Date: September 26, 2025 (GMT +8)

Time: 13:00

The ransomware threat continues to evolve, prompting an urgent need to reassess our defensive paradigms and adopt more resilient measures. As law enforcement intensifies its scrutiny of major ransomware syndicates, a new cadre of agile adversaries is emerging. Exploiting readily available resources—leaked code, builder kits, and open-source tools—they minimize operational costs while maximizing disruption, often vanishing swiftly after short campaigns or deftly recalibrating their tactics to evade detection.

This session will examine the shifting ransomware landscape, spotlighting the decline of once-dominant collectives and the meteoric rise of elusive newcomers. We will detail their sophisticated toolsets and methodologies, mapping them to the MITRE ATT&CK framework to illuminate the entire attack chain—from initial penetration to data exfiltration and encryption.

By exploring these shifting dynamics, this session will help attendees better understand the ransomware ecosystem’s ongoing transformation and its implications for defenders and security practitioners alike.

Speaker

Hyuna Lee
Hyuna Lee analyzes cybercrime at SK Shieldus’s Ransomware Response Center, where she meticulously investigates and tracks cyber threats. Her expertise spans not only researching ransomware but also exploring the complexities of the deep web and dark web. Driven by her passion for cybersecurity, she finds great satisfaction in identifying emerging threats and contributing to the safety of her community. She also regularly participates in Capture The Flag (CTF) competitions to hone her analytical skills and deepen her expertise in the field.

« Back