Intel 471 to Present at SANS Institute Ransomware Summit 2022 on Access Brokers and Threat Actor Partnerships
Mapping public victims to group activities, analysis draws from deep and broad monitoring of recent ransomware activity, also drawing from wealth of insight in Conti leaks
WILMINGTON, Del. — June 7, 2022 – Intel 471, the premier provider of cybercrime intelligence for leading intelligence, security, and fraud teams, today announced its participation in the SANS Institute’s Ransomware Summit, June 16-17, 2022. Intel 471 intelligence analysts, Samantha Van de Ven, and Beth Allen will provide attendees with extensive insights that will enable a better understanding of the connection between network access offerings and ransomware breaches.
This virtual summit from SANS brings together cybersecurity professionals and leading experts from around the world for a day of in-depth talks and discussions focused on ransomware prevention, detection, response, and recovery.
“Ransomware has reached saturation in terms of the fear and urgency it provokes in the public consciousness, from small businesses and enterprise Boardrooms to Wall Street, and all the way up to the Oval Office.” said, Michael DeBolt, Intel 471 Chief Intelligence Officer. “And while organizations struggle to keep up with the daily deluge of ransomware related news articles and security blogs, taking the time to understand the ransomware ecosystem, become intimately familiar with the bad actors behind these operations, and enumerate the common techniques and tools they employ pays dividends by establishing an effective proactive stance that stop attacks before they happen.”
Using specific examples and intelligence to inform and arm attendees, Intel 471 will present analysis of victims of compromised access, and ransomware operators' victims' blog posts to demonstrate patterns and relationships. These include the average dwell time between the first initial access offering and a subsequent ransomware-as-a-service (RaaS) affiliate program posting the breached entity on their ransomware blog. The content also includes data and analysis – and represents additional resources for attendees – from recent public reports from Intel 471. This includes a series of blogs that detail the specific organizational dynamics of the Conti ransomware group, as well as the potential implications and lessons that the groundbreaking recent leaks provide. The reports include:
- Conti puts the ‘organized’ in organized crime
- a profile of Conti business operations, and one business support division in particular
- Move fast and commit crimes: Conti’s development teams mirror corporate tech - an examination of the Conti development “team” – and subteams – and the other projects they supported
- Conti and Emotet: A constantly destructive duo
- outline of the interdependence between Conti affiliates and Emotet
- Cybercrime loves company: Conti cooperated with other ransomware gangs - maps Conti’s place in the larger ransomware community
- Source code leaks a key cog in malware development life cycle - how the Conti leaks, and malware history, showcase how malicious actors evolve
- What malware to look for if you want to prevent a ransomware attack - the common malware pre-cursors that could provide an early warning of disaster ahead
About Intel 471
Intel 471 empowers enterprises, government agencies, and other organizations to win the cybersecurity war using near-real-time insights into the latest malicious actors, relationships, threat patterns, and imminent attacks relevant to their businesses.
The company’s TITAN platform collects, interprets, structures, and validates human-led, automation-enhanced results. Clients across the globe leverage this threat intelligence with our proprietary framework to map the criminal underground, zero in on key activity, and align their resources and reporting to business requirements. Intel 471 serves as a trusted advisor to security teams, offering ongoing trend analysis and supporting your use of the platform. Learn more at https://intel471.com/.