This talk starts out simple enough–the CISO has contacted you, the incident responder. There’s a ransom note, they’re yanking and rebooting machines, mass panic, now what?
Walk through a full ransomware scenario, stopping along the way to vote on crucial turning points as an audience. What flavor of malware will you find? Will there be more than one threat actor? APT or script kiddie? Oh no, is that Joe from accounting’s nudes?
This talk is based on multiple REAL ransomware cases, they’ve just been obfuscated to protect the innocent. Come for the memes, catharsis, and bizarre stories that can result–you choose!