Ransomware Network Behavior and Defense

Thursday, September 19, 2019

11:00 AM - 12:00 PM PDT

60 minutes, including Q&A

Ransomware Response Checklist, by LMG Security
Ransomware FAQ, by Sherri Davidoff
Cloud-Native Network Detection & Response, by ExtraHop

Ransomware has evolved. The advance of targeted attack tools like Ryuk, Dharma and BitPaymer have paved the way for massive demands of six-figures or more. Often, criminals lurk inside corporate networks for weeks or months, analyzing financial data in order to set the ransom price. Modern ransomware strains such as Sodinokobi have exploit kits built in, enabling them to automatically spread laterally throughout a network prior to detonation.

Advanced features include key differentiation and new tactics designed to evade your monitoring systems. Driven by the success of GandCrab and similar strains, ransomware-as-a-service is booming, with a flood of new products competing on the dark web. Other new ransomware strains have been rushed to market, resulting in sloppy coding that can accidentally render your data unrecoverable no matter what you pay.

We'll show you the latest ransomware in action, with videos and screenshots from actual cases, and discuss strategies for monitoring and detecting ransomware, including mistakes to avoid and tactics for thwarting the stealthiest new threats.

Brought to you by:


Guest Presenters:

Sherri Davidoff

Sherri Davidoff is a cybersecurity expert, author, speaker and CEO of both LMG Security and BrightWise, Inc. As a recognized expert in digital forensics and cybersecurity, she has conducted cybersecurity training for many distinguished organizations, including the Department of Defense, the American Bar Association, FFIEC/FDIC, and many more.

Matt Durrin

Matt Durrin is a Cybersecurity consultant and trainer for LMG Security. Matt is an instructor at the international Black Hat USA conference, where he teaches "Data Breaches." A seasoned forensics professional, Matt specializes in incident response, ransomware cases, cryptojacking, and banking trojans.

Sponsor Presenter:

Vince Stross

Vince Stross, Principal Security SE at ExtraHop, has over 20 years experience in security, IT operations, cloud/hybrid full-stack development, management, and gardening. Vince helps his customers shine a light on their threat landscape.

Sustaining Partners