logo

IT Security: WannaCry Ransomware Attack

MITS5004 Assignment 2 for IT SECURITY course at Victorian Institute of Technology. The assignment includes two parts. Part A requires researching and preparing a report on a computer security breach incident. Part B requires researching and preparing a report on the 2011 Sony PlayStation Network outage case.

12 Pages3038 Words37 Views
   

Added on  2023-01-19

About This Document

This document provides an analysis of the WannaCry ransomware attack, including its causes, impact, and possible solutions. It discusses the worldwide attack that targeted computers running on older versions of Microsoft Windows and explores the vulnerabilities that allowed the attack to occur. The document also offers insights into preventive measures and the importance of using updated security patches.

IT Security: WannaCry Ransomware Attack

MITS5004 Assignment 2 for IT SECURITY course at Victorian Institute of Technology. The assignment includes two parts. Part A requires researching and preparing a report on a computer security breach incident. Part B requires researching and preparing a report on the 2011 Sony PlayStation Network outage case.

   Added on 2023-01-19

ShareRelated Documents
Running head: IT SECURITY
IT Security
Name of Student
Name of University
Author Note
IT Security: WannaCry Ransomware Attack_1
1
IT SECURITY
Table of Contents
Part A : WannaCry Ransomware Attack.............................................................................2
Answer 1..........................................................................................................................2
1.1. Introduction...........................................................................................................2
1.2. The problem: WannaCry ransomware Attack......................................................2
1.3. Why it occurred?...................................................................................................3
1.4. Possible Solutions.................................................................................................4
Answer 2..........................................................................................................................4
Part B...................................................................................................................................7
1. The Problem.................................................................................................................7
2. Who were affected?.....................................................................................................8
3. How was the attack carried out?..................................................................................8
4. The Solution.................................................................................................................9
References..........................................................................................................................10
IT Security: WannaCry Ransomware Attack_2
2
IT SECURITY
Part A : WannaCry Ransomware Attack
Answer 1
1.1. Introduction
The report aims in analysis a computer data security breach that has occurred during the
period of April-August 2015-2018. The computer security breach that is chosen includes
WannaCry ransomware attack (Mohurle & Patil, 2017). The worldwide attack that targeted the
computers running on an older version of Microsoft windows is termed as WannaCry
ransomware attack (Chen & Bridges, 2017). The report focuses on the problem that led to the
attack. The report will further discuss the measures and the possible solutions that could have
been undertaken in order to address and eliminate the issue.
1.2. The problem: WannaCry ransomware Attack
The WannaCry ransomware attack was wide spread that was targeted on the computers
making use of older verison of Microsoft windows. The attack rapidly spread worldwide by
accessing the infected networks in the year 2017. The attack was quite dangerous as it encrypted
the files on the infected computer in order to restrict the access of the files by the legitimate users
(Kshetri & Voas, 2017). The attacker would then ask for a ransom in form of bitcoin to let the
legitimate users access those files. The attacker would specify a time limit of paying the ransom
after which the files on the computer would be deleted permanently. The waannacry ransomware
attack was noteworthy particularly because it was able to target quite a large number of systems
that were high profile, including Britain’s National Health Service by exploiting vulnerability of
the windows operating system (Collier, 2017). the United States National security Agency was
first to identify the attack.
IT Security: WannaCry Ransomware Attack_3
3
IT SECURITY
Components of WannaCry ransomware: The WannaCry ransomware involves a number of
components. The ransomware arrived in form of a dropper, with a self-contained program in a
computer, whihc is capable of extracting other applications on a particular system (Kalita, 2017).
The components of the WannaCry ransomware attack are as follows-
1. An application that is capable of encrypting as well as decrypting the data on a system
2. A file that contains all the keys for encryption
3. Copy of Tor
The process of infection: The vector of the attack is quite interesting in form of a ransomware.
The Windows operating system vulnerability was exploited by the WannaCry ransomware
attack. If the windows were updated to their latest version, the attack could have been avoided.
The virus targeted only the systems which were nit updated to their latest version.
The attack however, could be stopped within few days of discovery as the security patch
needed for disabling the infection was released two months before the attack (Kao & Hsiao,
2018). The unpatched Windows 10 system were vulnerable to the attack. The cryptogram
WannaCry ransomware mainly targeted the computers that were running on a very old version of
Windows OS
1.3. Why it occurred?
The attack could have been eliminated if all the computers that were attacked were
running on an updated version of the software. The main vulnerability that the WannaCry
ransomware attack had exploited was unpatched windows server (Martin et al., 2018). One of the
most significant problems was that the cryptogram was able to easily spread to the entire
IT Security: WannaCry Ransomware Attack_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Demonstration of a Cyber Security Threat: Ransomware
|19
|815
|500

The WannaCry Ransomware: Concept, Impact, and Response
|13
|774
|175

Potential Threats and Mitigation Tools for Ransomware
|10
|2689
|368

Cyber Security: WannaCry Ransomware Attack Discussion 2022
|10
|1923
|20

Wannacry: A Cyber-Warfare in Modern Times
|11
|2953
|469

WannaCry Ransomware Attack: Impact, Process and Technicalities
|5
|1041
|61