دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید
در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید
برای کاربرانی که ثبت نام کرده اند
درصورت عدم همخوانی توضیحات با کتاب
از ساعت 7 صبح تا 10 شب
ویرایش: [1 ed.]
نویسندگان: Roger A. Grimes
سری:
ISBN (شابک) : 1119849128, 9781119849124
ناشر: Wiley
سال نشر: 2021
تعداد صفحات: 320
[323]
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 6 Mb
در صورت تبدیل فایل کتاب Ransomware Protection Playbook به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب کتاب راهنمای حفاظت از باج افزار نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
با برداشتن گام های عملی امروز Colonial Pipeline از تبدیل شدن به قربانی باج افزار بعدی جلوگیری کنید. CWT Global. برنتاگ Travelex. لیست قربانیان باج افزار طولانی، متمایز و پیچیده است. و هر روز بیشتر می شود. راجر آ. گریمز، کهنه کار امنیت رایانه و تستر نفوذ خبره، راجر آ. گریمز، کهنه کار امنیت رایانه و تستر نفوذ خبره، طرحی عملی برای سازمان هایی ارائه می دهد که به دنبال دفاعی قوی در برابر یکی از موذیانه ترین و مخرب ترین تهدیدات فناوری اطلاعات در حال حاضر در طبیعت هستند. در مورد اقدامات مشخصی که اکنون می توانید برای محافظت از خود یا سازمانتان در برابر حملات باج افزار بردارید، یاد خواهید گرفت. این کتاب مهم علاوه بر راهنمایی شما در اقدامات پیشگیرانه فنی لازم، به شما نشان میدهد که چگونه میتوانید: به سرعت یک حمله را شناسایی کنید، آسیب را محدود کنید، و تصمیم بگیرید که آیا باج را بپردازید یا خیر. -تغییر نقض امنیت برای کمک به محدود کردن صدمات مالی و اعتباری ایجاد یک پایه ایمن از بیمه امنیت سایبری و حفاظت قانونی برای کاهش اختلال در زندگی و کسب و کار شما که باید برای متخصصان امنیت سایبری و اطلاعات، رهبران حریم خصوصی، مدیران ریسک، و مدیران ارشد فناوری، کتاب راهنمای حفاظت از باج افزار منبعی غیرقابل جایگزین و به موقع برای هر کسی است که نگران امنیت داده های خود یا سازمان خود است.
Avoid becoming the next ransomware victim by taking practical steps today Colonial Pipeline. CWT Global. Brenntag. Travelex. The list of ransomware victims is long, distinguished, and sophisticated. And it’s growing longer every day. In Ransomware Protection Playbook, computer security veteran and expert penetration tester Roger A. Grimes delivers an actionable blueprint for organizations seeking a robust defense against one of the most insidious and destructive IT threats currently in the wild. You’ll learn about concrete steps you can take now to protect yourself or your organization from ransomware attacks. In addition to walking you through the necessary technical preventative measures, this critical book will show you how to: Quickly detect an attack, limit the damage, and decide whether to pay the ransom Implement a pre-set game plan in the event of a game-changing security breach to help limit the reputational and financial damage Lay down a secure foundation of cybersecurity insurance and legal protection to mitigate the disruption to your life and business A must-read for cyber and information security professionals, privacy leaders, risk managers, and CTOs, Ransomware Protection Playbook is an irreplaceable and timely resource for anyone concerned about the security of their, or their organization’s, data.
Cover Title Page Copyright Page About the Author About the Technical Editor Acknowledgments Contents Introduction Who This Book Is For What Is Covered in This Book? How to Contact Wiley or the Author Part I Introduction Chapter 1 Introduction to Ransomware How Bad Is the Problem? Variability of Ransomware Data True Costs of Ransomware Types of Ransomware Fake Ransomware Immediate Action vs. Delayed Automatic or Human-Directed Single Device Impacts or More Ransomware Root Exploit File Encrypting vs. Boot Infecting Good vs. Bad Encryption Encryption vs. More Payloads Ransomware as a Service Typical Ransomware Process and Components Infiltrate After Initial Execution Dial-Home Auto-Update Check for Location Initial Automatic Payloads Waiting Hacker Checks C&C More Tools Used Reconnaissance Readying Encryption Data Exfiltration Encryption Extortion Demand Negotiations Provide Decryption Keys Ransomware Goes Conglomerate Ransomware Industry Components Summary Chapter 2 Preventing Ransomware Nineteen Minutes to Takeover Good General Computer Defense Strategy Understanding How Ransomware Attacks The Nine Exploit Methods All Hackers and Malware Use Top Root-Cause Exploit Methods of All Hackers and Malware Top Root-Cause Exploit Methods of Ransomware Preventing Ransomware Primary Defenses Everything Else Use Application Control Antivirus Prevention Secure Configurations Privileged Account Management Security Boundary Segmentation Data Protection Block USB Keys Implement a Foreign Russian Language Beyond Self-Defense Geopolitical Solutions International Cooperation and Law Enforcement Coordinated Technical Defense Disrupt Money Supply Fix the Internet Summary Chapter 3 Cybersecurity Insurance Cybersecurity Insurance Shakeout Did Cybersecurity Insurance Make Ransomware Worse? Cybersecurity Insurance Policies What’s Covered by Most Cybersecurity Policies Recovery Costs Ransom Root-Cause Analysis Business Interruption Costs Customer/Stakeholder Notifications and Protection Fines and Legal Investigations Example Cyber Insurance Policy Structure Costs Covered and Not Covered by Insurance The Insurance Process Getting Insurance Cybersecurity Risk Determination Underwriting and Approval Incident Claim Process Initial Technical Help What to Watch Out For Social Engineering Outs Make Sure Your Policy Covers Ransomware Employee’s Mistake Involved Work-from-Home Scenarios War Exclusion Clauses Future of Cybersecurity Insurance Summary Chapter 4 Legal Considerations Bitcoin and Cryptocurrencies Can You Be in Legal Jeopardy for Paying a Ransom? Consult with a Lawyer Try to Follow the Money Get Law Enforcement Involved Get an OFAC License to Pay the Ransom Do Your Due Diligence Is It an Official Data Breach? Preserve Evidence Legal Defense Summary Summary Part II Detection and Recovery Chapter 5 Ransomware Response Plan Why Do Response Planning? When Should a Response Plan Be Made? What Should a Response Plan Include? Small Response vs. Large Response Threshold Key People Communications Plan Public Relations Plan Reliable Backup Ransom Payment Planning Cybersecurity Insurance Plan What It Takes to Declare an Official Data Breach Internal vs. External Consultants Cryptocurrency Wallet Response Checklist Definitions Practice Makes Perfect Summary Chapter 6 Detecting Ransomware Why Is Ransomware So Hard to Detect? Detection Methods Security Awareness Training AV/EDR Adjunct Detections Detect New Processes Anomalous Network Connections New, Unexplained Things Unexplained Stoppages Aggressive Monitoring Example Detection Solution Summary Chapter 7 Minimizing Damage Basic Outline for Initial Ransomware Response Stop the Spread Power Down or Isolate Exploited Devices Disconnecting the Network Disconnect at the Network Access Points Suppose You Can’t Disconnect the Network Initial Damage Assessment What Is Impacted? Ensure Your Backups Are Still Good Check for Signs of Data and Credential Exfiltration Check for Rogue Email Rules What Do You Know About the Ransomware? First Team Meeting Determine Next Steps Pay the Ransom or Not? Recover or Rebuild? Summary Chapter 8 Early Responses What Do You Know? A Few Things to Remember Encryption Is Likely Not Your Only Problem Reputational Harm May Occur Firings May Happen It Could Get Worse Major Decisions Business Impact Analysis Determine Business Interruption Workarounds Did Data Exfiltration Happen? Can You Decrypt the Data Without Paying? Ransomware Is Buggy Ransomware Decryption Websites Ransomware Gang Publishes Decryption Keys Sniff a Ransomware Key Off the Network? Recovery Companies Who Lie About Decryption Key Use If You Get the Decryption Keys Save Encrypted Data Just in Case Determine Whether the Ransom Should Be Paid Not Paying the Ransom Paying the Ransom Recover or Rebuild Involved Systems? Determine Dwell Time Determine Root Cause Point Fix or Time to Get Serious? Early Actions Preserve the Evidence Remove the Malware Change All Passwords Summary Chapter 9 Environment Recovery Big Decisions Recover vs. Rebuild In What Order Restoring Network Restore IT Security Services Restore Virtual Machines and/or Cloud Services Restore Backup Systems Restore Clients, Servers, Applications, Services Conduct Unit Testing Rebuild Process Summary Recovery Process Summary Recovering a Windows Computer Recovering/Restoring Microsoft Active Directory Summary Chapter 10 Next Steps Paradigm Shifts Implement a Data-Driven Defense Focus on Root Causes Rank Everything! Get and Use Good Data Heed Growing Threats More Row the Same Direction Focus on Social Engineering Mitigation Track Processes and Network Traffic Improve Overall Cybersecurity Hygiene Use Multifactor Authentication Use a Strong Password Policy Secure Elevated Group Memberships Improve Security Monitoring Secure PowerShell Secure Data Secure Backups Summary Chapter 11 What Not to Do Assume You Can’t Be a Victim Think That One Super-Tool Can Prevent an Attack Assume Too Quickly Your Backup Is Good Use Inexperienced Responders Give Inadequate Considerations to Paying Ransom Lie to Attackers Insult the Gang by Suggesting Tiny Ransom Pay the Whole Amount Right Away Argue with the Ransomware Gang Apply Decryption Keys to Your Only Copy Not Care About Root Cause Keep Your Ransomware Response Plan Online Only Allow a Team Member to Go Rogue Accept a Social Engineering Exclusion in Your Cyber-Insurance Policy Summary Chapter 12 Future of Ransomware Future of Ransomware Attacks Beyond Traditional Computers IoT Ransoms Mixed-PurposeHacking Gangs Future of Ransomware Defense Future Technical Defenses Ransomware Countermeasure Apps and Features AI Defense and Bots Strategic Defenses Focus on Mitigating Root Causes Geopolitical Improvements Systematic Improvements Use Cyber Insurance as a Tool Improve Internet Security Overall Summary Parting Words Index EULA