Nip Ransomware in the FUD: Detecting Attacks Pre-Encryption

Ransomware operators are evolving their tactics, techniques, and procedures (TTPs) to shift their targets and become more difficult to detect. As ransomware operators targeting large organizations have begun to move more strategically, using applications already installed on network systems (“living-off-the-land” techniques), off-the-shelf red team tools, and Windows utilities, their malicious behavior before encrypting files has become more difficult to distinguish from legitimate activity.

Recorded Future's cyber threat analysts researched malicious actors using living-off-the-land techniques, open source resources, and red team tools, with a specific focus on “big game” ransomware operators, to identify opportunities for detecting malicious behavior during the post-compromise, pre-encryption phase. The team looked at actual compromises by ransomware operators, analyzing their techniques, procedures and tool usage to derive detections.

On Demand
1h 00min

In this webinar you'll get:

  • Best practices and methodologies that organizations can use to detect threats
  • Specific examples of actual compromises by ransomware operators
  • Guidance on how to identify opportunities for detecting malicious behavior during the post-compromise, pre-encryption phase

Please note daylight savings on March 14, 2021. This webinar will take place at 10 AM PDT / 1 PM EDT.

Featured Speakers

  • Lindsay Kaye
    Lindsay Kaye
    Director of Operational Outcomes for Insikt Group
    Recorded Future

    Lindsay Kaye is the Director of Operational Outcomes for Insikt Group at Recorded Future. Her primary focus is driving the creation of actionable technical intelligence - providing endpoint, network and other detections that can be used to detect technical threats to organizational systems. Lindsay’s technical specialty and passion is malware analysis and reverse engineering. She received a BS in Engineering with a Concentration in Computing from Olin College of Engineering and an MBA from Babson College.

  • Eric Bruno
    Eric Bruno
    Contributing Editor

    Eric Bruno is a contributing editor to InformationWeek with more than 20 years of experience in the information technology community. He is a highly requested moderator and speaker for a variety of conferences and other events on topics spanning the technology spectrum from the desktop to the data center.

Sponsored By