Ransomware—Is it the Ultimate Malware?

Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful software that attackers use to damage, destroy, and gain access to sensitive information; software is identified as malware based on its intended use, rather than a particular technique or technology used to build it. Ransomware is a particularly nasty version of malware that typically encrypts a victim's files and then requires the victim to pay a ransom (usually in crypto currency) to the attacker to regain access to the data upon payment (no guarantees). A more aggressive variant on this theme, which some call doxware or extortionware, goes further and threatens to release copies of private data to the public if payment is not made. This session provides information about ransomware, including common vectors, as well as detailing some of the types of ransomware that are currently plaguing organizations. Current counter techniques are presented along with their limitations. Lastly, the storage layer is explored as a possible defensive mechanism (current and hypothetical).

Learning Objectives

Recognize common forms and attributes of malware and ransomware, in particular,Identify the typical ransomware kill chain,Understand defensive measures to counter ransomware