Skip to content

Black Hat and Defcon didn’t do much with ransomware – and that’s OK

Posted by: GuidePoint Security

2 min read

August 9, 2021 – Article posted on SC Media

For most enterprise cybersecurity pros, the major plotline of 2021 has been ransomware. There was Colonial Pipeline, JBS, and Kesaya, creating headlines spanning the gamut of sectors, business sizes, and infrastructural importance. 

Yet at Black Hat, one of the premiere cybersecurity conferences of the year, there were zero talks with ransomware in the title. There were a total of two main-stage talks about ransomware at Defcon — the second of the two major cybersecurity conferences this week, both in Las Vegas — including a well-stocked panel about potential policy solutions. But for a year dominated by ransomware concerns, the major events were not. 

“It would have been surprising to me, until I was asked about it for the last six months. ‘Victor, talk to me about your normal pentest methodology. Now talk to me how it would be different if we wanted a specific focus on ransomware,’” said Victor Wieczorek, vice president of application security and threat and attack simulation at GuidePoint Security. “I tried really hard to figure out what the differences are, and there’s nothing,  there’s literally nothing different about what you do.”

His point, reiterated by others, is that ransomware brings nothing terribly unique except, in the end, victims may be coerced into paying ransoms. These are crimes of opportunity more than ingenuity. The ransomware operator might get into a network through phishing or a common vulnerability, They might encrypt files, but only by using common encryption techniques. They might launch a DDoS attack, but only using standard methods. They might exfiltrate files, but they leave the same markers as anyone who came to steal the files for any reason at all. 

In other words, if you can solve phishing, or identify a new vulnerability, or break common encryption, you have done something that solves far more problems than just ransomware. The damage ransomware can cause is unique, but the back-to-basics technical approach to fighting it could not be more mundane. 

“These are the fundamentals you have to do for security,” Wieczorek said.

Read More HERE.

Categories: Cybersecurity News

GuidePoint Security

GRIT 2025 Q1 Ransomware & Cyber Threat Report
Trends and threats from the past year, with insights to protect your organization.
Download Now

Related Articles

View All

  • Blog
Navigating Incident Response Documentation
Posted by: Robert Bell
Read More 3 min read
  • GRIT® Blog
Interlock Intrusion: How Interlock Achieves Encryption
Posted by: Jean-Pierre Mouton
Read More 9 min read
  • Blog
The Power of Women in Cybersecurity: Mentorship, Community, and Rising Together
Posted by: Brittany Huffman
Read More 3 min read