The following course was especially designed for IT and security teams to equip them with an in-depth understanding of the security threat landscape affecting their organization, and the corresponding mitigation methods. By the end of the training, participants will have an extensive amount of knowledge on how to implement the right security measures in their organization, handle various types of security incidents – ransomware in particular – and practice all they have learnt hands-on.
The course targets any IT personnel in charge of administrating the organization’s network.
Price: contact us for more details
Leave your details
What exactly is Ransomware?
A ransomware attack involves malicious software that is downloaded onto a victim’s device, and then used to encrypt the victim’s information. Hackers that initiate these attacks threaten to block access to the files until a ransom is paid. Ransomware attacks are becoming increasingly wide-spread these days; the most common ways for the malicious software to be installed on a victim’s device is through phishing emails, malicious ads on websites, and questionable apps and programs.
Who is at risk?
Prominent target groups of ransomware attacks are critical infrastructure establishments, state organizations, major enterprises, as well as small-to-medium businesses that don’t have a strong cyber security protection implemented. Any company or organization depending on daily access to critical data should be most worried about ransomware.
How is a ransomware attack originated? How easily can hackers access your network? How to prevent ransomware attacks and how to respond to them once they have occurred? What is the best protection against ransomware?
All these and more require a fundamental understanding of hackers’ state-of-mind, the vulnerabilities of corporate systems and the best practices of handling security incidents.
By the end of the training participants will be able to:
- Getting to know the cyber security threat landscape through real-time demos.
- Identifying existing security vulnerabilities in the processes, infrastructure and human behavior within organizations.
- Handling the most common cyber security incidents from both the technical and operational perspectives.
- Possessing the knowledge to evaluate different solutions available on the market to support the protection of the organization.
- Experiencing in real-time the life-cycle of various attacks, with considerable in-depth exploration of ransomware.
Module 1: Introduction to Cyber Security – 8 hours
- Cyber security basics
- Phishing – case studies
- MiTM attacks explained
- The anti-virus and how it works + demo
- OSI model – the 8th layer
- Hacking with Linux
- Linux as an OS
- Linux command line
- Scripting with grep, sed and awk
- Password security
- Password complexity
- Demo: how your passwords can be easily hacked
- Online vs. offline password hacking methods
- Brute-force attack methods
- Password-attack mitigation for the enterprise
- Browsing risks
- SQL injection
- RFI and LFI
- Email phishing + demo (spam mail simulation)
- Social engineering + demo (setting your own phishing pages)
Module 2: Hands-On Session – 8 hours
- Bridged vs. NAT explained from the hacker’s point of view
- Isolating your virtual machine
- Configuring the virtual machine to serve as the lab environment
- Introduction to Advanced Persistent Threats
- The post-exploitation phase
- Pivoting through the enterprise networks
- Introduction to Metasploit Framework
- Auxiliary + demo
- Exploits + demo
- Msfvenom as creation tool
- Advantages vs. limitations of trojan types
- How wi-fi works
- WEP security weaknesses
- Breaking WEP, WPA, WPA2 methods
- Security monitoring: IDS and IPS
Module 3: Ransomware – 8 hours
- Introduction to ransomware
- What is ransomware?
- Ransomware attack vectors
- How ransomware can affect your organization
- Ransomware extensions
- Types of ransomware
- Delivery Channels
- Malware advertisement
- Phishing emails
- Ransomware attacks
- Case study: recent ransomware attacks analyzed
- Targets of ransomware
- Payment: should you pay or not?
Module 4: Response and Report – 8 hours
- Backup and recovery
- Network share access security
- Email and executable controls security
- Security endpoints
- Ransomware analysis methodology
- Hardening your enterprise system
- Separate networks
- Scanning the organization network
- How to write a ransomware attack report?
- To whom should you report?