TIPS #7 Ransomware Evolution in LATAM

Fernando Cajeme Acosta Zertuche (TELMEX Scitum) & Imelda Flores (TELMEX Scitum)
Ransomware is a common enemy in all continents, but unfortunately in Latin America there are still myths about the type of attackers that the region faces, which are more sophisticated and more aggressive than expected. They even use new tactics that were not documented at the time.

Most of the victims in Latin America are not ready to respond to these attacks, and the collateral damage left by the intrusion that triggered the ransomware leaves them in a vulnerable situation for weeks. In this talk we will discuss what we have seen of the TTPs of the attackers in the region, the preferred attack vectors, what we have found during the incident response engagements and how the Scitum-CERT team approaches a strategy to prepare future victims with unconventional approaches.
Fernando Cajeme Acosta Zertuche
TELMEX Scitum Fernando Acosta is the head of the CERT unit in SCILabs, where he focuses on coordinating the effective response of cybersecurity incidents and advising clients about the counter-measures they must have. He has worked on Scitum’s SOC for more than 15 years and was the head of the advanced threat detection team, whose objective is to reduce the identification gap between an attack and the detection and response, minimizing the impact of an attack. He has contributed to the generation of incident management processes as well as in the design and contextualization of the information for a collaborative cyber-system.
Imelda Flores
TELMEX Scitum Imelda Flores is the Head of the Cyber Intelligence unit at SCILabs, where she focuses on helping organizations to apply intelligence to cyber threats. She has worked in Scitum´s SOC for more than a decade and founded the first cyber intelligence team in Latin America. She now oversees investigations regarding malware and fraud campaigns that affect the region while working with Scitum´s customers to improve their cybersecurity posture. Imelda is also a regular speaker in local and international forums where she brings awareness to high executives about emerging threats in cyberspace.
arrow left Back

TIPS #7 Ransomware Evolution in LATAM

Fernando Cajeme Acosta Zertuche (TELMEX Scitum) & Imelda Flores (TELMEX Scitum)
Ransomware is a common enemy in all continents, but unfortunately in Latin America there are still myths about the type of attackers that the region faces, which are more sophisticated and more aggressive than expected. They even use new tactics that were not documented at the time.

Most of the victims in Latin America are not ready to respond to these attacks, and the collateral damage left by the intrusion that triggered the ransomware leaves them in a vulnerable situation for weeks. In this talk we will discuss what we have seen of the TTPs of the attackers in the region, the preferred attack vectors, what we have found during the incident response engagements and how the Scitum-CERT team approaches a strategy to prepare future victims with unconventional approaches.
Fernando Cajeme Acosta Zertuche
TELMEX Scitum Fernando Acosta is the head of the CERT unit in SCILabs, where he focuses on coordinating the effective response of cybersecurity incidents and advising clients about the counter-measures they must have. He has worked on Scitum’s SOC for more than 15 years and was the head of the advanced threat detection team, whose objective is to reduce the identification gap between an attack and the detection and response, minimizing the impact of an attack. He has contributed to the generation of incident management processes as well as in the design and contextualization of the information for a collaborative cyber-system.
Imelda Flores
TELMEX Scitum Imelda Flores is the Head of the Cyber Intelligence unit at SCILabs, where she focuses on helping organizations to apply intelligence to cyber threats. She has worked in Scitum´s SOC for more than a decade and founded the first cyber intelligence team in Latin America. She now oversees investigations regarding malware and fraud campaigns that affect the region while working with Scitum´s customers to improve their cybersecurity posture. Imelda is also a regular speaker in local and international forums where she brings awareness to high executives about emerging threats in cyberspace.