Security BSides Seattle | February 20, 2016

Slides

Abstract:
Ransom is more than just the stuff of Hollywood thrillers. Action packed extortion schemes are as old as history itself, but today’s criminals are trading in information. Extortion rackets such as the Ashley Madison and Sony Pictures Entertainment hacks are well-known cases and many security professionals have experienced ransom attempts of their own, ranging from CryptoWall and CryptoLocker malware to DDoS attacks that promise to continue until the attackers are paid.

This session will take a detailed look at the different threat actors that perpetrate these attacks and how companies can assess the risk and potential impact of an incident. Participants will learn how to model threats, identify assets at risk, determine the impact and calculate risk. These methods help security professionals understand the impact of various forms of cyber ransom, determine if it is applicable to their organization and how to communicate risk effectively to management.

When an organization faces a cyber ransom, quick action is needed to respond to the attackers, safeguard systems and bring systems back online. Participants will also learn how to strengthen their incident response plans and make risk-aware decisions.