Recent Ronsomware has affected thousands. An overview of who and how this happened. Some simple tips and tricks to keep users and organizations safe.

1. Security Minded

2. Presenter: Greg Wartes, MCP
www.servit.net
• East Carolina University
• Microsoft Certified Business Management Solutions
Professional
• Technology Enthusiast – Published in:
• Wall Street Journal – ‘Cloud Innovator’
• Redmond Channel Magazine : 2011 & 2012
• Huffington Post – SBA National Small Business
Conference Microsoft Cloud Representative
• Microsoft Case Study – Cloud Based PC Manageme
• Former PGA Golf Professional

3. Presenter: Tony Merendino ServIT - CEO
www.servit.net
• The University of Tennessee at Chattanooga
BA, Business Management
• Over 20 years of experience in Executive level positions in
the arena of technology
• Former owner/CEO of BMC Solution
• Former professional athlete - NFL with the NY Jets
• Recently acquired an all organic farm which is producing
organic hay and organic angus beef

4. AGENDA
Ransomware Facts
Figures
Network Security
What can you do?
Your Thoughts?
Who? How? Why?
Browsing Security

7. Every 10 seconds, a consumer gets hit
with ransomware.
(up from every 20 seconds in Q1 2016)
Every 40 seconds, a company gets
hit with ransomware.
(up from every 2 minutes in Q1 2016)

8. The world's biggest cyberattack
has hit at least 150 countries and
infected 300,000 machines since it
started spreading Friday (May 17th,
2017.) ((Virus released May 12th,

10. "According to the Wall Street Journal, over 34,000 computer security
incidents occur every day – and 62 percent of those incidents involve
breaches of small and medium-sized businesses.*
*Simon, Ruth. “‘Ransomware’ a Growing Threat to Small
Businesses.” The Wall Street Journal. April 15, 2015."

12. SMB is an
organization with
500 users or less
do not have a
dedicated IT person
or I.T. partner/firm
do not have a
dedicated Security
person or firm
81% 86%

13. Attacks on large enterprises resulted in a confirmed breach
Attacks on SMB resulted in a confirmed breach
83%
0.7%

14. Cyber Crime Affects All Industries
Financial
Services:
$16.53
Utilities &
Energy:
$14.80
Technology:
$11.04
Services:
$8.99
Industrial:
$8.05
Healthcare:
$7.35
Retail:
$7.12
Transportation:
$6.81
Communications:
$6.13
Media:
$5.75
Pharmaceutical:
$4.92
Hospitality:
$3.68
2016 Cost of Cyber Crime Study & the Risk of Business Innovation: Ponemon Institute : http://www.ponemon.org/library/2016-cost-of-cyber-crime-study-the-risk-of-business-innovation
Average Cost of Breach per Company by Sector in US$ millions (2016)

15. Average hacking cost
on a small business:
$32,000Average

17. 4.9 MONTHSis the average time to detect a
data breach in an organization.
Source: infocyte.com
8 months 8 months 8 months
~1 year ~1 year ~1 year

18. Understanding Why Ransomware is on the Rise
• It is easier for hackers to execute than other campaigns
̶ Social Engineering
̶ Exploit Kits
̶ Broad Audience without customization or localization
• The Money Factors
̶ Time to money is sooner
̶ Bitcoin reduces risk on collection, and eliminates reversals
• Less Technical Obstacles
̶ Simplified Attacks, some without Command & Control
̶ Onus is on the victim to pay, not on hacker to exfiltrate

20. Downloading
malicious
documents
Browsing
infected
websites
Malicious
attachments
Malicious
links
Malicious
File from
USB
Server
vulnerability
exploit

22. Ransomware Trend #2: Phishing email attachments have
become the #1 delivery vehicle for ransomware
The number of ransomware variants grew by a factor of 30x in 2016.
Criminals know a cash cow when they see one.
Experts estimate ransomware generated $1 billion last year.

23. FORTUNE Magazine:
“Security experts have been
warning organizations that
failed to apply security
patches to
their MicrosoftWindows-
based computer systems that
it was only a matter of time
before another digital siege
surfaced. It seems their
predictions have borne true.”

24. Bitcoin is a new currency that was created in 2009 by an
unknown person using the alias Satoshi Nakamoto.
Transactions are made with no middle men – meaning, no
banks! There are no transaction fees and no need to give your
real name. More merchants are beginning to accept them: You
can buy webhosting services, pizza or even manicures.

26. Any downtime can be debilitating. For example, each day of an IT outage
costs small and medium-sized companies an estimated $12,500, Symantec
estimates, noting that this figure excludes the impact of a company’s
computers being down on customers.
In assessing the damage done by
hurricanes Katrina and Rita in the
Gulf Coast states in 2005, U.S.
Congress found that 43 percent of
businesses that close after a natural
disaster never reopen. Of those that
stay open, more than 29 percent
close within two years.

31. Group Policy is a hierarchical
infrastructure that allows a network
administrator in charge of Microsoft's
Active Directory to implement specific
configurations for users and
computers. Group Policycan also be used
to define user, security and
networking policies at the machine level.

32. HAVE PROFESSIONALS APPLY PATCHES AND UPDATES.

34. •Install Firewall
•Install Antivirus Software
•Install Anti-Spyware Software
•Use Complex and Secure
Passwords/Phrases
•Check on the Security Settings of the
Browser

36. Have up to date
virus scanners
running

38. CCleaner is a small, effective utility for computers running Microsoft Windows
that cleans out the 'junk' that accumulates over time: temporary files, broken
shortcuts, and other problems. CCleaner protects your privacy.

40. https://managedservicesatlanta.blogspot.com/2017/05/passwords-are-like-flossing.htm l
10 Helpful Hints for Password(s) complexity and protection

53. https://www.symantec.com/connect/blogs
http://blog.checkpoint.com/
https://blog.malwarebytes.com/
https://blogs.technet.microsoft.com/mmpc/
https://managedservicesatlanta.blogspot.com/

59. Ad supported software, often called Adware or Advertising Supported Software, is
used when referencing any type of program that downloads or displays unwanted
banner advertisements in the software being used. Adware is often bundled within
software a computer owner purchases.
However, adware can also contain or be classified as spyware, a type of malware
that is considered by many to be privacy-invasive. Spyware can steal a user’s
information or corrupt the user’s system files.

60. If you are not expecting the mail – take
the proper precautions to ensure it is a
legit email.
Do NOT open ANY attachments from
people that you do not know!

61. Keep your browser and your O/S up to date:

62. Keep your O/S up to date:
Virtualization-based security
Secure booting
Windows Hello is Windows 10’s attempt to
get rid of passwords, which are often
stolen and reused. Hello supports three
methods of biometric authentication (facial,
iris, and fingerprint) in concert with a
simple PIN.
Passport: If your computer has a TPM
chip, the private key of the asymmetric key
pair is securely stored there instead of in
software. You use Hello or your PIN to
authenticate locally, then use Passport to
securely authenticate to other network
locations.
Device Guard is a highly secure tool that
determines which applications and scripts
should be allowed to run on a particular
computer.
Credential Guard
Enterprise Data Protection

63. Keep your browser up to date:

65. Crawl
Firewall
Application Control (Detect)
URL Filtering
Intrusion Detection
Antivirus
Anti-Malware (Endpoint
Walk
Anti-Bot
Anti-Spam
E-mail Security
Application Control (Block)
Intrusion Protection
Media/Port Encryption (Endpoint)
Full Disk Encryption (Endpoint)
Remote Access VPN (Endpoint)
Run
Identity Awareness
Threat Extraction/Emulation (Gateway)
Emulation
Cloud Security
Mobile Security
DDos Protection
Document Protection
Threat Extraction/Emulation (Endpoint)

68. Greg Wartes
gwartes@servit.net
678-995-4735
www.servit.net
https://managedservicesatlanta.blogspot.com/