Dissecting a Ransomware Operation: From Propagation to extortion

September 27, 2024 (GMT +8)
15:00
Ballroom 1 & 2
     

In this talk ,i will delve into the intricate processes behind ransomware attacks, breaking them down into two primary phases: propagation and extortion. Initially, I will explore how ransomware spreads through various vectors such as phishing emails, malicious attachments, and system vulnerabilities. I will highlight how these attacks infiltrate and encrypt data within the targeted systems, often spreading to connected devices to maximize damage, all while remaining undetected by using advanced evasion techniques.

In the second part, I will examine the extortion tactics used by cybercriminals. After successfully encrypting the data, victims are presented with a ransom note demanding payment, usually in cryptocurrency, to restore access to their files. I will discuss the psychological manipulation involved, including threats to increase the ransom or expose sensitive information if demands are not met promptly. This segment will underscore the blend of technical sophistication and psychological strategies that make ransomware operations highly effective and lucrative for attackers, while also posing significant challenges for detection and prevention.

Speaker

Doan Minh Long Long Doan Minh – Threat Analyst with 5 years of experience in cyber security, especially in reverse engineering, malware analysis, tracking and analyze 50+ threat actor (APT, Ransomware) targeting the Southeast Asia Region, handled 30+ incidents in big enterprises, government organizations in Vietnam

« Back