Ransomware - After the Attack [Your next Move]

7 YEARS AFTER WANNACRY—RANSOMWARE IS DEADLIER THAN EVER 🚨
If ransomware hit TOMORROW—would your team PANIC or EXECUTE?
Cybersecurity pros Michael Lew & Kumar Sharma break down the 3 points:

🔍 1. INVESTIGATE
→ First move? Verify the breach
→ Backups = Your lifeline (if tested & air-gapped)
→ ‘Not all data is equal’—sacrifice the junk, save the crown jewels

🤝 2. NEGOTIATE
→ "Triple extortion" is the new nightmare
→ Dark web intel—know your enemy before negotiating
→ No two hacks (and hackers) are alike— (‘no one size fits all’)

💰 3. PAY OR FIGHT?
→ Legal landmines (GDPR fines, sanctions, insurance denials)
→ "Proof-of-life’ checks—or you might pay for NOTHING
→ PAYING = LAST RESORT (but sometimes… it’s survival)

🔥 BOTTOM LINE:
✅ PREPARE NOW—or pay later (in $$$ & chaos)
✅ DRILL your team—panic costs more than the ransom
------
00:55 – Intro (1) Digital Forensics & Investigations (2) Negotiations (3) Pay up or Resist (“To pay or not to pay”)
01:22 – (1) Investigations
01:39 – “Don’t panic”,
01:54 – Verify the breach
02:40 – Activate Business Continuity plans – backup
03:09 – Backup recovery aids negotiations by buying time
04:02 - "Not all data are equal"
05:39 - Time pressure - Recovery & Preservation
07:40 - Concurrent recovery & preservation due to volatile nature of data
08:08 - Short email log retention limits investigations due to data loss
08:51 - Information sharing
10:03 – Theme 2 - Negotiation
10:13 - Buy time & gain insight into the attackers
11:04 - Use secure channels engage cybersecurity experts
12:48 – Research: analyze attacker profiles; monitor dark web
13:47 - Triple Extortion test willingness to pay, escalate demand, finally - data sale
14:41 - Key actions during negotiation: recover data; forensic analysis; fix security gaps
15:29 - Negotiation strategy - "no one size fits all"
16:24 - Have a plan, stay prepared.
16:59 - Ransomware attacks could be targeted or random
17:29 - Vulnerable: Small businesses
18:07 - Attackers rely on inaction with small losses
18:48 – Theme 3 – Pay up or resist
18:57 - The Legal implications
19:12 - 1) Personal data breach
19:56 - 2) Sanctions
20:21 – 3) Cyber insurance
21:02 - 4) Breach of contracts
22:20 - 5) Ransom recovery (from the threat actors)
24:24 - Key considerations: assess the breach & recovery options, weigh legal & reputational risks
25:14 - Paying could invite more attacks
27:13 - "Proof-of-life"
27:35 - Verify with decryption tests to gain time, track their crypto, aid recovery
28:47 - Payment is risky: No data security is guaranteed; Avoid paying: generally a bad option
29:20 - Paying in a business-ending scenario
30:26 – TAKEAWAY
30:36 - Have a plan, Be prepared
31:18 - Keep calm
-----
Recorded 25th March 2025, Singapore (near Fort Canning)
-----
V. Kumar Sharma (Advocate & Solicitor of the Supreme Court of Singapore; Partner, Eldan Law) trained and qualified with a Big Four law firm in Singapore, and has over a decade of litigation and arbitration experience. His contentious disputes experience spans areas such as projects and construction, ship building, trade disputes, asset recovery. He regularly appears before the Singapore Courts and is experienced in arbitrations under all major rules.
Kumar has substantial experience advising on digital assets and on cryptocurrency and cybersecurity related matters. He has advised project founders from inception through to fund raising by ICO, product launches including NFTs, AML/KYC / regulatory risks, on/off ramps for ecosystem users, hacked wallets, and decentralized autonomous organizations.

Michael Lew is currently the Co-Founder with Aegis Digital Asia, a specialist digital forensics, e-discovery and cybersecurity advisory firm. He is a seasoned technical expert and information security professional leading in digital investigations, crypto intelligence and quantum security. Michael has provided expert testimonies in the courts of both Singapore and Malaysia, supporting a wide array of cases across industries such as finance, technology, healthcare, digital assets.
Concurrently, Michael is a venture builder for Deep Tech startups and serves as the Quantum Security SIG EXCO Lead with the Association of Information Security Professionals (AiSP), EXCO member of EdTech at SGTech and Chairperson of the Digital Enterprise Sub-Committee at the Blockchain Association Singapore (BAS).
Michael singularly founded LegalComet, an AI-driven Legal Technology startup. He successfully exited the startup in 2018 through an acquisition by Rajah & Tann, a leading law firm in Asia and stayed on to steer the company as the CEO of Rajah & Tann Technologies until 2022.
A well-regarded leader and mentor in the Singapore tech startup ecosystem, Michael was recognized by Asia Law Portal as one of the "30 People to Watch in Asia" in the business of law.
-----
Stay with us:
LinkedIn ➡️   / lojane  
YouTube ➡️ https://cutt.ly/U2B0yVi

#misscyberpenny
#cybersecurity
#ransomware