Ransomware and Cyber Extortion: Response and Prevention
- Length: 352 pages
- Edition: 1
- Language: English
- Publisher: Addison-Wesley Professional
- Publication Date: 2022-11-28
- ISBN-10: 0137450338
- ISBN-13: 9780137450336
- Sales Rank: #1103232 (See Top 100 Books)
Today, ransomware is causing dangerous operational failures, financial catastrophes, multi-million-dollar losses, and in some cases, deaths. Ransomware is even undermining the security of nation-states and becoming a contentious issue in international diplomacy. In Ransomware and Cyber Extortion: Response and Prevention , Sherri Davidson and her internationally renowned team of cybersecurity experts offer new insights and well-structured best practices for the entire lifecycle: prevention, detection, mitigation, remediation, and recovery.
Drawing on deep experience consulting with (and negotiating for) ransomware victims, the authors reveal how cyber extortionists now operate, and show how to limit damage, avoid costly mistakes, and reduce future risks. Their real-world case studies help you understand crucial complexities of ransomware response, and address issues ranging from avoiding reinfection to filing insurance claims.
Designed for easy use when you’re under the most pressure, Ransomware and Cyber Extortion contains clear, visual tips for communication, time management, and preparation, cloud-specific issues, and much more. If you haven’t faced a ransomware attack yet, count yourself lucky, and get this guide today–so you can prepare, before it’s too late.
Cover Page About This eBook Halftitle Page Title Page Copyright Page Pearson’s Commitment to Diversity, Equity, and Inclusion Dedication Page Contents Preface Who Should Read This Book? How This Book Is Organized Other Chapter Elements Stay Up to Date Acknowledgments About the Authors Chapter 1. Impact 1.1 A Cyber Epidemic 1.2 What Is Cyber Extortion? 1.3 Impacts of Modern Cyber Extortion 1.4 Victim Selection 1.5 Scaling Up 1.6 Conclusion 1.7 Your Turn! Chapter 2. Evolution 2.1 Origin Story 2.2 Cryptoviral Extortion 2.3 Early Extortion Malware 2.4 Key Technological Advancements 2.5 Ransomware Goes Mainstream 2.6 Ransomware-as-a-Service 2.7 Exposure Extortion 2.8 Double Extortion 2.9 An Industrial Revolution 2.10 Conclusion 2.11 Your Turn! Chapter 3. Anatomy of an Attack 3.1 Anatomy Overview 3.2 Entry 3.3 Expansion 3.4 Appraisal 3.5 Priming 3.6 Leverage 3.7 Extortion 3.8 Conclusion 3.9 Your Turn! Chapter 4. The Crisis Begins! 4.1 Cyber Extortion Is a Crisis 4.2 Detection 4.3 Who Should Be Involved? 4.4 Conduct Triage 4.5 Assess Your Resources 4.6 Develop the Initial Response Strategy 4.7 Communicate 4.8 Conclusion 4.9 Your Turn! Chapter 5. Containment 5.1 The Need for Speed 5.2 Gain Access to the Environment 5.3 Halting Encryption/Deletion 5.4 Disable Persistence Mechanisms 5.5 Halting Data Exfiltration 5.6 Resolve Denial-of-Service Attacks 5.7 Lock Out the Hackers 5.8 Hunt for Threats 5.9 Taking Stock 5.10 Conclusion 5.11 Your Turn! Chapter 6. Investigation 6.1 Research the Adversary 6.2 Scoping 6.3 Breach Investigation or Not? 6.4 Evidence Preservation 6.5 Conclusion 6.6 Your Turn! Chapter 7. Negotiation 7.1 It’s a Business 7.2 Establish Negotiation Goals 7.3 Outcomes 7.4 Communication Methods 7.5 Pressure Tactics 7.6 Tone, Timeliness, and Trust 7.7 First Contact 7.8 Sharing Information 7.9 Common Mistakes 7.10 Proof of Life 7.11 Haggling 7.12 Closing the Deal 7.13 Conclusion 7.14 Your Turn! Chapter 8. Payment 8.1 To Pay or Not to Pay? 8.2 Forms of Payment 8.3 Prohibited Payments 8.4 Payment Intermediaries 8.5 Timing Issues 8.6 After Payment 8.7 Conclusion 8.8 Your Turn! Chapter 9. Recovery 9.1 Back up Your Important Data 9.2 Build Your Recovery Environment 9.3 Set up Monitoring and Logging 9.4 Establish Your Process for Restoring Individual Computers 9.5 Restore Based on an Order of Operations 9.6 Restoring Data 9.7 Decryption 9.8 It’s Not Over 9.9 Adapt 9.10 Conclusion 9.11 Your Turn! Chapter 10. Prevention 10.1 Running an Effective Cybersecurity Program 10.2 Preventing Entry 10.3 Detecting and Blocking Threats 10.4 Operational Resilience 10.5 Reducing Risk of Data Theft 10.6 Solving the Cyber Extortion Problem 10.7 Conclusion 10.8 Your Turn! Afterword Checklist A. Cyber Extortion Response The Crisis Begins Containment Investigation Negotiation Payment Recovery Checklist B. Resources to Create in Advance Response plans that clearly delineate Crisis communications plans that address Specific procedures for tasks such as Contact information for the response team, leadership, and third parties Templates for use throughout the response Technology to support response efforts Reference materials Checklist C. Planning Your Response Checklist D. Running an Effective Cybersecurity Program Know What You’re Trying to Protect Understand Your Obligations Manage Your Risk Monitor Your Risk Index Code Snippets
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.