Be aware of ransomware TTPs: applying MITRE to ransomware campaigns

Presented by

Marc Rivero, a senior security researcher at Kaspersky GReAT

About this talk

Modern ransomware has transitioned to a Ransomware-as-a-Service (RaaS) model, with many groups sharing common tactics, techniques, and procedures in their attacks, or TTPs. These TTPs, described in MITRE ATT&CK, are like a glue that binds together multiple diverse teams operating at various levels with different priorities. The Global Research and Analysis team (GReAT) at Kaspersky analyzed thousands of operations made by the different RaaS groups – and outlined the TTPs that the cybersecurity industry should consider in order to deliver a stronger protection for different organizations. Join this webcast with Marc Rivero, a senior security researcher at Kaspersky GReAT. Marc will delve into the main TTPs used by modern ransomware groups and shed light on how to analyze them and use in attack detection and prevention. • Kaspersky’s statistics on ransomware evolution • Attack workflow using MITRE ATT&CK • Overview of TTPs used by main ransomware groups • Q&A session
Related topics:

More from this channel

Upcoming talks (28)
On-demand talks (88)
Subscribers (14038)
AO Kaspersky Lab (APAC)