Ransomware today: tactics, techniques & procedures

Recently INTERPOL issued a warning about the increase of ransomware threat in the time of the pandemic. According to them, there is a significant increase in the number of attempted ransomware attacks against key organizations and infrastructure engaged in the virus response.

In fact, ransomware has been recognized as one of the most significant threats for businesses for a few years now, but not many actually know how profoundly it has developed over the past few years. As massive b2c ransomware campaigns ceased to be attractive, cyber criminals turned to those, who actually pay up – organizations.

In this webinar, Ivan Kwiatkowski, senior security researcher at Kaspersky’s Global Research and Analysis Team (GReAT) will explain how:

•the ransomware and cybercrime ecosystem is now structured
•the infection process in organizations takes place
•to secure your data and avoid falling victim to ransomware

In this webinar, our global presales experts will take you through the different phases of an incident handling process related to a ransomware attack. The journey will show how endpoint detection and response (EDR) can empower security teams against evasive threats, in a complex environment with on-premise and cloud workloads.

This event will cover:
- Recent cyberattack trends
- Why evasive threats are so dangerous
- The limits of endpoint protection
- A demonstration of how Kaspersky Hybrid Cloud Security and Kaspersky Endpoint Detection, and Response Optimum defend against ransomware

In the past couple of years, ransomware has become a plague, with targeted ransomware attacks continuously prominent on the media’s front pages. Being effective and highly profitable, ransomware attacks on organizations are multiplying day by day. We witness ransomware operators becoming more creative with their extortion methods, building their ‘names’ and sometimes even resorting to the doxing and extortion of users whose data has been stolen, in a pursuit to force companies to pay up.

In essence, ransomware is a business, albeit illegal, and the processes behind it resemble the ones behind other businesses. To understand it, we must ask: how do ransomware operators work? What are the processes behind the attacks? Who are the people that carry them out and how do they select their targets?

In this webinar, Ivan Kwiatkowski and Dmitry Galov, security researchers at Kaspersky’s Global Research and Analysis Team, will answer these questions and many more, while explaining the inner workings of the ransomware ecosystem.

In this webcast you will learn:
• What does the ransomware market look like on the darknet?
• What kind of roles exist in this ecosystem?
• How do ransomware operators select their victims?
• What new ransomware gangs should organizations be wary of?
• How can you protect against ransomware?

Kaspersky researchers have been monitoring the activity of APT actors, cybercriminals and hacktivists currently involved in the conflict in Ukraine. During this webinar, the Global Research and Analysis Team (GReAT) will share their findings on the most recent cyberattacks targeting Ukraine and present their observations, analysis and top findings.

In this webinar, attendees will learn:
- The types of attacks that have been targeting Ukraine for the past few months
- The results of analysis on destructive attacks and malware (HermeticWiper, etc...)
- How organizations can defend themselves against cyberattacks
GReAT, Kaspersky’s Global Research and Analysis Team, consists of 40 researchers based around the world that work on uncovering APTs, cyberespionage campaigns, major malware, ransomware and underground cybercriminal trends across the world. The webinar will be led by:
- Costin Raiu, Director of GReAT
- Marco Preuss, Head of GReAT Europe
- Kurt Baumgartner, Principal Researcher, GReAT, North America
- Dan Demeter, Senior Security Researcher, GReAT Europe
- Ivan Kwiatkowski, senior security researcher, GReAT Europe

The webinar will be followed by a Q&A session for attendees to ask questions to the speakers.

Ransomware attacks have become almost inescapable as new incidents are reported daily. Ransomware gangs continue to target all kinds of organizations: including hospitals, gas pipelines, and service providers, thus directly impacting our lives.

Ransomware operators continuously update their techniques and toolsets following the latest technical and social changes. To understand how to protect from this threat, organizations need to be one step further - aware of the latest tactics, techniques, and extortion methods ransomware groups use and prepared to respond to them.

Due to a technical problem, this webinar was rescheduled from May 16 to May 25. To discover more about the latest trends in the ransomware market, please join Dmitry Galov, a senior security researcher at Kaspersky's Global Research and Analysis Team.

In this webcast you will learn about:

- New notable ransomware groups that appeared in 2022
- Updated techniques ransomware operators use in 2022
- What kind of targets ransomware gangs are after
- How to protect your systems from a ransomware attack

In a very short period of time, ransomware has transformed into a fully-fledged industry for cybercriminals with a myriad of actors involved. Today it represents one of the most dangerous threats to information.

Kaspersky experts have analyzed the tactics, techniques, and procedures (TTPs) that major ransomware gangs have under their belt – and are ready to share this knowledge.

Kaspersky has been observing ransomware activity for a long time, discovering many similarities in the tactics, techniques, and procedures used by various groups during attacks. Kaspersky’s investigations have resulted in a monumental study on the TTPs of modern ransomware: in accordance with the MITRE ATT&CK methodology, it allows for quick and accurate attribution of detected events.

This webcast will include:
• A general overview of the modern ransomware landscape
• The most common trends in ransomware today
• A comparative analysis of ransomware groups
• Q&A

The webinar will be conducted by Kaspersky experts who were in charge of the investigation: Vladimir Kuskov, Dmitry Galov, Nikita Nazarov, Fedor Sinitsyn, Global Reseach and Analysis Team.