In the sixth episode of Sekuro Talkshow, Sekuro Chief Growth Officer Shamane Tan was joined by Sekuro’s Principal Consultant Riley Kidd to share about the benefits of conducting ransomware readiness assessments. Read on to find out how ransomware readiness assessments can enable your company to prevent potential security threats such as cyber extortion.
Ransomware readiness assessments explained
In technical terms, Riley defined ransomware readiness assessments as “techniques, tactics and procedures utilised by ransomware adversaries and cybercriminal organisations to compromise and deploy ransomware throughout a corporate window’s environment”.
To explain this concept to children, Riley creatively utilised an analogy that most children would understand: Pokémon card trading.
Why is ransomware readiness so important?
Upon establishing the definitions of ransomware readiness, Riley went on to share about the crucial role that it plays in defending against ransomware attacks. Ransomware attacks mostly target people, processes and technology, leaving organisations to deal with significant financial and reputational repercussions. Companies have lost intellectual property and customer data to ransomware attacks, and while those may be partially recovered, the trust of customers may be lost for good. This is why ransomware readiness is so vital – by preventing such attacks from happening, it helps organisations avoid potentially devastating losses.
While Sekuro’s ransomware readiness assessments are not “silver bullets” that guarantee the impenetrability of organisations’ cybersecurity systems, Riley shared that it would help organisations to understand their real-world weaknesses, and help to guide them to focus their efforts on the best returns for their investment.
Sekuro’s approach to ransomware readiness
- Perform unauthorised internal Active Directory enumeration, escalation and lateral movement.
- Perform authorised internal Active Directory enumeration, escalation and lateral movement using a Standard Operating Environment (SOE) machine and an associated Domain User account.
- Assess privilege escalation activities, and perform a ransomware technical control assessment on SOE machines from the perspective of a Domain User.
- Perform an organisation-wide password breach assessment.
- Assess the viable network shares to identify sensitive or exploitable data accessible to end users.
- Perform a controlled and custom non-destructive ransomware deployment to a specific predefined ransomware machine. This will simulate the encryption process and test existing technology controls and their responses.
While establishing a strong and foolproof cybersecurity system cannot be accomplished in a day or two, becoming ransomware-ready is a good place to start. By conducting ransomware readiness assessments, organisations can work on weaknesses in their security systems, which will better defend them against potential attacks in the long run.
Thank you Riley Kidd for joining us in this episode!
About Sekuro’s Ransomware Readiness Assessments
Simulating real-world Tactics, Techniques, and Procedures (TTPs) utilised by ransomware adversaries and cyber-criminal organisations to compromise and deploy ransomware throughout corporate Windows environments, Sekuro’s Ransomware Readiness Assessment enables your organisation to understand gaps and remediate ransomware exposure risk with this common and growing risk.
Principal Consultant (Offensive Security), Sekuro
Riley has international, technical security consultancy experience across both the European and Asia-Pacific regions, leading and building security teams to deliver technical projects and outcomes. He has enabled a variety of clients to meet their security requirements and objectives across Red Teaming and adversary simulation exercises, penetration testing, and security reviews. Riley has delivered projects and presented outcomes and findings to key stakeholders, ranging from C-suite executives and application owners to end developers. He has also created and facilitated onsite technical training across secure coding, offensive operations, security awareness, and Capture The Flag competitions.
Chief Growth Officer, Sekuro
Shamane Tan is one of the most established women in the fields of technology and cyber security. As the Chief Growth Officer at Privasec and Sekuro, she is responsible for leading the security outreach strategy with the C-Suite and executives. Recognised by IFSEC as one of the global top 20 cybersecurity influencers, the ‘Cyber Risk Leaders’ author was also recently listed in the 40 under 40 Most Influential Asian-Australians and Top 30 Women in Security ASEAN Region 2021. A TEDx speaker and podcaster, Shamane is also the Founder of Cyber Risk Meetup, an international community and platform for cyber risk executives to exchange learnings.