Initial Access Brokers and the Ransomware Groups that Love Them |
Abstract
There have been several factors that have contributed to the stunning growth of ransomware attacks over the last few years and one of the biggest factors has been the growth of ransomware economy, including initial access brokers (IABs). IABs gain access to networks and turn that access to ransomware groups, either working for specific ransomware groups or on the open market. This talk will look at the IAB market, the types of IABs preferred by the most prolific ransomware groups, how the disruption of the Genesis market affected IABs, and how defenders can detect these early access methods to prevent a ransomware attack. Speaker Bio: With more than 20 years of experience in ransomware and information security, Allan Liska has improved countless organizations’ security posture using more effective intelligence. Liska provides ransomware-related counsel and key recommendations to major global corporations and government agencies, sitting on national ransomware task forces and speaking at global conferences. Liska has worked as both a security practitioner and an ethical hacker at Symantec, iSIGHT Partners, FireEye, and Recorded Future. Regularly cited in The Washington Post, Bloomberg, The New York Times, and NBC News, he is a leading voice in ransomware and intelligence security. Liska has authored numerous books including “The Practice of Network Security;” Building an Intelligence-Led Security Program;” “Securing NTP: A Quickstart Guide;” “Ransomware: Defending Against Digital Extortion;” “DNS Security: Defending the Domain Name System;” and “Ransomware: Understand.Prevent.Recover.” |