Ransomware Industry

CRTH05 Strengthening Cyber Defense: Unveiling Ransomware Attackers' Tactics and Tools

11/21/2024

1:00pm - 2:15pm

Level: Intermediate

Bi Yue Xu

Principal Security Cloud Solution Architect

Microsoft

Ransomware attacks continue to pose significant threats to organizations worldwide. Understanding the tactics employed by threat actors is crucial for enhancing cybersecurity defenses. In this presentation, we will delve into some of the common Tactics, Techniques, and Procedures (TTPs) used in ransomware attacks. Additionally, we will examine methods for detecting and preventing them.

You will learn:

  • Tools like Mimikatz and LaZagne utilized for credential theft.
  • Cobalt Strike, a legitimate penetration testing tool that is increasingly repurposed for ransomware attacks.
  • The growing utilization of legitimate tools, including Group Policy modification, PsExec execution, and discreet remote access tools like TeamViewer or RDP.