On May 12, 2017, in the course of a day, the WannaCry ransomware attack infected nearly a quarter million computers. WannaCry is the latest in a growing number of ransomware attacks where, instead of stealing data, cyber criminals hold data hostage and demand a ransom payment. WannaCry was perhaps the largest ransomware attack to date, taking over a wide swath of global computers from FedEx in the United States to the systems that power Britain’s healthcare system to systems across Asia, according to the New York Times. In this podcast, CERT researchers spell out several best practices for prevention and response to a ransomware attack.
Alexander Volynkin is a senior research scientist in the SEI’s CERT Division. His research interests include network security, malware behavior analysis, advanced reverse-engineering methods, and cryptanalysis. He has authored numerous scientific publications and a book on malware behavior analysis and holds a patent related to full-disk encryption technologies. Volynkin is a recipient of multiple awards for his research publications.
Angela Horneman is a network intelligence analyst for the SEI's CERT Division. Her focus is on helping others understand network cybersecurity topics and solve related problems so that they can make better decisions, improve their security posture, and better interact in the cyber world. Prior to joining CERT in 2013, she worked for a software company where her responsibilities included release management, technical writing, application support, and assisting business analysts and developers.