ransomware enfuse

Enfuse 2017 Reflection – Amanda Johnson: Dissecting Ransomware

Introduction

I had the distinct honor to attend EnFuse 2017 this summer! Hosted by Guidance Software each summer, the EnFuse Conference never disappoints with top notch sessions and unforgettable experiences! In between sessions we got our EnFusiasm on and collected pins and swag by networking with industry professionals and participating in special sessions. I am truly thankful for the experiences EnFuse has given me: I enjoyed all of the sessions, keynotes, labs, lectures, and other events, especially Theresa Payton’s Women in Tech session! It was truly inspiring to hear Theresa’s experiences and advice for women in our field.

Ransomware Session Review

One of my favorite sessions over the week was “Dissecting Ransomware: Art and Analyses”, presented by Cindy Jenkins and Melissa D. Hall. In the session Jenkins and Hall dissected several different types of ransomware including strains of Locky, Cerber, Spora, and WannaCry. They described their deobfuscation techniques and recalled past experiences with each type of ransomware. We covered encryption and virtualization, as well as demos of several tools used for mitigation after an attack. The best part of this session is when the presenters walked us through their experience with the ransomware that infected the University of Washington Medical network where they work. It was an amazing learning opportunity to see how the ransomware worked and how they recovered from the attack. Overall, I learned a lot about ransomware, how it works, and how to forensically mitigate an attack and adding to my foundation in malware!

Conclusion

At the conclusion of this year’s EnFuse conference, it was bittersweet to leave! The EnFuse conferences are an amazing opportunity to not only attend industry relevant sessions, but also network with fellow industry professionals and have a great time in Las Vegas! I cannot thank Guidance Software and Champlain College for affording me the opportunity to attend this conference this past year and this year, I can only hope to attend another conference next year!

 

To learn more about the LCDI, take a look at our Facebook and Twitter pages or send an email to lcdi@champlain.edu!   

Leave a Reply

Your email address will not be published. Required fields are marked *