Mandiant, which is now owned by Google Cloud, is one of the top-tier incident response and forensics firms. It has visibility into some of the most prominent intrusions, data breaches and ransomware attacks. In this edition of Studio 471, Mandiant CTO Charles Carmakal says half of all ransomware or extortion victims are paying ransoms. Sometimes that is to prevent the release of sensitive data, while others pay to speed up recovery – even if the organizations have backups. Carmakal says the Scattered Spider threat group is posing risks to organizations through its persistence and honed social engineering skills. But it’s not all gloom, and Carmakal says that organizations can discover their weaknesses by emulating real-world adversaries in attack simulations.
Participants:
Charles Carmakal, CTO, Mandiant, Google Cloud
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471