Checklist A

Cyber Extortion Response

Here is a quick, high-level checklist for responding to a cyber extortion incident. The steps are meant as a guide; specific response needs will vary from case to case. Tasks in this checklist often occur simultaneously and should not be taken as a linear process. Immediately following each item on the checklist, you’ll find the section number (in parentheses) where you can find more detailed information. Note that this checklist will evolve over time; see the authors’ website for the latest version.

The Crisis Begins

The following activities are normally initiated immediately after an incident is discovered.

  • Activate incident response processes. (4.2)

  • Involve the appropriate people and appoint an incident ...

Get Ransomware and Cyber Extortion: Response and Prevention now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.