Tracking Ransomware: Using Behavior to Find New Threats
Jessica Bair (Senior Manager, Advanced Threat Solutions, Cisco)
Date: Thursday, May 3
Time: 3:00pm - 4:30pm
Pass Type: All Access, Conference
Format: Hands-On Session
Vault Recording: TBD
Audience Level: Intermediate
This hands-on lab (bring your own laptop) will be an interactive session on the latest ransomware trends, as well as how to defend your enterprise against this threat. Attendees will understand how ransomware operates, what are the attack vectors and what are the commonalities between variants. They will learn the skills to find and track new ransomware with dynamic analysis of behavior, and what is the sophistication of the perpetrators.
This session will explore traits of highly effective strains of self-propagating malware, as well as advances in tools to facilitate lateral movement. Ransomware as we know it today has a sort of "spray and pray" mentality; they hit as many individual targets as they can as quickly as possible. Typically, payloads are delivered via exploit kits or mass phishing campaigns. With few notable exceptions, data loss was mostly a side effect of malware campaigns. Most actors were concerned with sustained access to data or the resources a system provided to meet their objectives. Ransomware is a change to this paradigm from subversion of systems to outright extortion; actors are denying access to data and demanding money to restore access to that data.
This session is limited to 100 attendees, so an RSVP is required. Please RSVP here.