The Truth about Ransomware: Its not Complicated!

preview_player
Показать описание
The threat of ransomware now permeates our daily computing lives. News stories of attacks have become ubiquitous. While media outlets often portray ransomware attacks as advanced operations carried out by highly skilled threat actors, this often is not the case. In fact, the opposite is true -- Many ransomware attacks are opportunistic and leverage insecure configurations to enter an environment. These groups are not stealthy, in fact they are often quite loud. For example, most ransomware attacks involve multiple groups including initial access brokers (IABs), paid "pentester" affiliates, the ransomware malware authors, money mules, and more. The bulk of IABs and third-party affiliates are more akin to thieves who test door handles to find an opportunity vs. those who slink around in the shadows and cut holes in glass to enter buildings. In this talk, Ryan Chapman and Rob Lee discussing how to keep these groups out, how to detect them once they're in your network, and how to respond should the worst-case scenario occur. Thwarting ransomware isn't rocket science, it just takes awareness and diligence, so let's push to ensure we're all ready for what's ahead.

Speakers

Ryan Chapman
Ryan has worked in the Digital Forensics & Incident Response (DFIR) realm for over 10 years. He also currently teaches SANS FOR610: Reverse Engineering Malware, and he is the author of a SANS course on ransomware FOR528: Ransomware for Incident Responders, that will be available later in 2022. During his career, Ryan has worked in Security Operations Center and Cyber Incident Response Team roles that handled incidents from inception through remediation.

Rob Lee:
Rob Lee is the Chief Curriculum Director and Faculty Lead at SANS Institute and runs his own consulting business specializing in information security, incident response, threat hunting, and digital forensics. With more than 20 years of experience in digital forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response, he is known as “The Godfather of DFIR”. Rob co-authored the book Know Your Enemy, 2nd Edition, and is course co-author of FOR500: Windows Forensic Analysis and FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics.
  1. SANS Digital Forensics and Incident Response
  2. digital forensics
  3. incident response
  4. threat hunting
  5. cyber threat intelligence
  6. dfir training
Рекомендации по теме
The Truth about 1:26:09

The Truth about Ransomware: Its not Complicated!

The Truth About 0:04:10

The Truth About Ransomware

The Top 5 0:42:19

The Top 5 Misconceptions About Ransomware

Ransomware: The Terrifying 0:00:38

Ransomware: The Terrifying Cyber Threat Explained!

Why Are Governments 0:00:46

Why Are Governments Launching Ransomware Attacks?

Ransomware response isn't 0:00:56

Ransomware response isn't only about tech...

Living with Ransomware 0:31:42

Living with Ransomware - The New Normal in Cyber Security

What is Ransomware? 0:04:12

What is Ransomware?

darkScript() - IT 0:17:16

darkScript() - IT & InfoSec Tutorials: The Malware That Will Make You WannaCry

Is ransomware on 0:00:31

Is ransomware on the decline? 📉

Behind the booming 0:16:10

Behind the booming ransomware industry: How hackers hold businesses hostage | Business Beyond

The Effects of 0:00:59

The Effects of Ransomware

Ransomware In Cybersecurity 0:06:00

Ransomware In Cybersecurity | What Is Ransomware? | Ransomware Attack | Simplilearn

What ransomware was 0:00:58

What ransomware was like 20 years ago

The Truth in 0:00:31

The Truth in Cloud: Ransomware.

The Sneaky World 0:00:45

The Sneaky World of Cyber Espionage and Ransomware

Nobody's Immune: The 0:00:59

Nobody's Immune: The Ransomware Reality

Schneider Electric Hit 0:00:33

Schneider Electric Hit by Hellcat Ransomware!

Ransomware Rebranding: So 0:25:30

Ransomware Rebranding: So Hot Right Now!

Ransomware Explained! 🦠 0:00:30

Ransomware Explained! 🦠 #Ransomware #CyberSecurity #DataProtection #OnlineSafety #TechTips #Malware...

How Wannacry Did 0:10:15

How Wannacry Did $4 Billion Damage [Largest Ransomware Attack]

Part 12 | 0:01:00

Part 12 | Investigating a Ransomware Attack #cybersecurity #ransomware #ransomwareattack #space

Handling Ransomware Incidents: 0:57:53

Handling Ransomware Incidents: What YOU Need to Know!

What is ransomware? 0:00:50

What is ransomware? #Cybersecurity #Google #Shorts

Комментарии
Автор

thanks Ryan, you're an amazing instructor - keep it up!

ochenx
Автор

I guess you are one of the best in the field. Thanks for sharing.

simonekraus
Автор

Hi Ryan - do you have a link to that google sheet for advised ESG file block types?

nickcurrie
Автор

Keeps stretching and stretching takes forever to get to any meat.

tomkruk
Автор

very nice talk! Thank you very much! Could you share with us your slides?
many thanks in advance

bonsaicnc
Автор

I love the delivery. You should work for Microsoft instead of Blackberry. Your talents are not fully leveraged there.

AlienWarTycoon
Автор

If you are a leader in your industry and love the tools that the company you work for makes, you are doing the industry a disservice by staying there. Move around and spread the talent. Your passion should be fighting attacks, not being comfortable in a longstanding job.

AlienWarTycoon
Автор

Lame unprofessional you're not intellect enough to attach ppt... please do

DavidCrypto-kclf