Back To Schedule
Saturday, March 28 • 3:00pm - 3:30pm
The Men Who Never Were: Assessing Ties Between the Samsam Ransomware Campaign and the IRGC

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

On November 28th, 2018, the U.S. Justice Department indicted two Iranian nationals for their role in developing and deploying the Samsam ransomware over a 3-year campaign netting over $6 million. Up until now, little reporting or information exists about the origins of these actors nor the motivations behind their attacks. However, research into their backgrounds revealed them to be seasoned threat actors with deep ties to Iran’s national security establishment including personal ties to the Islamic Revolutionary Guard Corps (IRGC) and IRGC-affiliated actors also indicted for their role in disruptive cyber attacks against the U.S.
This presentation will trace the origins of these individuals, their ties to other threat actors, and use of tools, previously employed in disruptive attacks, during the Samsam campaign. It will feature an in-depth review of investigative practices used to trace back the operators’ past activities despite high levels of operational security. Their own commentary on participating in Samsam, military ties, and ideological backgrounds will also be examined in light of what was ostensibly a financially-motivated campaign. Ultimately, this talk also seeks to highlight how deep-dive research into individual actors’ past activities can help unearth involvement in emerging threats.

Zoom link: https://zoom.us/j/266304316

avatar for Charlie Cullen

Charlie Cullen

Analyst, CrowdStrike
Charlie Cullen works as an intelligence analyst at CrowdStrike focused on the Middle East. Prior to this, he served as a deputy team lead and head of Middle East research at Dataminr in addition to a variety of past roles focused on the MENA region specializing in threat analysis... Read More →

Saturday March 28, 2020 3:00pm - 3:30pm EDT
'Connect' track 3333 Busbee Dr NW, Kennesaw, GA 30144, USA