Our Ransomware scenario models a hacker intending to gain access to a network and hold data hostage via a ransomware or another “data locker” style of attack.  Our team will gain access to the customer network via phishing (the most typical method of entry for these attackers) and enumerate the network to determine if a ransomware attack would be successful in that environment.  Additional service may be provided after the completion of a ransomware susceptibility assessment to lock down customer data systems and further harden them from such an attack.

​

Suggested duration:  3 Weeks

Activities:  Phishing (with payload)

Internal Assessment (Coordinating with Security Staff)

Ransomware Testing

User training (1 day) and report