Trellix Threat Intelligence Leader: Hurricane Likely Opportunity for Hackers


Russia is planning massive cyber attacks on Ukraine and its allies.

Trellix Threat Intelligence Leader John Fokker expects cybercriminals to benefit Hurricane Ian‘s devastation in Florida and other states similar to that seen during the COVID-19 pandemic.

John Fokker from Trellix

Fokker, Head of Threat Intelligence and Principal Engineer at Trellix, spoke at the Trellix Xpand Live 2022 conference this week. He and Doug McKee, chief engineer and head of vulnerability research, detailed how the company helped law enforcement take down the infamous REvil ransomware gang. REvil was responsible for the last year Attack on Kaseya.

“We help catch bad people,” he said. “That’s what drives me every day.”

During his career, Fokker has overseen numerous large-scale cybercrime investigations and takedowns. He is also one of the co-founders of the NoMoreRansom project. The No More Ransom website is an initiative of the Dutch Police National High Tech Crime Unit, Europol’s European Cybercrime Centre, Kaspersky and McAfee. It helps ransomware victims to retrieve their encrypted data without having to pay the criminals.

Trellix Threat Intelligence leads to better protection

Meanwhile we talked to Fokker Trellix XPand Live to find out how threat intelligence helps protect organizations from cybercrime.

Channel Futures: Tell me about your work with Trellix’s Threat Intelligence Group and how it is leading to better cybersecurity for partners and customers?

John Fokker: I’m privileged to lead a team with different types of analysts where we have trading papers and we have analysts that go out and hunt, collect and do research threats out there in the world. So they use our telemetry, they use our products, but they also try to scan the internet or spread third-party product blogs. We also have other providers coming out with phenomenal research. We look at it, validate it and send it to our customers. So that’s built into our workflow and it’s going straight through to all the products. And we like to say that we collect things that really help the customer deal with the threat.

Well, there are these threat actors. You move through a network. There are multiple ways to do this and they use multiple tools. So our team identifies how the threat actor is doing it, and we’re trying to figure out how they’re doing it. We can give that. We can reach out to the respective product teams and they’ll say, OK, can we build protection for this? And at the same time we give our customers intelligence. And that is product innovation. It has been incorporated into the product. And at the same time we also have an option where we have commercial opportunities. So if we have a client that wants to really get deep into threat intelligence or vice versa, they want threat intelligence but don’t have a full team, we can help them. We can support them with their wealth.

Scroll through our slideshow to learn more about Fokker and other cybersecurity news.

Source link
#Trellix #Threat #Intelligence #Leader #Hurricane #Opportunity #Hackers


Please enter your comment!
Please enter your name here