Research Findings: 1 in 7 Ransomware Extortion Attacks Leak Critical OT Data

Presented by

Daniel Kapellman Zafra, Manager Mandiant Threat Intelligence

About this talk

The increase in ransomware and multifaceted extortion in 2021 resulted in a surprising risk to Operational Technology. A new study by Mandiant Threat Intelligence revealed that one out of every seven leaks from industrial organizations posted in ransomware extortion sites is likely to expose sensitive OT documentation. In the study, Mandiant observed stolen sensitive documentation that includes network and engineering diagrams, images of operator panels, information on third-party services, and more. With sensitive details on OT environments, attackers can more readily target these systems and networks in a repeat attack. In this webinar, Daniel Kapellmann, Senior Manager of Analysis at Mandiant will share the research findings and discuss how OT security practitioners can defend against ransomware and multifaceted extortion to protect sensitive OT data. The discussion will include: • Understand the risks ransomware-related data leaks pose to OT • See how leaks about employees, processes, projects, etc. can depict a very accurate picture of an organization’s culture, plans, and operations. • Learn the tools threat actors use to identify paths of least resistance in IT and OT networks and engineer OT cyber attacks. • Learn how to prevent and mitigate the risks presented by exposed OT data Speaker Bio Daniel Kapellman Zafra, Manager Mandiant Threat Intelligence Daniel is a Technical Analysis Manager for our Cyber Physical Intelligence team at Mandiant. Daniel oversees the strategic coverage of cyber physical threat intelligence and coordinates the development of tools and solutions to collect and analyze data. He is a frequent speaker on industrial control systems (ICS) / operational technology (OT) topics at international conferences.
Related topics:

More from this channel

Upcoming talks (4)
On-demand talks (370)
Subscribers (122444)
Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.