October 2021
Intermediate to advanced
320 pages
7h 8m
English
Content preview from Ransomware Protection Playbook
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 6Detecting Ransomware
If you can't prevent ransomware, the next best thing is detecting it quickly. Up to 85 percent of victim organizations had up-to-date antivirus programs (and other traditional defenses) and still got successfully exploited by ransomware. In this chapter, the best ways to detect ransomware are discussed in an attempt to stop it immediately or to mitigate its spread and damage.
Why Is Ransomware So Hard to Detect?
Many people are surprised to learn that ransomware is so successful in organizations with all the traditional defenses enabled. Most organizations hit by ransomware had up-to-date antivirus, firewalls, content filtering, and all the normal defense controls we are all told we need in order to successfully defend against hackers and malware. There are more than a handful of reasons why ransomware can be so successful in environments you would expect to be well protected. Later in this chapter, we discuss some of the reasons why even well-defended organizations are breached.
First, antivirus and endpoint detection and response (EDR) software has never been 100 percent accurate, no matter what the ads say. Nothing in the computer defense world is both easy and 100 percent accurate (more on this later). These days it is incredibly hard for any antivirus vendor to keep up with the many millions of new malware programs created each year. It's not that there are truly millions of completely new, unique malware programs being created each year; ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.