Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Incident Response Techniques for Ransomware Attacks

You're reading from   Incident Response Techniques for Ransomware Attacks Understand modern ransomware attacks and build an incident response strategy to work through them

Arrow left icon
Product type Paperback
Published in Apr 2022
Publisher Packt
ISBN-13 9781803240442
Length 228 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Oleg Skulkin Oleg Skulkin
Author Profile Icon Oleg Skulkin
Oleg Skulkin
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Section 1: Getting Started with a Modern Ransomware Attack
2. Chapter 1: The History of Human-Operated Ransomware Attacks FREE CHAPTER 3. Chapter 2: The Life Cycle of a Human-Operated Ransomware Attack 4. Chapter 3: The Incident Response Process 5. Section 2: Know Your Adversary: How Ransomware Gangs Operate
6. Chapter 4: Cyber Threat Intelligence and Ransomware 7. Chapter 5: Understanding Ransomware Affiliates' Tactics, Techniques, and Procedures 8. Chapter 6: Collecting Ransomware-Related Cyber Threat Intelligence 9. Section 3: Practical Incident Response
10. Chapter 7: Digital Forensic Artifacts and Their Main Sources 11. Chapter 8: Investigating Initial Access Techniques 12. Chapter 9: Investigating Post-Exploitation Techniques 13. Chapter 10: Investigating Data Exfiltration Techniques 14. Chapter 11: Investigating Ransomware Deployment Techniques 15. Chapter 12: The Unified Ransomware Kill Chain 16. Other Books You May Enjoy

Summary

In this chapter, we have looked at various sources of ransomware-related CTI. We've analyzed a couple of open source reports and extracted valuable pieces of data to allow us to reconstruct various parts of the attack life cycle and transform them into CTI.

We've learned how to analyze social media to extract pieces of cyber threat data shared by representatives of the cyber security community.

Finally, we've looked deep into underground forums and learned how to receive CTI directly from the adversary—ransomware affiliates.

Now, as you've already learned a lot about human-operated ransomware attacks and have a clear understanding of how such attacks actually work, you are ready to dive into the process of investigation.

In the next chapter, we'll look at the main sources of digital forensic artifacts that allow incident responders to reconstruct a human-operated ransomware attack and understand what exactly was done during its life...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image