Ransomware: New Attacker TTPs and Recovery Strategies for Security Teams
Title: Ransomware: New Attacker TTPs and Recovery Strategies for Security Teams
Presenters: Greg Blaum, Principal Consultant & Jared Kunkel, Principal Consultant, Mandiant
Date: April 27, 2022
Ransomware attacks are not slowing down, and neither are the evolving techniques used by adversaries who will stop at nothing to achieve their mission of financial gain. With a median dwell time of only five days for ransomware deployment (compared to 36 days for non-ransomware intrusions), security teams must be steadfast in their ransomware detection, response, and remediation preparedness.
M-Trends 2022 provides unique insights into new attacker TTPs used to deploy ransomware rapidly and efficiently with focus on virtualization infrastructures as a prime/growing target of entry. In addition, organizations must do more to plan and execute recovery operations that stand the test of time.
Join two of Mandiant’s frontline principal consultants as they discuss the evolving ransomware landscape and recovery strategies that security teams can put into motion.
Topics of discussion will include:
- Newly observed attacker tools, tactics, and procedures
- Latest recommended mitigation activities
- Common themes that help (and hinder) recovery operations
- Critical components of an effective response
- Considerations for effective recovery actions