Attacks/Breaches
6/3/2014
11:45 AM
Connect Directly
Google+
Twitter
RSS
E-Mail vvv
100%
0%

Dark Reading Radio: Pay Up Or Never See Your Data Again

Learn how ransomware is raising the stakes, and what law enforcement and the security community are doing about it.

You've heard the horror stories or may have an end-user in your organization whose computer has been held for ransom by cyber criminals who have locked him out of his machine with a nasty form of malware known as ransomware. True to its name, ransomware means you have to pay a fee to get your computer unlocked and freed from these online kidnappers.

But even if you do comply with the ransomware demands and pay up, your data still may be lost to you forever, because these bad guys rarely keep their word.

One of the most deadly and sophisticated forms of ransomware is CryptoLocker, which encrypts the victim's files on local drives and network shares. CryptoLocker uses a strong encryption algorithm to ensure the data is kept out of the victim's reach.

CryptoLocker has been on the radar screen of law enforcement and the security research community for some time now. The FBI yesterday shared the big news that a major global effort by international law enforcement agencies and security companies had disrupted the massive and stealthy botnet that the CryptoLocker gang uses in its operations, GameoverZeus, and that law enforcement had seized key command and control servers used for CryptoLocker. Officials also announced the indictment of the botnet's administrator, a Russian national, for charges of conspiracy, hacking, wire fraud, bank fraud, and money laundering associated with the botnet, as well as other charges for his role in CryptoLocker.

In this next episode of Dark Reading Radio, I'll be hosting Lance James, renowned security expert and head of cyber intelligence at Deloitte & Touche, who assisted the FBI with this case. He will provide a peek at his upcoming presentation for Black Hat USA on new research and developments in near-time tracking of the ransomware operation's infrastructure.

James will discuss the impact on ransomware with this latest law enforcement win as well as provide tips for what can be done in the future to defend against ransomware infections.

So register now and join us tomorrow at 1:00 p.m. EDT. Have questions for our guest? Share them in the comments section below, or bring them along to the show tomorrow. We will be taking question from the live audience, and James will join us in a live text chat following the broadcast.

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/4/2014 | 7:56:56 AM
It's Dark Reading Radio Day TODAY! Tune in at 1 p.m ET/10 a.m. PT.
Join us for a talk about ransomeware with Lance James, renowned security expert and head of cyber intelligence at Deloitte & Touche, who assisted the FBI with the recent CryptoLocker arrest. Be there or be square!
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/3/2014 | 3:41:49 PM
Re: Timely Topic! (Mark your calendars for TOMORROW, June 4, 1pm EDT )
I hope Dark Reading Community members take note of the date and time of our Radio Show. I'll repeat it! Wednesday, June 4, 1pm EDT It should be a great conversation with  Lance James and lots of inside information.
Kelly Jackson Higgins
100%
0%
Kelly Jackson Higgins,
User Rank: Strategist
6/3/2014 | 3:38:03 PM
Re: Timely Topic!
I know! Had no idea this would be a breaking news story the week I interview him on his work. Perfect timing indeed. =)
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/3/2014 | 3:35:42 PM
Timely Topic!
Very much looking forward to hearing what Lance James has to say about how the FBI cracked this case.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches
Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches
Social engineering, ransomware, and other sophisticated exploits are leading to new IT security compromises every day. Dark Reading's 2016 Strategic Security Survey polled 300 IT and security professionals to get information on breach incidents, the fallout they caused, and how recent events are shaping preparations for inevitable attacks in the coming year. Download this report to get a look at data from the survey and to find out what a breach might mean for your organization.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Security researchers are finding that there's a growing market for the vulnerabilities they discover and persistent conundrum as to the right way to disclose them. Dark Reading editors will speak to experts -- Veracode CTO and co-founder Chris Wysopal and HackerOne co-founder and CTO Alex Rice -- about bug bounties and the expanding market for zero-day security vulnerabilities.