Changing the Game: Hunting Ransomware
This white paper details the key to stopping ransomware is to detect its presence as early in the kill chain as possible and neutralize it before it can carry out its mission.
Ransomware attacks progress along a well-known kill chain. Attackers start by gaining entry to your infrastructure, typically via email phishing, by exploiting virtual private network (VPN) weaknesses or through Windows Remote Desktop Protocol (RDP). Then, they traverse along the chain to install malware, elevate to domain administrator privileges, seek out important hosts, disable security software and deploy the encryption package.
The process takes time. Anywhere from a few days to several weeks can elapse before the final package is installed and the ransom request is delivered.
The key to stopping ransomware is to detect its presence as early in the kill chain as possible and neutralize it before it can carry out its mission. This eBook explains how you can get it done with Alert Logic’s Threat Intelligence team and the experts at OneNeck.