Tactics & Measures for Ransomware in AWS

Logo
Presented by

Spencer Gietzen: Cloud Security Researcher, CrowdStrike

About this talk

Traditional ransomware has become a popular tool for cybercriminals to make money and has cost a variety of industries hundreds of millions to billions of dollars in recent years. As trends change and corporations move from traditional data centers to cloud environments like AWS, GCP and Azure, adversaries are adapting their techniques to match the new climate. Because of this, attackers abusing cloud APIs rather than host/network-based commands are becoming more prevalent. This talk explores the services most likely to be targeted by ransomware in AWS Cloud, the techniques that attackers may use, and the preventative/detective measures that assist the blue team.
Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (188)
Subscribers (32128)
CrowdStrike has redefined security with the world’s most advanced cloud-native platform for protecting critical areas of risk — endpoints and cloud workloads, identity, and data. The Falcon® platform harnesses real-time threat intelligence and enterprise telemetry to automate threat prevention, detection, remediation, hunting, and vulnerability observability through a single, intelligent, lightweight agent.