Ransomware Response Essential: Fixing Initial Access Vector'They'll Hit You Again and Again,' Warns Rapid7 Chief Scientist Raj Samani
A lot has changed in the three years since cybersecurity veteran Raj Samani was last able to attend the RSA Conference in San Francisco. But what hasn't changed is the innovation being practiced by ransomware groups and the challenges facing cybersecurity teams, including dealing with the latest vulnerabilities, or "vuls."
"The thing that's probably causing most people concern is this deluge of big critical vuls," Samani says. "And the time to exploitation is getting shorter and shorter." He also says that any organization hit by ransomware must never forget the imperative to identify how attackers broke in and if they've given themselves persistent ways to regain access. Otherwise, he says, "They'll hit you again and again."
In a video interview with Information Security Media Group at RSA Conference 2022, Samani also discusses:
- The cybersecurity dumpster fire that is 2022, and his predications for 2023;
- How the ransomware ecosystem continues to evolve;
- Digital forensics and incident response - aka DFIR - essentials - and applications for the open-source Velociraptor DFIR framework.
Samani is a computer security expert responsible for extending the scope and reach of Rapid7's research initiatives. He joined Rapid7 from McAfee - now Trellix - where he served as McAfee Fellow and chief scientist after serving as vice president and chief technical officer in EMEA. Samani has assisted multiple law enforcement agencies in cybercrime cases and is special adviser to Europol's European Cybercrime Center.