About the session
Session 4b: Emerging Cyber Threats
The increasing complexity, large scale connectivity and interdependency of CIP and CIIP sytems makes indentification of new and emerging threats more urgent than ever.
Historically, the cyber security industry has given little consideration to threat actors seeking to disrupt CNI systems for financial gain. The recent spate of attacks against the health care industry in the US using the Samsam ransomware malware has illustrated how devastating the corruption of data can be to critical national industries, and how great the potential profit for criminal gangs.
Criminal gangs are evolving to adapt the techniques previous used by hacking groups to steal high value intellectual property, but applying them to encrypt operational data. In this way, criminals are able to bring operations to a halt and hold entire organisations to ransom. New variants of ransomware and attack techniques have evolved from targeting end-point systems to seeking out servers holding vital data.
In this session I will discuss the ransomware criminal business model, show how the malware used in these attacks has evolved, and present recent case studies as examples of the consequences of successful attacks. Delegates will learn the importance of considering financially motivated cyber criminal attacks against critical national infrastructure, the techniques and motivations of the attackers, and the basic techniques necessary to mitigate and quickly recover from such attacks.
