- 1 Minute to read
- Print
Ransomware Attack Chain Diagram
- 1 Minute to read
- Print
Ransomware: With Segmentation
Threat Event Frequency | Threat event frequency represents the number of times per year that a threat actor successfully infects an endpoint with ransomware (ransomware is detected on an endpoint). Common ways that ransomware accesses an endpoint include phishing and downloading via browser |
Vulnerability | Vulnerability (or Susceptibility) represents the probability that the ransomware can circumvent all relevant controls (detection/prevention of ransomware propagation and asset access) and successfully execute ransomware on the asset |
Primary Loss Magnitude | The loss event occurs once the actor executes the ransomware on the asset. This typically triggers incident response, management, and containment efforts, at a minimum. |
Secondary Loss Event Frequency | Secondary Loss Event Frequency is modeled as the probability of responsive controls (such as backups) being circumvented and conditional (secondary) losses occurring |
Ransomware: No Segmentation
Threat Event Frequency | Threat event frequency represents the number of times per year that a threat actor successfully infects an endpoint with ransomware (ransomware is detected on an endpoint). Common ways that ransomware accesses an endpoint include phishing and download via browser. |
Vulnerability | Vulnerability (or susceptibility) represents the probability that the ransomware can circumvent all relevant controls (detection/prevention of ransomware propagation and asset access) and successfully execute ransomware on the asset. |
Primary Loss Magnitude | The loss event occurs once the actor executes the ransomware on the asset. This typically triggers incident response, management, and containment efforts, at a minimum |
Secondary Loss Event Frequency | Secondary loss event frequency is modeled as the probability of responsive controls (such as backups) being circumvented and conditional (secondary) losses occurring. |