The controls for ransomware, like file integrity monitoring (FIM), user behavior analytics (UBA), and anti-malware, these all have one thing in common. They rely on a booted OS. But Petya’s encryption was at pre-boot. It spoofed ChkDsk before Windows started. So now what?
Watch more videos on my YouTube channel.
Posted by