Critical Infrastructure Protection & Resilience Europe

Martin Lee

Martin Lee

Technical Lead, Security Research

Cisco, Talos

UK

Martin Lee

Martin is technical lead of security research within Talos, Cisco’s threat intelligence and research organisation, and leads the Outreach EMEA team within the group. As a researcher within Talos, he seeks to improve the resilience of the Internet and awareness of curent threats through researching system vulnerabilities and changes in the threat landscape. With 13 years of experience within the security industry, he is CISSP certified, a Chartered Engineer, and holds degrees from the universities of Bristol, Cambridge, Paris and Oxford.

 

Ransomware as an Emerging Threat to CNI

Historically, the cyber security industry has given little consideration to threat actors seeking to disrupt CNI systems for financial gain. The recent spate of attacks against the health care industry in the US using the Samsam ransomware malware has illustrated how devastating the corruption of data can be to critical national industries, and how great the potential profit for criminal gangs.

Criminal gangs are evolving to adapt the techniques previous used by hacking groups to steal high value intellectual property, but applying them to encrypt operational data. In this way, criminals are able to bring operations to a halt and hold entire organisations to ransom. New variants of ransomware and attack techniques have evolved from targeting end-point systems to seeking out servers holding vital data.

In this session I will discuss the ransomware criminal business model, show how the malware used in these attacks has evolved, and present recent case studies as examples of the consequences of successful attacks. Delegates will learn the importance of considering financially motivated cyber criminal attacks against critical national infrastructure, the techniques and motivations of the attackers, and the basic techniques necessary to mitigate and quickly recover from such attacks.