In this course, you will learn current trends in ransomware attack campaigns, the MITRE ATT&CK techniques extensively used in ransomware attacks, and DarkSide ransomware attack chain as an example. Moreover, you will learn essential protection methods for ransomware attacks.
Ransomware has grown to be a prevalent and well-known threat to organizations. The impact of these attacks on organizations has risen to the point that some have halted production, and, in the case of healthcare, lives have been endangered.
Therefore, we created a learning path entirely dedicated to the ransomware threat. Ransomware attacks are becoming more sophisticated and targeted. As a result, this first course in the ransomware learning path is focused on the offensive techniques employed by adversaries conducting ransomware attacks.
By the end of this course, you will have gained an understanding of recent ransomware attack trends:
- Ransomware as a Service (RaaS)
- Quintuple extortion
- Initial access brokers (IABs).
Additionally, you will discover three MITRE ATT&CK techniques frequently utilized by ransomware gangs:
- T1486 Data Encrypted for Impact
- T1490 Inhibit System Recovery
- T1082 System Information Discovery
Moreover, this course covers the other most commonly applied techniques in an example ransomware attack kill chain – the DarkSide ransomware.
Finally, you’ll learn how to take critical measures against ransomware attacks and how to validate and improve your security controls against the full ransomware attack chain.
