Ransomware Malware: A Walkthrough and Real World Example
VerifiedAdded on 2022/12/23
|5
|1180
|59
AI Summary
This article provides a detailed walkthrough of ransomware malware, including its stages of operation. It also explores a real world example of a ransomware attack and its impact. Additionally, it discusses how the issue was addressed.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CYBER SECURITY
Cyber Security
Name of the Student
Name of the University
Author Note
Cyber Security
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CYBER SECURITY
Introduction:
In the aspect of cyber security there are various types of viruses and malware which can
badly affect the computer systems and the users of it. In this aspect ransomware is one of the
malware which can badly affect the computer systems (Moore, 2016). In this aspect ransomware
malware will be discussed and a detailed walkthrough will be developed regarding how this
malware operated in the real time environment.
Walkthrough of the Ransomware Malware:
The ransomware malware operates within the real world by following four stages. These
four stages are the targeting, distribution, encryption and recovery. In the following section all of
these four stages are described.
Targeting: Targeting is the first phase for the ransomware malware. In this step the
ransomware attacker finds their potential victims and prepares a method for execution of
the attack (Brewer, 2016). The most common method of executing this attack is sending
an email to the victim attaching the malware into it. Distribution: In the distribution phase of the attack the ransomware malware is installed
in the system of the victim. For installing this threat into the system a new type of
technique is used which is known as the clickless threats. In this way, the malware got
installed in the system without the acknowledgement of the user. In this way ransomware
malware is distributed among the systems. Encryption: The third stage of the ransomware attack is the encryption. After successful
installation in the victim’s system now it’s the time for encrypt all the files and folders
Introduction:
In the aspect of cyber security there are various types of viruses and malware which can
badly affect the computer systems and the users of it. In this aspect ransomware is one of the
malware which can badly affect the computer systems (Moore, 2016). In this aspect ransomware
malware will be discussed and a detailed walkthrough will be developed regarding how this
malware operated in the real time environment.
Walkthrough of the Ransomware Malware:
The ransomware malware operates within the real world by following four stages. These
four stages are the targeting, distribution, encryption and recovery. In the following section all of
these four stages are described.
Targeting: Targeting is the first phase for the ransomware malware. In this step the
ransomware attacker finds their potential victims and prepares a method for execution of
the attack (Brewer, 2016). The most common method of executing this attack is sending
an email to the victim attaching the malware into it. Distribution: In the distribution phase of the attack the ransomware malware is installed
in the system of the victim. For installing this threat into the system a new type of
technique is used which is known as the clickless threats. In this way, the malware got
installed in the system without the acknowledgement of the user. In this way ransomware
malware is distributed among the systems. Encryption: The third stage of the ransomware attack is the encryption. After successful
installation in the victim’s system now it’s the time for encrypt all the files and folders
2CYBER SECURITY
available in the system (Kolodenker et al., 2017). In this stage the ransomware malware
automatically encrypts all the files of the victim. Recovery: In the encryption stage all important files of the victim is already conquered by
the ransomware malware. Now if the victim wants to get back his/her data they needs to
pay specific amount of ransom to the attacker and the amount of ransom can vary. If the
ransom is paid then only all the data are released and in this stage the ransomware
malware completes its lifecycle in the real world.
Real World Example of Ransomware Attack:
One of the important example of the ransomware attack was the 2017 ransomware attack
which spread over the whole world. This duration of this attack was 4 days from 12th May 2017
to 15th may 2017 in which more than 300,000 were affected (Mohurle & Patil, 2017).
Occurrence of the Malware Attack:
This ransomware malware attack was stated in 12th May of 2017. The attack was
executed till 15th May 2017 with having a 4 day duration. This attack was given a specific type of
name which was “WannaCry ransomware attack”.
Outcome of the WannaCry Ransomware Attack:
The incident of wannacry ransomware attacks showed the known vulnerability in the
Windows operating system. This vulnerability of the Windows operating system was previously
identified them and they also rolled out a patch to fix the problem before three or four months of
the actual attack commenced. Though the vulnerability was identified by Microsoft but was too
late to patch all the available systems (Martin et al., 2018). Also, it showed the approach of the
general users in the respect of update. In this case it showed how much careless are the users in
available in the system (Kolodenker et al., 2017). In this stage the ransomware malware
automatically encrypts all the files of the victim. Recovery: In the encryption stage all important files of the victim is already conquered by
the ransomware malware. Now if the victim wants to get back his/her data they needs to
pay specific amount of ransom to the attacker and the amount of ransom can vary. If the
ransom is paid then only all the data are released and in this stage the ransomware
malware completes its lifecycle in the real world.
Real World Example of Ransomware Attack:
One of the important example of the ransomware attack was the 2017 ransomware attack
which spread over the whole world. This duration of this attack was 4 days from 12th May 2017
to 15th may 2017 in which more than 300,000 were affected (Mohurle & Patil, 2017).
Occurrence of the Malware Attack:
This ransomware malware attack was stated in 12th May of 2017. The attack was
executed till 15th May 2017 with having a 4 day duration. This attack was given a specific type of
name which was “WannaCry ransomware attack”.
Outcome of the WannaCry Ransomware Attack:
The incident of wannacry ransomware attacks showed the known vulnerability in the
Windows operating system. This vulnerability of the Windows operating system was previously
identified them and they also rolled out a patch to fix the problem before three or four months of
the actual attack commenced. Though the vulnerability was identified by Microsoft but was too
late to patch all the available systems (Martin et al., 2018). Also, it showed the approach of the
general users in the respect of update. In this case it showed how much careless are the users in
3CYBER SECURITY
terms of updating their system. Outcome of the wannacry ransomware attack showed both the
Microsoft and the users of it the importance of an always updated system.
Impact of the WannaCry Ransomware Attack:
The wannacry ransomware attack was one of the devastating attack in the aspect of cyber
security in the whole world. The outcome was very much negative for the entire world. It has
been assessed that due to this attack the total number of victim crossed 200,000 and the total
number of infected devices crossed over 300,000 (Kao & Hsiao, 2018). Due this attack peoples
all over 150 countries were affected. In the later assessment it has been assessed that the total
financial losses due to this wannacry ransomware attack was approximately $4 billion.
Security Breaches in Wannacry Ransomware Attack:
In this case security of the organizations and the individuals, it was beaten properly for
which the wannacry ransomware attack went this far way. In this aspect the main aim of the
security measures was maintaining the integrity of the data but this aim of the security measures
was breached in this case. As this security measure was breached in this case, all of the data
available in the system was modified by the attackers where all the data got encrypted by the
attackers.
Addressing this Issue:
The issue of wanncry ransomware attack was addressed by the Microsoft immediately
after few days after the attack commenced. For stopping this attack Microsoft released some
emergency patches which discovered a kill switch (James, 2017). This kill switch prevented
further spreading of the wannacry ransomware attack from an already affected system. In this
way Microsoft addressed the issue of wanncry ransomware attack.
terms of updating their system. Outcome of the wannacry ransomware attack showed both the
Microsoft and the users of it the importance of an always updated system.
Impact of the WannaCry Ransomware Attack:
The wannacry ransomware attack was one of the devastating attack in the aspect of cyber
security in the whole world. The outcome was very much negative for the entire world. It has
been assessed that due to this attack the total number of victim crossed 200,000 and the total
number of infected devices crossed over 300,000 (Kao & Hsiao, 2018). Due this attack peoples
all over 150 countries were affected. In the later assessment it has been assessed that the total
financial losses due to this wannacry ransomware attack was approximately $4 billion.
Security Breaches in Wannacry Ransomware Attack:
In this case security of the organizations and the individuals, it was beaten properly for
which the wannacry ransomware attack went this far way. In this aspect the main aim of the
security measures was maintaining the integrity of the data but this aim of the security measures
was breached in this case. As this security measure was breached in this case, all of the data
available in the system was modified by the attackers where all the data got encrypted by the
attackers.
Addressing this Issue:
The issue of wanncry ransomware attack was addressed by the Microsoft immediately
after few days after the attack commenced. For stopping this attack Microsoft released some
emergency patches which discovered a kill switch (James, 2017). This kill switch prevented
further spreading of the wannacry ransomware attack from an already affected system. In this
way Microsoft addressed the issue of wanncry ransomware attack.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CYBER SECURITY
References:
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network
Security, 2016(9), 5-9.
James, R. (2017). The Wannacry Virus Analyzed.
Kao, D. Y., & Hsiao, S. C. (2018, February). The dynamic analysis of WannaCry ransomware.
In 2018 20th International Conference on Advanced Communication Technology
(ICACT) (pp. 159-166). IEEE.
Kolodenker, E., Koch, W., Stringhini, G., & Egele, M. (2017, April). PayBreak: defense against
cryptographic ransomware. In Proceedings of the 2017 ACM on Asia Conference on
Computer and Communications Security (pp. 599-611). ACM.
Martin, G., Ghafur, S., Kinross, J., Hankin, C., & Darzi, A. (2018). WannaCry—a year on.
Mohurle, S., & Patil, M. (2017). A brief study of wannacry threat: Ransomware attack
2017. International Journal of Advanced Research in Computer Science, 8(5).
Moore, C. (2016, August). Detecting ransomware with honeypot techniques. In 2016
Cybersecurity and Cyberforensics Conference (CCC) (pp. 77-81). IEEE.
References:
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network
Security, 2016(9), 5-9.
James, R. (2017). The Wannacry Virus Analyzed.
Kao, D. Y., & Hsiao, S. C. (2018, February). The dynamic analysis of WannaCry ransomware.
In 2018 20th International Conference on Advanced Communication Technology
(ICACT) (pp. 159-166). IEEE.
Kolodenker, E., Koch, W., Stringhini, G., & Egele, M. (2017, April). PayBreak: defense against
cryptographic ransomware. In Proceedings of the 2017 ACM on Asia Conference on
Computer and Communications Security (pp. 599-611). ACM.
Martin, G., Ghafur, S., Kinross, J., Hankin, C., & Darzi, A. (2018). WannaCry—a year on.
Mohurle, S., & Patil, M. (2017). A brief study of wannacry threat: Ransomware attack
2017. International Journal of Advanced Research in Computer Science, 8(5).
Moore, C. (2016, August). Detecting ransomware with honeypot techniques. In 2016
Cybersecurity and Cyberforensics Conference (CCC) (pp. 77-81). IEEE.
1 out of 5
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.