logo

Information Security & Technologies Assignment

   

Added on  2020-03-28

12 Pages2792 Words69 Views
Running head: INFORMATION SECURITY TECHNOLOGIESInformation Security TechnologiesName of the StudentName of the UniversityAuthor Note

1 INFORMATION SECURITY TECHNOLOGIESTable of Contents1. Introduction......................................................................................................................22. Background......................................................................................................................23. Risk and Security Concerns of Ransomware...................................................................53.1 Risks..........................................................................................................................53.2 Security Concerns......................................................................................................63.3 Strategies for addressing the risks and security concerns..........................................64. Conclusion.......................................................................................................................85. Future Trends...................................................................................................................96. References......................................................................................................................10

2 INFORMATION SECURITY TECHNOLOGIES1. IntroductionInformation security is a process and action to ensure the protection of information andpreventing the unauthorized use of confidential and private information, especially electronicdata. Information security ensures different measures in achieving the correct security standardsfor particular information (Peltier, 2013). There are different risk agents that can launch an attackon the information system in with an aim of data theft and corrupting the data. One of the majorthreat agents is ransomware, which is a type of malicious software, typically designed to blockthe access of data or the whole computer system, until a sum of money is paid to the attacker(Brewer, 2016). The recent cases of ransomware attack include the attack on UK’s NationalHealth Service, Russia’s Interior Ministry and staffers at selected offices of FedEx. The globalransomware attack on this organization has resulted in the disruption of normal services loss ofconfidential data. The increasing attack of ransomware is alarming as many organizations andcomputer system are targeted by these attacks to fetch a huge sum of money from the user(Mansfield-Devine, 2016). The background, risks and security concerns along with the futuretrends in relation to such ransomware attacks are elaborated in the following paragraphs. 2. BackgroundA worldwide cyber attack by Wanna Cry ransomware, as it is called has potentially putmany lives at risk by paralyzing the computer systems of National Health Service, UK. Theattack paralyzed thousands of appointments and emergency operations of the hospital as theransomware attack threatened to delete crucial files unless an amount of $300 is paid (Collier,2017). The ransomware was capable enough to break into the robust cyber security measurestaken by the hospital in protection of data. However, the attack were mainly laid on the systems,

3 INFORMATION SECURITY TECHNOLOGIESthat were using Windows XP and the malware managed to jump from computer to computer bytargeting the weakness of the this older version of windows operating system (Clarke &Youngstein, 2017). Only the windows XP were targeted as Microsoft had stopped supporting itin the year 2014, and the computers that were still operating on windows XP did not install thepatch (Mattei, 2017). A similar cyber attack was led on Interior ministry of Russia, by making a use of hackingtools created by U.S National Security Agency. The attack was launched on more than 100countries and locking the files and data of different computers demanding a payment of $300 forrestoring the access (Mohurle & Patil, 2017). According to the cyber extortionists, the attackershave used the stolen NSA hacking tools for sending spam emails with the ransomware attachedin form of invoices, job offers, security warnings and other legitimate files. Once the user opensthat files, the malware gets installed into the computer and encrypts all the files present in thecomputer (Mattei, 2017). The files can only be decrypted after paying a certain amount of moneyin form of bit coins as demanded by the attackers. Furthermore, if the amount is not paid within 7days, the files are permanently deleted from the system and thus, the user has no choice apartfrom paying the attacker. Even the staffers of FedEx offices were attacked by this ransomware. Security softwaremakers of Avast said that they have observed of about 57000 infections in 99 countries and thetop target of this attack was Russia, Ukraine and Taiwan (Mohurle & Patil, 2017). One of the most dangerous features of ransomware is that the ransomware-encrypted filescannot be decrypted that easily. Furthermore, the malware has the ability to scramble the filesnames, so that it remains undetected or becomes very difficult to detect. After locking the

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
IT Security Management
|12
|2958
|324

Application of Ethical Theory Case Study: Ransomware Cyber attack
|7
|1574
|313

IT Security Management
|8
|1563
|201

Biggest ransomware outbreak in history hits nearly 100 countries with data held for ransom
|4
|1390
|366

Assignment On Risk Mitigation and Security Plan
|14
|2958
|38

WannaCry Ransomware Attack 2017: Target, Working, Damage, Detection
|10
|2236
|76