Ransomware: Best Practices for Protection, Detection, and Response
In the 4 parts of this document, you will find a description of how a ransomware attack occurs and best practices for protecting against, detecting, and responding to these attacks.
"Ransomware: How to Protect" Brochure
Find here a brochure summarizing all parts of the document as well as all the infographics in PNG and SVG formats.
Digital Format in Low and High Resolutions
Format for Printing in Printing Shops
Part 1:
Ransomware: How It Happens
Understanding how ransomware attacks occur helps determine protection, detection, and incident response measures. This document explains the RaaS (Ransomware as a Service) model and the attack phases.
Part 2:
Ransomware: How to Protect
This document presents a layered defense strategy, with multiple, complementary security measures. Thus, even if it's not possible to completely prevent an attack, it's possible to take steps to slow it down, limit its impact, and increase operational resilience.
Part 3:
Ransomware: How to Detect
This document presents ways to detect ransomware attacks at different stages, in different ways, and with varying levels of detail. The earlier the detection occurs, the less impact it will have on the organization and, consequently, less effort is required for response.
Part 4:
Ransomware: How to Respond
This document outlines the minimum steps for responding to a ransomware attack, covering how to contain its spread, eliminate the attacker's presence, eradicate the root cause of the intrusion, restore the environment, and return to normal operation.