Okay, I admit I have been very absent on this blog for several months, but I will explain what I have been working on here in this blog article, all is revealed!
Pluralsight has just published my latest training course, Cybersecurity Threats: Ransomware. It has been truly fascinating working on this course – and authoring courses does take a lot of work, but this course has really been interesting from the pervasiveness of ransomware and the continued threat it brings to enterprises and personal users alike.
Feedback from those who have taken the course, just a few days after publication, has been amazing. This shows that ransomware is very topical and people do need a clear and coherent insight into the current ransomware threat.
Here are just a sample of the positive feedback I have received over the last week:
As this course was published Verizon released their Data Breach Investigation Report for 2016, and that showed that ransomware was on the rise, jumping 50% as reported by the BBC. Remember the Verizon data comes from all parts of the world, usually from data aggregated from CERTs or other reporting organisations, so it is truly global. I correlated this information with the Threat Landscape report from ENISA which is also published annually. ENISA showed ransomware are climbing from 14 place in 2015 to 8 place in 2016 in their top 15 threats. Whatever way you look at this ransomware is a big problem. Feedback from my course has also been consistent with these reports in terms of people from all over the world taking the course.
As I started recording the course, in January, reports of a police department in the US loosing valuable data to a ransomware attack. Some of the data related to digital evidence and several suspects were looking to have their court appearances dropped as a result. As I wrapped up the course we hear reports of a ransomware-as-a-service to purchase for a little as $175.
I have structured the course to be a very practical guide for you, to help you protect your own computers and systems from ransomware, and also your organization. I show you how to access law enforcement resources if you do suffer an attack to get free decryption tools for common ransomware attacks.
The course is designed around 5 comprehensive and very practical modules. Here is how the course runs:
1) Introducing you to ransomware, including the very first occurrence of ransomware – the AIDS ransomware trojan. A cool part of this module is that I demonstrate a ransomware infection using the Cerber ransomware, to show you exactly what to expect.
2) Ransomware infection points: I walk you through the most common infection vectors for ransomware. This module gives you essential knowledge that you need to be able to defend your system from ransomware. You will learn about exploit kits, C&C call-backs as well as other aspects of ransomware infection vectors.
3) Incident Response: Detection and Containment: If you suffer a ransomware attack, responding correctly and quickly are key success factors to a recovery. I show you the key steps you need to be aware of to ensure you detect and respond to ransomware attacks quickly.
4) Incident Response: Eradication and Recovery: If you have suffered a ransomware attack, all is not lost. In this module, I take you through several practical steps you can take to recover your data and fully eradicate the ransomware malware from your systems. I also take you through the nomoreransom.org project which is a joint initiative from Europol and some industry vendors. If you’re currently fighting a ransomware attack you can jump straight to this module!
5) Finally, I wrap up with Countermeasures and Preparing your incident Response Plan. It is better to be prepared for a ransomware attack BEFORE becoming a victim. You learn some key pointers in this module on what you can do to prevent a ransomware attack or minimise damage if you do fall victim to such an attack.
And that’s it, over 2.5 hours of content that provides you with a full end-to-end insight into ransomware and keeps things practical so you get plenty of take-aways you can bring to your own organization.
I’m really delighted that this course is now available in the Pluralsight library, and especially with the positive feedback to date. If you’ve not tried Pluralsight’s learning platform before I really suggest you give it a go as there are over 5,000 courses of great learning content available, but I highly recommend the ransomware course!