Black Hat Webcast Series: Ransomware Network Behavior and Defense

Logo
Presented by

Vince Stross, Principal Security SE at ExtraHop Networks; Sherri Davidoff, CEO at Brightwise & LMG Security

About this talk

Ransomware has evolved. The advance of targeted attack tools like Ryuk, Dharma and BitPaymer have paved the way for massive demands of six-figures or more. Often, criminals lurk inside corporate networks for weeks or months, analyzing financial data in order to set the ransom price. Modern ransomware strains such as Sodinokobi have exploit kits built in, enabling them to automatically spread laterally throughout a network prior to detonation. Advanced features include key differentiation and new tactics designed to evade your monitoring systems. Driven by the success of GandCrab and similar strains, ransomware-as-a-service is booming, with a flood of new products competing on the dark web. Other new ransomware strains have been rushed to market, resulting in sloppy coding that can accidentally render your data unrecoverable no matter what you pay. We’ll show you the latest ransomware in action, with videos and screenshots from actual cases, and discuss strategies for monitoring and detecting ransomware, including mistakes to avoid and tactics for thwarting the stealthiest new threats.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (190)
Subscribers (11569)
The prevention and protection model of cybersecurity isn’t working: between the cloud, IoT, and the sheer pace of change, the enterprise is no longer built to be walled in. This channel provides educational webinars to help SecOps (SOC) and NetOps (NOC) teams, from CIOs and CISOs to analysts and practitioners, change their perspective in order to identify, investigate, and respond to threats across the modern attack surface. We explore how cloud-native network detection and response (NDR) provides the complete visibility, real-time threat detection, and intelligent response you need to secure your hybrid environment. You’ll also find product information about ExtraHop Reveal(x) which enables you to: Eliminate blind spots: Cover 100% of your hybrid environment, Detect what matters: Find threats 95% faster, and Act quickly: Respond to breaches 70% faster. Learn more at www.extrahop.com