Home » How Does Ransomware Work? » Active Defense Intrusion

Active Defense Intrusion

There are many places to stop a ransomware attack, this part looks at the initial intrusion.

In This Section

How Do the Bad Guys Get In?

Anatomy of a Modern Ransomware Attack

What does a ransomware attack look like? What tools do ransomware actors use to gain initial access, move through the network, steal files, and deploy the ransomware? Walk through a typical ransomware attack, step-by-step, and see why these attacks are so hard to stop.

Different Ways Ransomware Actors Gain Access
Dwell Time: Moving Around the Network and Gaining Access
The Importance of the Active Directory Domain Controller in a Modern Ransomware Attack
Stealing Files
Deploying the Ransomware
Posting Stolen Files to Extortion Sites

Credential Markets and Initial Access Brokers

Initial Access Brokers (IABs) are one of the cottage industries that have exploded with the growth of ransomware. Learn how they work, what they’re looking for and what you should do to protect yourself from them.

Phishing Attacks

Some of the most sophisticated ransomware groups rely heavily on phishing as the initial attack vector. Understand how ransomware phishing attacks work, how to stop them, and how to effectively train employees to spot a phishing email.

Remote Desktop Protocol and the Importance of Multifactor Authentication

IABs love targeting Remote Desktop Protocol (RDP) servers— it’s inexpensive to get started, doesn’t take a lot of technical skill, and there are a lot of exposed RDP servers out there. Learn why RDP has quickly become one of the top attack points for IABs and how that leads to ransomware.

Exploitation

Did you know that over the last year IABs have exploited more than 40 different vulnerabilities to gain initial access that was then sold to ransomware groups? Vulnerability management is a challenge, IABs and ransomware groups know that, which is why we’re seeing increasing interest from both in exploiting vulnerabilities as an initial access vector.

Common Vulnerabilities Exploited by Ransomware
How Exploitation Ransomware Attacks Differ from Phishing and RDP Attacks
Exploitation and Managed Service Providers
Ransomware and Zero-Day Exploits
Practical Patching Advice

Download The “How To Prevent Ransomware” Cheat Sheet

Grab this free PDF resource on how to prevent Ransomware

Share This Resource With Others

Embed The “How To Prevent Ransomware” resource on your site or blog using this code.

<p><strong>Please include attribution to ransomware.org with this graphic.</strong><br /><br /><a href='https://ransomware.org/how-to-prevent-ransomware/'><img data-src='https://ransomware.org/wp-content/uploads/2022/08/how-to-prevent-ransomware-infographic.png' alt='How To Prevent Ransomware' 540px border='0' src='data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==' class='lazyload' style='--smush-placeholder-width: 1080px; --smush-placeholder-aspect-ratio: 1080/900;' /><noscript><img src='https://ransomware.org/wp-content/uploads/2022/08/how-to-prevent-ransomware-infographic.png' alt='How To Prevent Ransomware' 540px border='0' /></noscript></a></p>

Download The "How To Recover From Ransomware" Cheat Sheet

Grab this free PDF resource on how to prevent Ransomware

Share This Resource With Others

Embed The “How To Recover a From Ransomware Attack” resource on your site or blog using this code.

<p><strong>Please include attribution to ransomware.org with this graphic.</strong><br /><br /><a href='https://ransomware.org/how-to-remove-ransomware/'><img data-src='https://ransomware.org/wp-content/uploads/2022/08/how-to-remove-ransomware-infographic.png' alt='How To Recover From Ransomware' width='400' border='0' src='data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==' class='lazyload' style='--smush-placeholder-width: 1080px; --smush-placeholder-aspect-ratio: 1080/900;' /><noscript><img src='https://ransomware.org/wp-content/uploads/2022/08/how-to-remove-ransomware-infographic.png' alt='How To Recover From Ransomware' width='400' border='0' /></noscript></a></p>

Download The "Ransomware Backup Strategy" Cheat Sheet

Ransomware resistant backup strategy is key to preventing Ransomware. Grab this free PDF resource today.

Share This Resource With Others

Embed The “Ransomware Resistant Backup Strategy” resource on your site or blog using this code.

<p><strong>Please include attribution to ransomware.org with this graphic.</strong><br /><br /><a href='https://ransomware.org/how-to-prevent-ransomware/passive-defense/ransomware-backup-strategy/'><img data-src='https://ransomware.org/wp-content/uploads/2022/08/infographic-download.png' alt='The Ransomware Resistant Backup Strategy' width='500' border='0' src='data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==' class='lazyload' style='--smush-placeholder-width: 1080px; --smush-placeholder-aspect-ratio: 1080/900;' /><noscript><img src='https://ransomware.org/wp-content/uploads/2022/08/infographic-download.png' alt='The Ransomware Resistant Backup Strategy' width='500' border='0' /></noscript></a></p>

Download The "Running Ransomware Tabletop Exercises" Cheat Sheet

Tabletop exercises are key to preventing Ransomware. Grab this free PDF resource today

Share This Resource With Others

Embed The “Running Ransomware Tabletop Exercises” resource on your site or blog using this code.

<p><strong>Please include attribution to ransomware.org with this graphic.</strong><br /><br /><a href='https://ransomware.org/how-to-prevent-ransomware/passive-defense/tabletop-excercises/'><img data-src='https://ransomware.org/wp-content/uploads/2022/08/running-tabletop-exercises.png' alt='How To Run Ransomware Tabletop Exercises' 540px border='0' src='data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==' class='lazyload' style='--smush-placeholder-width: 1080px; --smush-placeholder-aspect-ratio: 1080/900;' /><noscript><img src='https://ransomware.org/wp-content/uploads/2022/08/running-tabletop-exercises.png' alt='How To Run Ransomware Tabletop Exercises' 540px border='0' /></noscript></a></p>

Active Defense Intrusion

In This Section

Download The “How To Prevent Ransomware” Cheat Sheet

Share This Resource With Others

Download The "How To Recover From Ransomware" Cheat Sheet

Share This Resource With Others

Download The "Ransomware Backup Strategy" Cheat Sheet

Share This Resource With Others

Download The "Running Ransomware Tabletop Exercises" Cheat Sheet

Share This Resource With Others

Want More?

Need Help?

Ransomware

Partners

Deep Dive

Is This Your Business?
Get In Touch

Before You Go!
Sign up to stay up to date with everything ransomware

JUST RELEASED: The 2024 State of Ransomware Survey is in.

Free Download Now &
Stay Ahead In Future

Free Download Now &
Stay Ahead In Future

Free Download Now &
Stay Ahead In Future

Free Download Now &
Stay Ahead In Future

Active Defense Intrusion

In This Section

Download The “How To Prevent Ransomware” Cheat Sheet

Share This Resource With Others

Download The "How To Recover From Ransomware" Cheat Sheet

Share This Resource With Others

Download The "Ransomware Backup Strategy" Cheat Sheet

Share This Resource With Others

Download The "Running Ransomware Tabletop Exercises" Cheat Sheet

Share This Resource With Others

Want More?

Need Help?

Ransomware

Partners

Deep Dive

Is This Your Business? Get In Touch

Before You Go! Sign up to stay up to date with everything ransomware

JUST RELEASED: The 2024 State of Ransomware Survey is in.

Free Download Now & Stay Ahead In Future

Free Download Now & Stay Ahead In Future

Free Download Now & Stay Ahead In Future

Free Download Now & Stay Ahead In Future

Is This Your Business?
Get In Touch

Before You Go!
Sign up to stay up to date with everything ransomware

Free Download Now &
Stay Ahead In Future

Free Download Now &
Stay Ahead In Future

Free Download Now &
Stay Ahead In Future

Free Download Now &
Stay Ahead In Future