Название: Learning Ransomware Response & Recovery: Stopping Ransomware One Restore at a Time (Early Release)Автор: W. Curtis Preston, Michael Saylor
Издательство: O’Reilly Media, Inc.
Год: 2025-02-11
Страниц: 103
Язык: английский
Формат: pdf, epub, mobi
Размер: 10.1 MB
Ransomware attacks are no longer a question of if—it's a matter of when. With hackers increasingly targeting backup and disaster recovery (DR) systems, organizations need more than prevention strategies; they need a battle-tested plan for minimizing damage, forensically determining what's happened and restoring your environment without paying the ransom. Renowned experts W. Curtis Preston and Dr. Mike Saylor offer a comprehensive guide to protecting critical systems and responding effectively when the worst happens.
Whether you're a security professional unaware of how exposed your backup systems are, or a backup admin in need of stronger security expertise, this book is your essential roadmap. With actionable advice, clear frameworks, and step-by-step guidance, it bridges the gap between data protection and cybersecurity—empowering teams to deliver decisive, effective responses when faced with ransomware.
Ransomware is malicious software (malware) designed to block access to a computer system or encrypt its data until a ransom is paid. At its core, ransomware infiltrates a computer system—often through deceptive means like phishing emails or malicious downloads - and then encrypts the victim’s files, making them inaccessible. In more advanced attack scenarios, threat actors will use a type of ransomware capable of performing surveillance within victim systems and networks before strategically encrypting devices in a coordinated, larger scale attack that not only encrypts user data files but also impacts the organization’s ability to conduct business by encrypting critical systems – including those that support email, phones, internet, and business applications (e.g. invoicing, warehouse, payroll, etc.). The attackers, who are usually cybercriminals seeking financial gain, then demand a ransom payment, typically in the form cryptocurrency like bitcoin, in exchange for a decryption key that can unlock the files.
Ransomware is typically developed with high-level programming languages, like C, C++, jаvascript, and Python due to their flexibility and compatibility across various computer operating systems. Some have also been found to be written in more specialized programming languages like Go and Rust, which provide greater speed, efficiency, and additional compatibility across target systems. In any case, the ransomware developer begins with the fundamental objectives of getting the malware installed on victim computers without being detected, conducting an inventory, calling home to negotiate the encryption keys, encrypting the target files, and leaving a ransom note.
Prevent 90% of ransomware attacks with practical, simple steps
Shield your backup systems from also being a victim of the attack
Minimize the blast radius of attacks on your infrastructure
Identify, isolate, and restore compromised systems with confidence
Develop and test a detailed incident response plan
Скачать Learning Ransomware Response & Recovery (Early Release)