Keeping Pace with Ransomware Tactics and Strategies: Lessons Learned from 1 Year

Presented by

Randy Franklin Smith (Ultimate Windows Security) and Brian Coulson (LogRhythm)

About this talk

Today, ransomware attackers won’t simply back down if an organization refuses to pay the demanded sum in order to get their files back. Even companies who have great backups and a fast recovery process are vulnerable to an emerging strategy: exfiltrating the victim’s most private data before demanding ransom. If the victim refuses payment and initiates restoring their systems, the attacker reveals what information they have exfiltrated and threatens to post it online if the ransom goes unpaid. That threat is a completely different from the standard ransomware threat. This is because we’ve now shifted from an Integrity and Availability threat to a Confidentiality threat. And of course there is the possible nightmare of privacy and other compliance regulations depending on the nature of the data that’s been exfiltrated. During this webcast, Randy Franklin Smith from Ultimate Windows Security provides an overview of some recent high-profile attacks that have employed this strategy, including those against Honda, Xerox and Garmin. He also discusses detection methods and MITRE ATT&CK® techniques commonly used in ransomware attacks, such as: - Phishing (T1566) - System Services (T1569) - Command and Scripting Interpreter (T1059) Then, Brian Coulson from LogRhythm’s Threat Research team demonstrates how to detect and respond to these types of threats using MITRE ATT&CK, UEBA capabilities, and more. Register for the webcast to learn about the latest ransomware threats and how you can protect your organization from them.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (94)
Subscribers (8184)
Notice: LogRhythm APJ channel has moved! Please note that this channel will not be updated with new content from 31 December 2020. We invite you to our new and improved LogRhythm channel, which can be accessed here: At LogRhythm, we strive to provide our users and subscribers with the latest security tips & tricks available on-demand. Check out our latest talk: How to build an effective security program with limited resources: