Ransomware. Defending Against Digital Extortion - Helion
ISBN: 978-14-919-6783-6
stron: 190, Format: ebook
Data wydania: 2016-11-21
Księgarnia: Helion
Cena książki: 126,65 zł (poprzednio: 147,27 zł)
Oszczędzasz: 14% (-20,62 zł)
The biggest online threat to businesses and consumers today is ransomware, a category of malware that can encrypt your computer files until you pay a ransom to unlock them. With this practical book, you’ll learn how easily ransomware infects your system and what steps you can take to stop the attack before it sets foot in the network.
Security experts Allan Liska and Timothy Gallo explain how the success of these attacks has spawned not only several variants of ransomware, but also a litany of ever-changing ways they’re delivered to targets. You’ll learn pragmatic methods for responding quickly to a ransomware attack, as well as how to protect yourself from becoming infected in the first place.
- Learn how ransomware enters your system and encrypts your files
- Understand why ransomware use has grown, especially in recent years
- Examine the organizations behind ransomware and the victims they target
- Learn how wannabe hackers use Ransomware as a Service (RaaS) to launch campaigns
- Understand how ransom is paid—and the pros and cons of paying
- Use methods to protect your organization’s workstations and servers
Osoby które kupowały "Ransomware. Defending Against Digital Extortion", wybierały także:
- Windows Server 2003. Bezpieczeństwo sieci 74,69 zł, (23,90 zł -68%)
- Spring Security. Kurs video. Metody zabezpieczania aplikacji webowych 69,00 zł, (31,05 zł -55%)
- Cyberbezpieczeństwo w bashu. Jak za pomocą wiersza poleceń prowadzić działania zaczepne i obronne 69,00 zł, (34,50 zł -50%)
- Informatyka w kryminalistyce. Praktyczny przewodnik. Wydanie II 149,00 zł, (74,50 zł -50%)
- Wojny w cyberprzestrzeni. Koncepcje, strategie i taktyki, dzięki którym przetrwasz i ocalisz swoją organizację 58,98 zł, (29,49 zł -50%)
Spis treści
Ransomware. Defending Against Digital Extortion eBook -- spis treści
- Preface
- Conventions Used in This Book
- Using Code Examples
- OReilly Safari
- How to Contact Us
- Acknowledgments
- I. Understanding Ransomware
- 1. Introduction to Ransomware
- Ransomwares Checkered Past
- Anatomy of a Ransomware Attack
- Deployment
- Installation
- Command-and-Control
- Handshake and key exchange
- Destruction
- Extortion
- Destruction Phase
- File Encryption
- Symmetric Key Encryption
- Asymmetric key encryption
- Symmetric Key Encryption
- System or Browser Locking
- File Encryption
- The Rapid Growth of Ransomware
- Other Factors
- Increased availability of strong crypto
- The global availability of cryptocurrency
- Dynamic DNS
- Misleading Applications, FakeAV, and Modern CrytpoRansomware
- Other Factors
- Summary
- 2. Pros and Cons of Paying the Ransom
- Oh
- Knowing What Is Actually Backed Up
- Knowing Which Ransomware Family Infected the System
- When to Pay the Ransom
- Ransomware and Reporting Requirements
- PCI DSS and Ransomware
- HIPPA
- Summary
- Oh
- 3. Ransomware Operators and Targets
- Criminal Organizations
- TeslaCrypt
- CryptXXX
- CryptoWall
- Locky
- Ranscam
- Who Are Ransomware Groups Targeting?
- Evolving Targets
- Advanced Hacking Groups Move In
- Ransomware as a Service (RaaS)
- Different RaaS Models
- RaaS Disrupts Security Tools
- Summary
- Criminal Organizations
- II. Defensive Tactics
- 4. Protecting Workstations and Servers
- Attack Vectors for Ransomware
- Hardening the System and Restricting Access
- Time to Ditch Flash
- Asset Management, Vulnerability, Scanning, and Patching
- Disrupting the Attack Chain
- Preventing ransomware from executing
- Looking at packers and the registry
- Shadow copy
- Disrupting command-and-control at the desktop
- Stopping the attack during the encryption process
- Looking for the Executable Post-Attack
- Protecting Public-Facing Servers
- Alerting and Reacting Quickly
- Honeyfiles and Honeydirectories
- Summary
- 5. Protecting the Workforce
- Knowing the Risks and Targets
- Learning How to Prevent Compromises
- Email Attachment Scanning
- Tracking Down the Websites
- DGAs
- Testing and Teaching Users
- Security Awareness Training
- Phishing Users
- How Do You Show the Value?
- Post Ransomware
- Summary
- 6. Threat Intelligence and Ransomware
- Understanding the Latest Delivery Methods
- Using the Latest Network Indicators
- Detecting the Latest Behavioral Indicators
- User Behavior Analytics
- Summary
- III. Ransomware Families
- 7. Cerber
- Who Developed Cerber?
- The Encryption Process
- Cerber and BITS
- Protecting Against Cerber
- Summary
- 8. Locky
- Who Developed Locky?
- The Encryption Process
- Understanding Lockys DGA
- Zepto and Bart Variants
- DLL Delivery
- Protecting Against Locky
- Block the Spam
- Disable Macros in Microsoft Office Documents
- Dont Allow JavaScript Files to Execute Locally
- Stop the Initial Callout
- Reverse-Engineering the DGA
- Summary
- 9. CryptXXX
- Who Developed CryptXXX?
- Advanced Endpoint Protection Versus Sandboxing
- Crypt + XXX
- The Encryption Process
- Protecting Against CryptXXX
- Exploit Kits
- DNS Firewalls and IDS
- Challenges with domain blocking
- DNS firewalls
- Using an IDS
- Keeping users informed
- Stopping CryptXXX
- Summary
- Who Developed CryptXXX?
- 10. Other Ransomware Families
- CryptoWall
- Who Developed CryptoWall?
- The Encryption Process
- PowerWare
- The Encryption Process
- Protecting Against PowerWare
- Ransom32
- KeRanger/KeyRanger
- Hidden Tear
- TeslaCrypt
- Mobile Ransomware
- Ransomware Targeting Medical Devices
- Medical Devices
- Unpatched medical devices
- Why isnt it a bigger problem?
- Medical Devices
- Summary
- CryptoWall
- Index