In this episode,  Heather Mahalik hosts Ryan Chapman to discuss the topic of ransomware.

Ryan is a Principal Incident Response Consultant with BlackBerry. He has worked in the Digital Forensics & Incident Response (DFIR) realm for 10 years and teaches ransomware courses.

In this video, he provides an outline of ransomware attacks and explains that:

  • Windows servers are the most commonly hit because they host the infrastructure itself, as well as the most critical organizational data

  • Windows 10 and XP systems are the most frequently hit

  • Ransom demands mostly come from remote desktop protocol and phishing

  • It’s usually more cost-effective to pay the ransom but always remember you are working with criminals so you could be tricked even after paying

  • Ransomware infrastructure related to phishing changes all the time

  • Attacks repeat themselves with the same methods

  • Mobiles are attacked less, and the ransom amounts demanded are lower, however, they are being used more in ransomware attacks, such as in SMS phishing

  • Software is often exploited since it is frequently unpatched and therefore provides a way to get in

Watch the full episode to learn more.

Share this post
Brian Carrier on ResponderCon: Investigating Ransomware Conference View Now