Overview
Explore the world of crypto ransomware in this 48-minute conference talk from BSides Cleveland 2015. Delve into the basics, history, infection methods, and behavior of crypto ransomware, including processes, registry keys, splash screens, command and control, and file interactions. Learn about high-level payloads, monetization strategies, and the similarities and differences between variants. Discover effective defense strategies, including prevention, detection, and incident response planning. Gain insights into a specialized crypto ransomware response tool and leave with a comprehensive understanding of this critical cybersecurity threat.
Syllabus
Intro
OUTLINE
ABOUT ME
CRYPTO RANSOMWARE BASICS
HISTORY OF CRYPTO RANSOMWARE
BECOMING INFECTED
BEHAVIOR OF CRYPTO RANSOMWARE
BEHAVIOR - PROCESSES
BEHAVIOR - REGISTRY KEYS
BEHAVIOR - SPLASH SCREEN
BEHAVIOR - COMMAND & CONTROL
BEHAVIOR - FILES
HIGH-LEVEL PAYLOAD
MAKING MONEY WITH CRYPTO RANSOMWARE
SIMILARITIES & DIFFERENCES BETWEEN VARIANTS
DEFENDING AGAINST CRYPTO RANSOMWARE
PREVENTION
DETECTION
INCIDENT RESPONSE PLAN
CRYPTO RANSOMWARE RESPONSE TOOL
CLOSING