Ransomware: New Attacker TTPs and Recovery Strategies for Security Teams

Presented by

Greg Blaum, Principal Consultant & Jared Kunkel, Principal Consultant, Mandiant

About this talk

Ransomware attacks are not slowing down, and neither are the evolving techniques used by adversaries who will stop at nothing to achieve their mission of financial gain. With a median dwell time of only five days for ransomware deployment (compared to 36 days for non-ransomware intrusions), security teams must be steadfast in their ransomware detection, response, and remediation preparedness. M-Trends 2022 provides unique insights into new attacker TTPs used to deploy ransomware rapidly and efficiently with focus on virtualization infrastructures as a prime/growing target of entry. In addition, organizations must do more to plan and execute recovery operations that stand the test of time. Join two of Mandiant’s frontline principal consultants as they discuss the evolving ransomware landscape and recovery strategies that security teams can put into motion. Topics of discussion will include: • Newly observed attacker tools, tactics, and procedures • Latest recommended mitigation activities • Common themes that help (and hinder) recovery operations • Critical components of an effective response • Considerations for effective recovery actions
Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (348)
Subscribers (127942)
Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.