How Ransomware Attacks Work

Understanding how ransomware works equips your team and organizations with the knowledge to develop effective strategies to prevent, detect, and respond to increasingly prevalent and sophisticated cyberthreats.

In this insight video, Margaret Zimmermann, DFIR consultant at Unit 42®, explains several ransomware scenarios, including how attackers gain access to systems via phishing, brute-force attacks on Remote Desktop Protocol (RDP) and virtual private networks (VPNs), and exploiting software vulnerabilities.

Margaret also offers a behind-the-scenes look at:

• How attackers use mapping tools for network discovery and credential harvesting.
• How attackers create backdoors to maintain access even if the original entry point is closed.
• And how attackers often exfiltrate sensitive data and delete backups to hinder recovery processes and increase the chance of victims paying the ransom.

Ransomware attacks continue to evolve with advancements in tools and techniques. Watch the video now to learn how strong cybersecurity practices and end-user training are crucial to combat ransomware as a service (RaaS) and the exploitation of human vulnerabilities through phishing and weak passwords.