Join Our Mailing List Here

INsecurity Conference 2018 Schedule Builder

View, browse and sort the list of sessions by pass type, track, and format. Sessions do fill up and seating is first come, first serve, so arrive early to sessions that you would like to attend. Check back as we add more sessions soon.

Tracking Ransomware - Using Behavior to Find New Threats

Jessica Bair (Sr. Manager, Cisco Systems, Inc.)

Date: Wednesday, October 24

Time: 10:00am - 11:00am

Session Type: Track Session

Track: Operations and Practices

Vault Recording: TBD

Audience Level: All

This hands-on lab (bring your own laptop) will be an interactive session on the latest ransomware trends, as well as how to defend your enterprise against this threat. Attendees will understand how ransomware operates, what are the attack vectors and what are the commonalities between variants. They will learn the skills to find and track new ransomware with dynamic analysis of behavior, and what is the sophistication of the perpetrators.

This session will explore traits of highly effective strains of self-propagating malware, as well as advances in tools to facilitate lateral movement. Ransomware as we know it today has a sort of "spray and pray" mentality; they hit as many individual targets as they can as quickly as possible. Typically, payloads are delivered via exploit kits or mass phishing campaigns. With few notable exceptions, data loss was mostly a side effect of malware campaigns. Most actors were concerned with sustained access to data or the resources a system provided to meet their objectives. Ransomware is a change to this paradigm from subversion of systems to outright extortion; actors are denying access to data and demanding money to restore access to that data.