Sign up to save your podcasts
Or
Share Scattered Spider: the Evolution of Identity-Based Ransomware
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Scattered Spider: the Evolution of Identity-Based Ransomware
Identity-based ransomware is no longer a fringe tactic; it’s becoming the playbook of today’s most dangerous adversaries. Scattered Spider, a financially motivated e-crime group, has shifted the model from smash-and-grab encryption to a far more devastating combination of double extortion, social engineering, and hypervisor encryption attacks.
In this episode of Data Security Decoded, host Caleb Tolin welcomes back Joe Hladik, Head of Rubrik Zero Labs, to unpack how Scattered Spider is evolving the ransomware playbook. From double extortion and identity compromise to hypervisor encryption and legacy system exploitation, Joe explains why these tactics succeed where traditional defenses fail and why building cyber resilience, not just detection and response, is the critical next step for security leaders.
What You’ll Learn:
Episode Highlights:
[00:30] Joe on Scattered Spider’s financial motivations and shift to double extortion
[06:53] Why identity compromise and social engineering bypass traditional defenses
[08:49] Disabling EDR with “living off the land” techniques and vulnerable drivers
[13:06] Hypervisor encryption: how attackers can take entire backup systems offline
[16:21] Cyber resilience as the future: assuming breach and restoring trusted systems
Episode Resources:
View all episodes
By Rubrik
5
1414 ratings
Identity-based ransomware is no longer a fringe tactic; it’s becoming the playbook of today’s most dangerous adversaries. Scattered Spider, a financially motivated e-crime group, has shifted the model from smash-and-grab encryption to a far more devastating combination of double extortion, social engineering, and hypervisor encryption attacks.
In this episode of Data Security Decoded, host Caleb Tolin welcomes back Joe Hladik, Head of Rubrik Zero Labs, to unpack how Scattered Spider is evolving the ransomware playbook. From double extortion and identity compromise to hypervisor encryption and legacy system exploitation, Joe explains why these tactics succeed where traditional defenses fail and why building cyber resilience, not just detection and response, is the critical next step for security leaders.
What You’ll Learn:
Episode Highlights:
[00:30] Joe on Scattered Spider’s financial motivations and shift to double extortion
[06:53] Why identity compromise and social engineering bypass traditional defenses
[08:49] Disabling EDR with “living off the land” techniques and vulnerable drivers
[13:06] Hypervisor encryption: how attackers can take entire backup systems offline
[16:21] Cyber resilience as the future: assuming breach and restoring trusted systems
Episode Resources:
More shows like Data Security Decoded
View all
CyberWire Daily
1,027 Listeners
Smashing Security
319 Listeners
Hacking Humans
315 Listeners
Threat Vector by Palo Alto Networks
39 Listeners