Botconf 2017 has ended
View analytic
Thursday, December 7 • 09:50 - 10:20
The (makes me) Wannacry Investigation

Log in to save this to your schedule and see who's attending!

Feedback form is now closed.
On May 12, 2017 a virulent new strain of ransomware known as Wannacry hit hundreds of thousands of computers affecting all types of organisations across the globe. While it is well understand how Wannacry spread using EternalBlue, there was little information on how the attack initially began.

It is often the case that tracking the activity of an attacker back in time can be invaluable for learning more about how the attacker operates, and potentially identifying any mistakes made. This proved true with WannaCry 1.0.

This talk aims to present a walk-through of Symantec’s investigation into Wannacry and how we were able to identify links to previously identified malware families and tools used in attacks against Sony Pictures Entertainment in November, 2014 to ultimately identify who was behind the attack.

avatar for Alan Neville

Alan Neville

Sr. Threat Intelligence Analyst, Symantec
Alan is a senior threat intelligence analyst on the attack investigations team in Symantec. Alan is responsible for leading and documenting investigations into high profile attacks affecting Symantec customers and acting as a liaison between LE and Symantec.

Thursday December 7, 2017 09:50 - 10:20
Corum Allée du Saint-Esprit, 34000 Montpellier, France