ExtraHop #1: Five Ways Attackers Leave Ransomware Vulnerable to Detection

Logo
Presented by

Ben Higgins, ExtraHop; Aaron Davidson, ExtraHop; Jesse Munos, ExtraHop; Sharon Smith, Moderator

About this talk

Enterprise ransomware has evolved. Ransomware-as-a-service and simple-to-use intruder tools like Cobalt Strike give greedy attackers both the motivation and the playbook to search for the data they need to ensure that you will pay. Time may not be on your side, but every action an attacker takes leaves a trail for defenders to follow. This is where you regain the advantage—if you know what to look for. Intrusions are a terrifying thing to consider, but they don’t spell doom: Visibility and response inside the perimeter are your best hope against the enterprise ransomware menace. In this demo-filled webinar, an expert threat hunter will share techniques for eradicating the extortion adversary at each critical phase before encryption begins. Join ExtraHop and (ISC)2 for the first part of a three part series where we’ll look at the indicators that leave attackers open, such as: o Scanning and enumerating your environment o Moving laterally toward your valuables o Domain escalation attempts from owned assets o Staging data exfiltration for second-phase extortion o Preparing to write over DB and file systems
Related topics:

More from this channel

Upcoming talks (13)
On-demand talks (443)
Subscribers (134946)
ISC2 Security Briefings brings attendees both stand alone webcasts and multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.