Book Image

Preventing Ransomware

By : Abhijit Mohanta, Mounir Hahad, Kumaraguru Velmurugan
Book Image

Preventing Ransomware

By: Abhijit Mohanta, Mounir Hahad, Kumaraguru Velmurugan

Overview of this book

<p><span id="description" class="sugar_field">Ransomware has turned out to be the most aggressive malware and has affected numerous organizations in the recent past. The current need is to have a defensive mechanism in place for workstations and servers under one organization.</span></p> <p><span class="sugar_field"><span id="description" class="sugar_field">This book starts by explaining the basics of malware, specifically ransomware. The book provides some quick tips on malware analysis and how you can identify different kinds of malware. We will also take a look at different types of ransomware, and how it reaches your system, spreads in your organization, and hijacks your computer. We will then move on to how the ransom is paid and the negative effects of doing so. You will learn how to respond quickly to ransomware attacks and how to protect yourself. The book gives a brief overview of the internals of security software and Windows features that can be helpful in ransomware prevention for administrators. You will also look at practical use cases in each stage of the ransomware phenomenon. The book talks in detail about the latest ransomware attacks involving WannaCry, Petya, and BadRabbit.</span></span></p> <p><span id="description" class="sugar_field">By the end of this book, you will have end-to-end knowledge of the trending malware in the tech industry at present.</span></p>

Related Content you might be interested in

Current Title:

Small book image
Preventing Ransomware
Abhijit Mohanta | Mounir Hahad | Kumaraguru Velmurugan
Mar, 2018 | 266 pages
Small book image
Preventing Digital Extortion
Dhanya Thakkar
May, 2017 | 360 pages
Small book image
Antivirus Bypass Techniques
Nir Yehoshua | Uriel Kosayev
Jul, 2021 | 242 pages
Small book image
Learning Malware Analysis
Monnappa K A
Jun, 2018 | 510 pages
Table of Contents (16 chapters)
Title Page
Title Page
Packt Upsell
Packt Upsell
Contributors
Contributors
Preface
Preface
Free Chapter
1
Malware from Fun to Profit
Malware from Fun to Profit
1. The malware story
2. Windows operating system basics
3. Malware components
4. Types of malware
5. How does antivirus name malware?
6. Summary
2
Malware Analysis Fundamentals
Malware Analysis Fundamentals
1. Static analysis
2. Dynamic or behavior analysis
3. Summary
3
Ransomware Distribution
Ransomware Distribution
1. Attacks through emails
2. Microsoft Word macros
3. Web attacks
4. Lateral movement
5. Botnets and downloaders
6. Summary
4
Ransomware Techniques for Hijacking the System
Ransomware Techniques for Hijacking the System
1. Scareware and rogue security software
2. ScreenLocker ransomware
3. Browser locker
4. Crypto ransomware
5. Ransomware targeting infrastructure
6. Boot ransomware
7. Summary
5
Ransomware Economics
Ransomware Economics
1. Anonymity 
2. Ransomware payment modes
3. RaaS
4. Other forms of ransom
5. Summary
6
Case Study of Famous Ransomware
Case Study of Famous Ransomware
1. Reveton
2. VirLock – the hybrid ransomware
3. GPCODE or PGPCoder
4. CryptoLocker
5. Cryptowall
6. Locky
7. Cerber
8. Petya
9. WannaCry
10. NotPetya
11. BadRabbit
12. Ransomware on Android, macOS, and Linux
13. Summary
7
Other Forms of Digital Extortion
Other Forms of Digital Extortion
1. DoS attacks
2. Data breach attacks
3. Summary
8
Ransomware Detection and Prevention
Ransomware Detection and Prevention
1. Desktop configuration
2. Antivirus
3. Exploit prevention on Windows
4. Anti-bootkit
5. Detection on a network
6. Honeypots
7. Analytics, machine learning, and correlation
8. Data protection
9. Process and compliance
10. Summary
9
Incident Response
Incident Response
1. Isolating the infected machine
2. Notifying the law authorities
3. Contacting the antivirus vendor
4. Help from the web
5. Forensics
6. Summary
10
The Future of Ransomware
The Future of Ransomware
1. The future of malware capabilities
2. Future victims
3. Summary
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

6. Honeypots

Other security software can include honeypots. A honeypot is a decoy, a system that has a number of pieces of software executing on it, such as a web server, FTP server, and so on. The attackers may mistake these servers hosted on a honeypot to be real servers and carry out an attack on it and be identified. This kind of honeypot can be deployed on the network.

There is some research going on into host-based honeypots for protecting against crypto-ransomware. These can be deployed on desktops. Crypto-ransomware usually targets documents such as text, PDF, and Office documents on your system. The honeypots create a folder on the system that has a few documents and can contain other types of files too. We can refer to these as decoy files. The honeypot process always runs its process on the system that keeps an eye on these decoy files. If any process tries to modify any of these files, it can terminate the process or trigger an alert related to the process.

Previous Section
End of Section 7
Next Section