--[ AvengerCon VI Panel - Ransomware Cyber Kill Chain


Ransomware has evolved into one of the most severe cybersecurity threats worldwide and places companies, governments, national critical infrastructure, and the general public at risk.

It’s clear that addressing ransomware will require an innovative and collaborative approach, and that businesses, governments, and information security professionals will have a part to play.

But what approaches should be considered? What weaknesses or single points of failure exist in the ransomware ecosystem? How might we expect ransomware actors to respond to actions taken against them? And how might US adversaries take advantage of the situation?

In this 60 minute discussion, four panelists and a moderator will explore the evolution of the ransomware threat, the current and emerging TTPs used by ransomware actors, explore notable strengths and vulnerabilities of these threat actors and their supporting ecosystems (optionally using a framework such as MITRE's ATT&CK or the Lockheed Martin Cyber Kill Chain® as a guide), identify opportunities for effective government or private sector actions to prevent or respond to ransomware attacks, anticipate how threat actors could shift their TTPs or business model to protect their bottom line, discuss the ransomware threat to ICS and OT networks, and consider how nation-state adversaries might leverage the ransomware threat for their own benefit.

Sean Gallagher (Sophos)

Sean Gallagher is a Senior Threat Researcher at Sophos.

Previously, Gallagher was IT and National Security Editor at Ars Technica, where he focused on information security and digital privacy issues, cybercrime, cyber espionage and cyber warfare. He has been a security researcher, technology journalist and information technology practitioner for over 20 years.

Azim Khodjibaev (Cisco Talos)

Azim Khodjibaev is a senior threat intelligence specialist for Cisco Talos. He is a part of the Threat Intelligence and Interdiction team, focusing on cybercrime on the darkweb, intelligence collection, and providing cultural/linguistic analysis. He is a native Russian speaker with an in-depth understanding of Russian-American relations. Before Talos, Azim served as an intelligence analyst for a Department of Homeland Security counter-IED program and worked briefly for the Office of the Secretary of Defense.

You can find more from Azim @AShukuhi on Twitter!

Lesley Carhart (Dragos)

Lesley Carhart is a Principal Industrial Incident Responder at the industrial cybersecurity company Dragos, Inc. She has spent more than a decade of her 20+ year IT career specializing in information security, with a heavy focus on response to nation-state adversary attacks. She is recognized as a subject matter expert in the field of cybersecurity incident response and digital forensics.

Prior to joining Dragos, she was the incident response team lead at Motorola Solutions. Her focus at Dragos is developing forensics and incident response tools and processes for uncharted areas of industrial systems. She is also a certified instructor and curriculum developer for the Dragos "Assessing, Hunting, and Monitoring Industrial Control System Networks" course.

She has received recognition such as DEF CON Hacker of the Year, a "Top Woman in Cybersecurity" from CyberScoop, and "Power Player" from SC Magazine.

In her free time, Lesley co-organizes resume and interview clinics at several cybersecurity conferences, blogs and tweets prolifically about infosec, has served for 20 years in the USAF Reserves, and is a youth martial arts instructor.

Dmitry Smilyanets (Recorded Future)

Mission-driven and Russian-speaking intelligence analyst with type A personality. Dmitry has twenty years of experience and expertise in cybercrime activity.

Moderator - 1LT Lexie Johnson (780th MI BDE)

1LT Lexie Johnson is a Cyber Officer in the United States Army. She graduated from the United States Military Academy in 2018 with dual BSc degrees in International Relations and Russian Language. As a scholarship recipient of the Anna Sobol Levy Fellowship, Lexie went on to earn a M.A. in Homeland Security and Counter-Terrorism with a focus in Cyber-Terrorism from the Raphael Recanti International School in Herzliya, Israel. After her time in Israel, Lexie completed the Cyber Basic Officer Leadership Course at Ft. Gordon, GA in 2020 and received an assignment to 1st Information Operations Command at Ft. Belvoir, VA, where she served as a company-level Executive Officer. In June 2021, Lexie received an assignment to 780th Military Intelligence Brigade at Ft. Meade, MD where she serves as a member of the Cyber National Mission Force under United States Cyber Command today.