There have been a couple of cases where somebody has been perusing child pornography, gets ransomware that says, “Oh, thanks for reporting this problem oh, by the way, you are under arrest for child porn. Generally, you get it because you’ve done something naughty. There’s “cop” ransomware – you know, we’re locking your computer, pay a fine to the FBI or NCA, or whatever particular thing. There are generally two types (see right-hand image). It wouldn’t be a talk if it didn’t involve a lolcat, but this one is actually relevant (see left-hand image). So, a quick description of what ransomware is – you know, any attack that relies on extortion. You’re going to have to work on that when we leave. Lance: Is “Bambenek” related to Bambenek you? My name is John Bambenek, I run my own firm Bambenek Consulting and I’m also affiliated with the SANS Internet Storm Center. Afterwards you should really smell him, because it’s quite mansome. And then, we’ll look at what we’re dealing with in the future.īy the way, I’m Lance James, Head of Cyber Intelligence at Deloitte.
#CRYPTO LOCKER IN THE NEWS HOW TO#
Liaisons of law enforcement and the industry – where the industry plays and where the government or law enforcement may stop how to work with international laws and also just in general how to work with people’s skills, really. The lessons you can learn and take for the next round.Īnd we have kind of a major theme we want to talk about that’s important – how to do takedowns right. And pieces that were difficult as well, slowdowns, things like that. We will discuss the intelligence response to it and the success. We are going to go through that (see image above). We are going to talk about some history of ransomware.Īnd a study of CryptoLocker – John and I kind of put together the CryptoLocker working group when this whole incident last year came about, CryptoLocker coming on the scene. We are going to skip that, if most people got a clue there. We aren’t going to talk about ransomware, obviously, from the perspective of people who don’t know. John, really, gets most of the credit for writing this talk, because he’s not a procrastinator like I am. Has anyone actually had a problem with it this year, whether it’s clients or personal – grandma, whatever? In a room this size, at 9 am, we’ve got a significant amount. Anybody get infected with it? Keep those hands up. Lance James: So, everybody knows what ransomware is this year, right? Please raise your hand. Security experts Lance James and John Bambenek tell the Black Hat USA audience how they got together on the CryptoLocker ransomware case and how it went.īlack Hat USA host: With no further ado, I will introduce our speakers today.