Roger A. Grimes

Ransomware Protection Playbook


Скачать книгу

https://www.thepitchkc.com/dr-popp-the-first-computer-virus-and-the-purpose-of-human-life-studies-in-crap-gapes-at-popular-evolution/

        https://blog.emsisoft.com/en/34742/history-of-ransomware-a-supervillain-30-years-in-the-making/

        https://www.villagevoice.com/2009/04/16/dr-popp-the-first-computer-virus-and-the-purpose-of-human-life-studies-in-crap-gapes-at-popular-evolution/

        https://www.gwinnettdailypost.com/news/business/the-bizarre-story-of-the-inventor-of-ransomware/article_bed2be94-129c-5d5a-a973-2112d99556a6.html

        https://www.knowbe4.com/aids-trojan

      The PC Cyborg ransomware trojan was a startling wake-up. The lesson learned was that there are people in this world who have no ethical qualms with encrypting your hard drive and asking for a ransom to be paid to unlock it. They were willing to risk going to jail to do it.

      Surprisingly, after Dr. Popp's trojan, there wasn't a lot of imitation as antivirus fighters had feared. Perhaps it was because Dr. Popp had not been successful. He didn't get rich. He ended up in jail. Lesson learned. Other criminals learned that it was hard to do digital extortion and get away with it, at least at the time. But in another decade or so, other advances in technology would give them the means to get away with the crime almost every time.

      Dr. Popp's encryption wasn't very good either. But around the same time period, other types of malware, especially computer viruses, were starting to experiment with better encryption. But encryption was used only to hide and protect the malware program itself from quick antivirus detection and not to encrypt data files and ask for ransom.

      As the encryption issue was being fixed, the far bigger problem for criminals was how a ransomware creator could get paid without getting caught and sent to jail. Two things happened. First, Bitcoin was invented in 2009. It took a few years, but by 2014, the ransomware programs made the link to Bitcoin, and the whole ransomware industry exploded. Now, criminals could get paid without getting caught.

      Second, some major countries, like Russia, became cyber safe havens for ransomware criminals. Today, many ransomware gangs are located in or around Russia and operate with near impunity. Many pay bribes to local and country law enforcement as a part of doing business, and their revenue streams are seen as a net positive in their host countries. As long as they don't encrypt computers in their host or friendly ally countries, they are free to do business with few exceptions.

      With these two new developments in place, sophisticated ransomware programs started to take out entire businesses, hospitals, police stations, and even entire cities. Today, ransomware is so prolific that entire companies being taken down, and ransoms paid in the multi-million-dollar range don't even raise an eyebrow. Ransomware attacks are taking down oil pipelines, food production plants, corporate mega-conglomerates, closing schools, delaying healthcare, and pretty much exploiting everything they can with near impunity. As I write this, ransomware gangs are likely in their “golden years,” causing more disruption and making more money, than ever before. At this moment, we aren't doing a very good job at stopping it.

      This book will tell you the best things you can do to prevent a ransomware attack from happening in the first place, better than any other source you can find. It will tell you the details of what you need to do before you are possibly hit by ransomware and what to do, step-by-step if you are exploited. You don't have to be a victim. You can fight back.

      Anyone can be a victim of ransomware. Ransomware is difficult to defeat currently. The aim of this book is not to say that you can 100 percent defeat ransomware. You can't. No one can make that claim. Cybersecurity defense is about risk minimization, not elimination. My goal is to help you minimize the risk as much as possible. If you follow the ideas and steps in this book, you will minimize your risk of a successful ransomware exploit as best you can given the current state of what we can do until we get new defenses that work better for us all (covered in Chapter 2, Preventing Ransomware”).

      Fight the good fight!

      This book is primarily aimed at anyone who is in charge of managing their organization's computer security, from the front-line defender to the top computer security executive. It is for anyone who is considering reviewing, buying, or implementing computer security defenses for the first or the tenth time.

      Ransomware Protection Playbook contains 12 chapters separated into 2 distinct parts.

       Part I: Introduction

      Part I summarizes what ransomware does, how sophisticated it is, and how to prevent it from exploiting your organization and devices. Many people don't understand how mature ransomware is and even more don't concentrate enough on stopping it before it attacks.

       Chapter 1, “Introduction to Ransomware” Chapter 1 covers ransomware starting with a little bit of history of the significant milestones and then discusses the very sophisticated and mature versions used today. The ransomware industry is run much more like a multilevel marketing firm/ecosystem than anything else. Chapter 1 will cover the common pieces and parts. As an encompassing introduction, it is also the longest chapter in the book.

       Chapter 2, “Preventing Ransomware” Preventing ransomware