1
play

1 DARIUS . WOOD @ BEAZLEY . COM AHART @ CRAI . COM BRADKE @ - PowerPoint PPT Presentation

1 DARIUS . WOOD @ BEAZLEY . COM AHART @ CRAI . COM BRADKE @ POLSINELLI . COM 2 B USINESS E MAIL C OMPROMISES (BEC) T RENDS P ROTECTION L EGAL I MPLICATIONS R ANSOMWARE A TTACKS T RENDS R ECOVERY P ROTECTION L EGAL I


  1. 1

  2. DARIUS . WOOD @ BEAZLEY . COM AHART @ CRAI . COM BRADKE @ POLSINELLI . COM 2

  3. B USINESS E MAIL C OMPROMISES (BEC) • T RENDS • P ROTECTION • L EGAL I MPLICATIONS R ANSOMWARE A TTACKS • T RENDS • R ECOVERY • P ROTECTION • L EGAL I MPLICATIONS 3

  4. 4

  5. Email Spoofing Unauthorized Phishing / and Inbox Rules / Malware Spam Emails Impersonation Forwarding Malicious Contact PCI PHI Macros / PDFs Harvesting Other Compromised Passwords PII Platforms VPN Stored in Email Exposed Credentials Theft of Wire / Bank Direct Deposit Tax Return Intellectual Fraud / Payroll Fraud Fraud Property 5

  6. Compromise Credentials and Access Account Search Account (Searches for “invoice”, “wire”, “payment”, “direct deposit”, etc.) Search for Admin Privileges to Exploit Add Rules/Forwarding Impersonate Users/ Redirect Wire Transfers Send Phishing Messages to Internal/External Contacts 6

  7. • • • • • 7

  8. • • • • • • • • • • • • • • • 8 8

  9. • • • • • • • • • • 9

  10. 10

  11. Phishing Emails/ Phishing Links Compromised Websites Attachments with Malicious Macros Compromised MSP Tools RDP Compromises Cloud Providers Targeted 11

  12. • R YUK : • S ODINOKIBI : FREQUENTLY TIED FREQUENTLY USED IN TO T RICKBOT MSP ATTACKS 12

  13. Purchase Recover Rebuild Decryption from Without Tool & Backups Data Rebuild 13

  14. 14

  15. • • • • • • • • 15

  16. • • • • • • • • 16

  17. 17

Recommend