All Events and Webinars

Ransomware Cyber Attack Simulation Webinar

Cross Industry
Ransomware and Malware
Phishing and Social Engineering
Identity and Access
Vulnerabilities and Exposure
October 13, 2021
Most ransomware attacks don’t start with encryption, they unfold quietly across multiple stages before anyone notices. This simulation walks through a real-world attack chain, showing how attackers use fileless techniques and legitimate tools to stay hidden. Viewers will see how modern detection and response can identify, correlate, and stop these threats before they reach full impact.

In-House Specialists

Raluca Saceanu

Chief Executive Officer

External Speakers

Pavel Mucha

Principal Consultant

Key Strategic Takeaways

Are Modern Attacks Multi-Stage and Designed to Stay Invisible?

Ransomware is no longer a single event but a sequence of actions including phishing, command-and-control, privilege escalation, and lateral movement before impact. Attackers aim to remain undetected long enough to reach high-value systems and data. Understanding the full attack chain allows organisations to identify multiple points where detection and containment can break the sequence early.

Why Are Legitimate Tools the Attacker's Best Cover?

Attackers increasingly use built-in system tools like PowerShell, Regsvr32, and Bitsadmin to execute attacks without triggering traditional signature-based controls. This “living-off-the-land” approach blends malicious activity with normal operations. Defence requires behavioural analysis and context-aware detection rather than reliance on known malware signatures.

How Does Correlating Events Into Attack Narratives Reduce Detection Time?

Traditional alerting produces fragmented signals that require manual investigation, slowing response. Modern approaches group related activity into a single, contextualised incident view, enabling faster understanding of root cause and impact. This shift from event-based alerts to attack narratives improves analyst efficiency and accelerates containment decisions.

How Does Rapid, Controlled Response Prevent Escalation Without Disruption?

Effective response capabilities allow teams to isolate endpoints, terminate malicious processes, and contain threats without breaking critical systems. Guided response mechanisms help avoid operational damage while stopping attacker progression. Speed, clarity, and controlled action are key to limiting impact during active incidents.

What Do Simulations Expose Before Real Attacks Do?

Attack simulations reveal weaknesses in detection, response coordination, and operational readiness that are often invisible in day-to-day operations. They test not just tools, but decision-making, communication, and execution under pressure. Organisations that regularly simulate attacks are better prepared to respond decisively when real incidents occur.

No items found.
  • 00:00 Intro + context (recent major cyber incidents)
  • 03:05 Cybereason overview (endpoint + AI positioning)
  • 06:06 Attack scenario setup (attacker / victim / defender)
  • 07:13 Phishing entry point (macro-enabled Excel)
  • 17:19 Initial compromise (DGA + fileless execution)
  • 20:40 Detection model explanation (MalOps vs alerts)
  • 33:50 Response actions (kill process, isolate, guided response)
  • 36:17 Attack escalation (privilege escalation + persistence)
  • 41:52 Lateral movement (pass-the-hash to CEO machine)
  • 44:55 Ransomware deployment (PowerShell-based)
  • 46:12 Detection across attack chain
  • 50:28 Attack tree + full visibility walkthrough
  • 52:53 Threat hunting (query-based detection)
  • 56:30 Platform summary + Q&A
Watch More
Security Operations

Supply Chain & Third-Party Risk | Managing Hidden Cybersecurity Threats

Smarttech247 experts discuss how businesses can improve visibility, reduce third-party cyber risk, and strengthen resilience against supply chain attacks.

The New Ransomware Economics | Edwin Bowers & CrowdStrike on Modern Cyber Extortion

Smarttech247 is joined by CrowdStrike to examine how ransomware groups are evolving and what organisations need to do to improve cyber resilience and incident response.

Building an Effective Security Strategy | Gavan Egan & Raluca Saceanu on Cyber Resilience

Smarttech247 discuss the key cybersecurity priorities organisations should focus on in 2026 while also previewing major themes from ZeroDayCon.

Ready to scale your security and compliance operations?

We protect your on-premise/cloud/OT environments - 24x7x365