Within the tumultuous panorama of cybersecurity, the yr 2023 left an indelible mark with the brazen exploits of the Scattered Spider risk group. Their assaults focused the nerve facilities of main monetary and insurance coverage establishments, culminating in what stands as one of the impactful ransomware assaults in latest reminiscence.
When organizations haven’t any response plan in place for such an assault, it could actually turn out to be overwhelming trying to prioritize the subsequent steps that may have a compounding impression on the risk actor’s potential to retain entry to and management over a compromised community.
Silverfort’s risk analysis staff interacted intently with the id threats utilized by Scattered Spider. and actually, constructed a response playbook in actual time to answer an energetic Scattered Spider assault. This webinar will dissect the real-life situation during which they have been referred to as upon to construct and execute a response plan whereas attackers have been transferring inside a corporation’s hybrid setting.
Hear instantly from the Silverfort staff concerning the challenges they confronted, together with the way to quickly and effectively (and in as automated a way as attainable) meet the next response objectives:
- Put ‘roadblocks’ instantly in place to guard towards further lateral motion from that time ahead
- Pinpoint consumer accounts that have been compromised, with a particular emphasis on service accounts (a popular Scattered Spider goal)
- Eradicate potential malicious presence from the org’s id infrastructure (once more – a good and publicly documented Scattered Spider method)
Moreover, you will achieve insights into the steps taken in response, specializing in three dimensions of lateral motion:
- Person Accounts – We’ll take a look at the wanted insurance policies and monitoring for service accounts, admin customers, and area customers
- Identification Infrastructure – We’ll talk about limiting consumer entry, disabling insecure authentication protocols, and additional harden authentication necessities
- Different Area-Joined Machines – We’ll take a look at limiting inter-machine communication for consumer’s workstations, quickly blocking insecure authentication protocols
See you there!
