© 2020 Jack Henry & Associates, Inc.®1 © 2020 Jack Henry & Associates, Inc.®

Rick Phillips – Stickley on Security

Viviana Campanaro – CISSPGladiator Security & Compliance Sales Engineer

Cybersecurity Webinar Series -Ransomware is Alive and Well: Are you?

February 12, 2020

© 2020 Jack Henry & Associates, Inc.®2

Cybersecurity Webinar Series

• Multi-part, educational series• Proactive Cybersecurity: Staying Ahead of Threats

1. Assessing Your Biggest Security Risks Before It Is Too Late – October 29th

2. Machine Learning and the Latest Protection methods – December 12th

3. Cyber Threats and Trends for 2020 – January 14th

4. Ransomware is alive and well: are you? – February 12th

5. Gone Phishing: Tips, Tricks and Lessons Learned in the Battle of Social Engineering – March 18th

6. Unleashing the true value of GRC - April 29th

© 2020 Jack Henry & Associates, Inc.®3

Malware Landscape

© 2020 Jack Henry & Associates, Inc.®4

Landscape

© 2020 Jack Henry & Associates, Inc.®5

Why Are Attacks More Effective? Available Data

16 Billion

© 2020 Jack Henry & Associates, Inc.®6

Why Are Attacks More Effective? Revenue

© 2020 Jack Henry & Associates, Inc.®7

© 2020 Jack Henry & Associates, Inc.®8

© 2020 Jack Henry & Associates, Inc.®9

Chinese/North Korean Government Hacking Group

© 2020 Jack Henry & Associates, Inc.®10

The Anatomy of a Phishing Attack

© 2020 Jack Henry & Associates, Inc.®11

© 2020 Jack Henry & Associates, Inc.®12

Example.com213.48.212.85

Blacklist Service183.88.245.11

IP Lookup183.88.245.11

© 2020 Jack Henry & Associates, Inc.®13

Email Spoofing Pivots to Look-alike Domains

Stickleyonsecurity.com namewest.com/simple-typo

sticklyeonsecurity.comstickleoynsecurity.comstickleynosecurity.comstickleyosnecurity.comstickleyonescurity.comstickleyonsceurity.comstickleyonseucrity.comstickleyonsecruity.comstickleyonsecuirty.comstickleyonsecurtiy.com

stickleyonseucrity.com

1. Identify Target2. Purchase look-alike domain3. Follow all proper domain registration

processes including DMARC4. Park the domain for a couple months

to appear to be legitimate5. Research Target to determine who

will be impersonated6. Purchase email list of Target

employees7. Launch

© 2020 Jack Henry & Associates, Inc.®14

© 2020 Jack Henry & Associates, Inc.®15

© 2020 Jack Henry & Associates, Inc.®16

© 2020 Jack Henry & Associates, Inc.®17

How to prepare, protect and prevent

© 2020 Jack Henry & Associates, Inc.®18

Event Action Plan: Preparedness

1. Incident Response Plan2. Business Continuity Plan3. Failover Plan4. Backup Strategy

1. Ransomware, Data Breach

2. How do we keep serving

3. How are we going to recover

4. What will be the data gap

© 2020 Jack Henry & Associates, Inc.®19

Prevention Action Plan: Layered Security1. Infrastructure (firewall, email filter, anti-virus,

cloud backup, etc.)

2. Outside Email Warning Messages3. Domain Security (lock down look-alike and

typosquatting domains)

4. Employee Education that keeps pace with the evolving threat landscape

5. Phishing Simulation

Employee Training Methods

Annual or Quarterly Phishing only14-24% Click Rate

Monthly Phishing8-14% Click Rate

Monthly Phishing with Quarterly Education0-5% Click Rate

© 2020 Jack Henry & Associates, Inc.®20

Gladiator® Security Services

• Centurion Disaster Recovery• Disk to disk to cloud backup and recovery

• Gladiator Hosted Network Solutions• Virtual Desktop Infrastructure (VDI)• Disaster Avoidance services

• Gladiator Total Protect Suite• New advanced SIEM / SOAR• Machine Learning, Predictive & Prescriptive Analytics• Enhanced Threat Intel Platform, built solely for FI’s• IT Regulatory Compliance solutions

© 2020 Jack Henry & Associates, Inc.®21

Thank You

Rick PhillipsStickley on Security619.749.5309rick@stickleyonsecurity.com

• Employee Education• Phishing Simulation• Domain Security• Automated Security Center

Viviana Campanaro, CISSPGladiator813.925.9218vcampanaro@profitstars.com