PRIVACY & SECURITY FORUM: A HIMSS EVENT
Boston, MA - December 5 - 7, 2016
Recently, attackers employing a CryptoLocker variant have been removing volume shadow copies on systems, disallowing the users from restoring those files and then encrypting the files for ransom. If a user cannot recover from backups, he/she is at the attacker’s mercy.
In this technical session, we’ll discuss the ins and outs of shadow copies, reveal how attackers are using them to encrypt files for ransom and then discuss ways you can quickly, and easily, detect and respond to these kinds of attacks.