Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.
All content for Data Security Decoded is the property of Rubrik and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.
Scattered Spider: the Evolution of Identity-Based Ransomware
Data Security Decoded
13 minutes
2 months ago
Scattered Spider: the Evolution of Identity-Based Ransomware
Identity-based ransomware is no longer a fringe tactic; it’s becoming the playbook of today’s most dangerous adversaries. Scattered Spider, a financially motivated e-crime group, has shifted the model from smash-and-grab encryption to a far more devastating combination of double extortion, social engineering, and hypervisor encryption attacks.
In this episode of Data Security Decoded, host Caleb Tolin welcomes back Joe Hladik, Head of Rubrik Zero Labs, to unpack how Scattered Spider is evolving the ransomware playbook. From double extortion and identity compromise to hypervisor encryption and legacy system exploitation, Joe explains why these tactics succeed where traditional defenses fail and why building cyber resilience, not just detection and response, is the critical next step for security leaders.
What You’ll Learn:
How Scattered Spider leverages ransomware-as-a-service and double extortion to maximize payouts
Why identity compromise and social engineering make traditional defenses ineffective
How “living off the land” techniques and vulnerable drivers bypass signature-based tools
Why legacy infrastructure and outdated backup systems are prime targets for exploitation
What cyber resilience really means and how to build recovery into your security posture
Episode Highlights:
[00:30] Joe on Scattered Spider’s financial motivations and shift to double extortion
[06:53] Why identity compromise and social engineering bypass traditional defenses
[08:49] Disabling EDR with “living off the land” techniques and vulnerable drivers
[13:06] Hypervisor encryption: how attackers can take entire backup systems offline
[16:21] Cyber resilience as the future: assuming breach and restoring trusted systems
Episode Resources:
Caleb Tolin on LinkedIn
Joe Hladik on LinkedIn
Data Security Decoded
Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.
