Ransomware and Observations from Recent IR Investigations
about 5 days ago.
Updated about 5 days ago.
Ransomware continues to be one of the most significant cyber security issues affecting organizations today. The attack is very effective and can be carried out relatively cheaply, making for larger net profits. With no end in sight to this nasty threat, Luke McNamara, our host and Principal Analyst for FireEye, spoke with someone who has a front-row seat into how organizations think about ransomware and other similar threats. For that we turned to Charles Carmakal, our SVP & CTO for Mandiant, and one of our leading incident response experts.
On this episode of our Eye on Security podcast, Charles and Luke explore the rise and evolution of ransomware—from the early days of threat actors automating ransomware infections without knowing who their victim was, to the more recent trend of breaking into organizations with known vulnerabilities, taking critical data, deploying encryptors and asking for much more money.
They then turn their discussion to the C-suite. Charles shares perspectives from the board when it comes to cyber threats, noting that while leadership is much more aware of cyber security and risk management than they were in the past, many still won’t understand the gravity of the situation until it’s happening to them.
Closing out the conversation, Charles shares customer stories involving nation-state intrusions, the use of public offensive security tools by nation-states, and the struggles organizations have had securing their now remote workforces.