The Ransomware Ecosystem: Operators, Affiliates & Access Brokers

Presented by

Tim Mitchell - Senior Security Researcher, Threat Research, Secureworks

About this talk

When ransomware-as-a-service (RaaS) was introduced to the cybercrime landscape in the mid-2010s, it significantly lowered the bar to entry for cybercriminals. As a result, the scale of ransomware operations expanded, allowing cybercrime groups and their affiliates to exploit more networks resulting in higher revenue. Expertise also improved as each element of the process became specialized, making ransomware the formidable threat it is today. In this session, Senior Security Researcher and intel analysis lead for cybercrime Tim Mitchell will discuss why understanding and tracking the TTPs of everyone involved in ransomware operations is important, regardless of the variant. He’ll also outline why the attribution of precursor activity is important, and how accurately doing so can inform our customers and better protect them from ransomware.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (104)
Subscribers (14846)
Secureworks® (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmaneuver adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, SaaS security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience.