The best way to stop ransomware is to prevent it from ever executing within an environment. Allan Liska and Timothy Gallo begin with a discussion of the ways in which ransomware is traditionally delivered, reviewing spam campaigns and exploit kit delivery methods and exploring how the attackers behind ransomware bypass security measures and entice targets into falling victim to ransomware attacks. Each of these attack methods relies on the ability of the attackers to take advantage of common applications/tools installed in almost every environment: Adobe Flash, macros in Microsoft Office Documents, PowerShell, Microsoft Scripting Engines, and more.
Of course, the reason that these applications and tools are widely available is because users like them, so taking them away with no discussion is not a viable option. Allan and Timothy offer a practical guide to preventing ransomware and improving an organization’s security by limiting access to common tools, primarily using tools that are already available in most networks. More importantly, Allan and Timothy provide guidance for how both IT teams and the larger user community can come together to discuss why these steps are necessary and how to balance the need for security with the need for productivity within the organization.
Allan Liska is a consulting systems engineer at Recorded Future. Allan has more than 15 years’ experience in the world of security and has worked as both a security practitioner and an ethical hacker. Through his work at Symantec, iSIGHT Partners, FireEye, and Recorded Future, Allan has helped countless organizations improve their security posture using more effective intelligence. He is the author of The Practice of Network Security, Building an Intelligence-Led Security Program, and Securing NTP: A Quickstart Guide and the coauthor of DNS Security and Ransomware: Defending Against Digital Extortion.
Timothy Gallo is a cyber security specialist engineer at Symantec. Tim has been working in IT security since 1999, but he’s also been a bouncer, a bartender, and a physicist. He loves finding new ways to do things, in particular by breaking them. Tim has been spending time lately tearing apart pumps, golf carts, and other items to rebuild them into something better, faster, and stronger.
©2016, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org