In recent years, ransomware has been, and still is, one of the main cyber threats for organisations of all sizes across the world by causing availability disruption and producing elevated financial costs.

Ransomware groups are structured as modern organisations with departments, specific roles assigned to every operator, and a clear chain of command. The attacks are performed actively by humans and are indeed named human-operated ransomware attacks.

In cybersecurity, we often talk about humans as the weakest link for organisations because, without doing enough awareness activities, all the money spent on technologies and processes has a low impact on the overall security posture. However, we rarely discuss the human factor behind threat actors and how we can leverage it to better protect ICT infrastructures.

The talk will discuss one of the major ransomware gangs, Black Basta, and how the techniques adopted by the threat actors behind the group can be detected and prevented by also exploiting the weakest link of every organisation, including criminal ones… the human factor.

About the speaker

Angelo Violetti

B2B CSIRT Analyst at Swisscom

Angelo Violetti is a cybersecurity professional with over 5 years of experience in digital forensics and incident response. His technical skills primarily focus on ransomware threats, Azure/M365 investigations, and tracking adversary infrastructure. He has spoken at BTV Defcon, SANS Ransomware Summit, Swiss Cyber Storm and contributes to The DFIR Report. Angelo holds certifications like GCFA, CRTO, and others in malware analysis and cloud security.
Read more …