Lessons Learned from the Colonial Pipeline Ransomware Attack


Lessons Learned from the Colonial Pipeline Ransomware Attack

The purpose of this threat intelligence session is to discuss the Colonial Pipeline attack as well as to review associated actionable insights pertaining to ransomware. Most ransomware attacks consist of multiple phases, to include initial access & targeting, exploitation, and monetization – accordingly, this brief will review how the CARBON SPIDER (user of the Darkside Ransomware) engages in multi-faceted operations against their targets. Attendees of this brief will obtain a broad understanding of the Colonial Pipeline ransomware attack along with actionable recommendations on what can be done to combat the threat of ransomware.

Featured Speakers

Jason Rivera

Director of Strategic Threat Advisory Group - Global, CrowdStrike

Jason Rivera has over 15 years of experience innovating at the intersection of security operations & technology. He was a former Intelligence Officer/Captain in the U.S. Army, had assignments with the National Security Agency (NSA) and U.S. Cyber Command (USCYBERCOM), and served in combat tours overseas. He has experience in the private sector and built threat intelligence and cybersecurity programs for large Fortune 500 companies and U.S. government agencies. He received his M.A. in Security Studies from Georgetown University, M.A. in Economics from the University of Oklahoma, and his B.A. in Political Science & Economics from the University of Nevada, Las Vegas. He has presented at various thought leadership conferences including Black Hat, RSA Conference, Gartner Conference, NATO Conference on Cyber Conflict, and InfoSecWorld Conference & Expo.


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center