Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn to detect sophisticated human-operated ransomware attacks specifically targeting financial institutions in this 23-minute conference presentation from the SANS DFIR Summit 2025. Explore how modern ransomware groups have evolved their tactics to focus on cloud environments, particularly targeting identity administrators and exploiting cloud misconfigurations to establish persistent access within financial organizations. Understand why the financial sector has become a prime target for ransomware groups due to its high-value nature and heavy reliance on cloud-based identity platforms, virtual infrastructure, and SaaS applications that create multiple attack vectors. Discover how adversaries compromise identity administrators and abuse misconfigured access controls to stealthily move laterally through cloud workloads before launching domain-wide ransomware campaigns. Gain insights into the specific detection strategies and defensive measures needed to protect financial institutions from these advanced persistent threats that leverage cloud infrastructure vulnerabilities and identity management weaknesses.
