Analyzing the GreyEnergy Malware: From Maldoc to Backdoor

May 15, 2019 12:45 PM

GreyEnergy is an Advanced Persistent Threat (APT) which has been targeting industrial networks in Ukraine and other Eastern European countries for the past several years. Nozomi published an overview of the malware’s components and lets our customers know they will receive alerts if GreyEnergy exists in their systems. This presentation provides a detailed description of how the malware works, from the moment a phishing email is received until the malware (backdoor) is installed in their system.

Speaker Information

Panelist Information

Gehron “Ronny” Fredericks

Nozomi Networks

Gehron “Ronny” Fredericks is a Senior Technical Engineer at Nozomi Networks. He holds a Master’s degree in Digital Forensics & Cyber Investigation and an additional MBA from UMUC. Ronny has unique OT experience from his time at leading energy provider, Exelon Corporation, as a Senior Security Analyst in their Security Operations Center. He has also worked closely on the IT side as a developer and technical operations manager in previous roles. Ronny is currently a member of the Infragard – Maryland Members Alliance and the US Secret Service Electronic Crimes Task Force.