I presented this slides in the "Privacy Protection" subject, teached by Prof. Josep Domingo-Ferrer in the Master in Computer Security Engineering and Artificial Intelligence.
2. Ransomware
It is a type of malicious software that will take your important
files, encrypt them and then it will blackmailing you to pay for
get them back.
- this is the new oil, for the bad guys -
4. Wannacry
● Affected more than 150 countries.
● Infected major businesses and organizations.
● More than 200,000 systems around the world are believed to be infected
Black Friday - May 12, 2017
7. How much money wannacry ask you?
● Between the first three days = $300
● Between the next three days (extra chance) = $600
- After seven days without payment, the malware will delete all of the encrypted files and all data will be lost. -
9. How does it get to you?
● Hosts can get infected downloading for example PDFs or any kind of
other files that hide the malware. Normally those are sent via email or
accessing to a url.
● Another host in the same network can exploit a vulnerability (SMBv1)
and install the malware on it.
10. Hard to reach the first one,
then easy to reach hundreds...
● NSA leakage on April, 17 2017.
● The Shadow Brokers.
● Some exploits unknown until that time.
● Ethernalblue. SMBv1 (Microsoft Server Message Block 1.0)
11. The cure… before the disease
Recall, NSA leakage on April 17, 2017
Microsoft solution on March 14, 2017
13. How do prevent it?
● Install the security patch MS17-010.
● Monitor traffic over port 445 in the firewall.
● Block the port 445 (SMBv1) by host.
● Keep your system up-to-date.