Ransomware never really left

Erik Heskes

Playlists: 'hackerhotel2024' videos starting here / audio

Ransomware is still a serious threat to a lot of people and organisations and nowadays using more and more advanced techniques. And now also with new open AI technology, criminals are able to organise a sophisticated attack in minutes to target you and steal your data.

This talk will tell us what Ransomware actually is, who’s writing the code and making money out of it, it shows us a bit of the Ransomware history and what types are out there, to better understand what we’re dealing with. And explain all of the ransomware attack stages and what you can do in terms of detection and defence inside your security operations.

For the security analysts out there this talk will be beneficial when looking for traces Ransomware attacks are leaving behind. Including a demonstration of a Ransomware scenario making use of open AI technology in a sandboxed environment and show all of the attack stages to learn and recognise the IOCs in a Red and blue teaming scenario.

This ain’t everything. I’ll show what kind of information ransomware groups are sharing and what happened when a random organization was hit by a ransomware attack and their sensitive information was published on the dark web..

Life has been good until that day a phishing mail arrived. Out of curiosity you clicked the link in the email and after that the desktop background on your screen changes with the message to immediately transfer an amount of bitcoins to retrieve your files.