Skip to main content

Search

Request Info Apply Now

Undergraduate Certificates
Begin or advance your cybersecurity career at any age with our hands-on certificate programs.
Bachelors Degree
Transfer your credits to SANS.edu and become one of the most job-ready candidates in cybersecurity.
Graduate Certificates
Gain job-specific skills in highly technical certificate programs designed for working professionals.
Master’s Degree
Take your InfoSec career to the highest levels—developing both hands-on technical skills and the ability to lead.
Single Courses
Start with a course, advance to a cybersecurity certificate or degree
All Academic Programs
Explore hands-on undergraduate and graduate programs for every stage of your cybersecurity career.

Featured Program

Hands typing on a laptop

Applied Cybersecurity Certificate (ACS)

Get Your Questions AnsweredJoin a free online info session to see which program is right for you.

Why SANS.edu?
How To Apply
Tuition & Funding

Join us for a free online info session to learn more.

Resources for Veterans

Learn how to get the most from your Veterans Education Benefits.

Women in Cybersecurity

Empowering women to thrive in cybersecurity.

Get Your Questions AnsweredJoin a free online info session to see which program is right for you.

Research Overview
Learn how SANS.edu research is strengthening the field of cybersecurity.
Cybersecurity Research Papers
Explore real-world solutions to pressing issues across AI, cloud security, digital forensics and more.
Internet Storm Center
Discover the world's largest global cyber threat detection network.

Featured Research

Research Review Journal Volume 5

Explore the latest research from SANS.edu graduate students—professionals on the front lines of cybersecurity—tackling today’s toughest threats across AI, cloud security, digital forensics, zero trust, malware detection, and more.

Download the Journal

Get Your Questions AnsweredJoin a free online info session to see which program is right for you.

About Us
Students
Alumni
- Alumni Resources Alumni Resources
- Alumni Outcomes Report Alumni Outcomes Report

Launch Your Cyber Career

Let SANS.edu guide you on a proven path to success.

Sentinels Referral Program

Get recognized for your impact on the SANS.edu community.

Get Your Questions AnsweredJoin a free online info session to see which program is right for you.

Search

Request Info Apply Now

Cyber Research Papers
/Enterprise Survival Guide for Ransomware Attacks

Cyber Research Papers

Enterprise Survival Guide for Ransomware Attacks

Hardly a day passes by when we do not hear about a ransomware locking data and demanding the ransom. Ransomware is the most opportunistic type of malware, affecting from a single user to an entire organization. Internet Security Threat Report (2016) by Symantec indicates 35% growth in crypto-style ransomwares during the year 2015. Symantec has categorized ransomware as 'An extremely profitable type of attack' (Symantec, 2016). This profitability is attracting more hackers into the business and allowing attackers to bring more human resource in the attack mechanism. To launch a ransom attack, attackers are directly contacting their victims notably via technical support scams. Symantec first reported this type of scam in 2010 and blocked 100 Million TechSupport Scam in the year 2015 alone (Symantec, 2016). The scope and sophistication of ransomware is evolving at very high rate and there is a need to develop a cyber security model against ransomware attacks. This document goes into the details of multiple stages of a ransomware attack and describes a multilayer offensive security approach to protect an organization from ransomwareattacks.

36962 (PDF, 3.42MB)

3 May 2016

ByShafqat Mehmoon

Share

All papers are copyrighted

No re-posting of papers is permitted

Related Content

Structural Vulnerability: Autodesk Revit Server WAN Exposure Versus Cost of Autodesk Construction Cloud

Autodesk Revit Server, a critical collaboration tool in the architecture, engineering, and construction (AEC) industry, was designed to operate within trusted networks.

7 Nov 2025

Privacy Protections: Are Stronger Laws Changing What We Reveal?

As U.S. states enact privacy laws aimed at giving consumers more control over their personal data, little is known about whether privacy legislation influences individuals’ willingness to disclose their identity on public platforms.

26 Sep 2025

Forensic Investigation of Bluetooth-Based Credit Card Skimmers

Hidden Bluetooth Low Energy (BLE) credit skimmers are a growing threat to credit card fraud. Criminals can set up practical and inexpensive systems built on top of modules, such as the HM-19, to collect and transmit stolen data covertly across wireless channels.

3 Sep 2025

SANS 2025 Security Awareness Report

Now in its 10th year, the SANS Security Awareness Report remains the definitive, practitioner-built resource for understanding and managing the human side of cybersecurity.

12 Aug 2025
Lance Spitzner

Be a DLP Hero: How to Quickly Deliver Value from Your DLP Program and Set It Up for Future Success

Download this paper and learn how to launch or strengthen your data loss prevention (DLP) program.

3 Jun 2025
Kevin Garvey

Resiliency and Business Continuity in the Cloud Era

In this white paper, Dave Shackleford unpacks today’s evolving cloud threat landscape.

21 May 2025
Dave Shackleford

SANS 2025 CTI Survey Webcast & Forum: Navigating Uncertainty in Today’s Threat Landscape

This paper explores results from the SANS 2025 CTI Survey, with insights into how cybersecurity...

20 May 2025
Rebekah Brown, Andreas Sfakianakis

Collaborative Mobile App Security Development and Analysis

In this tactical, insight-rich review, Jeroen Beckers shares how to overcome mobile app security challenges and modernize your testing with Corellium’s virtual device platform—built for real-world conditions and faster results.

19 May 2025
Jeroen Beckers

A Pebble In the Ocean: Maximizing Log Fidelity In Container Environments

Log fidelity is crucial for Incident Response Teams to investigate and contain cyber incidents but can be difficult to optimize in containerized environments.

17 Apr 2025

ASPM: Understanding the New Application Security Landscape

Malicious actors continue to prey on the challenges of rapid software development cycles and cloud computing adoption. This paper examines where an application security posture management (ASPM) solution comes in.

18 Mar 2025
Chris Edmundson, SANS Institute

ARMO’s Behavioral Cloud Application Detection and Response (CADR) Platform

This paper explores how ARMO Platform is attempting to solve the challenge with the industry’s first behavioral cloud application detection and response (CADR) product.

18 Mar 2025
Moses Frost

2025 ICS/OT Cybersecurity Budget: Spending Trends, Challenges, and the Future

This white paper explores the findings of the 2025 SANS Survey on ICS/OT Security Budgets.

3 Mar 2025
Dean Parsons

Empowering Responders with Automated Investigation

This white paper investigates how Binalyze’s AIR platform reduces the overhead of forensic investigations by automating the process of collecting artifacts, triaging the data, and identifying next steps.

18 Feb 2025
Megan Roddie-Fonseca

Google SecOps: The SIEM’s Third Act

Discover how SecOps is ushering in the "SIEM's Third Act" by addressing the limitations of traditional SIEMs and empowering security teams with cutting-edge tools for threat-informed defense.

21 Jan 2025
Mark Orlando

Unveiling the Dependency on Network Telemetry: Optimizing Lateral Movement Detection

This study investigates the dependency on network and endpoint telemetry for identifying lateral movement attacks, focusing on the Remote Services technique from MITRE ATT&CK.

17 Jan 2025

Beyond Detection: Using Real Phishing Data to Gauge Security Training Program Success

This paper defines one method of network security monitoring in an organization to find these existing indicators.

7 Jan 2025

Revolutionizing Enterprise Security: The Exciting Future of Passkeys Beyond Passwords

As digital threats grow increasingly sophisticated, traditional password-based authentication systems are proving inadequate, leaving enterprises vulnerable to phishing, credential stuffing, and other cyberattacks.

23 Dec 2024
Rich Greene

Protecting the Poor: A Deep Dive into EBT Skimming and Solutions to Combat It

This paper examines why EBT cards are vulnerable to skimming and explores potential preventive measures.

23 Dec 2024

The Open-Source Trap: Unraveling Open-Source Threats in the Software Supply Chain

The risk to the software supply chain is increasingly clear, as breaches like SolarWinds, Equifax,...

5 Dec 2024

Hook, Line, and Sinker: The Best Free Tools to Catch Phishing

Phishing has become a widespread threat that organizations and IT security teams face daily. As...

5 Dec 2024

Cybersecurity is all we teach, and nobody does it better.

Research
Resources
Learn More

Privacy Policy
Terms and Conditions
Admissions
Do Not Sell/Share My Personal Information
Cookie Notice

© 2026 The Escal Institute of Advanced Technologies, Inc. d/b/a SANS Institute.

Our Terms and Conditions detail our trademark and copyright rights. Any unauthorized use is expressly prohibited.

SANS Institute
Internet Storm Center