I Don’t Think We’re in Western Country Anymore: Ransomware TTPs by the Asia Pacific | SLEUTHCON 2024

May 24, Sleuthcon 2024 in Arlington, VA
Presented by Jono Davis

Ransomware is rapidly evolving throughout the world, especially within the Asia-Pacific region, creating unique TTPs that differ from those seen in the West. Join Jono Davis, senior analyst from PwC’s Threat Intelligence Team, as he provides critical information that highlight this region’s tactics by walking us through three major case studies. Stay tuned to learn how companies can best protect themselves from these attacks, and what practices provide a deeper understanding of these actors and their unusual TTPs.

Key Highlights:
Asia-Pacific vs. Western Ransomware: Discover key differences in ransomware operations
Case Study 1 – White Vellus: Learn more about the Eastern European threat actor who successfully breached an Asian organization by leveraging cracked software.
Case Study 2 – LockBit Builder’s Misuse: Examine a unique incident of an Asian-Pacific based actor misusing LockBit ransomware builder who did not follow the group’s usual TTPs.
Case Study 3 – Black Turtle: Understand the targeting of Veeam servers by these actors, and how their tactic of prioritizing these first provides a unique characterization for actors in this region.

Timestamps:
00:03 Introduction/about
01:48 White Veles
04:22 How common is ransomware in Asia?
04:48 Overview of case studies
05:11 Case study 1 – White Veles
09:33 Case study 2 – Black Turtle
13:22 Case study 3 – White Dev 173
15:18 Reconnaissance and initial access
24:15 Closing/thanks

[ad_2]

source