> think like a hacker
![Page 10: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/10.jpg)
lockpick badge clone
> think like a hacker
![Page 11: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/11.jpg)
lockpick badge clone
bypass tools
> think like a hacker
![Page 12: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/12.jpg)
lockpick badge clone
bypass tools
35mm film?
> think like a hacker
![Page 13: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/13.jpg)
![Page 14: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/14.jpg)
lockpick badge clone
bypass tools
35mm film?
lying
> think like a hacker
![Page 15: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/15.jpg)
checks
> think like a hacker
![Page 16: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/16.jpg)
checks
master keys
> think like a hacker
![Page 17: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/17.jpg)
checks
master keys password
s
> think like a hacker
![Page 18: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/18.jpg)
checks
master keys password
s
badge makers
> think like a hacker
![Page 19: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/19.jpg)
checks
master keys password
s
badge makers
servers
> think like a hacker
![Page 20: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/20.jpg)
checks
master keys password
s
badge makers
servers
HR data
> think like a hacker
![Page 21: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/21.jpg)
> think like a hacker
![Page 22: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/22.jpg)
who, what, why?
> think like a hacker
![Page 23: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/23.jpg)
why are these people attacking me?
Money, loot, cash, filthy lucre,
greed … get the idea? In fact, it can be money even when it’s not money”
> think like a hacker
![Page 24: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/24.jpg)
secondary motive
“Many of the attacks discussed in this report have what we call a ‘secondary motive’, which we define as when the motive of the incident is to ‘aid in a different attack’. We filter these out of the report because it would overshadow everything else if we didn’t. One example is where the bad guy compromises a web server to repurpose it to his own uses (e.g., hosting malicious files or using it in a spam or DoS botnet). Even criminals need infrastructure. “It is a far, far better thing” that someone else manages it for free, rather than having to pay for it yourself.”
> think like a hacker
![Page 25: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/25.jpg)
how does hacking really happen?
➢ i would phish you ➢ and/or walk in the front door (login), with your bad
passwords or known password from a breach ➢ i would attack your organization with your authentication,
local admin ➢ and/or ransomware your organization
❏ missing patches
> think like a hacker
![Page 26: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/26.jpg)
> think like a hacker
![Page 27: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/27.jpg)
phishing
phishing is a criminal activity using
social engineering techniques.
“Phishers” attempt to fraudulently acquire sensitive
information, such as passwords, personal information, military operations, and credit card/
financial details, by masquerading as a trustworthy
person or business in an electronic communication.
> think like a hacker
![Page 28: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/28.jpg)
portals
links
credential harvesting
payloads
access to your browser
access to your system
admin?
> think like a hacker
![Page 29: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/29.jpg)
portals
links
credential harvesting
payloads
access to your browser
access to your system
admin?
> think like a hacker
![Page 30: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/30.jpg)
phishing > think like a hacker
![Page 31: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/31.jpg)
phishing > think like a hacker
![Page 32: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/32.jpg)
https://internationalcinematechnologyassociation.com/about-icta/
> think like a hacker
![Page 33: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/33.jpg)
phishing > think like a hacker
https://ashraffayadh.com/8/index.html France Reply to: [email protected]
![Page 34: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/34.jpg)
phishing > think like a hacker
![Page 35: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/35.jpg)
phishing > think like a hacker
![Page 36: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/36.jpg)
phishing
> think like a hacker
![Page 37: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/37.jpg)
> think like a hacker
![Page 38: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/38.jpg)
> think like a hacker
![Page 39: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/39.jpg)
> think like a hacker
![Page 40: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/40.jpg)
phishing questions?
> think like a hacker
![Page 41: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/41.jpg)
passwords
> think like a hacker
![Page 42: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/42.jpg)
hacking passwords
● dictionary attack ● brute forcing ● entropy ● random - flip a coin! ● pattern guessing ● cracking hashes
> think like a hacker
![Page 43: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/43.jpg)
used to be now is
● Contain at least eight alphanumeric characters.
● Contain both upper and lower case letters. ● Contain at least one number (e.g., 0-9). ● Contain at least one special character
(e.g., !$%^&*()_+|~-=\`{}[]:";'<>?,/). ● Cannot contain username ● Cannot be used last XXX times ● Must change every 90 days
● not in a dictionary ● not reuse from service/
system to service/system
● length is preferred ● two factor, two factor,
two factor
multifactor doesn't cut it - one compromised...
> think like a hacker
![Page 44: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/44.jpg)
used to be now is
● Contain at least eight alphanumeric characters.
● Contain both upper and lower case letters. ● Contain at least one number (e.g., 0-9). ● Contain at least one special character
(e.g., !$%^&*()_+|~-=\`{}[]:";'<>?,/). ● Cannot contain username ● Cannot be used last XXX times ● Must change every 90 days
● not in a dictionary ● not reuse from service/
system to service/system
● length is preferred ● two factor, two factor,
two factor
multifactor doesn't cut it - one compromised...
> think like a hacker
![Page 45: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/45.jpg)
![Page 46: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/46.jpg)
questions?
> think like a hacker
![Page 47: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/47.jpg)
ransomware
> think like a hacker
![Page 48: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/48.jpg)
money, money, money
FBI has stated that the use of ransomware has reached an all-time high. In the first three months of 2016 alone, cybercriminals have collected $209 million by extorting businesses and
institutions to unlock computer servers. Ransomware is estimated to have made over $1 billion in 2016, with total losses being even higher once related business costs are factored in.
> think like a hacker
![Page 49: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/49.jpg)
● BTC/XMR/XVG/SUMO has allowed attackers to anonymously monetize their target ● attacks originate from other compromised systems which leads FBI/law enforcement with little to nothing to go off when tracking down good attackers ● ransomware in 2016 saw more attacks against businesses and more often than ever before. There is no indication that the trend will be reversing anytime soon ● ransomware has already targeted the following industries: health care, police, banking, education, transportation, hotel, government, and industrial control systems
> think like a hacker
![Page 50: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/50.jpg)
● BTC/XMR/XVG/SUMO has allowed attackers to anonymously monetize their target ● attacks originate from other compromised systems which leads FBI/law enforcement with little to nothing to go off when tracking down good attackers ● ransomware in 2016 saw more attacks against businesses and more often than ever before. There is no indication that the trend will be reversing anytime soon ● ransomware has already targeted the following industries: health care, police, banking, education, transportation, hotel, government, and industrial control systems
> think like a hacker
![Page 51: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/51.jpg)
● BTC/XMR/XVG/SUMO has allowed attackers to anonymously monetize their target ● attacks originate from other compromised systems which leads FBI/law enforcement with little to nothing to go off when tracking down good attackers ● ransomware in 2016 saw more attacks against businesses and more often than ever before. There is no indication that the trend will be reversing anytime soon ● ransomware has already targeted the following industries: health care, police, banking, education, transportation, hotel, government, and industrial control systems
> think like a hacker
![Page 52: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/52.jpg)
● BTC/XMR/XVG/SUMO has allowed attackers to anonymously monetize their target ● attacks originate from other compromised systems which leads FBI/law enforcement with little to nothing to go off when tracking down good attackers ● ransomware in 2016 saw more attacks against businesses and more often than ever before. There is no indication that the trend will be reversing anytime soon ● ransomware has already targeted the following industries: health care, police, banking, education, transportation, hotel, government, and industrial control systems
> think like a hacker
![Page 53: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/53.jpg)
● as ransomware grows attackers will be expanding ● once an industry is targeted variants are built to attack all major systems used by that industry ● ransomware netted very conservatively over a billion dollars in 2016 ● the number of ransomware variants grew by a factor of 30x in 2016 ● every 40 seconds, an organization gets hit with ransomware, up from every two minutes in 2016
> think like a hacker
![Page 54: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/54.jpg)
● as ransomware grows attackers will be expanding ● once an industry is targeted variants are built to attack all major systems used by that industry ● ransomware netted very conservatively over a billion dollars in 2016 ● the number of ransomware variants grew by a factor of 30x in 2016 ● every 40 seconds, an organization gets hit with ransomware, up from every two minutes in 2016
> think like a hacker
![Page 55: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/55.jpg)
● as ransomware grows attackers will be expanding ● once an industry is targeted variants are built to attack all major systems used by that industry ● ransomware netted very conservatively over a billion dollars in 2016 ● the number of ransomware variants grew by a factor of 30x in 2016 ● every 40 seconds, an organization gets hit with ransomware, up from every two minutes in 2016
> think like a hacker
![Page 56: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/56.jpg)
● as ransomware grows attackers will be expanding ● once an industry is targeted variants are built to attack all major systems used by that industry ● ransomware netted very conservatively over a billion dollars in 2016 ● the number of ransomware variants grew by a factor of 30x in 2016 ● every 40 seconds, an organization gets hit with ransomware, up from every two minutes in 2016
> think like a hacker
![Page 57: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/57.jpg)
● as ransomware grows attackers will be expanding ● once an industry is targeted variants are built to attack all major systems used by that industry ● ransomware netted very conservatively over a billion dollars in 2016 ● the number of ransomware variants grew by a factor of 30x in 2016 ● every 40 seconds, an organization gets hit with ransomware, up from every two minutes in 2016
> think like a hacker
![Page 58: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/58.jpg)
why bother? what can happen?
> think like a hacker
![Page 59: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/59.jpg)
“YOUR SERVERS, NETWORKING EQUIPMENT, AND FILES ARE ALL ENCRYPTED”
The decryption key is stored on a secret internet server and nobody
can decrypt your files until you pay and obtain the private key
2 BTC is due now per auditorium or 35 BTC is due now for an entire chain In 24 hours the price will double to 4 per auditorium and 70 per chain
To pay: download the Tor Browser from http://torproject.org In the Tor Browser go to https://cinemaransomware.onion
(Only available via Tor Browser)
Input this public key and follow the instructions on the server &&68-frankly-DEAR-damn-66&&
Once payment has been made the movie can be resumed in under 10 minutes
![Page 60: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/60.jpg)
ransomware - who has paid?
education
K-12
charter
universities
hospitals
police departments
loads of businesses, nonprofits, home users, etc
what they encrypt
files
backups
shares
network drives
DropBox, OneDrive, Drive, Box, etc.
external USB drives, sticks, etc.
> think like a hacker
![Page 61: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/61.jpg)
ransomware - who has paid?
education
K-12
charter
universities
hospitals
police departments
loads of businesses, nonprofits, home users, etc
what they encrypt
files
backups
shares
network drives
DropBox, OneDrive, Drive, Box, etc.
external USB drives, sticks, etc.
> think like a hacker
![Page 62: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/62.jpg)
> think like a hacker
![Page 63: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/63.jpg)
questions?
![Page 64: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/64.jpg)
![Page 65: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/65.jpg)
hacking goals; get local admin/domain admin/
system creds
> think like a hacker
![Page 66: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/66.jpg)
you got phished or used a bad password
good news to me you are local admin!
> think like a hacker
![Page 67: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/67.jpg)
you got phished or used a bad password
good news to me you are local admin!
> think like a hacker
![Page 68: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/68.jpg)
with local admin i can ➔ disable/bypass AV ➔ install whatever i want ➔ disable/bypass UAC ➔ circumvent policies
> think like a hacker
![Page 69: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/69.jpg)
but i want system
> think like a hacker
![Page 70: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/70.jpg)
how hard is it to go from local admin to system privilege?
> think like a hacker
![Page 71: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/71.jpg)
> think like a hacker
![Page 72: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/72.jpg)
how do i take down your org from here?
> think like a hacker
![Page 73: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/73.jpg)
i need highly privileged users
> think like a hacker
![Page 74: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/74.jpg)
enumerate
> think like a hacker
![Page 75: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/75.jpg)
> think like a hacker
![Page 76: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/76.jpg)
i know what hosts i want but how do i get them?
> think like a hacker
![Page 77: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/77.jpg)
> think like a hacker
![Page 78: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/78.jpg)
grab passwords dump hashes
> think like a hacker
![Page 79: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/79.jpg)
> think like a hacker
![Page 80: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/80.jpg)
it’s not always that easy
sometimes it’s easier
> think like a hacker
![Page 81: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/81.jpg)
angry puppy
> think like a hacker
![Page 82: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/82.jpg)
angry puppy
death star
> think like a hacker
![Page 83: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/83.jpg)
Backups Revision Control
Offsite backups Reduce access
No local admin Disable macros
Anti-exploit software Patch Ad blockers
Awareness training Don’t click on links
Don’t open attachments Remove software (flash/java/etc)
> think like a hacker
AV w/behavioral real time scanning
SFP / DKIM
![Page 84: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/84.jpg)
Backups Revision Control
Offsite backups Reduce access
No local admin Disable macros
Anti-exploit software Patch Ad blockers
Awareness training Don’t click on links
Don’t open attachments Remove software (flash/java/etc)
> think like a hacker
AV w/behavioral real time scanning
SFP / DKIM
![Page 85: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/85.jpg)
Backups Revision Control
Offsite backups Reduce access
No local admin Disable macros
Anti-exploit software Patch Ad blockers
Awareness training Don’t click on links
Don’t open attachments Remove software (flash/java/etc)
> think like a hacker
AV w/behavioral real time scanning
SFP / DKIM
![Page 86: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/86.jpg)
Backups Revision Control
Offsite backups Reduce access
No local admin Disable macros
Anti-exploit software Patch Ad blockers
Awareness training Don’t click on links
Don’t open attachments Remove software (flash/java/etc)
> think like a hacker
AV w/behavioral real time scanning
SFP / DKIM
![Page 87: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/87.jpg)
![Page 88: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/88.jpg)
![Page 89: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/89.jpg)
> think like a hacker
![Page 90: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/90.jpg)
> think like a hacker
![Page 91: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/91.jpg)
Questions?
![Page 92: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/92.jpg)
http://www.blackroomsec.com/updated-hacking-challenge-site-links/
70 sites which offer free challenges for hackers to
practice their skills.
> think like a hacker
![Page 93: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/93.jpg)
https://goo.gl/Pwr2Uy
> think like a hacker
![Page 94: > think like a hacker · > think like a hacker as ransomware grows attackers will be expanding once an industry is targeted variants are built to attack all major systems used by](https://reader033.vdocuments.us/reader033/viewer/2022042018/5e7613943cfcb71a3d12d27a/html5/thumbnails/94.jpg)
https://goo.gl/dqrm66
> think like a hacker
One Cinema's struggle to take it easy