Overview
Explore the evolution of ransomware attacks targeting critical infrastructure in this 29-minute RSA Conference talk by Israel Barak, CISO of Cybereason. Analyze the new Tactics, Techniques, and Procedures (TTPs) employed by cybercriminals as they shift from simple file encryption to sophisticated multistage attacks with hacking operation capabilities. Delve into a case study of an electric transmission substation honeypot, examining the incident timeline, persistence methods, network discovery techniques, and credential theft strategies. Gain valuable insights to better protect critical infrastructure networks from these advanced threats.
Syllabus
Intro
The Honeypot Research Goals
Single Stage Ransomware
Multi-Stage Ransomware
An Electric Transmission Substation Honeypot
Incident Timeline at a Glance
Persistence
Network Discovery
Credential Theft
Taught by
RSA Conference