Ransomware is big business, with total recorded payments exceeding $1 billion in 2023, an 18% year-on-year growth. The barrier to entry has never been lower, with Ransomware as a Service (RaaS) removing the need for deep technical expertise and opening the door to opportunistic criminals with business nous and temerity to conduct such activity. Small to medium-sized businesses, as well as large enterprises, are equally vulnerable to these attacks, which often begin with simple phishing emails or exploit kits.

In this talk, we will step through a ransomware attack, following commonly used tactics from prevalent groups such as REvil, Ryuk, and Sodinokibi. For each step of the attack, options for mitigating risk or reducing the likelihood of success will be given, including strategies for improving email security, network segmentation, and incident response.

By attending this session, you will:

+ Understand the anatomy of a ransomware attack, including the tactics and techniques used by prevalent groups
+ Learn how to identify and mitigate the risks associated with ransomware attacks, including phishing, exploit kits, and lateral movement