New User? Start here.
Error goes here
What is Ransomware
Ransomware is a malware, which prevents the system or limits the user to access get access to their systems. This can be done by locking the screen of the system or can also be done by locking the files of the user unless a ransom is paid (Mohurle and Patil, 2017). The data that are present in the system of the user is locked by the malware ransomware that is mainly done by encryption and an amount of money is demanded by the attacker and only after the payment, the files are decrypted (Smith, 2016). There have arrived modern families of Ransomware. They are mainly categorized as crypto-ransomware that only encrypts certain types of files only on the encrypted systems. They enforce the user to pay a certain amount of money through online payment so that they can get the key for decryption.
The aim of this report is to present a thorough research on the working and consequences of the ransomware attack and put the focus on the mitigation that could be applied in a manner to prevent such attacks. The literature review presents a thorough explanation on the related topic and presents the thought presented by several researchers in different articles. This report also presents how an individual and organization could prevent such attacks and be safe from getting looted by an intruder.
It can be categorized into the cyberattacks in which the victim becomes the prey of a high profile programmer and pushed away from accessing own personal information and data saved in the database. After this, the programmer used to claim money in exchange for providing the access to the same data or information. Ransomware predominantly encrypts the files through using AES algorithm by using some good methods in a manner to encrypt those files with unique coding. Earlier it was reported that the average payment made for the ransom was $500 per incident but it is being expected for now that the price is being doubled or tripled as the organizations are continuously paying the demand (Ali, 2017). When the system is hacked by the intruder the user gets a pop-up on the screen with written information that the system is hacked or the files are encrypted and the user can only get the access to the data if he or she is ready to pay the ransom. Most common ransomware includes crypto-ransomware and Crypto-Locker; those have been evolved during 2013 and are capable of encrypting the files once entered the system of the computers. Ali Murthy and Kohun (2016) stated that as the evolution is on pace for all the technologies, such attacks are also getting advanced and RSA encryption are also being used along with the AES encryption technology that results in, decryption needs two cryptographic keys for again gaining access to the files.
The malicious coding uses AES and RSA encryption key for encrypting the files, AES decryption key has been written over the files saved into the system by the malware itself. In addition to the AES, the RSA decryption key is executed over the AES decryption key that uses public key and it has been embedded in the malware itself as stated earlier that results in the need of private key in a manner to decrypt the files (Yaqoob et al., 2017). It was found after some researchers that crypto-locker infections are being spread by the spam campaign. The malicious attachments have been attached to the message belonging to the TROJ_UPATRE that has been a simple coding for smoothly downloads into the system and of very small. In this new digital world, an individual with no technical background is also capable of ordering less expensive RaaS (Ransomware as a Service) with little or not any effort. In this service, the coding providers enable the intruder to get the ransom and take the percentage of that ransom (Lonidm, Scarlat and Militaru, 2017). There are various ways to inject the malicious coding to encrypt the files, such as phishing is one of the common attack strategies. The user might get a mail with the same logo as the organization is using with attached files that includes the malicious program. A pop-up with a deadline and if the ransom is not paid within that deadline the files are supposed to be deleted and for this private cryptographic is needed in a manner to get the access of the files again.
The main motive for the attack of ransomware is that to collect money from the users. Other cyber attacks notify the user about the attack and there are instructions available about how to get rid of those attacks. However, the ransomware does not allow such processes (Sitting and Singh, 2016). The payment that is to be done after the attack is that they mainly demand Bitcoins so the identity of the attack is not known by the cybercrime investigators. The spread of ransomware is done mainly by email attachments, which infect the application software in the system, compromised websites, and attacks the external storage device of the system. Remote access protocols are used by the attackers and they do not use any other forms of user interaction (Smith, 2017). Highly knowledgeable scammers in system programming use the ransomware attack in a cyber attack. Email attachments are sent to users. If the user opens the files that are attached in the mail, their system gets corrupted and they lose the access to the files in their own system. This is the most common type of cyber attack in the modern world.
The rate of ransomware is seemed to be increasing with very high speed in the current digital world and it is being estimated that every organization is facing such attack in every forty seconds ("Kasperskycontenthub", 2017). Businesses around the world are facing ransomware attacks, more often and in every two minutes it is being estimated that one ransomware attack is making prey a business.
The businesspersons are generally paying attackers and this is increasing the interest of the intruders to more indulge in such activities and make more profit. Out of ten, six malware found in the systems were ransomware as reported by Malwarebytes (2017) and a rough presentation was presented of about 60% of malware payloads in the spam campaign and phishing attacks including the traces of another malicious coding.
Ransomware variants are expected to be 4.3 times new coding in 2017 than it was in 2016. It is becoming easier for the intruders to led digital extortion successfully and is being resisted very few. RaaS can be stated as the most contributing and crucial factor for the intruders to get success in their attempts and allowing the intruders with the very less technical knowledge to enter the system and get ransom (Kasperskycontenthub.com, 2017). Dharma and CrySis are another family of ransomware those are being upgraded by the programmers as the defence system is being evolved. According to the researchers, the ransomware variants seem to be grown thirty times from since 2015.
There is not any sector, which is untouchable of such intrusion and had to pay the ransom in a manner to get the access to their personal data and the information (Crowe, 2017). Following is a table that shows the quantity of sectors facing ransomware attack and had to pay the circumstances.
One in four businesses is being hit by the ransomware attack those have more than 100 employees working in the organization. It was being reported by Barkly (2017) that among them 71% of the organization had to pay a large amount of ransom and 29% were only which, are escaped safely.
WannaCry Ransomware Attack
This was one of the most popular attack of this decade those was responsible for the mass destruction. The properties of this attack were same as stated in the above report, but an additional software was used in this attack called ‘EthernetBlue' that allows the intruder to get access to the storage drives of the systems. This software was developed by a U.S. agency and was stolen by an intruder and sold to the black market (Mohurle and Patil, 2017). This was a much-planned attack in which intruder had implemented coding to execute the virus on the same network and spread on all over the internet. Malicious injection principle was used to inject the virus into the network that was reported to be started in a European organization. The main target of the intruders was the multinational companies, big hospitals, institutions, federals and much more (Chen and Brodges, 2017). Most of the organizations had to pay the ransom, however, very few of them were able to shut down the network before it is spread to all systems in the organization. It was reported that the virus was mostly affected the latest operating systems, Windows XP, Windows 7, and Windows 8 and among them, the most destroyed systems were the one with the pirated operating system. Thousands of systems were destroyed by this malicious virus and the most affected region was the Chinese Institutions as, most of the individuals over there were using services from the black market (Collier, 2017). The intruders were demanding Bitcoins currencies in the exchange of the cryptographic key for the encryption made by the virus over the files.
WannaCry incident helps in understanding that it is very important to keep the operating systems updated with the latest version in a manner to stop any such intrusion. This is not limited to the latest version of the operating system, but it should be original too and protected by proper anti-virus and antimalware software. Mass destruction was made to the systems with the pirated operating system, so using latest and original is very crucial in a manner to keep the system from getting compromised (Batcheller et al., 2017). Most of the victims were not able to get the access to their files even after paying the ransom money; this led to the statement that ‘it is not important that the intruders will give the cryptographic key even after paying the ransom amount.’ Even after getting access to those files, some of the organizations were not confident that whether their data are compromised or not. This also states that no matter whether the access is gained or not, data might be compromised even after getting access to the compromised files (Martin, Kinross, and Hankin, 2017). There are ways to which we can turn the tables by encoding encryption for the files before uploading to the database, whether it stays in the system or transferred to the cloud. Whenever data is being compromised, it is not necessary that the files have not been compromised. Microsoft should have launched the patches earlier and should have estimated it earlier that such type of attack is coming. Providing update does not mean to provide patches for the past threats rather it should have a measure that could prevent the estimated threats and this estimation should be highly forward thinking.
Ransomware is capable of affecting the mass impact on the financial condition of the organization because of improper and insecure precautions taken against the malicious attacks. Following are the impacts of ransomware attacks that could potentially affect the financial condition of the organization:
Ransom cost paid: The amount that is being invested for gaining the access to the personal data and information to the intruder through Bitcoins is also a certain big amount of the money (Kshetri and Voas, 2017). On the other hand, it is being reported that the ransom amount has been doubled from last year. This is also promoting the intruders to be more indulging in such activities because of making money in less effort. Paying ransom never ensures the victim the data that is about to be restored, will be restored or not or whether the data is already compromised or not.
Downtime Cost: This is an impact the organization might face whether it pays the ransom or not as the organization will have to face a loss that could be more affecting the business than paying the ransom value. A ransomware targeting the organization will lead to the loss of the reputation of the organization; it will have to face financial loss and reduced the satisfaction of the customers.
Encourage the attackers for next attempt: Paying the ransom amount will encourage the intruders to attempt to the different organization (Simmonds, 2017).
The loss of productivity and data: This is the case, which is being faced by more than fifty percent of the victims as most of the victims facing the problem of data loss when once targeted by ransomware attack. This could lead the organization to struggle in the market as it could lead to the loss of data and information related to the client and the operational activities and results in the business to be open.
Reputation effects: Not paying the ransom value will lead to the loss of data and information as the intruders will not provide the cryptographic key unless the ransom is paid (Sharma et al., 2016). This will lead to customers feeling less reliable on the organization and thus customers will feel insecure to provide information to the organization.
Manipulation of data: not paying ransom might lead to the expose of data to the competitors or in front of the world that will affect the organization in all the ways that could be expected.
Privacy and security issues: Expose or manipulation of data could lead to the several security and privacy issues for the clients and the organization’s employees and will lead to the reputation of the organization.
Following are the methods that could prevent such intrusion:
Proper education and training: This is one of the important factors in a manner to determine how the attacks could follow and prevent from suffering in future.
Data backup: There should be a backup strategy for the data and information related to the operational activities of the organization (Volynkin, 2017).
Restricting the execution of malicious codes:
The Malicious Codes unknown to the system or needs administrative permission will be blocked through this practice.
Updating software: Using updated firewalls, operating systems, and anti-malware could restrict the unauthorized user from getting access to the storage of the systems.
Robust filtering: This could be very helpful in ensuring the organization that the chances of attacks have been reduced to the extent level.
Blocking attachments: Mails containing attachments should be blocked unless the sender is well known to the user (Krida, 2015).
Practices related to the permission review: This will help the organization or enterprises to restrict the execution of codes that need an allowance from the administration to run the file.
Based on the above and findings made through the research, it can be stated that ransomware is one of the most concerning topics related to the digital world. Ransomware once affected an organization will ultimately affect the reputation and other issues of the organization whether ransom is paid or not. However, there are certain measures those could effectively stop from letting it happen and affecting the working of the organization. Such intrusion leads to several losses related to the financial state of the organization and has the capability to drag the organization to closure. It is very crucial for the organization to keep its data and information saved and protected from any intrusion in a manner to maintain the reliability of the customers and keeping the progress of the organization as per the expectations and maintaining the rate of the organization. Using encryption for the files that are about to be saved into the database could be recommended in a manner to keep the data and information safe event after being compromised. Another recommendation can be introduced, as the organization should always use original and updated versions of the operating system, anti-virus, and anti-malware. This report presents the basics and extra technical knowledge on how these attacks proceed including the measures those could be helpful in ensuring the security. WannaCry can be stated as one of the greatest ransomware attacks and this report presents an idea about how the attack was moved on and what were the drawbacks of the systems of the different sectors that allows the virus to enter their network. The measures stated above could be helpful in ensuring that the data and information related to the operational activity of the organization and secure its reputation and financial status from such intrusion.
Finally, it can be stated that ransom should not be paid for ransomware attacks because paying the amount will no-doubt gain access to the data but there will be always a doubt of data compromise and expose of data. Discussions made in the above report concludes even after paying the ransom, the company will have to spent money for the downtime cost.
Ali, A., (2017). Ransomware: A Research and a Personal Case Study of Dealing with this Nasty Malware. Issues in Informing Science and Information Technology, 14, pp.087-099.
Batcheller, A., Fowler, S.C., Cunningham, R., Doyle, D., Jaeger, T. & Lindqvist, U., (2017). Building on the Success of Building Security In. IEEE Security & Privacy, 15(4), pp.85-87.
Chen, Q. & Bridges, R.A., (2017). Automated Behavioral Analysis of Malware A Case Study of WannaCry Ransomware. arXiv preprint arXiv:1709.08753.
Collier, R., (2017). NHS ransomware attack spreads worldwide.
Crowe, J. (2017). Cyber Attack Statistics: Majority of Victims Aren't Changing Their Security in 2017. [online] Blog.barkly.com. Available at: https://blog.barkly.com/cyber-attack-statistics-2016 [Accessed 31 Oct. 2017].4
Ioanid, A., Scarlat, C. & Militaru, G., (2017), September. The Effect of Cybercrime on Romanian SMEs in the Context of Wanna cry Ransomware Attacks. In 12th European Conference on Innovation and Entrepreneurship ECIE 2017 (p. 307).
KASPERSKY_SECURITY_BULLETIN_2016. (2017). Kasperskycontenthub.com. Retrieved 31 October (2017), from https://kasperskycontenthub.com/securelist/files/2016/12/KASPERSKY_SECURITY_BULLETIN_2016.pdf
Kasperskycontenthub.com. (2017). Cite a Website - Cite This For Me. [online] Available at: https://kasperskycontenthub.com/securelist/files/2016/12/KASPERSKY_SECURITY_BULLETIN_2016.pdf [Accessed 31 Oct. 2017].
Kirda, E., (2015). Most Ransomware Isn’t As Complex As You Might Think Yes, we should be able to detect most of it. DIMVA.
Kshetri, N. & Voas, J., (2017). Do Crypto-Currencies Fuel Ransomware?. IT Professional, 19(5), pp.11-15.
Martin, G., Kinross, J. and Hankin, C., (2017). Effective cybersecurity is fundamental to patient safety.
Mohurle, S. & Patil, M., (2017). A brief study of wanna cry threat: Ransomware attack 2017. International Journal, 8(5).
Proofpoint.com. (2017). Cite a Website - Cite This For Me. [online] Available at: https://www.proofpoint.com/sites/default/files/proofpoint_q4_threat_report-final-cm.pdf [Accessed 31 Oct. 2017].
Sharma, M.P., Zawar, M.S. & Patil, S.B., (2016). Ransomware Analysis: Internet of Things (IoT) Security Issues, Challenges, and Open Problems Inthe Context of Worldwide Scenario of Security of Systems and Malware Attacks. Int. J. Innov. Res. n Sci. Eng, 2(3), pp.177-184.
Simmonds, M., (2017). How businesses can navigate the growing tide of ransomware attacks. Computer Fraud & Security, 2017(3), pp.9-12.
Sittig, D.F. & Singh, H., (2016). A socio-technical approach to preventing, mitigating, and recovering from ransomware attacks. Applied clinical informatics, 7(2), p.624.
Smith, J., (2017). Ransomware Incident Response for Law Enforcement (Doctoral dissertation, Utica College).
Smith, M., (2016). Ransomware attack forces Michigan utility to shut dow n systems, phone lines, email. Network World.
Volynkin, A. (2017). Ransomware: Best Practices for Prevention and Response. [online] Insights.sei.cmu.edu. Available at: https://insights.sei.cmu.edu/sei_blog/2017/05/ransomware-best-practices-for-prevention-and-response.html [Accessed 31 Oct. 2017].
Yaqoob, I., Ahmed, E., ur Rehman, M.H., Ahmed, A.I.A., Al-garadi, M.A., Imran, M. & Guizani, M., (2017). The rise of ransomware and emerging security challenges in the Internet of Things. Computer Networks.
To View this & another 50000+ free samples. Please put
your valid email id.
Earn back the money you have spent on the downloaded sample by uploading a unique assignment/study material/research material you have. After we assess the authenticity of the uploaded content, you will get 100% money back in your wallet within 7 days.
Get Moneyinto Your Wallet
Total 14 pages, 1 USD Per Page
*The content must not be available online or in our existing Database to qualify as
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2021). Enterprise Security Management. Retrieved from https://myassignmenthelp.com/free-samples/nit5083-enterprise-security-management/such-intrusion.html.
"Enterprise Security Management." My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/nit5083-enterprise-security-management/such-intrusion.html.
My Assignment Help (2021) Enterprise Security Management [Online]. Available from: https://myassignmenthelp.com/free-samples/nit5083-enterprise-security-management/such-intrusion.html[Accessed 23 September 2021].
My Assignment Help. 'Enterprise Security Management' (My Assignment Help, 2021) <https://myassignmenthelp.com/free-samples/nit5083-enterprise-security-management/such-intrusion.html> accessed 23 September 2021.
My Assignment Help. Enterprise Security Management [Internet]. My Assignment Help. 2021 [cited 23 September 2021]. Available from: https://myassignmenthelp.com/free-samples/nit5083-enterprise-security-management/such-intrusion.html.
The respective sample has been mail to your register email id
* $5 to be used on order value more than $50. Valid for
We have sent login details on your registered email.
MyAssignmenthelp.com has appointed best assignment experts who are wizards of words. Our writers know every trick of crafting high quality write-ups within a short period. With years of experiences, we have become one of the most prolific assignment help services in the USA. We deliver custom-made help to students with writing different types of assignments. We guarantee total need-based and timely service, and this is why increasing numbers of students prefer to buy assignment online.
Based on the case study, it could be understood that Thredbo is one of the best-known ski resorts in Australia. The ski resort possesses all the necessary attributes to attract tourists not only in the peak season but also during the low season as well. But currently, the ski resort had been facing issues like high vacancy and lower levels of profit in the low season, which was not expected because it had great potential to ...
Personality is depicted as "an exceptional game plan of characteristics and traits, decently stable after some time." Clearly, character is interesting in so far as each of us has our own particular character, not the same as some other person's (Hamilton, 2015). The definition also embraces that character does not change from standard. Personality is a dynamic idea delineating the change and progress of a man's entire mental structu...
The “Commonwealth Bank of Australia” is one of the most popular and largest banks in Australia. It has developed in an organization with more than 50000 employees and 800000 stakeholders. It has been helping through a wide range of financial services by helping Australians managing and creating their finances.
For business as well as individuals banking and finance has been affecting many things. The impact o...
Innovation and entrepreneurship has a key role to play in any business organisation. If the business is a start-up, the innovation is an essential factor that has to be considered. As given in part A, a start-up restaurant has been chosen, that is introducing Indian food in Australia. This assignment highlights the importance of innovation and entrepreneurship on the business of the start-up restaurant. The impac...
Organisational Culture and Decision Making
1: Decision making process needs deep insight about a matter one deals with. In an organisation, decision making is shouldered upon the managers. As the leader of hundreds of employees, the manager of an organisation utilises his or her leadership qualities thus ensuring the basic understanding of the problems or decisive characteristics. While making decision, the managers are supposed to conc...
Are you confident that you will achieve the grade? Our best Expert will help you improve your grade
EAPM4000 Professional Communication Practice
MGT701 Managing Organisations
HC1041 IT For Business
MGMT20144 Management And Business Context
BUS102 Introduction To Management
ITC561 Cloud Computing
BUSN625 Applied Decision Making
7131LAW Foundations Of Australian Migration Law And Practice
MGMT20140 Design IT
INFT3100 Project Management
BLO1105 Business Law
CHCECE022 Promote Childrens Agency
BSBINN301 Promote Innovation In A Team Environment
BSBLDR511 Develop And Use Emotional Intelligence
BCO6656 IT Project Management
NIT1104 Practical Project
CHC50113 Diploma Of Early Childhood Education And Care
BSB51918 Diploma Of Leadership And Management
APT5005 Domestic Violence And Sexual Assault
BSBADM504 Plan And Implement Administrative Systems
Just refer 5 friends to earn more than $2000.
After the successfull payment you will be redirected to the detail page where you can see download full answer button over blur text.You can also download from there.
Or you can also download from My Library section once you login.Click on the My Library icon
My Library page open there you can see all your purchased sample and you can download from there.
That's our welcome gift for first time visitors
It is too easy to create or access your own library, just enter your email and make your search
MyAssignmenthelp.com stores a huge
COLLECTION OF QUESTIONS AND SAMPLES, which you can refer to any time you want.
Every time you find something useful, you can save that using the bookmark tool. From the next time,
can access that from your personalized library.
With this feature, you get to create your own collection of documents. You get free
choose and bookmark any document you wish.
Accessing the collection of documents is absolutely easy. Once you bookmark a sample,
access its content with a few clicks on your mouse.
This personalized library allows you to get faster access to the necessary documents.
longer need to spend hours to locate the sample you need.
Finding a sample from a list of thousands is nothing less than spotting a needle in a
Personalizing your own library relieves you from that stress.
On APP - grab it while it lasts!
*Offer eligible for first 3 orders ordered through app!
ONLINE TO HELP YOU 24X7
OR GET MONEY BACK!
OUT OF 33845 REVIEWS
Received my assignment before my deadline request, paper was well written. Highly