Kevin Flanagan

Title: Ransomware 2021 – Anatomy of a DoppelPaymer Attack

Abstract: 2020 was challenging enough as it was, but the number of ransomware attacks continues to grow and exacerbate one of the most difficult years. 2021 is no different as entire companies have been brought to a halt and forced to pay ransoms costing millions of dollars.

This session will use a specific DoppelPaymer attack on a global manufacturing organization as a case study on the latest techniques adversaries are using to deliver ransomware and compromise vulnerable organizations. This attack, managed by the Crypsis Group occurred in January of 2021. It will map the tactics and techniques to the MITRE ATT&CK framework to demonstrate a practical implementation for mapping incidents. Finally, this discussion will cover best practices for reducing the risk associated with ransomware or other attacks.

This session will cover:
Ransomware trends from the Crypsis 2020 Incident Response and Data Breach Report
Anatomy of a DoppelPaymer attack
Mapping to MITRE ATT&CK
Best Practices for Ransomware Risk Mitigation

Bio: Kevin Flanagan, CISSP, CISA, is the Director of Systems Engineering for the US Central Region at Palo Alto Networks. Kevin has more than 25 years of security experience in leading the development of teams, building security programs, and designing security architectures. At Palo Alto Networks, Kevin and his team are responsible for helping organizations protect themselves against successful cyber attacks across the cloud, network, and endpoint. Prior to Palo Alto Networks Kevin has served in other consulting leadership roles at large security solutions providers, including RSA Security where he was responsible for customer outreach and subsequent education campaign in the wake of the 2011 RSA breach.