Jack Rhysider

Luckily, they detected this quite quickly and called Omar in very early. He got in his car and drove down to the data center that was infected. And when he got on the systems there, he was able to see the people who were behind the quantum ransomware typing out commands infecting more systems. So because he reacted so quickly, he was able to stop the spread of it from getting on more machines.

Luckily, they detected this quite quickly and called Omar in very early. He got in his car and drove down to the data center that was infected. And when he got on the systems there, he was able to see the people who were behind the quantum ransomware typing out commands infecting more systems. So because he reacted so quickly, he was able to stop the spread of it from getting on more machines.

And this is a stressful situation. I don't know if you've ever gotten your computer or phone infected, but anytime this happens, you have to wonder, did you clean your device good enough? Are they still in there? And you never actually know. You sort of have to cross your fingers and hope the attackers will let you know if they're in there still.

And this is a stressful situation. I don't know if you've ever gotten your computer or phone infected, but anytime this happens, you have to wonder, did you clean your device good enough? Are they still in there? And you never actually know. You sort of have to cross your fingers and hope the attackers will let you know if they're in there still.

Even though he's kicked them out of this one system, it's hard to tell if they just come right back in or what other systems they may have access to. It's like trying to build a dam in the dark with just sticks and rocks.

Even though he's kicked them out of this one system, it's hard to tell if they just come right back in or what other systems they may have access to. It's like trying to build a dam in the dark with just sticks and rocks.

No attribution on the final report for the quantum ransomware infection. Okay. Attribution means figuring out who did this. And they couldn't figure it out. There just simply wasn't enough clues. It seemed to be fairly common malware with no clear path leading to anyone in particular. All it seemed was that it was financially motivated.

No attribution on the final report for the quantum ransomware infection. Okay. Attribution means figuring out who did this. And they couldn't figure it out. There just simply wasn't enough clues. It seemed to be fairly common malware with no clear path leading to anyone in particular. All it seemed was that it was financially motivated.

They wanted money and that's the whole reason why they did this. And I think there's three main categories for different types of attackers. There's the hacktivist type people who are hacking into things just for fun or to make a point, like those defacing websites. And then there are people who are financially motivated. They're only there to make money.

They wanted money and that's the whole reason why they did this. And I think there's three main categories for different types of attackers. There's the hacktivist type people who are hacking into things just for fun or to make a point, like those defacing websites. And then there are people who are financially motivated. They're only there to make money.

And then there are more sophisticated groups there trying to steal state secrets or something. I mean, they might even have spies on the ground of the place they're trying to break into. If you know who your adversary is, you can combat against that particular threat more effectively. You can prepare better and be more alert.

And then there are more sophisticated groups there trying to steal state secrets or something. I mean, they might even have spies on the ground of the place they're trying to break into. If you know who your adversary is, you can combat against that particular threat more effectively. You can prepare better and be more alert.

So it's important to understand the landscape of who can and who is and who should and who would be attacking you. When you're dealing with ransomware, you're typically up against someone who just wants money. And if you don't pay it or make it really hard for them, they'll probably just move on to an easier target. So after this attack, things settled down. Omar went back to his normal duties.

So it's important to understand the landscape of who can and who is and who should and who would be attacking you. When you're dealing with ransomware, you're typically up against someone who just wants money. And if you don't pay it or make it really hard for them, they'll probably just move on to an easier target. So after this attack, things settled down. Omar went back to his normal duties.

Okay, so they got a new tool to look at the domains that each organization is reaching out to and each domain that's connecting into the government's network. Now, they took this data and cross-referenced it with known malicious domains in the world. And this is called threat intelligence.

Okay, so they got a new tool to look at the domains that each organization is reaching out to and each domain that's connecting into the government's network. Now, they took this data and cross-referenced it with known malicious domains in the world. And this is called threat intelligence.

There are companies out there that try to classify every single IP address and domain name to try to determine if it's malicious or not. So if you see computers on your network contacting known malicious domains, then you can double-click on that and see what's going on. While he's scanning the network, I want to take a quick ad break.

There are companies out there that try to classify every single IP address and domain name to try to determine if it's malicious or not. So if you see computers on your network contacting known malicious domains, then you can double-click on that and see what's going on. While he's scanning the network, I want to take a quick ad break.

But stay with us because you're going to want to hear what he found. Support for this show comes from Black Hills Information Security. This is a company that does penetration testing, incident response, and active monitoring to help keep businesses secure. I know a few people who work over there, and I can vouch they do very good work.

But stay with us because you're going to want to hear what he found. Support for this show comes from Black Hills Information Security. This is a company that does penetration testing, incident response, and active monitoring to help keep businesses secure. I know a few people who work over there, and I can vouch they do very good work.