How to get inside the mind of hackers

September 13, 2022 TH Author

Sponsored Post No matter how hard organizations in Latin America try to stop malicious attackers from infiltrating their IT systems, breaches are inevitable – as recent events demonstrate.

A new variant of the Ploutus ATM malware was customized for Latin America in 2021, allowing criminals to drain cash machines in Mexico by taking advantage of ATM SFX middleware vulnerabilities.

Brazil’s largest meat processing company, JBS, was the victim of a ransomware attack which shut down its facilities in the US, Canada and Australia, with payments reputedly made using Bitcoin. Another ransomware attack hit Brazilian insurance firm Porto Seguro while in Argentina, the government agency Registro Nacional de las Personas had its Renaper database hacked after cyber criminals breached its network.

The volume and scale of these attacks suggest it’s better for organizations to assume they will be a target and put greater focus on detection and response rather than only focusing on preventing breaches.

This is what makes SANS SEC504 “Hacker tools, Techniques, and Incident Handling” our best-selling course, available for delivery by cyber security professionals in both Spanish and English.

Attendees will learn how to tackle cyber security incidents from both the attack and defense perspective, with a Purple Team Exercise focusing on emulating the behavior of hackers most likely to attack your organization. So rather than just simulating an external attack or penetration test, SANS will combine the exercise with how the defenders will detect and respond to the incident and help your organization develop the skills to apply a dynamic incident response process better suited to defending against evolving cyber-attacks.

The course is evenly distributed between lectures and hands-on exercises to help you get into the mindset of bad actors and anticipate their next move. A key focus is on encouraging Red Teams (offense) and Blue Teams (defense) to work collaboratively to better detect and respond to cyber-attacks.

As Jorge Orchilles, Principal Instructor and Purple Team Ambassador, continually reminds us “offense informs defense and defense informs offense”. It is the main theme of Purple Teaming and the SANS Purple Team courses. “As information security professionals, we need to understand both sides to be resilient to the impact of cyber-attacks”.

Visit the SANS website here for more information on upcoming Cyber Security Training Events in Spanish designed to help LATAM organizations stop cyber-attacks in their tracks before they have a chance to do any damage.

Sponsored by SANS.