Ransomware and Cyber Extortion: Response and Prevention

Chapter 6 Investigation

Knowledge itself is power.

—Sir Francis Bacon

Learning Objectives

Understand the purpose of investigating a cyber extortion attack
Gain strategies for identifying an adversary and using this knowledge to inform the response
Articulate techniques for scoping an attack, including identifying indicators of compromise, tracking down “patient zero,” and developing a timeline
Understand how and why to preserve evidence in cyber extortion cases
Learn the fundamentals of data breach investigations and how they relate to cyber extortion attacks

As soon as a cyber extortion attack is discovered, the investigation begins—at least informally, if not formally. Investigation refers to the process of systematically uncovering facts ...

Get Ransomware and Cyber Extortion: Response and Prevention now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Ransomware and Cyber Extortion: Response and Prevention by Sherri Davidoff, Matt Durrin, Karen Sprenger

Chapter 6

Investigation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly