www.belgium.be Logo of the federal government

Quarterly Cyber Threat Report Event (QCTR) - 2021-Q3: Registrations are open

More than 2300 people have already attended one or more of the QCTR webinars. And you? What are you waiting for?


14h15: Introduction & welcome to the QCTR - Pedro Deryckere, Head of CCB/CyTRIS

14h20: @ the beginning of ... - Miguel De Bruycker, Managing Director of CCB

14h30: Learnings from responding to multifaceted extortion and ransomware - Charles Carmakal, SVP & CTO Mandiant

This session will discuss first-hand  observations and learnings from responding to hundreds of intrusions involving business disruption, theft of confidential data, victim shaming, and extortion. We'll talk through common challenges, considerations for paying threat actors, real-world outcomes, and we'll dispell several misconceptions. 

15h00: RaaS and the Rise of the Ransomware Extortion Ecosystem - Allan Liska, Senior Security Architect and Ransomware Specialist & Dmitry Smilyanets, Cyber Threat Intelligence Expert – Recorded Future

Ransomware has exploded over the last couple of years fueled in large part by the growth of Ransomware-as-a-Service (RaaS). Learn how RaaS operators function, who the biggest threats are right now and why this model is expected to grow. The growth of RaaS has also fueled the extortion ecosystem. Ransomware attacks no longer stop at encryption, but organizations must deal with stolen files, threats of DDoS attacks, harassing phone calls and much worse. 

15h40: Break

15h50: Time to Make the Donuts - Kurt Baumgartner, Principal security researcher - Kaspersky / GReAT

The discussion around supply chain attacks has come to a head in 2021, and underlying assumptions are not always clear. It's not that we haven't seen similar significant incidents before ... we have. How are we to understand all this activity? The Solarwinds/Sunburst incident comes to mind, but what about previous incidents and multiple other incidents in 2021? Should we lump together Solarwinds/Sunburst with destructive incidents, or are they more relevant to past Shadowpad incidents? What supply chain incidents are most similar on a technical level? What about some other less public but relevant and surprising APT activity? Some of these incidents may leave questions, like, what really is the supply chain? Other matters, like identifying the complexity of implant injection or trojanized installers, leave little grey area. Either way, let's walk away with some succinct, clear, and objective evaluations of significant supply chain incidents.

16h25: A Security Information Exchange For Europe - Dr. Paul Vixie, Farsight Security Inc., Chairman, CEO and Cofounder

It is in the best interests of every operator or user of the European Internet that crimes and criminal resources be well observed, in real time, by a community of security researchers and threat hunters who can put such observations to immediate and effective use. To do this without reducing end user privacy and with full respect for the GDPR and E-Privacy regulations is a challenge, but one well worth meeting. A small not-for-profit company headquartered in Karlsruhe (SIE Europe, U.G.) has taken on this challenge and is now entering its third year of operations. Paul Vixie, a co-founder of SIE Europe (www.sie-europe.net) along with Christoph Fischer and Peter Kruse, will describe the project, and its status, and how each of us can participate for the good of all.

17h15: Questions & Closing remarks - Pedro Deryckere, Head of CCB/CyTRIS

17h20: End

We are looking forward to see you online!


Not available that day? No worries! You will have the possibility to watch the recorded webinar afterwards!