Nobody likes to think about their company’s critical data being compromised and held for ransom. Unfortunately, this type of threat, dubbed ransomware, cannot be ignored. In the first quarter of 2016 alone, CNN projected that cybercriminals collected more than $200 million through ransomware attacks.
This would make ransomware a nearly $1 billion business annually, and it is growing quickly. This scale can be difficult to grasp, so how about an example that’s easier to identify with? In February of 2016, Los Angeles’s Hollywood Presbyterian Medical Center was hit with a ransomware attack. The attack lasted for four days before the hospital finally paid the ransom of $17,000 to get its network back. You may think, “$17,000? That doesn’t sound so bad.” Of course, the actual cost – downtime, delays, lost customers, etc. – was much worse: an estimated $11 million. Do I have your attention now?
When I approached the RSA Conference program team with the idea of holding a one day summit on ransomware at this year’s event, they jumped at the opportunity. As the result of long hours, careful planning, and a highly selective abstract review process, we have locked in our inaugural RSAC 2017 Ransomware Summit. With yours truly Andrew Hay as the host, attendees can expect a full day all about ransomware and its multifaceted implications across technical, policy, compliance and financial response. Sessions will discuss innovative research, present case studies on response and recovery to ransomware, explore combatting ransomware, and debate if — and when — you should pay the ransom. Speakers at the summit include:
- Andrei Barysevich, Director of Advanced Collection, Recorded Future
- Christiaan Beek, Head of Strategic Threat research, Intel Security
- Michael Duff, CISO, Stanford University
- David Formby, Ph.D. Candidate, Georgia Institute of Technology
- Robert Gibbons, Chief Technology Officer, Datto
- Jeremiah Grossman, Chief of Security Strategy, SentinelOne
- Levi Gundert, Vice President of Intelligence and Strategy, Recorded Future
- Anton Ivanov, Senior Malware Analyst in Kaspersky Lab, Kaspersky Lab
- Neil Jenkins, Director of the Enterprise Performance Management Office (EPMO), Department of Homeland Security
- Paula Long, CEO and Co-Founder, DataGravity
- Raj Samani, CTO, EMEA, Intel Security
- Joachim Suico, Threat Research Engineer, Trend Micro, Inc.
- Candid Wüest, Threat Researcher, Symantec
Though I can’t detail every session, I do want to highlight a few of the sessions I feel attendees simply can’t miss. The first session of the day will be a panel entitled “Preparing for Ransomware” with Michael Duff of Stanford University, Adam Ely of Walmart, and Neil Jenkins from the Department of Homeland Security. This session will set the stage for the challenges of preparing for, and responding to, ransomware across various organizations and industry verticals.
A live hack will be demonstrated in “Out of Control: Ransomware for Industrial Control Systems” by Georgia Institute of Technology Ph.D. candidate David Formby. To illustrate the effects of ransomware on an industrial control system, this session will show the operational and physical harm implications resulting from the compromise of a popular programable logic controller (PLC). This may be the session that causes a restless sleep for some of our attendees.
Two important sessions will cover the underground economy that is actively being fueled by ransomware. In “Legitimate Business as Unwitting Accomplice of Underground Economy”, Andrei Barysevich and Levi Gundert of Recorded Future will explore the threat of encrypted data extortion from ransomware attacks and will quantify the extorted payment volume occurring on the Dark Web. In “A deep look into the Russian-speaking ransomware ecosystem”, Anton Ivanov from Kaspersky Lab will provide detailed analysis of the Russian-speaking criminal underground that empowers ransomware attacks all over the world.
The summit takes place on Monday, February 13, 2017 from 9:00 AM – 5:00 PM at Moscone West. Space will be limited so please reserve your seat as quickly as possible before it’s too late. In addition to learning from some of the best and brightest minds in the industry, I hope all attendees will share their own ransomware experiences, tips, and mitigation techniques with their peers throughout the day and the week of the RSA Conference.
I hope to see you at the summit!