SLIDE 1
1
2
DARIUS.WOOD@BEAZLEY.COM AHART@CRAI.COM BRADKE@POLSINELLI.COM
1 DARIUS . WOOD @ BEAZLEY . COM AHART @ CRAI . COM BRADKE @ - - PowerPoint PPT Presentation
1 DARIUS . WOOD @ BEAZLEY . COM AHART @ CRAI . COM BRADKE @ - - PowerPoint PPT Presentation
1 DARIUS . WOOD @ BEAZLEY . COM AHART @ CRAI . COM BRADKE @ POLSINELLI . COM 2 B USINESS E MAIL C OMPROMISES (BEC) T RENDS P ROTECTION L EGAL I MPLICATIONS R ANSOMWARE A TTACKS T RENDS R ECOVERY P ROTECTION L EGAL I
SLIDE 2
SLIDE 3
BUSINESS EMAIL COMPROMISES (BEC)
- TRENDS
- PROTECTION
- LEGAL IMPLICATIONS
RANSOMWARE ATTACKS
- TRENDS
- RECOVERY
- PROTECTION
- LEGAL IMPLICATIONS
3
SLIDE 4
4
SLIDE 5
5
Phishing / Spam Emails Email Spoofing and Impersonation Unauthorized Inbox Rules / Forwarding Malware Malicious Macros / PDFs Contact Harvesting PCI PHI PII Passwords Stored in Email Other Platforms Exposed Compromised VPN Credentials Wire / Bank Fraud Direct Deposit / Payroll Fraud Tax Return Fraud Theft of Intellectual Property
SLIDE 6
Compromise Credentials and Access Account Search Account (Searches for “invoice”, “wire”, “payment”, “direct deposit”, etc.) Search for Admin Privileges to Exploit Add Rules/Forwarding Impersonate Users/ Redirect Wire Transfers Send Phishing Messages to Internal/External Contacts
6
SLIDE 7
- 7
SLIDE 8
- 8
- 8
SLIDE 9
- 9
SLIDE 10
10
SLIDE 11
Phishing Emails/ Phishing Links Compromised Websites Attachments with Malicious Macros Compromised MSP Tools RDP Compromises Cloud Providers Targeted
11
SLIDE 12
- RYUK:
FREQUENTLY TIED TO TRICKBOT
- SODINOKIBI:
FREQUENTLY USED IN
MSP ATTACKS
12
SLIDE 13
Recover from Backups Rebuild Without Data Purchase Decryption Tool & Rebuild
13
SLIDE 14
14
SLIDE 15
- 15
SLIDE 16
- 16
SLIDE 17
17