INTRODUCTION – Ransomware
In this integration, attendees are going to explore the tricky nature of ransomware breaches and their serious effects on organizations through tangible examples imported from the real world. The world now faces and will continue being exposed to a high-risk threat from ransomware. It has the possibility of attacking and imploding the integrity, operations, and reputation of businesses in the world. In reviewing some selected cases, learners will get to understand some of the extensive ramifications of such breaches: from huge financial losses and operational disruption to loss of faith and damage of brand equity.
This analysis will equip them with an in-depth knowledge of the nature of ransomware schemes, their vulnerabilities, and why strong security posture is an absolute necessity. Those case studies will provide actionable insights that can help organizations harden their defenses and counter many of the emerging risks posed by ransomware.
Learning Outcomes
- List those measures that could have prevented the Atlanta ransomware breach
- Describe the cost and impact of the Atlanta ransomware breach
- To find out what vulnerabilities were exploited in the Atlanta ransomware breach
- Summarize the timeline of the Atlanta ransomware breach
- Identify techniques used to extract money from ransomware victims
List common examples of ransomware - Recognize techniques for protecting oneself against ransomware attacks
Illustrate ways in which users become targets for ransomware - Differentiate ransomware
Explain to the reader what ransomware is
RANSOMWARE KNOWLEDGE CHECK
1. You get a pop-up message on your screen telling you that critical files on your system have been encrypted and that you must pay a fee to get the encryption key. What type of ransomware has attacked your system?
- Blockware
- Crypto (CORRECT)
- Leakware/Doxware
- Locker
2. Your bank sends you an email with your account statement attached. You think this is odd but open it anyway to see what it is. The document is blank so you close it and think no more about it. A few days later you realize that your computer is infected with malware. What attack vector was used to compromise your system?
- Remote Desktop Protocol (RDP)
- Malicious Links
- Phishing (CORRECT)
- Software Vulnerabilities
3. You take advantage of an Internet offer for free technical support and a live technician acutally does contact you, log into your computer and help you optimize your system. A few days later you notice some critical business files are missing when a big red message block appears on your screen demanding money if you ever want to see your files again. What attack vector is the malware exploiting?
- Software Vulnerabilities
- Phishing
- Malicious Links
- Remote Desktop Protocol (RDP) (CORRECT)
4. If you fail to patch your operating system and that fact allows a bad actor to install ransomware on your system, what was the likely attack vector?
- Remote Desktop Protocol (RDP)
- Software Vulnerabilities (CORRECT)
- Malicious Links
- Phishing
5. You read an interesting article online that contains links to related articles so you follow one of them and pretty soon you are a victim of a ransomware attack. What was the likely attack vector used by the bad actors?
- Phishing
- Remote Desktop Protocol (RDP)
- Software Vulnerabilities
- Malicious Links (CORRECT)
6. What is the most important thing to have in place that will save you from having to pay a ransom in the event you have fallen victim to a ransomware attack?
- Fully patched operating system and applications
- Strong passwords
- Anti-virus software
- A full system backup (CORRECT)
7. Which ransomware spread across 150 countries in 2017 and was responsible for over $4 billion in losses worldwide?
- Bad Rabbit
- GoldenEye
- Jigsaw
- WannaCry (CORRECT)
8. True or False. Projections are that ransomware will not be a significant problem in the future as operating systems become more secure and anti-malware applications gain in sophistication.
- True
- False (CORRECT)
RANSOMWARE GRADED ASSESSMENT
1. You get a pop-up message on your screen telling you have been locked out of your computer and that access will remain blocked until you pay a fee to have your access restored. What type of ransomware has attacked your system?
- Blockware
- Crypto
- Locker (CORRECT)
- Leakware/Doxware
2. You get a pop-up message on your screen telling you that embarrassing photos taken of you at a college party many years ago have been downloaded and will be made public unless you pay a fee. What type of ransomware has attacked your system?
- Leakware/Doxware (CORRECT)
- Blockware
- Crypto
- Locker
3. You get an email from your Internet service provider addressed to “Dear Customer” asking you to log in and verify your credentials due to “suspicious activity” detected in your account. This email is most likely trying to exploit which attack vector?
- Remote Desktop Protocol (RDP)
- Malicious Links
- Phishing (CORRECT)
- Software Vulnerabilities
4. A person you meet at a party offers to help you optimize your computer so you arrange for her to log in remotely. The next time you reboot your system, you get a pop-up message telling you all your critical files have been encrypted and you must pay a ransome to get the encryption key. What attack vector was used to exploit your system?
- Phishing
- Malicious Links
- Software Vulnerabilities
- Remote Desktop Protocol (RDP) (CORRECT)
5. You fear that the security patches sent out by the vendor of one of your products may introduce changes to what you are used to so you never allow the updates. What attack vector are you setting yourself up for?
- Remote Desktop Protocol (RDP)
- Software Vulnerabilities (CORRECT)
- Phishing
- Malicious Links
6. You log into your bank and see an offer for a 0% interest rate loan. You click on the link to check out the details and suddenly your computer is locked and there is a message demanding payment in order to unlock it. Your bank’s website was hacked! What attack vector was being used to install ransomware on your system?
- Phishing
- Remote Desktop Protocol (RDP)
- Malicious Links (CORRECT)
- Software Vulnerabilities
7. True or False. Being vigilant about email you receive, links your follow and websites you visit is an effective way to keep yourself safe from a ransomware attack.
- True (CORRECT)
- False
8. Which ransomware used fake Adobe Flash download websites to distribute and install ransomware?
- Bad Rabbit (CORRECT)
- GoldenEye
- Jigsaw
- WannaCry
9. True or False. It is feared that in the future our cars, homes and factories may fall victim to ransomware attacks as more and more devices join the Internet of Things.
- True (CORRECT)
- False
CONCLUSION – Ransomware
Ransomware breaches and their associated effects on organizations through case studies are very important for learning what is changing in the threat landscape for cybersecurity. Through this approach of real-world examples, participants will be able to understand in-depth how much damage a ransomware attack can cause to a business from financial setback to disruption of operations or damage to reputation.
Having learned this information, one can take proactive measures toward instituting effective cybersecurity protocols, employee training, and incident response plans to ward off ransomware threats. By continuous vigilance and fortifying strategic resilience, organizations traverse better on the path of challenges posed by ransomware regarding the safekeeping of precious assets and confidence-building in stakeholders in a world that is digital-first.