Incident Response Techniques for Ransomware Attacks

Preface

Section 1: Getting Started with a Modern Ransomware Attack

Chapter 1: The History of Human-Operated Ransomware Attacks

2016 – SamSam ransomware

Who was behind the SamSam ransomware

2017 – BitPaymer ransomware

The mastermind behind the BitPaymer ransomware

2018 – Ryuk ransomware

Who was behind the Ryuk ransomware?

2019-present – ransomware-as-a-service

Who was behind ransomware-as-a-service programs?

Summary

Chapter 2: The Life Cycle of a Human-Operated Ransomware Attack

Initial attack vectors

RDP compromise

Spear phishing

Software vulnerabilities

Post-exploitation

Data exfiltration

Ransomware deployment

Summary

Chapter 3: The Incident Response Process

Preparation for an incident

The team

The infrastructure

Threat detection ...

Get Incident Response Techniques for Ransomware Attacks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Incident Response Techniques for Ransomware Attacks by Oleg Skulkin

Table of Contents

Preface

Section 1: Getting Started with a Modern Ransomware Attack

Chapter 1: The History of Human-Operated Ransomware Attacks

2016 – SamSam ransomware

Who was behind the SamSam ransomware

2017 – BitPaymer ransomware

The mastermind behind the BitPaymer ransomware

2018 – Ryuk ransomware

Who was behind the Ryuk ransomware?

2019-present – ransomware-as-a-service

Who was behind ransomware-as-a-service programs?

Summary

Chapter 2: The Life Cycle of a Human-Operated Ransomware Attack

Initial attack vectors

RDP compromise

Spear phishing

Software vulnerabilities

Post-exploitation

Data exfiltration

Ransomware deployment

Summary

Chapter 3: The Incident Response Process

Preparation for an incident

The team

The infrastructure

Threat detection ...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly