SecurityHQ – Machine Learning for Ransomware Detection. Cyber Kill Chain Analysis

Whatever is shown in the news whereby large corporations have been compromised, these represent just the tip of the iceberg.

Over the last few months, you would have noticed the prevalence of Ransomware attacks reported in the news. High-profile and often highly advanced ransomware variants, such as Egregor, Maze, REvil/Sodinokibi have been noted in almost every industry around the globe.

This white paper will focus on some of the earlier indications of a breach that can lead to a successful ransomware strike. Including how Artificial Intelligence (AI) and Machine Learning (ML) are used to contextualise, rather than predefine threats.

This paper includes:

  • An analysis of current Threat Landscape Trends with regards to Advanced Persistent Threats (APT’s) on Hacking Spree, Remote Code Execution (RCE’s) and Low-Level Threat Actors.
  • An analysis of current Threat Landscape trends. Including a look into COVID-19 Related Phishing Attacks & Internet Facing Attack Surface.
  • How to detect Ransomware Across the Cyber Kill Chain.
  • An exploration of Initial Access- Publicly Exposed Infrastructure.
  • Analysis of Internal Recon, including Attack and Recon Tools in SMB, RDP Scans, and Model Template Flexibility.