Post ContiLeaks: Unravelling the web of the Russian threat actor and what’s next for Wizard Spider

The cyber world was rocked this year when on February 28th the notorious Russian hacker group’s inner workings were exposed to the world in what has been dubbed an unprecedented leak, now known as Conti Leaks.

These documents provided cyber threat experts a fly on the wall’s perspective of the group’s innerworkings, from best practices, coding policies, how to hack guides, right down to their members’ watercooler chats and interpersonal dynamics. However, this was not the first breach the group suffered, in early August 2021 a disaffected affiliate posted a copy of the gang’s tools and training materials they provide to new members.

Utilising the sensitive data from these two leaks, our team of threat specialists are developing a threat model that focuses more on the “how” rather than the “why” of the group’s actions. With an insider’s knowledge of how Conti executes attacks and trains their operators, our team have created a comprehensive package that takes a threat-led approach to dealing with the menace of ransomware.

Although Conti has announced its shutdown, it would seem the group is in fact rebranding as multiple smaller ransomware groups, which means the threat from Conti style attacks remains very real.

In this webinar, our speakers will provide unique in-depth analysis of Conti leaks data and will cover the following areas:

– How to prepare for and deal with ransomware attacks
– Their first-hand experience of repelling a Conti attack
– Recommendations on how to move forward following an attack
– What is next for Wizard Spider