Part 1
Read the following blog post – https://news.sophos.com/en-us/2015/03/03/anatomy-of-a-ransomware-attack-cryptolocker-cryptowall-and-how-to-stay-safe-infographic/
Then answer the following questions –
1. 1) How does ransomware work?
Based on the article the first step is for the malware to be installed, then is sets keys in the windows registry to start up every time the computer starts. The next step is to contact the server of the malware owner, identify each other and create & exchange cryptographic keys. With these keys the malware can now start encrypting every file it comes across. The last step is the ransomware extorting the user for payment in order to get their data back.
2) How would you know you’ve been affected by ransomware?
3) How can local election offices prepare themselves BEFORE being a victim?
4) What do you do once you’ve been attacked?
5) How would you recover from ransomware to become fully operational?
Part 2
Next, take this quiz then snap a pic + upload your results – https://phishingquiz.withgoogle.com/
Part 3
Read the attached benchmarking report and answer the following questions –
1) What is the number #1 threat action uses in successful breaches?
2) Describe the testing methodology in the report in 20 words or less.
2a) Do you agree with the testing methodology? Why or Why not? Be prescriptive.
3) Which industry performed the worst? Which industry performed the best?
4) What is the best way to improve an organization’s defense to phishing attacks?
5) Every organization is susceptible to phishing – T / F Explain – why did you choose your answer?
6) Did results improve or worsen compared to international results for the same industries?
7) There are a number of Executive takeaways. List your Top 3 and explain – why did you choose your three?
8) How would you plan a phishing exercise in your organization? What steps would you take?