What is a workday like for someone working on a ransomware attack? What does a group, like the ICC (FBI) do to research the attack? Is all of the work done on a computer?

A typical day for someone working to counter a ransomware attack involves being vigilant, proactive, and ready to respond swiftly to any potential threats. Here is a general outline of how they might handle such threats:

1. Monitoring: Continuous monitoring of network systems and security alerts to detect any unusual activities or potential ransomware threats.

2. Threat Intelligence: Keeping up-to-date with the latest ransomware trends, techniques, and vulnerabilities to anticipate potential attacks.

3. Response Plan: Having a well-defined incident response plan in place to quickly contain and mitigate the impact of a ransomware attack.

4. Patch Management: Ensuring that systems are updated with the latest security patches and software updates to prevent known vulnerabilities from being exploited.

5. Employee Training: Educating staff on cybersecurity best practices, such as recognizing phishing emails and avoiding suspicious links or attachments.

6. Backups: Regularly backing up critical data and systems to minimize the impact of a ransomware attack and facilitate recovery.

7. Collaboration: Working closely with other cybersecurity professionals, law enforcement agencies, and industry partners to share threat intelligence and best practices.

In summary, a typical day for someone countering a ransomware attack involves proactive monitoring, rapid response, and collaboration with others in the cybersecurity community to stay ahead of evolving threats.