Disrupting Ransomware Attacks with Deception and Concealment.

Presented by

Joseph Salazar, Technical Enginer, Attivo Networks

About this talk

Ransomware attacks have evolved beyond infecting numerous endpoints for payment. Today’s sophisticated ransomware attackers target sensitive and critical assets, such as vital production databases or Active Directory controllers, using advanced attack tactics such as AD credential theft, lateral movement, and privilege escalation. So-called Ransomware 2.0 attacks have resulted in ransom payments totaling millions of dollars. What’s more, the attackers often exfiltrate the data they have encrypted and either threaten to release it to coerce payment or ask for further compensation afterward to prevent its public disclosure. Endpoint solutions such as EPP and EDR can disrupt some ransomware attacks, but attackers continually find new ways to evade these security controls. Organizations must look to novel approaches that address the attacks that evade defenses and successfully infect internal systems. One such method is deception and concealment. Denying attackers from accessing and exploiting local or network accounts and assets can disrupt the ransomware attack chain and minimize damages. Join this session to learn how.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (19)
Subscribers (6273)
Debemos hacer frente al desafío que representa la situación actual. Por eso, y porque sabemos que tu papel en las empresas es fundamental (ahora más que nunca), hemos preparado un programa de conferencias virtuales de la mano con ISACA, para mantenerte actualizado con los temas más relevantes en la industria.