How Ransomware Works – Adrian Sanabria
Current techniques for detecting or preventing malware focus on either what malware is or what it looks like. These approaches don't work with ransomware. It takes many forms and can conceptionally be used in nearly any scenario where software or data is involved. This makes it difficult, but not impossible to stop.
One of the best defenses against ransomware, as with most threats, is understanding how it works. The good news is that ransomware, by nature, has a specific goal. It must achieve this goal in order to ransom the victim. This goal-based nature is something we can take advantage of to both detect and defeat ransomware, regardless of the form it might take.
This talk will break down ransomware into the components and techniques used by malware authors to make it successful.