Mitigating and Responding to Ransomware: From Initial Pwnage to BitCoin Shortage by Ken Liao
Ransomware has been around since the late 1980s (!) but in recent years has become a much more common and disruptive element for network defenders. In this webinar, we will discuss the three types of ransomware (Client-side, Server-side and Hybrid), how to mitigate initial infection and respond to and remediate an infection with appropriate scoping, escalation and lessons learned. In addition to technical mitigations, we will also incorporate the latest NIST guidance on recovery from destructive attacks (SP800-174), and discuss 'layer 8' strategy to obtain executive support for mitigating and recovering from a ransomware incident, which, unlike low and slow attacks on confidentiality (IP, PII, ePHI), disrupt productivity and uptime, which the business executives certainly care about in a fundamentally different way than data theft.