))
ZScaler’s Brett Stone-Gross on the Tactics of the Dark Angels Ransomware Group (Black Hat Edition)
Manage episode 436577356 series 3505153
Контент предоставлен Team Cymru. Весь контент подкастов, включая эпизоды, графику и описания подкастов, загружается и предоставляется непосредственно компанией Team Cymru или ее партнером по платформе подкастов. Если вы считаете, что кто-то использует вашу работу, защищенную авторским правом, без вашего разрешения, вы можете выполнить процедуру, описанную здесь https://ru.player.fm/legal.
In our latest special episode of the Future of Threat Intelligence podcast, Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, joins us at the Black Hat conference. He shares their uncovering of the largest ransomware payment in history — $75 million — made by a Fortune 50 company to the Dark Angels group.
Brett explains the group's unique approach, which involves stealing vast amounts of data without encrypting files, and their preference for low-volume, high-impact attacks to evade media scrutiny. He also highlights essential cybersecurity measures, such as implementing two-factor authentication and adopting a zero-trust architecture to protect against such threats.
Topics discussed:
- How the Dark Angels group executed the largest ransomware payment in history, totaling $75 million.
- How, unlike typical ransomware attacks, the group stole data without encrypting files, exfiltrating approximately 100 terabytes of sensitive information.
- How their operational model is low-volume, focusing on individual companies to avoid media attention and maintain a low profile.
- The importance of basic IT hygiene practices, such as two-factor authentication, which are crucial for preventing significant data breaches and ransomware attacks.
- How implementing a zero-trust architecture can help organizations limit lateral movement and enhance overall cybersecurity defenses against threats.
Key Takeaways:
- Implement two-factor authentication to enhance security and reduce the risk of unauthorized access to sensitive corporate data.
- Monitor network traffic for anomalous behavior, especially large data transfers, to quickly identify potential data exfiltration attempts.
- Adopt a zero-trust architecture to limit lateral movement within your network and ensure users only access necessary resources.
- Limit user privileges, ensuring that users have only the access necessary for their roles.
- Stay informed about emerging ransomware trends and tactics to proactively adjust your cybersecurity strategies and defenses.
If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0
71 эпизодов
Поделиться
