Develop invaluable cybersecurity skills through interactive training during SANS 2021 - Live Online. Register now.


To attend this webcast, login to your SANS Account or create your Account.

Reducing Ransomware Risk By Training With MITRE ATT&CK(REG)

  • Wednesday, December 02, 2020 at 1:00 PM EST (2020-12-02 18:00:00 UTC)
  • Chris ‘Rusty’ Schroeder, Jake Williams


  • CYBERBIT Commercial Solutions

You can now attend the webcast using your mobile device!



This webinar will break down the notorious RYUK attack according to the MIRE ATT&CK Enterprise Framework.

RUYK has been a pain for businesses throughout 2020. Victims included Epiq, EMCOR, and Universal Health Services.

In this webinar we will dissect RYUK according to the MIRE ATT&CK tactics and techniques that were observed in the attack helping you to become familiar with attacker behaviors. We will suggest methods to train SOC and incident response teams, leveraging thus breakdown to reduce the impact of RYUK and similar ransomware attacks on your organization.

The webinar will be presented by Cyberbit Range Instructors, based on their experince in hundreds of ransomware simulation exercises.

The topics we will discuss:

  • Breakdown of RYUK attacks using MIRE ATT&CK Enterprise
  • Breakdown of common mitigations to ransomeware attacks
  • How to ensure your team is prepared for RYUK

Speaker Bios

Chris ‘Rusty’ Schroeder

Chris ‘Rusty’ Schroeder is a Master Cyber Trainer for Cyberbit, bringing his extensive cyber experience to enterprise training and curriculum development for cyber professionals, helping them excel in their roles through guided training sessions and developing custom training curriculums. Prior to joining Cyberbit, Rusty served as a cyber defense engineer, architecting new security policies and transforming new recruits into Cyber warriors for the DoD after serving his country as a US Army Special Operations Soldier. Rusty is a holder of GSEC, GCIH, GMON, & a few other certifications and is proud to continue his life’s work of learning from and teaching others.

Jake Williams

Jake Williams is a SANS analyst, senior SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attacks on-premises and in the cloud.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.