EX NO 5 Ransomware tabletop exercise on insider threat.
To understand how an insider threat can lead to a
ransomware incident and how an organization detects, responds, contains, and
recovers from the attack in a safe theoretical lab environment.
Scenario Overview
An employee inside a company intentionally or accidentally
executes ransomware on the internal system.
The exercise simulates:
·
File staging
·
Fake sensitive data access
·
File encryption simulation
·
Detection process
·
Incident response
·
Recovery process
INSIDER:
An insider is a person inside
an organization who has authorized access to systems, files, networks, or
company resources.
In cybersecurity, an insider
can become a threat when they intentionally or accidentally misuse that access
Example in Your Tabletop
Exercise
In this ransomware lab:
Employee → Copies files →
Runs fake ransomware
The employee is the insider
because they already belong to the organization and have internal access.
DOWNLOAD LINK : RANZOMWARE
No comments:
Post a Comment