02-15, 11:00–11:45 (Europe/Amsterdam), Boardroom
Ransomware attacks can feel like a dead end when it comes to data recovery, but not every case requires paying the ransom. In this talk, I’ll share real stories of successful recoveries achieved through attacker mistakes, overlooked system settings, and a strange, unintended effect we discovered and turned into a recovery technique. This method still works because many ransomware groups repeat the same error, and I’ll share it under TLP:RED to prevent attackers from becoming aware and adjusting their tactics. Learn how quick thinking and unexpected opportunities can make recovery possible even in the most challenging cases.
Ransomware attacks can feel like a dead end when it comes to data recovery, but not every case requires paying the ransom. In this talk, I’ll share real stories of successful recoveries achieved through attacker mistakes, overlooked system settings, and a strange, unintended effect discovered and turned into a recovery technique. This method still works because many ransomware groups repeat the same error, and I’ll share it under TLP:RED to prevent attackers from becoming aware and adjusting their tactics. Learn how quick thinking and unexpected opportunities can make recovery possible even in the most challenging cases.
English
Hi! I’m Mischa Rick van Geelen, founder of Anovum B.V., a leading cybersecurity company. I have investigated and resolved large-scale cyber incidents, including the attacks on Hof van Twente and ROC Mondriaan (publicly documented), and have been involved in numerous anonymous incidents. Additionally, I conducted the penetration test on the CoronaMelder app, with the results submitted to the Dutch Parliament, and I actively contribute to the development of the MIAUW methodology.
As a security consultant, incident responder, and digital forensic investigator, I help organizations strengthen their IT security, investigate incidents, and resolve issues. My expertise includes secure software development, network security, and the implementation of EDR/XDR solutions. I also provide workshops and lectures to enhance cybersecurity awareness.