一次受害永远受害：深入探究网络勒索（Cy-X）生态系统及其参与者的日益绝望.pdf

《一次受害永远受害：深入探究网络勒索（Cy-X）生态系统及其参与者的日益绝望.pdf》由会员分享，可在线阅读，更多相关《一次受害永远受害：深入探究网络勒索（Cy-X）生态系统及其参与者的日益绝望.pdf（15页珍藏版）》请在三个皮匠报告上搜索。

1、Once a victim,always a victimA dive into the ecosystem of Cyber Extortion(Cy-X)and the increasing desperation of itsparticipantsDiana Selck-Paulsson&Simone KrausLead Security ResearcherSenior CSIRT Analyst Orange Cyberdefense Agenda Cyber Extortion(Cy-X)/RansomwareEcosystemRe-victimization of victim

2、sThreat ActorsToolsCy-X brandsOperators RaaS Affiliates Cy-X is a form of computer crime in which the security of a corporate digital asset(Confidentiality,Integrity or Availability)is compromised and exploited in a threat of some form to extort a payment.Cyber Extortion(Cy-X)/Ransomware&how we trac

3、k it Allan Liska https:/ victimsWhat is it that we are seeing?Act=Re-post!Re-compromise?Phenomenon=Re-victimization!Reveal?LockBitBianLian3 daysContiAkira702 daysincransomincransom237 daysNefilimBabuk49 dayscactus869 daysCl0pLockBit207 daysDisspossesor81 dayshunters130 daysRe-victimizationMethodolog

4、y13,308 victimsName normalizationSimilarity matching Manual check on output Data197 unique victims400 victims involved Up to 4 times posted82%by different actors 22505077557143713010203040506070809020202021202220232024Reposted by Different ActorsReposted by the Same ActorLinear(Reposted by Different

5、 Actors)Linear(Reposted by the Same Actor)Question 1:Do we find a clear pattern between brandsClusters Black BastaClusters-AkiraClusters-ContiClusters-Hunters Question 2:Do we see pattern in time delays?3,5 months5,5 months3 yrs 319 days2 yrs 282 daysHypothesesAffiliate crossoversData“hostage”Potentially new cyber attackhttps:/ you!Questions?Want to get in contact?Simone Kraussimonekrausora1Diana Selck-PCybercrime GraphRESOURCES