In the last few years, many organizations have suffered from ransomware attacks. Recovering from a ransomware attack usually requires backups, but in some cases there are other ways. In this session, Alexander will showcase his team’s latest research in ransomware decryption capabilities. The research breaks an entire family of ransomware variants and allows victims to restore encrypted data without obtaining the private keys.
Alexander is a Principal Forensic Consultant at Truesec where he focuses on incident response, threat intelligence, and security research. Alexander spends most of his time providing incident response to companies that have suffered from a cyber attack. He has investigated many high profile cases, including nation state-backed attacks and ransomware against global organizations. Alexander also performs offensive and forensic research, and is responsible for developing Truesec’s forensic capabilities.