Jonathan Broche, Alton Johnson - Securing Your Network: How to Prevent Ransomware Infection
Malware and Zero Day Exploits are a hot topic in the Information Security community as of late. With new variants of ransomware and zero day exploits being released, organizations have been on high alert. It is estimated that the recent “Wannacry” ransomware affected over 200,000 systems some of which were located in high impact environments (i.e., hospitals and police stations). Similarly, zero day exploit leaks are being released as frequent as we can remember. With black hat groups launching subscription based programs, zero days are more accessible to the public than ever.
It is important to know how to best protect yourself and an organization from these threats. Attendees at this talk will be presented with current events, real world examples, and learn best practices that can be put to use immediately to prevent such attacks. In addition, a tool will be released to help aid network administrators in the discovery and prevention of new/unauthorized services being exposed on their external environment.
The tool released and demonstrated during the talk will have the priority of securing and/or reducing external network services. The tool will perform port scans against an organization’s external-facing assets as a job (i.e., on a daily, weekly, monthly basis), save the results, and cross-reference the results at the time of the next scan. If new services have been discovered that were not previously discovered, the tool will email network administrators and alert them of the newly discovered service(s). By reducing the amount of services that are externally-facing and ensuring that there are no rogue services being made available, an organization can not only reduce their overall attack surface but also reduce their chances of being targeted by zero day exploits.