Skip to main content
Image

Event Description

With alarming frequency, ransomware hackers are sneaking into consumer and business computers, encrypting files containing photos, documents and other important data, and then demanding a ransom in exchange for the key needed to decrypt the files. At times, these hackers pose as the FBI or other law enforcement officials and claim that the ransom is a “fine” for viewing illegal material and that failure to pay the “fine” will result in criminal prosecution. Consumers, businesses, and government agencies are falling prey to these schemes, including hospitals whose servers may contain sensitive patient data. New forms of ransomware encrypt files of website operators, threatening not only their files containing stored data, but the very files needed to operate their websites. Other variants of ransomware are now targeting files on mobile devices. The Ransomware workshop will address questions such as:

  • How do ransomware extortionists gain access to consumer and business computers?
  • What role can consumer and business education play in preventing ransomware infections?
  • Are there steps consumers and businesses should be taking to reduce the risk of ransomware or to decrease its impact?
  • Are there technological measures that computer operating system and web browser designers can take to prevent ransomware?
  • Are there browser plug-ins or other tools that consumers and businesses can employ that will warn if their data is about to be encrypted?
  • What can be learned from criminal law enforcement’s efforts to combat ransomware?
  • If you fall prey to ransomware, should you pay the ransom?
  • If you pay the ransom, how likely are you to receive the decryption key and be able to view your files?
  • What happens if you don’t pay the ransom? Are your files lost forever?

Staff Contact

Dan Salsburg
(202) 326-3402

  • 12:00 pm

    Registration

    1:00 pm

    Introductory Remarks

    Ben Rossen
    Staff Attorney, Division of Privacy & Identity Protection, FTC


    Opening Remarks

    Edith Ramirez
    Chairwoman, Federal Trade Commission

    1:15 pm

    Panel 1: Overview of the Ransomware Threat

    Moderator:
    Steve Wernikoff
    Office of Technology Research & Investigation, FTC

    Panelists:
    Craig Williams
    Sr. Technical Leader, Global Outreach Manager, Cisco Talos

    Joseph Opacki
    Vice President of Threat Research, PhishLabs

    Lance James
    Chief Scientist, Flashpoint

    Georgia Weidman
    Founder and CTO, Shevirah Inc.

    2:10 pm

    Presentation by Office of Technology Research & Investigation

    Joe Calandrino
    Office of Technology Research & Investigation, FTC

    Anthony Masi
    New York University

    2:40 pm Break

    3:00pm

    Panel 2: Best Defense Tactics Against Ransomware

    Moderator:
    Ben Rossen
    Division of Privacy & Identity Protection, FTC

    Panelists:
    Lorrie Cranor
    Chief Technologist, FTC

    Bill Wright
    Director of Government Affairs, Symantec

    Keith McCammon
    Chief Security Officer/Co-Founder, Red Canary

    Jim Walter
    Senior Researcher, Cylance SPEAR Team

    Chad Wilson
    Director of Information Security, Children’s National Medical Center

    3:45 pm

    Panel 3: What Happens If You Become a Victim?

    Moderator:
    Will Maxson
    Assistant Director, Division of Marketing Practices, FTC

    Panelists:
    Will Bales
    Supervisory Special Agent, Cyber Division, Federal Bureau of Investigation

    Serge Jorgensen
    President, The Sylint Group

    Adam Malone
    Director, Cyber Investigations and Breach Response, PwC

    Bill Hardin
    Vice President, Charles River Associates

    Päivi Tynninen
    Researcher, F-Secure

     

FTC Privacy Policy

Under the Freedom of Information Act (“FOIA”) or other laws, we may be required to disclose to outside organizations the information you provide when you pre-register. The Commission will consider all timely and responsive public comments, whether filed in paper or electronic form, and as a matter of discretion, we make every effort to remove home contact information for individuals from the public comments before posting them on the FTC website.

The FTC Act and other laws we administer permit the collection of your pre-registration contact information and the comments you file to consider and use in this proceeding as appropriate. For additional information, including routine uses permitted by the Privacy Act, see the Commission’s comprehensive Privacy Policy.

This event is open to the public and may be photographed, videotaped, webcast, or otherwise recorded. By participating in this event, you are agreeing that your image — and anything you say or submit — may be posted indefinitely at ftc.gov or on one of the Commission's publicly available social media sites.