Disrupting Ransomware Attacks with Deception and Concealment.

Ransomware attacks have evolved beyond infecting numerous endpoints for payment. Today’s sophisticated ransomware attackers target sensitive and critical assets, such as vital production databases or Active Directory controllers, using advanced attack tactics such as AD credential theft, lateral movement, and privilege escalation. So-called Ransomware 2.0 attacks have resulted in ransom payments totaling millions of dollars. What’s more, the attackers often exfiltrate the data they have encrypted and either threaten to release it to coerce payment or ask for further compensation afterward to prevent its public disclosure. Endpoint solutions such as EPP and EDR can disrupt some ransomware attacks, but attackers continually find new ways to evade these security controls. Organizations must look to novel approaches that address the attacks that evade defenses and successfully infect internal systems. One such method is deception and concealment. Denying attackers from accessing and exploiting local or network accounts and assets can disrupt the ransomware attack chain and minimize damages. Join this session to learn how.