This talk consists of 3 main parts: a historical overview of the ransomware phenomenon, how Cyber Threat Intelligence driven security can prevent a ransomware attack by providing the strategic, operational and tactical intelligence, and a description of a worst case scenario resulting from a successful ransomware attack against a targeted victim.
- Contextual understanding of ransomware malware and its evolution.
- The most common Modi Operandi of ransomware threat actors.
- The most common Tactics, Techniques, and Procedures employed in ransomware operations.
- Ransomware prevention and response via CTI driven security leveraging strategic, operational and tactical intelligence.
- What to do if your organization falls victim of a ransomware attacks.
- All the steps that can be taken to avoid paying the ransom.
- In case ransom payment is the only option available, how to approach the ransomware actor and initiate the negotiation process.
Ippolito Forni, Threat Intelligence Consultant and Senior Threat Intelligence Analyst.