SlideShare a Scribd company logo

Ransomware: Attack, Human Impact and Mitigation

Maaz Ahmed Shaikh
Maaz Ahmed Shaikh

This document discusses ransomware attacks, including their history, impact, and mitigation strategies. It provides an overview of common ransomware types and how they work. Statistics are presented on organizations and countries most affected by ransomware. The COVID-19 pandemic is noted to have increased ransomware attacks by exploiting remote work vulnerabilities. Effective mitigation involves backups, antivirus software, user training, and following best practices if a ransomware attack occurs.

Engineering
1 of 5
Download to read offline
Ransomware: Attack, Human Impact and Mitigation Maaz Ahmed CSIT Department, NED UET NED UET Karachi Pakistan maazshaikh437@gmail.com Waqas Ahmed CSIT Department, NED UET NED UET Karachi Pakistan waq.ahmed01@gmail.com Sheroz Khan Department of Telecommunications, IICT MUET Jamshoro Pakistan sherozk867@gmail.com Abstract - Ransomware is one of the types of malware which is the result of sophisticated effort to compromise the modern computer structures. In this paper we examine the current history of ransomware and its growth to the recent form of large-scale ransomware attacks (ones that interrupt whole organizations). Within that timeframe, public reporting, articles, and news media reporting on large- scale ransomware attacks is reviewed to create an experimental analysis of ransom payments, circumstances that led to those payments, and if data was eventually recovered through a literature study for the people victimized by ransomware. Increasing threats due to ease of transfer of ransomware over internet are also talk over. Finally, low level awareness among company professionals is confirmed and reluctance to payment on being a victim is found as a common trait. Keywords- Ransomware; Extortion; Malware I. INTRODUCTION Ransomware is a type of malware that creates files on a victim’s computer isolated and then demands the victim to pay a ransom (commonly in the method of bitcoins) in order to recover access to the lost files. In 2013, the first popular conventional ransomware called Crypto locker spread through the Internet [1]. Since then, the threat and danger has grown-up and is now a common-place incident constructing headlines regularly. Among the concerns that are frequently expressed is the ethical concerns of giving ransoms and how persons who do pay are merely funding the next attacks. On one hand, limited the profitability of such attacks would lessen their occurrence. On the other hand, it would need organizations to agree the permanent loss of data or to be potentially shut down permanently. II. IMPACT OF RANSOMWARE: Generally, ransomware attack is seen from the prism of business, commercial and financial environments. The ransom is monetary, and the costs involved with recovery are monetary [1]. Ransomware utilizes techniques to inforce victim into paying the demanded quantity in Bitcoins (usually undetectable Crypto Currency) or providing personal information. Still, there are many times in which files aren't decrypted even after a charge has been paid. The ultra-modern consensus is that ransomware maintains in vital categories which may be crypto and locker [2]. This contains that the victim retaining of the laptop machine is done by way of both encrypting documents and locking the computer or by either one of them. In a subset of cases, a ransom payment may mean the difference among a business continuing to exist or to close. There are also other non-financial interests to consider. A modern study into the effects of ransomware attacks on hospitals indicated that hospitals that suffered breaches as well as ransomware frequently had longer times to given that critical services that has led to a measurable growth in mortality rates of those services compared to those that did not suffer a breach or ransomware infection. Government organizations were more likely to not pay the ransom as finish is not a possible effect for them. There is also the individual impact of executives in charge of IT or IT security on their future careers and the intangible costs to organizations for reputational damage that may occurs as being identified as a victim of ransomware [1]. Although difficult to calculate, those making selections in addressing ransomware have the clear real costs mentioned above, they are likely to involve in choices that do not badly disturb their employability or company’s future reputation unnecessarily. It is practical to accept the cause that most public reports for ransomware attacks involve certain industries is that many have no choice to report International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 73 https://sites.google.com/site/ijcsis/ ISSN 1947-5500
and have the capability to hide the disruption from the public, thus they have no reason to reveal. III. ANALYSIS: Targets which can, from the attacker’s opinion, be seen as feasible targets are a minor subset of the total group of victims. Feasible targets are victims who have lost important data, need the technical skills to make a payment and are also ready to do so. It can consequently be assumed that most ransomware distributors use a ‘shotgun approach’ in the hope of finding some feasible targets and, in practice, create a lot of cyber damage. The Internet provides the key role in pressing threat for easier spread of ransomware. Some of the statistics of Ransomware highlights the interesting variations. Revealing about their focus where they see greatest opportunity for return, and also variations in countries in their ransomware defenses [ 4]. Figure 2. Organization Hit Ransomware Figure 1. Countries Hit Ransomeware Figure 3. Countries Paid Ransomware 60% 56% 55% 54% 50% 49% 49% 48% 46% 45% MEDIA,LEISURE, ENTERTAINMENT IT,TECHNOLOGY, TELECOMS ENERGY,OIL/GAS, UTILITIES OTHER BUSINESSAND PROFESSIONAL… CONSTRUCTION ANDPROPERTY RETAIL, DISTRIBUTION… FINANCIAL SERVICES MANUFACTURING ANDPRODUCTION PUBLICSECTOR PERCENTAGE OF ORGANIZATIONS HIT BY RANSOMWARE IN THE LAST YEAR 82% 65% 63% 60% 59% 58% 57% 55% 53% 52% 49% 48% 48% 45% 42% 41% 40% 39% INDIA BRAZIL TURKEY SWEDEN U.S. MALAYSIA GERMANY NETHERLANDS SPAIN FRANCE UAE UK AUSTRALIA CHINA JAPAN ITALY SINGAPORE CANADA PERCENTAGE OF COUNTRY HIT BY RANSOMWARE IN THE LAST YEAR 66% 50% 31% 28% 28% 25% 22% 19% 16% 15% 13% 13% 12% 12% 11% 6% 4% INDIA SWEDEN JAPAN BRAZIL SINGAPORE U.S. NETHERLANDS FRANCE UAE CHINA MALAYSIA UK GERMANY AUSTRALIA CANADA ITALY SPAIN COUNTRIES THAT ARE PAID RANSOMEWARE International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 74 https://sites.google.com/site/ijcsis/ ISSN 1947-5500
IV. RANSOMWARE ATTACKS TYPES, WORKING FUNCTIONALITIES TABLE I. TYPE TYPE WANNACRY Cryptowarm GRANCRAB Ransomware-as-a-Service (Raas) SAMSAM Automated Active Adversary DHARMA Automated Active Adversary BITPAYMER Automated Active Adversary RYUK Automated Active Adversary LOCKERGOGA Automated Active Adversary MEGACORTAX Automated Active Adversary ROBBINHOOD Automated Active Adversary SODINOKIBI Automated Active Adversary NETWALKER Ransomware-as-a-Service (Raas) TABLE II. PRIVILEGES ESCALATION PRIVILEGES ESCALATION WANNACRY Exploit GRANCRAB Credentials SAMSAM Credentials DHARMA Credentials BITPAYMER Exploit RYUK Credentials LOCKERGOGA Credentials MEGACORTAX Credentials ROBBINHOOD Credentials SODINOKIBI Exploit NETWALKER Exploit TABLE III. CIPHER CIPHER WANNACRY No GRANCRAB No SAMSAM No DHARMA No BITPAYMER No RYUK No LOCKERGOGA Yes MEGACORTAX Yes ROBBINHOOD No SODINOKIBI No NETWALKER No TABLE IV. FILE ENCRYPTION FILE ENCRYPTION WANNACRY Copy, in place GRANCRAB In-Place SAMSAM Copy DHARMA Copy BITPAYMER In-Place RYUK In-Place LOCKERGOGA In-Place MEGACORTAX In-Place ROBBINHOOD Copy SODINOKIBI In-Place NETWALKER In-Place TABLE V. RENAME RENAME WANNACRY After the attack GRANCRAB After the attack SAMSAM After the attack DHARMA After the attack BITPAYMER After the attack RYUK After the attack LOCKERGOGA Before the attack MEGACORTAX Before the attack ROBBINHOOD After the attack SODINOKIBI After the attack NETWALKER After the attack TABLE VI. ENCRYPTION BY PROXY ENCRYPTION BY PROXY WANNACRY No GRANCRAB Yes SAMSAM No DHARMA No BITPAYMER No RYUK Yes LOCKERGOGA No MEGACORTAX Yes ROBBINHOOD No SODINOKIBI No NETWALKER No International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 75 https://sites.google.com/site/ijcsis/ ISSN 1947-5500
V. RANSOMWARE ATTACKS IN COVID-19 After the 1st quarter of 2020 the entire world is facing COVID-19 pandemic situation and all the organizations regardless that they are public or private, were forced to shift their approach to work from home. This surge in users results in the internet world being turned into an open ground for attackers to testing with malicious tools and to exploit on the organizations with weaker cyber security controls. A massive amount of ransomware was attacked in 2020. This increase is due to a combination of weaker controls on home IT and a higher likelihood of users clicking on COVID-19 themed ransomware lure emails given levels of anxiety [6] Some of the attacks are given below: • ColdLock Ransomware • RangarLocker Ransomware • Maze Ransomware • DopplePaymer Ransomware • Nemty Ransomware And many others had hits the OT/IT market to disturb them. VI. MITIGATION OF THE RANSOMWARE Mitigation of the ransomware can be performed in several ways: Off-site backups, capable anti-virus software and user training [3]. And the point has come forward that awareness of basic cyber security best practices is particularly low. As such it looks that a lot of improvement can be prepared by educating computer users of how to create safe backups and how to identify threats on the internet. It is also becoming apparent that in a commercial setting mostly users will assume that any computer problem is the responsibility of the IT department. Whilst this notation is indeed acceptable to some extent, but this attitude has also leads to carelessness and irresponsible behavior. Therefore, firms could most certainly benefit from training their employees in basic cyber security practices. VII. IF YOU ARE THE VICTIM OF RANSOMWARE ATTACK: If you suffer a ransomware attack, you must to understand that all credentials currently on these endpoints are now available to attackers, whether the accounts linked with them were active during the attack or not. Determining the effect of a ransomware attack will not be sufficient because threat performers are identified to change their tools and methods once they can identify their victims’ detection abilities. After primary identification has been done the following steps are necessary: • Quarantine affected system as soon as possible by eliminating the systems from the network or shut down to stop more ransomware attacks all over the network • Quarantine or Shut down the affected devices that have up till now to be completely corrupted to gain more time to clean and recover data • Starting backup data and System offline instantly • All account and network passwords will be change, when the ransomware is removed from the devices/system, you must to change all devices/system/network passwords again. I was found a website on internet i.e. https://www.nomoreransom.org/ this website was providing decrypting software free of cost and even though you do not know about the ransomware, you have to just upload a file that was encrypted if there is a decrypting software is available for that encryption technique they will provide it to victim. VIII. CONCLUSION: Cybersecurity at that time, faces many type of threat and risk coming regularly from consciously done malware and Cyber-attacks. There are quite a lot of incidents of cyber threat to era and it has on the go disturbing more vital zones such as medicine, energy etc. The latest infamous form of cyber threat is ransomware and this is aiming different zones because it is sophisticated and is an undetectable way to get “easy” money via compromising devices and extorting multimillion budget organizations [2]. The transfer of malware has become easy with increasing Internet based facilities and services. In company environments, high irresponsibility of the employees and dependence on the IT department for malware attacks is confirmed. [3] Hackers have already started to move attention on industries using ransomware nature of attack. Taking access to industry and processes, cyber attackers could become riskier due to the interruption they may impose on the businesses which in turn, may effect to vital procedure and human security of the organizations. Information security International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 76 https://sites.google.com/site/ijcsis/ ISSN 1947-5500
around the world is not sufficient to handle these cyber-attacks and malware, if infection of ransomware spread extremely across the world. The best example of it is WannaCry ransomware that has been attacking worldwide and was only stopped after frequent times of trials by cyber security specialists [5]. However, researching the nomenclature and strategies it is might be possible to be prepared at hand. We could apply those techniques and strategies for defensive and preventive countermeasures and move one step forward. REFERENCES: [1] Bambenek J.C., Bashir M. (2020) Ethics, Economics, and Ransomware: How Human Decisions Grow the Threat. In: Corradini I., Nardelli E., Ahram T. (eds) Advances in Human Factors in Cybersecurity. AHFE 2020. Advances in Intelligent Systems and Computing, vol 1219. Springer, Cham. [2] Maxwell Mago and Farai Fransisco Madyira, “Ransomware Software: Case of WannaCry,” International Research Journal of Advanced Engineering and Science, Volume 3, Issue 1, pp. 258-261, 2018. [3] Rhythima Shinde, Pieter Van der Veeken , Stijn Van Schooten and Jan van den Berg “Ransomware: Studying Transfer and Mitigation” 2016 International Conference on Computing, Analytics and Security Trends (CAST) College of Engineering Pune, India. Dec 2016 [4] Sophos “THE STATE OF RANSOMWARE” https://secure2.sophos.com/en-us/content/state-of- ransomware.aspx . [Accessed 10/05/2020]. [5] Usman Javed Butt, Maysam Abbod, Anzor Lors Hamid Jahankhani, Arshad Jamal, Arvind Kumar “Ransomware threat and its impact on SCADA” 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3) [6] David Ferbrache “The rise of ransomware during COVID-19” https://home.kpmg/xx/en/home/insights/2020/05/rise-of- ransomware-during-covid-19.html [Accessed 22/06/2020]. International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 77 https://sites.google.com/site/ijcsis/ ISSN 1947-5500

Recommended

seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
Ransomware
RansomwareRansomware
RansomwareAkshita Pillai
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cybercrime
CybercrimeCybercrime
CybercrimeAvinash
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing ThreatNick Miller
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?Datto
 
hacking
hackinghacking
hackingmayank1293
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation sweetpeace1
 

Recommended

seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
Ransomware
RansomwareRansomware
RansomwareAkshita Pillai
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cybercrime
CybercrimeCybercrime
CybercrimeAvinash
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing ThreatNick Miller
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?Datto
 
hacking
hackinghacking
hackingmayank1293
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation sweetpeace1
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
Cyber Security: Threat and Prevention
Cyber Security: Threat and PreventionCyber Security: Threat and Prevention
Cyber Security: Threat and Preventionfmi_igf
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber TerrorismDeepak Pareek
 
Cyber security
Cyber securityCyber security
Cyber securitySamsil Arefin
 
WannaCry ransomware attack
WannaCry ransomware attackWannaCry ransomware attack
WannaCry ransomware attackAbdelhakim Salama
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017Ramiro Cid
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Cyber Crime and Security (Ways to protect yourself on the internet)
Cyber Crime and Security (Ways to protect yourself on the internet)Cyber Crime and Security (Ways to protect yourself on the internet)
Cyber Crime and Security (Ways to protect yourself on the internet)AshishPanda24
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in SocietyRubal Sagwal
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)phexcom1
 
What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?Entrance Exam Info
 
HACKING
HACKINGHACKING
HACKINGShubham Agrawal
 
Ransomware attacks
Ransomware attacksRansomware attacks
Ransomware attacksTexas Medical Liability Trust
 
Social engineering
Social engineeringSocial engineering
Social engineeringAlexander Zhuravlev
 
cyber crime
cyber crimecyber crime
cyber crimeAkash Mehta
 
Wannacry
WannacryWannacry
WannacryAravindVV
 
Power point cybercrime
Power point cybercrimePower point cybercrime
Power point cybercrime12698
 
Ransomware
RansomwareRansomware
RansomwareNick Miller
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeTushar Malhotra
 
It act and cyber crime
It act and cyber crimeIt act and cyber crime
It act and cyber crimeDheeraj Dani
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrimethinkwithniche
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet IJECEIAES
 

More Related Content

What's hot

Cyber Security: Threat and Prevention
Cyber Security: Threat and PreventionCyber Security: Threat and Prevention
Cyber Security: Threat and Preventionfmi_igf
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017Ramiro Cid
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Cyber Crime and Security (Ways to protect yourself on the internet)
Cyber Crime and Security (Ways to protect yourself on the internet)Cyber Crime and Security (Ways to protect yourself on the internet)
Cyber Crime and Security (Ways to protect yourself on the internet)AshishPanda24
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in SocietyRubal Sagwal
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)phexcom1
 
What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?Entrance Exam Info
 
Power point cybercrime
Power point cybercrimePower point cybercrime
Power point cybercrime12698
 
It act and cyber crime
It act and cyber crimeIt act and cyber crime
It act and cyber crimeDheeraj Dani
 

What's hot (20)

Botnets
BotnetsBotnets
Botnets
 
Cyber Security: Threat and Prevention
Cyber Security: Threat and PreventionCyber Security: Threat and Prevention
Cyber Security: Threat and Prevention
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
Cyber security
Cyber securityCyber security
Cyber security
 
WannaCry ransomware attack
WannaCry ransomware attackWannaCry ransomware attack
WannaCry ransomware attack
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
Cyber Crime and Security (Ways to protect yourself on the internet)
Cyber Crime and Security (Ways to protect yourself on the internet)Cyber Crime and Security (Ways to protect yourself on the internet)
Cyber Crime and Security (Ways to protect yourself on the internet)
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in Society
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)
 
What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?What is Cybercrime and How to Prevent Cybercrime?
What is Cybercrime and How to Prevent Cybercrime?
 
HACKING
HACKINGHACKING
HACKING
 
Ransomware attacks
Ransomware attacksRansomware attacks
Ransomware attacks
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
cyber crime
cyber crimecyber crime
cyber crime
 
Wannacry
WannacryWannacry
Wannacry
 
Power point cybercrime
Power point cybercrimePower point cybercrime
Power point cybercrime
 
Ransomware
RansomwareRansomware
Ransomware
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
It act and cyber crime
It act and cyber crimeIt act and cyber crime
It act and cyber crime
 

Similar to Ransomware: Attack, Human Impact and Mitigation

Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrimethinkwithniche
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet IJECEIAES
 
Industry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacksIndustry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attackskevinmass30
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018Panda Security
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
The Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsThe Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsProtected Harbor
 
Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importancemanoharparakh
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhJames Herold
 
2. Cyber Intelligence in online gambling final
2. Cyber Intelligence in online gambling final2. Cyber Intelligence in online gambling final
2. Cyber Intelligence in online gambling finalMARIUS EUGEN OPRAN
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionEMC
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecuritySpark Security
 
True Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessTrue Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessIndusfacePvtLtd
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerceSensePost
 

Similar to Ransomware: Attack, Human Impact and Mitigation (20)

Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet
 
Industry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacksIndustry reactions to wanna cry ransomware attacks
Industry reactions to wanna cry ransomware attacks
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
The Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBsThe Complete Guide to Ransomware Protection for SMBs
The Complete Guide to Ransomware Protection for SMBs
 
Retail
Retail Retail
Retail
 
Cybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future AttacksCybersecurity After WannaCry: How to Resist Future Attacks
Cybersecurity After WannaCry: How to Resist Future Attacks
 
Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importance
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rh
 
2. Cyber Intelligence in online gambling final
2. Cyber Intelligence in online gambling final2. Cyber Intelligence in online gambling final
2. Cyber Intelligence in online gambling final
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for Cybersecurity
 
True Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessTrue Cost of Ransomware to Your Business
True Cost of Ransomware to Your Business
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
 

Recently uploaded

Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdfKamal Acharya
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayEpec Engineered Technologies
 
DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesMayuraD1
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesChandrakantDivate1
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdfAldoGarca30
 
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Call Girls Mumbai
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiesPE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiessarkmank1
 
Wadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptxWadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptxNadaHaitham1
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startQuintin Balsdon
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdfKamal Acharya
 
Verification of thevenin's theorem for BEEE Lab (1).pptx
Verification of thevenin's theorem for BEEE Lab (1).pptxVerification of thevenin's theorem for BEEE Lab (1).pptx
Verification of thevenin's theorem for BEEE Lab (1).pptxchumtiyababu
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...Amil baba
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdfKamal Acharya
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.Kamal Acharya
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptNANDHAKUMARA10
 
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...drmkjayanthikannan
 
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLEGEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLEselvakumar948
 

Recently uploaded (20)

Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakes
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network Devices
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
 
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiesPE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and properties
 
Wadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptxWadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptx
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
Online electricity billing project report..pdf
Online electricity billing project report..pdfOnline electricity billing project report..pdf
Online electricity billing project report..pdf
 
Verification of thevenin's theorem for BEEE Lab (1).pptx
Verification of thevenin's theorem for BEEE Lab (1).pptxVerification of thevenin's theorem for BEEE Lab (1).pptx
Verification of thevenin's theorem for BEEE Lab (1).pptx
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
 
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLEGEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
 

Ransomware: Attack, Human Impact and Mitigation

  • 1. Ransomware: Attack, Human Impact and Mitigation Maaz Ahmed CSIT Department, NED UET NED UET Karachi Pakistan maazshaikh437@gmail.com Waqas Ahmed CSIT Department, NED UET NED UET Karachi Pakistan waq.ahmed01@gmail.com Sheroz Khan Department of Telecommunications, IICT MUET Jamshoro Pakistan sherozk867@gmail.com Abstract - Ransomware is one of the types of malware which is the result of sophisticated effort to compromise the modern computer structures. In this paper we examine the current history of ransomware and its growth to the recent form of large-scale ransomware attacks (ones that interrupt whole organizations). Within that timeframe, public reporting, articles, and news media reporting on large- scale ransomware attacks is reviewed to create an experimental analysis of ransom payments, circumstances that led to those payments, and if data was eventually recovered through a literature study for the people victimized by ransomware. Increasing threats due to ease of transfer of ransomware over internet are also talk over. Finally, low level awareness among company professionals is confirmed and reluctance to payment on being a victim is found as a common trait. Keywords- Ransomware; Extortion; Malware I. INTRODUCTION Ransomware is a type of malware that creates files on a victim’s computer isolated and then demands the victim to pay a ransom (commonly in the method of bitcoins) in order to recover access to the lost files. In 2013, the first popular conventional ransomware called Crypto locker spread through the Internet [1]. Since then, the threat and danger has grown-up and is now a common-place incident constructing headlines regularly. Among the concerns that are frequently expressed is the ethical concerns of giving ransoms and how persons who do pay are merely funding the next attacks. On one hand, limited the profitability of such attacks would lessen their occurrence. On the other hand, it would need organizations to agree the permanent loss of data or to be potentially shut down permanently. II. IMPACT OF RANSOMWARE: Generally, ransomware attack is seen from the prism of business, commercial and financial environments. The ransom is monetary, and the costs involved with recovery are monetary [1]. Ransomware utilizes techniques to inforce victim into paying the demanded quantity in Bitcoins (usually undetectable Crypto Currency) or providing personal information. Still, there are many times in which files aren't decrypted even after a charge has been paid. The ultra-modern consensus is that ransomware maintains in vital categories which may be crypto and locker [2]. This contains that the victim retaining of the laptop machine is done by way of both encrypting documents and locking the computer or by either one of them. In a subset of cases, a ransom payment may mean the difference among a business continuing to exist or to close. There are also other non-financial interests to consider. A modern study into the effects of ransomware attacks on hospitals indicated that hospitals that suffered breaches as well as ransomware frequently had longer times to given that critical services that has led to a measurable growth in mortality rates of those services compared to those that did not suffer a breach or ransomware infection. Government organizations were more likely to not pay the ransom as finish is not a possible effect for them. There is also the individual impact of executives in charge of IT or IT security on their future careers and the intangible costs to organizations for reputational damage that may occurs as being identified as a victim of ransomware [1]. Although difficult to calculate, those making selections in addressing ransomware have the clear real costs mentioned above, they are likely to involve in choices that do not badly disturb their employability or company’s future reputation unnecessarily. It is practical to accept the cause that most public reports for ransomware attacks involve certain industries is that many have no choice to report International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 73 https://sites.google.com/site/ijcsis/ ISSN 1947-5500
  • 2. and have the capability to hide the disruption from the public, thus they have no reason to reveal. III. ANALYSIS: Targets which can, from the attacker’s opinion, be seen as feasible targets are a minor subset of the total group of victims. Feasible targets are victims who have lost important data, need the technical skills to make a payment and are also ready to do so. It can consequently be assumed that most ransomware distributors use a ‘shotgun approach’ in the hope of finding some feasible targets and, in practice, create a lot of cyber damage. The Internet provides the key role in pressing threat for easier spread of ransomware. Some of the statistics of Ransomware highlights the interesting variations. Revealing about their focus where they see greatest opportunity for return, and also variations in countries in their ransomware defenses [ 4]. Figure 2. Organization Hit Ransomware Figure 1. Countries Hit Ransomeware Figure 3. Countries Paid Ransomware 60% 56% 55% 54% 50% 49% 49% 48% 46% 45% MEDIA,LEISURE, ENTERTAINMENT IT,TECHNOLOGY, TELECOMS ENERGY,OIL/GAS, UTILITIES OTHER BUSINESSAND PROFESSIONAL… CONSTRUCTION ANDPROPERTY RETAIL, DISTRIBUTION… FINANCIAL SERVICES MANUFACTURING ANDPRODUCTION PUBLICSECTOR PERCENTAGE OF ORGANIZATIONS HIT BY RANSOMWARE IN THE LAST YEAR 82% 65% 63% 60% 59% 58% 57% 55% 53% 52% 49% 48% 48% 45% 42% 41% 40% 39% INDIA BRAZIL TURKEY SWEDEN U.S. MALAYSIA GERMANY NETHERLANDS SPAIN FRANCE UAE UK AUSTRALIA CHINA JAPAN ITALY SINGAPORE CANADA PERCENTAGE OF COUNTRY HIT BY RANSOMWARE IN THE LAST YEAR 66% 50% 31% 28% 28% 25% 22% 19% 16% 15% 13% 13% 12% 12% 11% 6% 4% INDIA SWEDEN JAPAN BRAZIL SINGAPORE U.S. NETHERLANDS FRANCE UAE CHINA MALAYSIA UK GERMANY AUSTRALIA CANADA ITALY SPAIN COUNTRIES THAT ARE PAID RANSOMEWARE International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 74 https://sites.google.com/site/ijcsis/ ISSN 1947-5500
  • 3. IV. RANSOMWARE ATTACKS TYPES, WORKING FUNCTIONALITIES TABLE I. TYPE TYPE WANNACRY Cryptowarm GRANCRAB Ransomware-as-a-Service (Raas) SAMSAM Automated Active Adversary DHARMA Automated Active Adversary BITPAYMER Automated Active Adversary RYUK Automated Active Adversary LOCKERGOGA Automated Active Adversary MEGACORTAX Automated Active Adversary ROBBINHOOD Automated Active Adversary SODINOKIBI Automated Active Adversary NETWALKER Ransomware-as-a-Service (Raas) TABLE II. PRIVILEGES ESCALATION PRIVILEGES ESCALATION WANNACRY Exploit GRANCRAB Credentials SAMSAM Credentials DHARMA Credentials BITPAYMER Exploit RYUK Credentials LOCKERGOGA Credentials MEGACORTAX Credentials ROBBINHOOD Credentials SODINOKIBI Exploit NETWALKER Exploit TABLE III. CIPHER CIPHER WANNACRY No GRANCRAB No SAMSAM No DHARMA No BITPAYMER No RYUK No LOCKERGOGA Yes MEGACORTAX Yes ROBBINHOOD No SODINOKIBI No NETWALKER No TABLE IV. FILE ENCRYPTION FILE ENCRYPTION WANNACRY Copy, in place GRANCRAB In-Place SAMSAM Copy DHARMA Copy BITPAYMER In-Place RYUK In-Place LOCKERGOGA In-Place MEGACORTAX In-Place ROBBINHOOD Copy SODINOKIBI In-Place NETWALKER In-Place TABLE V. RENAME RENAME WANNACRY After the attack GRANCRAB After the attack SAMSAM After the attack DHARMA After the attack BITPAYMER After the attack RYUK After the attack LOCKERGOGA Before the attack MEGACORTAX Before the attack ROBBINHOOD After the attack SODINOKIBI After the attack NETWALKER After the attack TABLE VI. ENCRYPTION BY PROXY ENCRYPTION BY PROXY WANNACRY No GRANCRAB Yes SAMSAM No DHARMA No BITPAYMER No RYUK Yes LOCKERGOGA No MEGACORTAX Yes ROBBINHOOD No SODINOKIBI No NETWALKER No International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 75 https://sites.google.com/site/ijcsis/ ISSN 1947-5500
  • 4. V. RANSOMWARE ATTACKS IN COVID-19 After the 1st quarter of 2020 the entire world is facing COVID-19 pandemic situation and all the organizations regardless that they are public or private, were forced to shift their approach to work from home. This surge in users results in the internet world being turned into an open ground for attackers to testing with malicious tools and to exploit on the organizations with weaker cyber security controls. A massive amount of ransomware was attacked in 2020. This increase is due to a combination of weaker controls on home IT and a higher likelihood of users clicking on COVID-19 themed ransomware lure emails given levels of anxiety [6] Some of the attacks are given below: • ColdLock Ransomware • RangarLocker Ransomware • Maze Ransomware • DopplePaymer Ransomware • Nemty Ransomware And many others had hits the OT/IT market to disturb them. VI. MITIGATION OF THE RANSOMWARE Mitigation of the ransomware can be performed in several ways: Off-site backups, capable anti-virus software and user training [3]. And the point has come forward that awareness of basic cyber security best practices is particularly low. As such it looks that a lot of improvement can be prepared by educating computer users of how to create safe backups and how to identify threats on the internet. It is also becoming apparent that in a commercial setting mostly users will assume that any computer problem is the responsibility of the IT department. Whilst this notation is indeed acceptable to some extent, but this attitude has also leads to carelessness and irresponsible behavior. Therefore, firms could most certainly benefit from training their employees in basic cyber security practices. VII. IF YOU ARE THE VICTIM OF RANSOMWARE ATTACK: If you suffer a ransomware attack, you must to understand that all credentials currently on these endpoints are now available to attackers, whether the accounts linked with them were active during the attack or not. Determining the effect of a ransomware attack will not be sufficient because threat performers are identified to change their tools and methods once they can identify their victims’ detection abilities. After primary identification has been done the following steps are necessary: • Quarantine affected system as soon as possible by eliminating the systems from the network or shut down to stop more ransomware attacks all over the network • Quarantine or Shut down the affected devices that have up till now to be completely corrupted to gain more time to clean and recover data • Starting backup data and System offline instantly • All account and network passwords will be change, when the ransomware is removed from the devices/system, you must to change all devices/system/network passwords again. I was found a website on internet i.e. https://www.nomoreransom.org/ this website was providing decrypting software free of cost and even though you do not know about the ransomware, you have to just upload a file that was encrypted if there is a decrypting software is available for that encryption technique they will provide it to victim. VIII. CONCLUSION: Cybersecurity at that time, faces many type of threat and risk coming regularly from consciously done malware and Cyber-attacks. There are quite a lot of incidents of cyber threat to era and it has on the go disturbing more vital zones such as medicine, energy etc. The latest infamous form of cyber threat is ransomware and this is aiming different zones because it is sophisticated and is an undetectable way to get “easy” money via compromising devices and extorting multimillion budget organizations [2]. The transfer of malware has become easy with increasing Internet based facilities and services. In company environments, high irresponsibility of the employees and dependence on the IT department for malware attacks is confirmed. [3] Hackers have already started to move attention on industries using ransomware nature of attack. Taking access to industry and processes, cyber attackers could become riskier due to the interruption they may impose on the businesses which in turn, may effect to vital procedure and human security of the organizations. Information security International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 76 https://sites.google.com/site/ijcsis/ ISSN 1947-5500
  • 5. around the world is not sufficient to handle these cyber-attacks and malware, if infection of ransomware spread extremely across the world. The best example of it is WannaCry ransomware that has been attacking worldwide and was only stopped after frequent times of trials by cyber security specialists [5]. However, researching the nomenclature and strategies it is might be possible to be prepared at hand. We could apply those techniques and strategies for defensive and preventive countermeasures and move one step forward. REFERENCES: [1] Bambenek J.C., Bashir M. (2020) Ethics, Economics, and Ransomware: How Human Decisions Grow the Threat. In: Corradini I., Nardelli E., Ahram T. (eds) Advances in Human Factors in Cybersecurity. AHFE 2020. Advances in Intelligent Systems and Computing, vol 1219. Springer, Cham. [2] Maxwell Mago and Farai Fransisco Madyira, “Ransomware Software: Case of WannaCry,” International Research Journal of Advanced Engineering and Science, Volume 3, Issue 1, pp. 258-261, 2018. [3] Rhythima Shinde, Pieter Van der Veeken , Stijn Van Schooten and Jan van den Berg “Ransomware: Studying Transfer and Mitigation” 2016 International Conference on Computing, Analytics and Security Trends (CAST) College of Engineering Pune, India. Dec 2016 [4] Sophos “THE STATE OF RANSOMWARE” https://secure2.sophos.com/en-us/content/state-of- ransomware.aspx . [Accessed 10/05/2020]. [5] Usman Javed Butt, Maysam Abbod, Anzor Lors Hamid Jahankhani, Arshad Jamal, Arvind Kumar “Ransomware threat and its impact on SCADA” 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3) [6] David Ferbrache “The rise of ransomware during COVID-19” https://home.kpmg/xx/en/home/insights/2020/05/rise-of- ransomware-during-covid-19.html [Accessed 22/06/2020]. International Journal of Computer Science and Information Security (IJCSIS), Vol. 18, No. 12, December 2020 77 https://sites.google.com/site/ijcsis/ ISSN 1947-5500