Northwave Header
  • Product presentation
  • Management I
  • Awareness/Phishing/Fraud
  • Data protection / GDPR
  • Data security / DLP / Know-how protection
  • Endpoint Protection
  • Managed Security Services / Hosting
  • SIEM / Threat Analytics / SOC
  • Trend topic

Ransomware tales from the trenches

We have all heard of ransomware, but defending yourself against it starts with understanding the attack. We will share this with you.

4/14/2021 12:15:00 PM – 4/14/2021 12:30:00 PM

Please log in or register in advance so that you can take part in actions or watch videos about the action!

This action is available to the it-sa 365 community as a video.

Northwave Header
  • Product presentation
  • Management I

We have all heard of ransomware, but defending yourself against it starts with understanding the attack. We will share this with you.

Language: German

Questions and Answers: Yes

graphical blue background

This video is available to the it-sa 365 community. Please register or log in with your login data.

Action description


One moment everything seems to be alright, the next moment the discovery is made. All files are encrypted. A large amount of money has been transferred to a stranger. Trade secrets or customer data are out in the open.

Every day, various companies and institutions experience firsthand that cybercrime can have a severe impact. Business failure, reputation damage, financial damage - not every company or institution can get over it.

Very often this is relatively easy to prevent. But to successfully do that, you first need to know how the attacks work. Only then, can you make the right risk assessments and make the right investments to stop them. We will describe the process of achieving this for you.


Cybercrime has an effect on everyone
Society continues to digitise and crime follows that trend. While traditional crime appears to be declining, losses from cybercrime are growing year after year. Companies and institutions are increasingly relying on digital resources. When these means shutdown, turn out to be unreliable or them falling into the hands of third parties can have disastrous consequences. Your company can also fall victim to this.

Cyber security is often seen as a shadowy and invisible world, of which the board has too little understanding. A cost item instead of an investment. A "that won't happen to me" attitude has already killed many companies. The experts agree: For cyber criminals, any organisation is a potential source of income or data. The question is not whether they are trying to attack, or even when. After all, attempts take place on a continuous basis. So the question is how well armed you as a company are against such attacks.


Cyber security is not that shadowy, remote or complicated. Basically it is a risk assessment. You want to know the probability and the damage caused by cyber attacks. And then provide adequate security where the need lies. For this it is important to first have an idea of how an attack works. That's what we're going to talk about.

In the dissection, we divide the attack into three phases, which we call IN, THROUGH, and OUT, according to the most commonly used scientific models.

The actions the attacker takes to penetrate the digital environment to the point that this is successful.
Example: Boris breaks the kitchen window and penetrates the house.

The actions the attacker takes to move within the digital environment.
Example: Boris follows a path from the attic through bedrooms to living room through the house, searching cupboards and drawers.

The actions the attacker takes to achieve his ultimate goal.
Example: Boris takes the electronics with him and leaves the building with it.

Ransomware is malicious software that encrypts a victim's systems or files and then offers the key for a fee. Ransomware can have a significant impact on the continuity of your business operations. The financial consequences often go well beyond paying the ransom.

During the presentation we will describe an example from practice and include it in the model.

read more



This action is part of the event IT Security Talks April 2021