97 Things Every Information Security Professional Should Know
Metadata
Author: Christina Morillo
Full Title: 97 Things Every Information Security Professional Should Know
Category: #books
Highlights
Types of Ransomware Fakes No files are encrypted—instead files are deleted as sabotage or as a cover for other malicious activities, often attributed to nation-state actors. Encryptors Your data files are encrypted—you need to pay or restore from backups. Blockers Your entire system is encrypted and cannot be used at all as the operating system is locked out. This method is less popular since killing the victim’s machine does make it harder to pay. Stealers Your files are encrypted (though some have now stopped bothering with this) and are also exfiltrated—you are threatened with public release if you do not pay. (Location 915)
Tags: [[pink]]
The right answer is to say, “No, we will not pay.” Making that decision, and living with it, is sometimes harder. (Location 942)
Tags: [[pink]]
Note: ransomware
Use free tools like Process Monitor or Redline to capture the process details while you are simulating a typical end-user activity. (Location 1285)