Malware is such an effective attack tool that it continues to be used by threat actors to endanger organizational data. In this presentation, attendees will be introduced to a new and powerful family of malware known as ransomware. The term ransomware will be defined and there will be a thorough explanation of why it poses such a significant threat. The presentation will review the logical evolution of ransomware from its origins as “rogue software” to the more malicious encrypting versions that we see today. There will be a discussion of the main ransomware families along with a review of the threat actors who are primarily responsible for their distribution. To truly understand the threat that ransomware poses, however, security professionals must know what happens to systems once they are compromised. As a result, the audience will be shown a typical compromise -- from initial infection to the payment of a bitcoin ransom (God forbid). Despite ransomware’s effectiveness, there are protections against it and the presentation will review those innovative solutions and best practices that can best mitigate this threat. The presentation will conclude by discussing those ransomware trends that we can expect to see in the future, including the franchising of specific ransomware. By the end of the session, attendees will possess the knowledge necessary to win the battle against ransomware.
Dave Vargas is a lead consultant at VATG, Inc. where he fights (and sometimes defeats) all kinds of malware. In his spare time, he teaches cybersecurity courses at several colleges in the Washington, DC-area. Dave graduated from The George Washington University and has completed graduate work in Information Systems at The Johns Hopkins University. His current certifications include, CEHv7, CISSP, and CISM.