Ransomware and Observations from Recent IR Investigations

Ransomware continues to be one of the most significant cyber security issues affecting organizations today. The attack is very effective and can be carried out relatively cheaply, making for larger net profits. With no end in sight to this nasty threat, I wanted to speak with someone who has a front-row seat into how organizations think about ransomware and other similar threats. For that I turned to Charles Carmakal, our SVP & CTO for Mandiant, and one of our leading incident response experts.

On this episode of our Eye on Security podcast, Charles and I explore the rise and evolution of ransomware—from the early days of threat actors automating ransomware infections without knowing who their victim was, to the more recent trend of breaking into organizations with known vulnerabilities, taking critical data, deploying encryptors and asking for much more money.

We then turn our discussion to the C-suite. Charles shares perspectives from the board when it comes to cyber threats, noting that while leadership is much more aware of cyber security and risk management than they were in the past, many still won’t understand the gravity of the situation until it’s happening to them.

Closing out the conversation, Charles shares customer stories involving nation-state intrusions, the use of public offensive security tools by nation-states, and the struggles organizations have had securing their now remote workforces.

Listen to the Eye on Security podcast today.

This post was first first published on

Industry Perspectives

‘s website by Luke McNamara. You can view it by clicking here