97 Things Every Information Security Professional Should Know

Metadata

• Author: Christina Morillo
• Full Title: 97 Things Every Information Security Professional Should Know
• Category: #books

Highlights

• Types of Ransomware Fakes No files are encrypted—instead files are deleted as sabotage or as a cover for other malicious activities, often attributed to nation-state actors. Encryptors Your data files are encrypted—you need to pay or restore from backups. Blockers Your entire system is encrypted and cannot be used at all as the operating system is locked out. This method is less popular since killing the victim’s machine does make it harder to pay. Stealers Your files are encrypted (though some have now stopped bothering with this) and are also exfiltrated—you are threatened with public release if you do not pay. (Location 915)
  • Tags: [[pink]]
• The right answer is to say, “No, we will not pay.” Making that decision, and living with it, is sometimes harder. (Location 942)
  • Tags: [[pink]]
  • Note: ransomware
• Use free tools like Process Monitor or Redline to capture the process details while you are simulating a typical end-user activity. (Location 1285)
  • Tags: [[pink]]