(PDF) Overview of Cyber Security
VerifiedAdded on 2021/05/31
|8
|1545
|60
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
A REPORT
ON
CYBER SECURITY
INCIDENTS
ON
CYBER SECURITY
INCIDENTS
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Introduction
Cyber security is a set of techniques which protects computer and network system from
threats and attacks. These attacks mainly aim at manipulating the sensitive information, or
destroying the data, or stealing the confidential information. With the growing digital world,
there are various threats evolving. These threats which not only bypass the firewall but also
shuts down the system. . Some of the recent cyber security incidents are:
1. What is Cryptolocker?
Cryptolocker is a type of ransomware which targets only Microsoft running windows
operating system. Cyrptolocker assault happened in from 5 September 2013 to late
may 2014. Ransomware typically propagates through an innocent looking email as an
attachment sent from a authorised company. Within this mail ransomware file is
named as pdf file to fool the user. Once the cryptolocker file executes it targets
various system files and resulting in encryption of all files. Once the encryption is
done, the display shows message with high ransom to pay to decrypt the file.
How the cryptolocker affected the files and modus operandi used by attacker?
Cryptolocker is a type of advance software program which propagates into user’s
system through an email attachment or through any backdoor vulnerability, by then
starts encrypting the files of different types without being known to the owner. This
software program connects to its central server and starts encryption using RSA
algorithm called as asymmetric cryptography also called as open key cryptography..
The hacker keeps the private key in their central server and without using user can’t
get access into his PC. (Ducklin, 2013, p.6) After full encryption it locks down the
system and display message comes with a ransom to pay in the form of bitcoins
within a stipulated time. They fear out the user, if the ransom is not paid to them they
Cyber security is a set of techniques which protects computer and network system from
threats and attacks. These attacks mainly aim at manipulating the sensitive information, or
destroying the data, or stealing the confidential information. With the growing digital world,
there are various threats evolving. These threats which not only bypass the firewall but also
shuts down the system. . Some of the recent cyber security incidents are:
1. What is Cryptolocker?
Cryptolocker is a type of ransomware which targets only Microsoft running windows
operating system. Cyrptolocker assault happened in from 5 September 2013 to late
may 2014. Ransomware typically propagates through an innocent looking email as an
attachment sent from a authorised company. Within this mail ransomware file is
named as pdf file to fool the user. Once the cryptolocker file executes it targets
various system files and resulting in encryption of all files. Once the encryption is
done, the display shows message with high ransom to pay to decrypt the file.
How the cryptolocker affected the files and modus operandi used by attacker?
Cryptolocker is a type of advance software program which propagates into user’s
system through an email attachment or through any backdoor vulnerability, by then
starts encrypting the files of different types without being known to the owner. This
software program connects to its central server and starts encryption using RSA
algorithm called as asymmetric cryptography also called as open key cryptography..
The hacker keeps the private key in their central server and without using user can’t
get access into his PC. (Ducklin, 2013, p.6) After full encryption it locks down the
system and display message comes with a ransom to pay in the form of bitcoins
within a stipulated time. They fear out the user, if the ransom is not paid to them they
will delete the private key or they will delete the data. In fact paying does not
guarantee that they will do the decryption process. By then the most ideal approach to
unravel the data is by online master association which will cost them extensively
more in higher bitcoins. (Wikipedia, 2018, p.6)
Following diagram shows the modus operandi used by attacker:
(Anonymous, 2015, p.4)
2. What is WannaCry attack?
WannaCry is a type of ransomware which occurred in May 2017 worldwide leaving
the most of the systems affected. It targeted Microsoft running operating system by
encrypting the sensitive information and demanding ransom for decrypting the data.
Initially it started in Asia at morning 7 O’clock and by affecting the vulnerable SMB
port and within a day spreading to almost 2 lakhs system covering over 150 countries.
These ransomware spreads itself through the network. It is also called as network
worm which travels through other application programs and when it reaches the PC it
extracts itself. (Wikipedia, 2018, p.6)
How WannaCry expands itself over the network? (Ehrenfeld, 2017, p.6)
guarantee that they will do the decryption process. By then the most ideal approach to
unravel the data is by online master association which will cost them extensively
more in higher bitcoins. (Wikipedia, 2018, p.6)
Following diagram shows the modus operandi used by attacker:
(Anonymous, 2015, p.4)
2. What is WannaCry attack?
WannaCry is a type of ransomware which occurred in May 2017 worldwide leaving
the most of the systems affected. It targeted Microsoft running operating system by
encrypting the sensitive information and demanding ransom for decrypting the data.
Initially it started in Asia at morning 7 O’clock and by affecting the vulnerable SMB
port and within a day spreading to almost 2 lakhs system covering over 150 countries.
These ransomware spreads itself through the network. It is also called as network
worm which travels through other application programs and when it reaches the PC it
extracts itself. (Wikipedia, 2018, p.6)
How WannaCry expands itself over the network? (Ehrenfeld, 2017, p.6)
This self contained program searches the vulnerable systems and gains access to
systems by using EternalBlue (an exploit released by shadow hackers group), then
copies itself by using a tool called Doublepulsar. When the WannaCry ransomware is
executed, it first checks for a domain name called “Kill Switch” (A mechanism used
for emergency stop) and if it is not found, then it starts encrypting the system files in
order to block the user access and simultaneously exploiting the Server Message
Block (SMB) and spreading to other systems as well. After encryption it makes the
user difficult to utilize the data. Then display monitor shows message that the files are
encrypted and to decrypt the data user has to pay a high ransom in form of bitcoins
within the given stipulated time. (Fruhllnger, 2017, p.6)
3. What is NotPetya?
NotPetya is a type of ransomware which affects the systems by means of phishing
spam. NotPetya occurred in around 2016. NotPetya blocks the booting functions of
the system. Petya is ransomware — a type of malware that taints an objective PC,
scrambles a portion of the information on it, and gives the casualty a message
clarifying how they can pay in Bitcoin to get the keys to recover their information.
How NotPetya cyber attack happened and methods used by hacker?
This ransonware was first discovered in 2016. It mainly affected the Microsoft
Windows operating system. This ransomware travels with e-mail as an attachment.
This attack infects the master boot record (MBR), and initiates a restart, after that
when the system starts the payload is executed replacing windows bootloader and
encrypts the master file table of NTFS file system and prevents windows system from
booting. It then displays message demanding ransom for the decryption. Amid this
procedure, message purportedly yield by chkdsk, Windows' document framework
scanner, is shown on-screen, proposing that the hard drive's divisions are being
repaired. The first payload required the client to give it managerial benefits; one
variation of Petya was packaged with a substitute payload known as Mischa, which is
utilized if Petya neglects to introduce. Mischa is a more ordinary ransomware payload
that scrambles client records, and also executable documents, and does not require
regulatory benefits to execute.
4. What is Equifax attack and how it was operated by attacker?
systems by using EternalBlue (an exploit released by shadow hackers group), then
copies itself by using a tool called Doublepulsar. When the WannaCry ransomware is
executed, it first checks for a domain name called “Kill Switch” (A mechanism used
for emergency stop) and if it is not found, then it starts encrypting the system files in
order to block the user access and simultaneously exploiting the Server Message
Block (SMB) and spreading to other systems as well. After encryption it makes the
user difficult to utilize the data. Then display monitor shows message that the files are
encrypted and to decrypt the data user has to pay a high ransom in form of bitcoins
within the given stipulated time. (Fruhllnger, 2017, p.6)
3. What is NotPetya?
NotPetya is a type of ransomware which affects the systems by means of phishing
spam. NotPetya occurred in around 2016. NotPetya blocks the booting functions of
the system. Petya is ransomware — a type of malware that taints an objective PC,
scrambles a portion of the information on it, and gives the casualty a message
clarifying how they can pay in Bitcoin to get the keys to recover their information.
How NotPetya cyber attack happened and methods used by hacker?
This ransonware was first discovered in 2016. It mainly affected the Microsoft
Windows operating system. This ransomware travels with e-mail as an attachment.
This attack infects the master boot record (MBR), and initiates a restart, after that
when the system starts the payload is executed replacing windows bootloader and
encrypts the master file table of NTFS file system and prevents windows system from
booting. It then displays message demanding ransom for the decryption. Amid this
procedure, message purportedly yield by chkdsk, Windows' document framework
scanner, is shown on-screen, proposing that the hard drive's divisions are being
repaired. The first payload required the client to give it managerial benefits; one
variation of Petya was packaged with a substitute payload known as Mischa, which is
utilized if Petya neglects to introduce. Mischa is a more ordinary ransomware payload
that scrambles client records, and also executable documents, and does not require
regulatory benefits to execute.
4. What is Equifax attack and how it was operated by attacker?
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Equifax is a consumer credit report agency that aggregates information of 800 million
consumers and more than 88 million businesses globally. In September, 2017 Equifax
announced a serious security breach which happened from mid may to July 2017.
Cyber attacker accessed more than 145 million data records of consumers including
their contact numbers, personal data, address, birth dates. Equifax likewise affirmed
no less than 209,000 shoppers' charge card accreditations were taken in the assault.
On Walk 1, 2018, Equifax reported that 2.4 million extra U.S. clients were influenced
by the break. The organization cases to have found proof of the cybercrime occasion
on July 29, 2017. Inhabitants in the Assembled Kingdom and Canada were
additionally affected. (Larsen, & Wattles, 2017, p.7)
Hackers accessed 145 million consumers information by hacking one of the Equifax
website called Apache Struts. This website was used by consumer support as online
support portal where Equifax consumer goes and logs issues and credit reports. It is
also not clear about how hacker sent malware into those systems but it is clear that
hackers took advantage of this flaw and get into the consumer confidential
information.
Conclusion
In this developing digital world, digital security is huge for more secure utilization of web.
Regular programmers are planning new malignant projects and getting into loss' framework.
Till now, ransomware programs are commanding the cybersecurity. Cybersecurity is an
endless fight and a permanent solutin won't be predictable in future.
consumers and more than 88 million businesses globally. In September, 2017 Equifax
announced a serious security breach which happened from mid may to July 2017.
Cyber attacker accessed more than 145 million data records of consumers including
their contact numbers, personal data, address, birth dates. Equifax likewise affirmed
no less than 209,000 shoppers' charge card accreditations were taken in the assault.
On Walk 1, 2018, Equifax reported that 2.4 million extra U.S. clients were influenced
by the break. The organization cases to have found proof of the cybercrime occasion
on July 29, 2017. Inhabitants in the Assembled Kingdom and Canada were
additionally affected. (Larsen, & Wattles, 2017, p.7)
Hackers accessed 145 million consumers information by hacking one of the Equifax
website called Apache Struts. This website was used by consumer support as online
support portal where Equifax consumer goes and logs issues and credit reports. It is
also not clear about how hacker sent malware into those systems but it is clear that
hackers took advantage of this flaw and get into the consumer confidential
information.
Conclusion
In this developing digital world, digital security is huge for more secure utilization of web.
Regular programmers are planning new malignant projects and getting into loss' framework.
Till now, ransomware programs are commanding the cybersecurity. Cybersecurity is an
endless fight and a permanent solutin won't be predictable in future.
References
Ducklin, P. (2013).CryptoLocker ransomware – see how it works, learn about prevention,
cleanup and recovery. [Online]. Available on:
https://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-
it-works-learn-about-prevention-cleanup-and-recovery/[Accessed: 18 May,2018].
Ehrenfeld, J. M. (2017). Wannacry, cybersecurity and health information technology: A time
to act. Journal of medical systems, 41(7), 104.
Wikipedia, (2018). CryptoLocker. [Online]. Available
on:.https://en.wikipedia.org/wiki/CryptoLocker[Accessed: 06 March, 2018].
Anonymous, (2015).What is CryptoLocker and What it Does to Your Computer?. Available
on: https://vcompremium.com/what-is-cryptolocker-and-what-it-does-to-your-
computer/ [Accessed: 18 May, 2018].
Fayi, S. Y. A. (2018). What Petya/NotPetya Ransomware Is and What Its Remidiations Are.
In Information Technology-New Generations (pp. 93-100). Springer, Cham.
Wikipedia, (2018). WannaCry ransomware attack. [Online]. Available
on:https://en.wikipedia.org/wiki/WannaCry_ransomware_attack [Accessed: 18 May,
2018].
Fruhllnger, J. (2017). What is WannaCry ransomware, how does it infect, and who was
responsible? [Online]. Available on:
https://www.csoonline.com/article/3227906/ransomware/what-is-wannacry-
ransomware-how-does-it-infect-and-who-was-responsible.html[Accessed:18 May,
2018].
Ducklin, P. (2013).CryptoLocker ransomware – see how it works, learn about prevention,
cleanup and recovery. [Online]. Available on:
https://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-
it-works-learn-about-prevention-cleanup-and-recovery/[Accessed: 18 May,2018].
Ehrenfeld, J. M. (2017). Wannacry, cybersecurity and health information technology: A time
to act. Journal of medical systems, 41(7), 104.
Wikipedia, (2018). CryptoLocker. [Online]. Available
on:.https://en.wikipedia.org/wiki/CryptoLocker[Accessed: 06 March, 2018].
Anonymous, (2015).What is CryptoLocker and What it Does to Your Computer?. Available
on: https://vcompremium.com/what-is-cryptolocker-and-what-it-does-to-your-
computer/ [Accessed: 18 May, 2018].
Fayi, S. Y. A. (2018). What Petya/NotPetya Ransomware Is and What Its Remidiations Are.
In Information Technology-New Generations (pp. 93-100). Springer, Cham.
Wikipedia, (2018). WannaCry ransomware attack. [Online]. Available
on:https://en.wikipedia.org/wiki/WannaCry_ransomware_attack [Accessed: 18 May,
2018].
Fruhllnger, J. (2017). What is WannaCry ransomware, how does it infect, and who was
responsible? [Online]. Available on:
https://www.csoonline.com/article/3227906/ransomware/what-is-wannacry-
ransomware-how-does-it-infect-and-who-was-responsible.html[Accessed:18 May,
2018].
Wikipedia.com. (2018). Equifax. [Online]. Available
on:https://en.wikipedia.org/wiki/Equifax[Accessed: 18 May, 2018].
Larsen, W. & Wattles, J. (2017). How the Equifax data breach happened: What we know
now [Online]. Available on:http://money.cnn.com/2017/09/16/technology/equifax-
breach-security-hole/index.html [Accessed: 18 May, 2018].
on:https://en.wikipedia.org/wiki/Equifax[Accessed: 18 May, 2018].
Larsen, W. & Wattles, J. (2017). How the Equifax data breach happened: What we know
now [Online]. Available on:http://money.cnn.com/2017/09/16/technology/equifax-
breach-security-hole/index.html [Accessed: 18 May, 2018].
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1 out of 8
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.