Tech Marketing

Second Edition of Foundational Ransomware Book Released

Article Summary

The book "Ransomware: Understand. Prevent. Recover." has been a pivotal resource for professionals responsible for ransomware protection in organizations since its initial release in October 2021. Authored by ransomware expert Allan Liska, the book has been a guiding light in the fight against ransomware threats. Recognizing the evolving nature of ransomware, including changes in the modus operandi of ransomware operators, a second edition of the book has been launched. This revised edition, available on Amazon and for free on, offers updated insights on various topics, such as the disbandment of certain ransomware groups, the emergence of extortion-only groups, the connection of ransomware to nation-states, and the evolution of extortion schemes. One of the key takeaways from the book is the revelation that data, even after ransom payment, is seldom deleted and often resurfaces for sale on underground platforms. This insight is crucial for organizations contemplating ransom payments.

When the first edition of “Ransomware: Understand. Prevent. Recover.” was released, it was groundbreaking. It quickly gained popularity, and became a go-to resource for admins, architects, C-suite executives—basically, anyone having responsibility for ransomware protection in an organization—to guide them in defeating the Bad Guys.

Written by ransomware uber-expert Allan Liska and produced by ActualTech Media, the book has remained popular since its release in October 2021. In the meantime, there have been a number of changes in the ransomware world, including the ways in which ransomware operators do business. Because of that, “Ransomware: Understand. Prevent. Recover.” has been revised.

ransomware book cover

The second edition of the book is now available for purchase at Amazon or free download on It’s been fully refreshed, and includes new information on topics like:

    • Ransomware groups that have been disbanded, and what it means for you

    • Extortion-only groups that don’t rely on encryption to carry out their attacks

    • The rise of ransomware connected to nation-states

    • Double-, triple-, and even quadruple-extortion schemes

    • The new ways that ransomware groups get inside your network

As a sample of some of the updated content you’ll find in “Ransomware: Understand. Prevent. Recover.”, here’s what Liska says in the section on the rise of extortion-only groups:

“One thing victims of these kinds of attacks need to be aware of is that, even if a ransom is paid, the data is rarely if ever deleted, despite all assurances by the threat actor. The data will be removed from the data leak site, but security firms have disclosed that data that was reported by the threat actors as deleted often shows up for sale on underground forums months or years later.”

This crucial insight can help companies decide whether or not to pay a ransom demand. After all, if you lose the data anyway, why would you pay?

It’s that kind of actionable information that makes the second edition of “Ransomware: Understand. Prevent. Recover.” so useful. It’s hard to stay ahead of the game, when the rules seem to change so fast. That’s why this book exists. Up your game by getting the book.

Read and Download the Press Release Here.