This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Ransomware Network Behavior and Defense
Ransomware FAQ, by Sherri Davidoff
Cloud-Native Network Detection & Response, by ExtraHop
Ransomware has evolved. The advance of targeted attack tools like Ryuk, Dharma and BitPaymer have paved the way for massive demands of six-figures or more. Often, criminals lurk inside corporate networks for weeks or months, analyzing financial data in order to set the ransom price. Modern ransomware strains such as Sodinokobi have exploit kits built in, enabling them to automatically spread laterally throughout a network prior to detonation.
Advanced features include key differentiation and new tactics designed to evade your monitoring systems. Driven by the success of GandCrab and similar strains, ransomware-as-a-service is booming, with a flood of new products competing on the dark web. Other new ransomware strains have been rushed to market, resulting in sloppy coding that can accidentally render your data unrecoverable no matter what you pay.
We'll show you the latest ransomware in action, with videos and screenshots from actual cases, and discuss strategies for monitoring and detecting ransomware, including mistakes to avoid and tactics for thwarting the stealthiest new threats.
Sherri Davidoff is a cybersecurity expert, author, speaker and CEO of both LMG Security and BrightWise, Inc. As a recognized expert in digital forensics and cybersecurity, she has conducted cybersecurity training for many distinguished organizations, including the Department of Defense, the American Bar Association, FFIEC/FDIC, and many more.
Matt Durrin is a Cybersecurity consultant and trainer for LMG Security. Matt is an instructor at the international Black Hat USA conference, where he teaches "Data Breaches." A seasoned forensics professional, Matt specializes in incident response, ransomware cases, cryptojacking, and banking trojans.
Vince Stross, Principal Security SE at ExtraHop, has over 20 years experience in security, IT operations, cloud/hybrid full-stack development, management, and gardening. Vince helps his customers shine a light on their threat landscape.