Post-Conference Workshop Day: Wednesday, 13 September 2017

8:00 AM - 9:00 AM Registration, refreshments and networking

Crypto Ransomware is a growing threat against internet users and even users on corporate networks. Attackers infected a system in order to encrypt all available files locally and remotely for the user. When the files are encrypted (and very often with advanced encryption techniques), the attackers try to extort the users via a ransom to recover the encrypted files. Such ransom attacks can be very successful especially in corporate networks where file servers (NAS, CIFS servers) are extensively used.

Attend this workshop to:
  • Understand and employ the best defences against Crypto Ransomware to block incoming attacks immediately
  • Enable audit logging on file servers to track down potentially infected systems encrypting files on the file share
  • Create monitoring scripts to keep track of systems modifying files in a short period of time. This monitoring can be used to detect pro-actively infected system doing encryption
  • Ability to detect the most common initial infections to Crypto Ransomware before they penetrate the system

Workshop leader:


Donald Codling

DHS ICS CERT and US-CERT, Past Chairman Strategic Alliance Cyber Crime Working Group, Excel Services Corporation SMECritical Infrastructure Protection and INL Programs, US
U.S. Department of States Anti-Terrorism Assistance and INL Programs, US

1:00 PM - 2:00 PM Networking lunch

2:00 PM - 2:00 PM End of workshop day