Cyber Crime Report: Ransomware Malware and Network Security

Verified

Added on 2019/09/18

AI Summary

This report provides a comprehensive analysis of Ransomware Malware, focusing on its impact on network-attached backup systems. It details various attack methods, including exploit kits, malicious email attachments, and malicious email links, explaining how these methods compromise IT systems. The report explores the application of zero-sum game theory and Nash equilibrium in the context of Ransomware attacks, illustrating the strategic interactions between attackers and legitimate users. It discusses the importance of understanding these dynamics to enhance network security and protect against data encryption. Furthermore, the report highlights the significance of testing backup systems and implementing effective mitigation strategies to counter Ransomware threats. The conclusion summarizes the key findings and emphasizes the need for continuous vigilance and proactive measures to safeguard against cybercrime.

Running Head: Cyber Crime
Cyber crime
[Document subtitle]

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Cyber Crime 1
Introduction
In this paper, we are studied about the Ransomware Malware. Generally, it is said that the
Ransomware is a computer malware in which rogue software code effectively holds a user’s
computer hostage until a “ransom” fee is paid. The scenario that has been selected to discuss the
Ransomware Malware is encryption of the network attached backup system. This paper is
focused on different elements of the Ransomware Malware. For example, it defines how the
Ransomware attack happens in IT or other companies. It is defined one or more methods used
for the attack. On the other hand, the laws that are broken by crypto Ransomware also discussed
to aware the target audience about effects of illegal attacks of malware. Therefore, with the help
of this knowledge, the target audience can learn a lot of knowledge about different aspects of
Ransomware malware and pay a significant contribution towards the management of their IT
networks. The Ransomware malware has enough potential to influence the stored data and other
backup systems in a negative manner. The knowledge of Ransomware malware will help them in
their career because they can apply their practical knowledge to save systems from any
unrecognized attack.
Part A
How Ransomware Malware attack can happen to network attached backup system
() Ransomware Malware influences the existing network-attached backup system of different IT
organizations in a significant manner. The cyber extortionists know that backups are their most
important enemy in fulfilling their desired objectives and are adapting their Ransomware to look
for them. So, the priority focus of Ransomware malware is towards encryption of the backup
files. It is done with the purpose of preventing different clients from accessing their backup data
and saving themselves from fine. The first and foremost step of Ransomware Malware is to
destroy Shadow copy and restore point data on Windows Systems. This performed by the
different Ransomware families who are operating the malware the special motive to gain
significant monetary profit. After planning of an attack on Shadow copy and restore point data, it
targets all attached drives and happens to encrypt the backups as well, though not likely by
design. The presence of Ransomware Malware encrypts each files system that is attached to an
infected machine. This situation might prove vulnerable for a client. Apart from this, the
presence of Ransomware Malware also influenced the external hard drives and plugged-in USB
sticks. Therefore, it is right to say that the Ransomware Malware comes in different forms and
influence the network attached backup system in a significant manner. There are a lot of business
houses who becomes failure to test their backups properly. The main reason behind the attack of
Ransomware Malware is that most of the business firms and other small level clients did not
have a recent test of their recovery process. They are engaged in doing backups, but they do not
have any information about how they can recover it. So, it becomes essential for the business
firms to have knowledge about network attached backup system and prevent Ransomware
Malware attack significantly.

Cyber Crime 2
Methods used by Ransomware Malware for the attack
Ransomware used a large number of methods to attack personal information of an organization.
Some of the popular and common methods used by Ransomware for attack purpose includes
following:
Exploit Kits
The first and foremost method used by Ransomware for the attack is exploiting kit. This method
is a combination of different sophisticated and important tools that exploit vulnerabilities. The
exploit kit works when an individual or victim visits a compromised website. The website
becomes the foremost factor of attack within the business organizations. It is because these
compromised websites are the combination of different hidden malicious codes. These hidden
malicious codes exploit kit landing page unnoticed. If vulnerable, a drive-by download of a
malicious payload will be executed, the system will become infected, and the files will be held
for Ransom. This method is quite popular among cyber extortionists.
Malicious Email Attachments
The second and foremost method used here is malicious email attachments. According to this
method, the cyber extortionists of Ransomware crafts an email with malicious attachments. This
is performed by Ransomware through some believable sources like Information technology and
human resources. Ransomware attaches the malicious file like portable executable or a .JS file.
As and when the mail receiver open the attachment thinking, he or she will become the victim of
Ransomware Malware attack. This occurs in most of the cases because the receivers think that
the file has received from the trusted sources.
Malicious Email Links
The last and final method used by cyber extortionists of Ransomware is malicious email links.
This is one of the important attack methods among others. As the malicious email attachments,
malicious links are in the body of the mail. These malicious links remain in the form of URL.
Similar to malicious email attachments, these are also sent by cyber extortionists through trusted
sources. Therefore, when the receiver opens the file or attached link, he or she becomes the
victim of malicious email link attack. When the receiver clicks on these URLs, they download
malicious files over the web. This process infected the overall working scenario of a particular
system.
Therefore, it is right to say that Ransomware Malware attack comes in different form. Each form
comes with different negative influences that affect the information system working scenario of
an organization.
Part B
() defined the Zero Sum game as a game theory in which an individual's gain is equivalent to
another loss, so the net change in benefit and wealth is zero. On the other hand, (0 defined the
Nash Equilibrium as an important logical and mathematical action that participants of a game
should take to secure the best outcomes for themselves. In a similar manner, the Malicious Email

Cyber Crime 3
attachment attack method is also linked with both zero-sum game theory and Nash Equilibrium.
According to the zero-sum theory, the Ransomware Malware want to influence the legitimate
user through encryption of the data. On the other hand, the legitimate user want to secure its data
by using different protection means. Both parties are associated and bound with the Zero-sum
game theory. The zero-sum game theory also depicts that there will be a situation where both
parties the legitimate user and attacker will be a no gain and no loss situation. It means that the
legitimate user will put efforts to protect his system from unauthorized mail and attacker take
initiatives to encrypt the data to satisfy personal profits. The Malicious Email; Attachment
method also offers both profit and loss to each concerned player here. For example, it will give
the chance to attacker to encrypt the system and data of others through sending a link from
authorized and trusted server. On the other side, the legitimate user will try to secure its data and
system by installation of different firewalls and blocking system of unrecognized emails. At the
same time, both players are fighting for a common motive. The legitimate users want to protect
their data. On the other side, attacker want to stole personal data and corrupt the whole system.
Therefore, a significant bonding and relationship can identify between the situations of both
players.
() said that the Nash equilibrium is a right method to resolve the zero-sum game situation among
different players. The above-mentioned situation can also resolve through the Nash Equilibrium.
It is the Nash Equilibrium which facilitates prediction of the strategic interaction outcomes in the
network security. The Nash equilibrium facilitates the effective use of malicious email
attachments for both players. This is performed with the help of three different elements. These
elements are a set of sections, a set of players, and a payoff function for each player. It brings
coordination between the both players and solve the situation very effectively. For example, in
the above-mentioned case there are two different players. The first player is legitimate user and
another is attacker. If both of the players choose same actions, it will call coordination. If the
players select the different actions, they each get a payoff of 0. If they both choose one particular
option, they each get 2, and if they both agree with another option, they each get 1. The
coordination among both players can effectively define with the coordination example. For
example, if a player whether it is attacker or legitimate user chooses a row, the next player will
automatically go with a column, and the resulting payoffs are listed in parentheses. Therefore, it
is right to say that the zero-sum game situation of both players can resolve with the Nash
Equilibrium. This will solve the problem through spreading coordination and bring work balance
between working scenario of each player. Moreover, it can also be said that the Malicious Email
attachment attack method have enough potential of influencing the behavior and working method
of each player. Therefore, it becomes the responsibility of both to focus on the resolution of the
zero-sum game situation and turns it into a profitable situation.