About this event
The Centre for Cybersecurity Belgium (CCB) presents its fifth online Quarterly Cyber Threat Report event (QCTR).
Normally the (live) event is only accessible for CCB constituents but also this time we open the virtual doors to all our partners. More than 2300 people have already attended one or more of the QCTR webinars.
Not available that day? No worries! You will have the possibility to watch the recorded webinar afterwards!
14h15: Introduction & welcome to the QCTR - Pedro Deryckere, Head of CCB/CyTRIS
14h20: @ the beginning of ... - Miguel De Bruycker, Managing Director of CCB
14h30: Learnings from responding to multifaceted extortion and ransomware - Charles Carmakal, SVP & CTO - Mandiant and Bart Vanautgaerden, Senior Incident Response Consultant - Mandiant
This session will discuss first-hand observations and learnings from responding to hundreds of intrusions involving business disruption, theft of confidential data, victim shaming, and extortion. We'll talk through common challenges, considerations for paying threat actors, real-world outcomes, and we'll dispell several misconceptions.
15h00: RaaS and the Rise of the Ransomware Extortion Ecosystem - Allan Liska, Senior Security Architect and Ransomware Specialist & Dmitry Smilyanets, Cyber Threat Intelligence Expert – Recorded Future
Ransomware has exploded over the last couple of years fueled in large part by the growth of Ransomware-as-a-Service (RaaS). Learn how RaaS operators function, who the biggest threats are right now and why this model is expected to grow. The growth of RaaS has also fueled the extortion ecosystem. Ransomware attacks no longer stop at encryption, but organizations must deal with stolen files, threats of DDoS attacks, harassing phone calls and much worse.
15h50: Time to Make the Donuts - Kurt Baumgartner, Principal security researcher - Kaspersky / GReAT
The discussion around supply chain attacks has come to a head in 2021, and underlying assumptions are not always clear. It's not that we haven't seen similar significant incidents before ... we have. How are we to understand all this activity? The Solarwinds/Sunburst incident comes to mind, but what about previous incidents and multiple other incidents in 2021? Should we lump together Solarwinds/Sunburst with destructive incidents, or are they more relevant to past Shadowpad incidents? What supply chain incidents are most similar on a technical level? What about some other less public but relevant and surprising APT activity? Some of these incidents may leave questions, like, what really is the supply chain? Other matters, like identifying the complexity of implant injection or trojanized installers, leave little grey area. Either way, let's walk away with some succinct, clear, and objective evaluations of significant supply chain incidents.
16h25: A Security Information Exchange For Europe - Dr. Paul Vixie, Farsight Security Inc., Chairman, CEO and Cofounder
It is in the best interests of every operator or user of the European Internet that crimes and criminal resources be well observed, in real time, by a community of security researchers and threat hunters who can put such observations to immediate and effective use. To do this without reducing end user privacy and with full respect for the GDPR and E-Privacy regulations is a challenge, but one well worth meeting. A small not-for-profit company headquartered in Karlsruhe (SIE Europe, U.G.) has taken on this challenge and is now entering its third year of operations. Paul Vixie, a co-founder of SIE Europe (www.sie-europe.net) along with Christoph Fischer and Peter Kruse, will describe the project, and its status, and how each of us can participate for the good of all.
17h15: Questions & Closing remarks - Pedro Deryckere, Head of CCB/CyTRIS
We are looking forward to see you online!
With over 20 years of experience in cybersecurity consulting, financial, government and international organizations environments, Bart has a thorough understanding of network security, malware, computer forensics, andtactics, techniques, and procedures that are leveraged by attackers.
Charles Carmakal, SVP and CTO, is one of Mandiant’s leading incident response experts. He oversees a team that has helped over a thousand organizations respond to complex security breaches orchestrated by foreign governments, organized criminals, and political hacktivists.
Dr. Vixie is the co-founder and CEO of Farsight Security (2013-present), and is the author or co-author of a dozen or so RFCs, mostly on DNS and related topics, and of Sendmail: Theory and Practice (Digital Press, 1994). He earned his Ph.D. in 2013 from Keio University for work related to the Internet Domain Name System (DNS and DNSSEC), and was inducted into the Internet Hall of Fame in 2014.
Started his cyber sec career at FCCU in 2010. Was one of the lead investigators in the Belgacom case back in 2013. Uncovered dozens of cyber espionage cases in Belgium before he joined CCB in Dec 2016 where he started up the CTI team (CyTRIS) and became Head of CCB/CyTRIS.
With more than 20 years of experience in ransomware and information security, Allan Liska has improved countless organizations’ security posture using more effective intelligence. Allan provides ransomware-related counsel and key recommendations to major global corporations and government agencies.
Kurt joined Kaspersky's GReAT team in 2010. He researches and reports on targeted attack activity, complex intrusions, and advanced malware. Some of his favorite past presentations include work and reporting on Darkhotel, Turla, and Sofacy/Zebrocy.
Miguel De Bruycker studied at the Royal Military School and the Vrije Universiteit Brussel. After writing a dissertation on Cyber Defence in 2005, he joined the General Intelligence and Security Service and was responsible for the security of classified networks and the creation of the first cybersecurity unit of the Belgian Defence. Since 2008 , he and his cyberteam are involved in the processing of all major cyber incidents in Belgium. On August 17, 2015 , he became Managing Director of the Centre for Cybersecurity Belgium.
Kevin Holvoet started his career as a Security Engineer at Euroclear NV. In 2017, he started at the CCB. Since 2018 he specializes as a CTI Analyst in the CyTRIS (Cyber Threat Research & Intelligence Sharing) team. In October 2020, he became a SANS instructor for the FOR578: CTI course.
Mission-driven and Russian-speaking intelligence analyst with type A personality. Dmitry has twenty years of experience and expertise in cybercrime activity that includes being a former member of an elite Russian-based hacking organization.
The CCB calls on the administrative and logistical support of the Federal Public Service Chancellery of the Prime Minister in carrying out its assignments. The Centre for Cyber Security Belgium is the central authority for cyber security in Belgium.
Share this event