What does a real ransomware attack actually look like from the inside? In this session, we break down the anatomy of a real-world incident that nearly resulted in a €20 million ransom payment.

Through a full demo walkthrough, we trace the attacker’s journey step by step — from initial access and privilege escalation to lateral movement, data exfiltration, and detonation.

At each stage, we expose the techniques used by the adversary and the exact countermeasures that could have disrupted the attack at each stage.

Led by an ethical hacker involved in the incident response, this session delivers both sides of the battle: how attackers think, and how defenders can stop them. Expect practical lessons learned, real-world insights, and actionable strategies you can apply immediately to strengthen your ransomware resilience.