Learn how to stay protected from ransomware in 5 easy steps from CODA's 2021 updated guide

Most ransomware attacks exploit in average three or more vulnerabilities within their target organization's digital attack surface. These 3 vulnerabilities are exploited sequentially as part of the attack killchain. Disabling just one of them is usually enough to prevent the attack from successfully going through

CODA has put together a free, updated to 2021 guide that you can follow to reduce your attack surface in 5 simple steps. Here's what to do!

// STEP 1

Understand your attack surface

Most times attackers exploit a vulnerability at the human layer by tricking their victims into opening a file or visiting a website. Another technique is identifying a well-known vulnerability in a system or uploading an infected file into a system or application that a victim will later open that allows for remote code execution . This technique is called the Initial Access and is key to the success of the implant phase. Understanding attacker tactics techniques and procedures (TTPs) is key to understanding your attack surface. 

// STEP 2

Tune your network security controls to fit attackers TTPs

Attackers transfer the executable exploit code as an archive over the network and less often on removable media. They use password-protected files, sandbox detection capabilities, or SSL encryption to prevent their code from being detected by traditional network security products. This technique is called the Defense Evasion and is used both during the implant and exfiltration phases.

// STEP 3

Tune your EDR to fit attacker TTPs

Once a victim opens the link or file sent by the attacker, the initial exploit code will run on the victim’s machine. Attackers employ several evasion techniques such as code obfuscation, binary encryption, and sandbox detection to deceive security controls implemented at this layer. The initial payload connects to C&C (Command & Control) servers to download more specific second-stage exploit code.

// Download now

Fill in the form below to download the free guide to learn more about the attack killchains and TTPs used in ransomware attacks and how to protect your company in 5 simple steps.