eBooks/eGuides

4 Ransomware Defense For Dummies, Cisco Special Edition first three months of 2016, according to the U.S. Federal Bureau of Investigation (FBI). This characteristic of ransomware is by design, in an effort to get victims to simply pay the ransom as quickly as possible, instead of contacting law enforcement and potentially incurring far greater direct and indirect costs due to the loss of their data and negative publicity. Ransom amounts may also increase significantly the longer a vic- tim waits. Again, this is by design, in an effort to limit a victim's options and get the victim to pay the ransom as quickly as possible. Recognizing Ransomware in the Modern Threat Landscape Ransomware is not a new threat (see Figure 1-1). The earliest known ransomware, known as PC Cyborg, was unleashed in 1989. Since that time, ransomware has evolved and become far more sophisticated. Ransomware has also become more pervasive and lucrative with developments such as the following: » The release of the Android phone: Android has become a popular attack vector (macOS is also now a target, and Apple iOS will no doubt become a target). » The rise of Bitcoin: Bitcoin enables easy and virtually untraceable payments to anonymous cybercriminals. » The emergence of Ransomware-as-a-Service (RaaS): RaaS (ransomware that can be purchased for a small fee and/or a percentage of the ransom payment) makes it easy for practically anyone to use ransomware. Despite sensational media reports about massive data breaches targeting organizations and enterprises such as the U.S. Office of Personnel Management (OPM), Anthem Blue Cross Blue Shield, Target, and Home Depot, for identity theft and credit card fraud purposes, the rise of ransomware has become one of the most pervasive threats to organizations and enterprises — as well as individuals — over the past year. A report by the Institute for Critical Infrastructure Technol- ogy (ICIT) predicts that 2016 will be the year that ransomware "wreak[s] havoc on America's critical infrastructure community." These materials are © 2017 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited.

• Cover
• Title Page
• Copyright Page
• Table of Contents
• Introduction
• About This Book
• Foolish Assumptions
• Icons Used in This Book
• Beyond the Book
• Chapter 1 What Is Ransomware?
• Defining Ransomware
• Recognizing Ransomware in the Modern Threat Landscape
• Understanding How Ransomware Operates
• Chapter 2 Implementing Best Practices to Reduce Ransomware Risks
• Before an Attack: Discover, Enforce, Harden
• During an Attack: Detect, Block, and Defend
• After an Attack: Scope, Contain, and Remediate
• Chapter 3 Building the "New Best-of-Breed" Security Architecture
• Recognizing the Limitations of Current Security Designs
• Defining the "New Best-of-Breed" Security Architecture
• Chapter 4 Deploying Cisco Ransomware Defense
• Leveraging DNS as the First Line of Defense in the Cloud
• Securing Endpoints and Addressing Email Threats
• Cisco Advanced Malware Protection (AMP) for Endpoints
• Cisco Email Security with Advanced Malware Protection (AMP)
• Protecting the Network with Next-Generation Firewalls and Segmentation
• Cisco Firepower Next-Generation Firewall (NGFW)
• Use the network as a sensor and enforcer
• Streamlining Deployments and Bolstering Incident Response
• Chapter 5 Ten Key Ransomware Defense Takeaways
• Ransomware Is Evolving
• Ransomware-as-a-Service Is an Emerging Threat
• Paying a Ransom Doesn't Solve Your Security Problems
• Build a Layered Security Architecture Based on Open Standards
• Deploy Integrated, Best-of-Breed Solutions
• Embed Security throughout Your Network Environment
• Reduce Complexity in Your Security Environment
• Leverage Cloud-Based, Real-Time Threat Intelligence
• Automate Security Actions to Reduce Response Time
• See Something, Say Something
• EULA