Incident Response Techniques for Ransomware Attacks: Understand modern ransomware attacks and build an incident response strategy to work through them

apr. 2022 · Packt Publishing Ltd

E-bok

228

Sider

Om denne e-boken

Explore the world of modern human-operated ransomware attacks, along with covering steps to properly investigate them and collecting and analyzing cyber threat intelligence using cutting-edge methods and toolsKey FeaturesUnderstand modern human-operated cyber attacks, focusing on threat actor tactics, techniques, and proceduresCollect and analyze ransomware-related cyber threat intelligence from various sourcesUse forensic methods and tools to reconstruct ransomware attacks and prevent them in the early stagesBook Description

Ransomware attacks have become the strongest and most persistent threat for many companies around the globe. Building an effective incident response plan to prevent a ransomware attack is crucial and may help you avoid heavy losses. Incident Response Techniques for Ransomware Attacks is designed to help you do just that.

This book starts by discussing the history of ransomware, showing you how the threat landscape has changed over the years, while also covering the process of incident response in detail. You'll then learn how to collect and produce ransomware-related cyber threat intelligence and look at threat actor tactics, techniques, and procedures. Next, the book focuses on various forensic artifacts in order to reconstruct each stage of a human-operated ransomware attack life cycle. In the concluding chapters, you'll get to grips with various kill chains and discover a new one: the Unified Ransomware Kill Chain.

By the end of this ransomware book, you'll be equipped with the skills you need to build an incident response strategy for all ransomware attacks.

What you will learnUnderstand the modern ransomware threat landscapeExplore the incident response process in the context of ransomwareDiscover how to collect and produce ransomware-related cyber threat intelligenceUse forensic methods to collect relevant artifacts during incident responseInterpret collected data to understand threat actor tactics, techniques, and proceduresUnderstand how to reconstruct the ransomware attack kill chainWho this book is for

This book is for security researchers, security analysts, or anyone in the incident response landscape who is responsible for building an incident response model for ransomware attacks. A basic understanding of cyber threats will be helpful to get the most out of this book.

Om forfatteren

Oleg Skulkin is the Head of DFIR Team at Group-IB. Oleg has worked in the fields of digital forensics, incident response, and cyber threat intelligence and research for almost a decade, fueling his passion for uncovering new techniques used by hidden adversaries. Oleg has authored and co-authored multiple blog posts, papers, and books on related topics and holds GCFA and GCTI certifications. You can contact him on Twitter at oskulkin.

Vurder denne e-boken

Fortell oss hva du mener.

Hvordan lese innhold

Smarttelefoner og nettbrett

Installer Google Play Bøker-appen for Android og iPad/iPhone. Den synkroniseres automatisk med kontoen din og lar deg lese både med og uten nett – uansett hvor du er.

Datamaskiner

Du kan lytte til lydbøker du har kjøpt på Google Play, i nettleseren på datamaskinen din.

Lesebrett og andre enheter

For å lese på lesebrett som Kobo eReader må du laste ned en fil og overføre den til enheten din. Følg den detaljerte veiledningen i brukerstøtten for å overføre filene til støttede lesebrett.