Brenton Morris
Brenton leads Incident Response engagements on a daily basis. From cloud sophisticated attackers to ransomware events. Brenton has a unique set of combined security research and DevOps experience allowing him to resolve many cyber-attacks while fully understanding the impact on production systems.
Session
This is our stage, set in early 2023, a nation state is prepping a campaign against several organizations - using similar TTPs.
Join us on an exhilarating journey through a massive incident response (IR) in an incredibly intricate setting. Picture this: A drone strike motivates a nation state to attack an organization and launch an InfoOps campaign. With over 30 distinct Business Units, each with its own unique IT structure. Every endpoint directly exposed to the vast expanse of the internet, boasting a class B IP range. And to top it off, varying levels of security hygiene.
But wait, there's more! The attackers unleashed a devastating ransomware attack, which, surprise, turned out to be successful. Countless terabytes of data held hostage, with no possibility of a key.
Fear not, for we have discovered a remarkable method to exploit this ransomware and reclaim the majority of the encrypted data. Prepare to witness the magic of resourcefulness, innovation, and the art of cracking cryptography. Brace yourself for a talk that will leave you in awe!