Ransomware Incident Investigation - by Dr. Zetta Ke
Вставка
- Опубліковано 23 жов 2023
- Speaker
Dr. Zetta Ke
Assistant Professor, Singapore Management University (SMU)
Abstract
Ransomware has been an impacting threat against organisations for a decade; the incidents affect critical infrastructure globally. According to The 2022 Unit 42 Ransomware Threat Report, the average ransom demand in instances handled by incident responders increased by 144% to $2.2 million in 2021, while the average payment increased by 78 percent to $541,010. Professional and legal services, construction, wholesale and retail, healthcare, and manufacturing were the most affected industries. Researchers attempt to figure out methodologies to detect ransomware. However, there is no single methodology that can solve the puzzle. It would be an influential agenda for enterprises to prepare, respond and investigate ransomware attacks.
Our team has handled several ransomware incidents and highlighted important artefacts during our incident response and investigations. The type of ransomware incident is RaaS (Ransomware-as-a-Service). The attacker gathered information on the victim's architecture, found the loopholes, gained access to the victim’s vulnerable servers, executed the ransomware, and locked the files.
We investigated the incident, negotiated with the threat actor, paid the ransom, received the decryptor, and unlocked the files.
We will walk through our front-line incident response to ransomware attacks in this presentation and demonstration session. Moreover, we will demonstrate how to trace the cryptocurrency money flow with Open Source Threat Intelligence tools. Furthermore, we will publish the ransomware incident handling playbook to the audience for takeaway purposes.
The audience can refer to our presentation for ransomware incident response and carry out further investigations regarding our real-world investigation case study.
Learn more about SINCON www.infosec-city.com/
Instagram / infosec_city
Facebook / infoseccity - Наука та технологія
