Lessons Learned from a Ransomware Attack
Overview
This course provides insights into the lessons learned from a ransomware attack on a medium-sized school district. The learning outcomes include understanding the timeline of the attack, identifying symptoms of an attack, knowing how to respond during and after an attack, and implementing actions to prevent and mitigate future ransomware attacks. The course covers topics such as incident response, relationships, backup systems, incident recovery, and the emotional aspects of dealing with such attacks. The intended audience for this course includes IT professionals, cybersecurity specialists, system administrators, and anyone interested in learning from real-life ransomware attack experiences.
Syllabus
Introduction
Data Center
Emotional Rollercoaster
Incident Response
Incident Command
Relationships
Backup System
Accidental Backup
Insurance Group
Incident Response Contractor
Tracking Work
Project Manager
Understaffing
Storage Branch
Trial and Error
Virtual Server Templates
Moving Services
Admin Choice Point
Windows Workstations
Critical Systems
End Users
Active Directory
Super User Accounts
NonWindows Servers
People Make Mistakes
No Longer Safe
Conclusion
What saved us
The silver lining
Taught by
USENIX