Ransomware Attacks: Analysis & Prevention
VerifiedAdded on 2020/03/04
|13
|2565
|126
AI Summary
This assignment delves into the phenomenon of ransomware attacks, examining their scale, exposed vulnerabilities, and the effectiveness of available updates for protection. It analyzes real-world cases such as the 2017 WannaCry and Petya attacks, highlighting the need for user vigilance and system updates to mitigate risks. The conclusion emphasizes preventative measures over paying ransoms, stressing that proactive security is paramount.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: SYSTEM SECURITY BREACHES
SYSTEM SECURITY BREACHES
Name of the student
Name of the university
Author note
SYSTEM SECURITY BREACHES
Name of the student
Name of the university
Author note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1SYSTEM SECURITY BREACHES
Executive summary:
This report aims to analyze the effects and causes of a cyber attacks occurred in 2017. The report
in Part A elaborates the June 2017 and Part B consist of a May 2017 Cyber-attack. An electronic
survey relative to this case was conducted. The results indicate the various impact, procedures
and solutions for the cyber attacks. This report concludes that the attacks were rather severe. It is
recommended to follow the suggested protective measures against the attacks.
Executive summary:
This report aims to analyze the effects and causes of a cyber attacks occurred in 2017. The report
in Part A elaborates the June 2017 and Part B consist of a May 2017 Cyber-attack. An electronic
survey relative to this case was conducted. The results indicate the various impact, procedures
and solutions for the cyber attacks. This report concludes that the attacks were rather severe. It is
recommended to follow the suggested protective measures against the attacks.
2SYSTEM SECURITY BREACHES
Table of Contents
PART A:..........................................................................................................................................3
INTRODUCTION:......................................................................................................................3
DISCUSSION:.............................................................................................................................3
CONCLUSION:..........................................................................................................................6
PART B:..........................................................................................................................................8
INTRODUCTION:......................................................................................................................8
DISCUSSION:.............................................................................................................................8
CONCLUSION:........................................................................................................................11
References:....................................................................................................................................12
Table of Contents
PART A:..........................................................................................................................................3
INTRODUCTION:......................................................................................................................3
DISCUSSION:.............................................................................................................................3
CONCLUSION:..........................................................................................................................6
PART B:..........................................................................................................................................8
INTRODUCTION:......................................................................................................................8
DISCUSSION:.............................................................................................................................8
CONCLUSION:........................................................................................................................11
References:....................................................................................................................................12
3SYSTEM SECURITY BREACHES
PART A:
INTRODUCTION:
Cyber-attack is an unethical act by the hackers assigned by states, individuals or groups
that targets to destroy or damage the metadata secured in a computer system or in an
infrastructure by means of malicious software, ransomware- a specific type, which claims money
to unblock access to a system. Petya is one such ransomware, encrypting data on Microsoft-
Windows systems.1 This report elaborates the global cyber-attack, in reference to the news
searched on the web, from the newspaper site ‘THE GUARDIAN’,2 caused and provides
possible solutions to the same.
DISCUSSION:
Petya, the ransomware encrypts the system data, blocks the access to the boot record, and
demands a ransom in means of bit-coin, a digital key that reboots access to the system. Either the
victims pay the ransom or afford loosing the valuable information.3 Initially, this malware was
discovered in March 2016. Numerous forms of the malware were seen propagating to systems
based on Microsoft-Windows through infected E-mail attachments. Specific differences were
noted in this malware compared to the others, a later form of it being launched with a secondary
1 Aurangzeb, Sana, et al. "Ransomware: A Survey and Trends." Journal of Information Assurance & Security 6.2
(2017).
2 Olivia Solon and Alex Hern, 'Petya' Ransomware Attack: What Is It And How Can It Be Stopped?' (the Guardian,
2017) <https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-attack-who-what-why-
how> accessed 24 August 2017.
3 Hammill, Ashley. The rise and wrath of ransomware and what it means for society. Diss. Utica College, 2017.
PART A:
INTRODUCTION:
Cyber-attack is an unethical act by the hackers assigned by states, individuals or groups
that targets to destroy or damage the metadata secured in a computer system or in an
infrastructure by means of malicious software, ransomware- a specific type, which claims money
to unblock access to a system. Petya is one such ransomware, encrypting data on Microsoft-
Windows systems.1 This report elaborates the global cyber-attack, in reference to the news
searched on the web, from the newspaper site ‘THE GUARDIAN’,2 caused and provides
possible solutions to the same.
DISCUSSION:
Petya, the ransomware encrypts the system data, blocks the access to the boot record, and
demands a ransom in means of bit-coin, a digital key that reboots access to the system. Either the
victims pay the ransom or afford loosing the valuable information.3 Initially, this malware was
discovered in March 2016. Numerous forms of the malware were seen propagating to systems
based on Microsoft-Windows through infected E-mail attachments. Specific differences were
noted in this malware compared to the others, a later form of it being launched with a secondary
1 Aurangzeb, Sana, et al. "Ransomware: A Survey and Trends." Journal of Information Assurance & Security 6.2
(2017).
2 Olivia Solon and Alex Hern, 'Petya' Ransomware Attack: What Is It And How Can It Be Stopped?' (the Guardian,
2017) <https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-attack-who-what-why-
how> accessed 24 August 2017.
3 Hammill, Ashley. The rise and wrath of ransomware and what it means for society. Diss. Utica College, 2017.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4SYSTEM SECURITY BREACHES
attachment affecting administrative booting. A recent global Cyber-attack using a variant of
Petya originated on 27 June 2017, targeting Ukraine and Russia mainly. Kaspersky lab reported
traces of infections in other affected regions including France, Germany, Italy, Poland and the
United Kingdom and United States. Although, this malware affected internal networks,
researchers from US pharmaceutical organization Merck, shipping company from Danish and
Rosnoft - a Russian oil company, discovered it to be a masked cyber offense against Ukraine.4
Almost, more than 80 companies were targeted for damage including the national bank of
Ukraine as well as distorted all the utilities in power offices, air-ports and public transport
medium.5
This scary ransomware has a mode of operation that is field of discussion. Petya uses the
actual computed information from within the transmitted data that holds enough potential to
infect the master booting system known as the Master Boot Record (MBR), ornately writing the
windows boot-loader and then triggers a restart in the system. The next time one reboots the
system, the formatted data executes itself. This encrypts the main file holder system and
following that the ransom-demanding message is displayed in a pop-up, the payment mode being
in bit-coin as mentioned previously, amounting to $300. During this processing, the windows file
scanner system generates a text on-screen indicating the ongoing repair of the different hard-
4 Edwards, Benjamin, et al. "Strategic aspects of cyberattack, attribution, and blame." Proceedings of the National
Academy of Sciences (2017): 201700442.
5 Gordon, William J., Adam Fairhall, and Adam Landman. "Threats to Information Security—Public Health
Implications." New England Journal of Medicine (2017).
attachment affecting administrative booting. A recent global Cyber-attack using a variant of
Petya originated on 27 June 2017, targeting Ukraine and Russia mainly. Kaspersky lab reported
traces of infections in other affected regions including France, Germany, Italy, Poland and the
United Kingdom and United States. Although, this malware affected internal networks,
researchers from US pharmaceutical organization Merck, shipping company from Danish and
Rosnoft - a Russian oil company, discovered it to be a masked cyber offense against Ukraine.4
Almost, more than 80 companies were targeted for damage including the national bank of
Ukraine as well as distorted all the utilities in power offices, air-ports and public transport
medium.5
This scary ransomware has a mode of operation that is field of discussion. Petya uses the
actual computed information from within the transmitted data that holds enough potential to
infect the master booting system known as the Master Boot Record (MBR), ornately writing the
windows boot-loader and then triggers a restart in the system. The next time one reboots the
system, the formatted data executes itself. This encrypts the main file holder system and
following that the ransom-demanding message is displayed in a pop-up, the payment mode being
in bit-coin as mentioned previously, amounting to $300. During this processing, the windows file
scanner system generates a text on-screen indicating the ongoing repair of the different hard-
4 Edwards, Benjamin, et al. "Strategic aspects of cyberattack, attribution, and blame." Proceedings of the National
Academy of Sciences (2017): 201700442.
5 Gordon, William J., Adam Fairhall, and Adam Landman. "Threats to Information Security—Public Health
Implications." New England Journal of Medicine (2017).
5SYSTEM SECURITY BREACHES
drive system.6 The original computation required the system-victim to grant administrative
advantages. In this context, another variant of the malware, Mischa was attached with data or the
initial text, in a situation Petya was unable to install in earlier versions with an attached PDF file.
The ‘not- Petya’ version used for the 2017 cyber attack, is a rapid spread across
organizations following one affected system.7 This ransomware yet again found a medium
specifically the Eternal-Blue, which is a collection of data in sequence in form of syntaxes that in
an offensive way takes advantage of a vulnerability of a software, in this case, Microsoft-
Windows and generates control over one’s system or through the availability of administrative
tools. This malware is capable of using various techniques to spread across systems obtaining
passwords and using passwords linked with PSExec for code run on other LAN connections.
This ransomware cannot omit its changes. Researchers announced this was not launched with the
intention to generate profit, rather, focused on the widespread of the same to cause rapid
damages and the media-attention.
As mitigation, researchers and analysts took several measures across the globe claiming
the discovery of ways to possibly, stop the process of encryption.8 Kaspersky lap for an instance,
6 Guo, Ziyang, et al. "Optimal linear cyber-attack on remote state estimation." IEEE Transactions on Control of
Network Systems 4.1 (2017): 4-13.
7 Naved, Hamid. "CYBER ATTACKS, ESPIONAGE AND INTRUSIONS: THE LAW GOVERNING THE NEW
GLOBAL FRONTLINES."
8 Richardson, Ronny, and Max North. "Ransomware: Evolution, Mitigation and Prevention." International
Management Review 13.1 (2017): 10.
drive system.6 The original computation required the system-victim to grant administrative
advantages. In this context, another variant of the malware, Mischa was attached with data or the
initial text, in a situation Petya was unable to install in earlier versions with an attached PDF file.
The ‘not- Petya’ version used for the 2017 cyber attack, is a rapid spread across
organizations following one affected system.7 This ransomware yet again found a medium
specifically the Eternal-Blue, which is a collection of data in sequence in form of syntaxes that in
an offensive way takes advantage of a vulnerability of a software, in this case, Microsoft-
Windows and generates control over one’s system or through the availability of administrative
tools. This malware is capable of using various techniques to spread across systems obtaining
passwords and using passwords linked with PSExec for code run on other LAN connections.
This ransomware cannot omit its changes. Researchers announced this was not launched with the
intention to generate profit, rather, focused on the widespread of the same to cause rapid
damages and the media-attention.
As mitigation, researchers and analysts took several measures across the globe claiming
the discovery of ways to possibly, stop the process of encryption.8 Kaspersky lap for an instance,
6 Guo, Ziyang, et al. "Optimal linear cyber-attack on remote state estimation." IEEE Transactions on Control of
Network Systems 4.1 (2017): 4-13.
7 Naved, Hamid. "CYBER ATTACKS, ESPIONAGE AND INTRUSIONS: THE LAW GOVERNING THE NEW
GLOBAL FRONTLINES."
8 Richardson, Ronny, and Max North. "Ransomware: Evolution, Mitigation and Prevention." International
Management Review 13.1 (2017): 10.
6SYSTEM SECURITY BREACHES
offered help suggesting that the lab’s security software was now developed to detect and limit
the malware. Various Anti-Virus companies claim their software can provide protection against
this malware infection, especially, Symantec products with the updated version 20170627.009.
Installation of March’s Critical Patch provides a defensive action against the vulnerable
Windows feature and promises to offer guard towards future attacks with variant tools.9
Another innovation regarding the solution for this attack was helpful in either ways. The
process firstly asks the immediate shut down of the system as soon as the appearance of the
‘chkdsk’ pop-up and a proposed analyst creating read-only files bearing the label ‘perfc’ or
‘perfc.dat’ in the Windows file system can prevent the effect of the formatted data by limiting
the execution. The provider, Posteo, suspended the E-mail address already on the Ransom
windows therefore restricting the infected the users to make the payment.
CONCLUSION:
Based on the various analyses, provided by researchers from diverse backgrounds it is
concluded that it definitely not a moneymaking source rather, it is designed for the widespread
effect across countries and systems encrypting important component files of a system. The
ransomware infects the major file system of a computer and remains stagnant for an hour, it is
advisable, while the rebooting takes place, to switch it off to prevent the files from getting
encrypted. The person behind the attack disguised the malware as a ransomware with a pure
intention of being destructive especially, to Ukraine government.
9 Shackelford, Scott. "Exploring the ‘Shared Responsibility’of Cyber Peace: Should Cybersecurity Be a Human
Right?." (2017).
offered help suggesting that the lab’s security software was now developed to detect and limit
the malware. Various Anti-Virus companies claim their software can provide protection against
this malware infection, especially, Symantec products with the updated version 20170627.009.
Installation of March’s Critical Patch provides a defensive action against the vulnerable
Windows feature and promises to offer guard towards future attacks with variant tools.9
Another innovation regarding the solution for this attack was helpful in either ways. The
process firstly asks the immediate shut down of the system as soon as the appearance of the
‘chkdsk’ pop-up and a proposed analyst creating read-only files bearing the label ‘perfc’ or
‘perfc.dat’ in the Windows file system can prevent the effect of the formatted data by limiting
the execution. The provider, Posteo, suspended the E-mail address already on the Ransom
windows therefore restricting the infected the users to make the payment.
CONCLUSION:
Based on the various analyses, provided by researchers from diverse backgrounds it is
concluded that it definitely not a moneymaking source rather, it is designed for the widespread
effect across countries and systems encrypting important component files of a system. The
ransomware infects the major file system of a computer and remains stagnant for an hour, it is
advisable, while the rebooting takes place, to switch it off to prevent the files from getting
encrypted. The person behind the attack disguised the malware as a ransomware with a pure
intention of being destructive especially, to Ukraine government.
9 Shackelford, Scott. "Exploring the ‘Shared Responsibility’of Cyber Peace: Should Cybersecurity Be a Human
Right?." (2017).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7SYSTEM SECURITY BREACHES
PART B:
INTRODUCTION:
The first half of this year witnessed unusual amounts of cyber security breaches. One
such chaotic ransomware release was the WannaCry Crypto-worm, targeting the systems based
on Microsoft Windows Operation.10 This report provides an insight to the attack, its relevant
details and possible mitigations discovered.
DISCUSSION:
This ransomware crucially encrypted files and demanded money in crypto-currency
format, the use of bit-coins involved. Crypto-currency is a digital set-up involving payments in
form of bit-coins, which is the used currency. The attack initiated on a Friday, 12 May 2017, this
initial outbreak continued from 12 May to 15 May 2017.11 Within the commencement of 24
hours, a report showing the results, generated only to highlight, 230,000 computers infected over
150 countries. This ransomware in particular used the flaw of Microsoft, which was long
discovered by National Security Agency (NSA), was used for its offensive activities and was
leaked by hackers to widely spread the malware to block access to files. The malware disguises
as software, informing the user that the files have been encrypted with a warning of their deletion
if the required payment is not made. Advance information about the procedures to buy the
10 Shoukry, Yasser, et al. "Secure state estimation for cyber physical systems under sensor attacks: a satisfiability
modulo theory approach." IEEE Transactions on Automatic Control (2017).
11 Martin, Guy, James Kinross, and Chris Hankin. "Effective cybersecurity is fundamental to patient safety." (2017):
j2375.
PART B:
INTRODUCTION:
The first half of this year witnessed unusual amounts of cyber security breaches. One
such chaotic ransomware release was the WannaCry Crypto-worm, targeting the systems based
on Microsoft Windows Operation.10 This report provides an insight to the attack, its relevant
details and possible mitigations discovered.
DISCUSSION:
This ransomware crucially encrypted files and demanded money in crypto-currency
format, the use of bit-coins involved. Crypto-currency is a digital set-up involving payments in
form of bit-coins, which is the used currency. The attack initiated on a Friday, 12 May 2017, this
initial outbreak continued from 12 May to 15 May 2017.11 Within the commencement of 24
hours, a report showing the results, generated only to highlight, 230,000 computers infected over
150 countries. This ransomware in particular used the flaw of Microsoft, which was long
discovered by National Security Agency (NSA), was used for its offensive activities and was
leaked by hackers to widely spread the malware to block access to files. The malware disguises
as software, informing the user that the files have been encrypted with a warning of their deletion
if the required payment is not made. Advance information about the procedures to buy the
10 Shoukry, Yasser, et al. "Secure state estimation for cyber physical systems under sensor attacks: a satisfiability
modulo theory approach." IEEE Transactions on Automatic Control (2017).
11 Martin, Guy, James Kinross, and Chris Hankin. "Effective cybersecurity is fundamental to patient safety." (2017):
j2375.
8SYSTEM SECURITY BREACHES
software and henceforth, the destination to send the ransom to is provided. Analysts refer to this
as a ‘worm’ as it has a transport phenomenon or mechanism to gradually spread and infect a
system automatically. This code of access scans the data system with characteristic vulnerability
particularly as mentioned previously, Eternal-Blue to gain control on the file system. On 19 May
2017, it was informed that the hackers made an attempt an attack using a variant of this
ransomware, Mirai for a distributed attack.
Europol estimated due to the campaign of this ransomware around 200,000 computer
systems over 150 countries approximately were infected.12 Kaspersky lab investigated about the
four most affected countries- Russia, Ukraine, India and Taiwan. An adverse effect on the
National Hospital Services (NHS) was witnessed, in England and Scotland. Various public
utilities amounting to 70,000 devices inclusive of computers, MRI-scanners, blood storage
refrigerators and possible range of theatrical equipments.13 Many non-crucial emergencies were
turned-off, ambulances connected to NHS services were reverted even of Wales and Ireland.
Production procedures took a pause in the Nissan Motor Manufacturing UK in Tyne &Wear,
England after their system-infections. Another on the list was Renault to halt its production in
various sites to avoid the spreading of the ransomware.14 Organization using not-update of
Microsoft operating system were adversely affected, especially, the ones with the older version
of XP, since no security patches were released since April 2014 in relevance. Cyber risk
12 O’Dowd, Adrian. "NHS patient data security is to be tightened after cyberattack." (2017): j3412.
13 Collier, Roger. "NHS ransomware attack spreads worldwide." (2017): E786-E787.
14 Mattei, Tobias A. "Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent
WannaCry Cyberattack." World Neurosurgery 104 (2017): 972-974.
software and henceforth, the destination to send the ransom to is provided. Analysts refer to this
as a ‘worm’ as it has a transport phenomenon or mechanism to gradually spread and infect a
system automatically. This code of access scans the data system with characteristic vulnerability
particularly as mentioned previously, Eternal-Blue to gain control on the file system. On 19 May
2017, it was informed that the hackers made an attempt an attack using a variant of this
ransomware, Mirai for a distributed attack.
Europol estimated due to the campaign of this ransomware around 200,000 computer
systems over 150 countries approximately were infected.12 Kaspersky lab investigated about the
four most affected countries- Russia, Ukraine, India and Taiwan. An adverse effect on the
National Hospital Services (NHS) was witnessed, in England and Scotland. Various public
utilities amounting to 70,000 devices inclusive of computers, MRI-scanners, blood storage
refrigerators and possible range of theatrical equipments.13 Many non-crucial emergencies were
turned-off, ambulances connected to NHS services were reverted even of Wales and Ireland.
Production procedures took a pause in the Nissan Motor Manufacturing UK in Tyne &Wear,
England after their system-infections. Another on the list was Renault to halt its production in
various sites to avoid the spreading of the ransomware.14 Organization using not-update of
Microsoft operating system were adversely affected, especially, the ones with the older version
of XP, since no security patches were released since April 2014 in relevance. Cyber risk
12 O’Dowd, Adrian. "NHS patient data security is to be tightened after cyberattack." (2017): j3412.
13 Collier, Roger. "NHS ransomware attack spreads worldwide." (2017): E786-E787.
14 Mattei, Tobias A. "Privacy, Confidentiality, and Security of Health Care Information: Lessons from the Recent
WannaCry Cyberattack." World Neurosurgery 104 (2017): 972-974.
9SYSTEM SECURITY BREACHES
configured by Cyence charted an economic loss of 44 billion while others estimated it to be
hundreds of millions. A sum of $130,634.77 involving around 327 payments was recorded
regarding the ransom.
WannaCry evidently initiated its attack in Asia. Gaining access to systems through SMB,
it rapidly spread in multiple networks. On execution the malware first scans the ‘killSwitch’
domain, the absence of the same helped the software to encrypt file system. The ransom
demanded was $300 bit-coins within three days or a lump sum of $600 in seven days. Destined
web addresses were provided where the money was to be sent, ‘wallets’, by the victims.15 The
virus execution process can be precisely fragmented into three parts- firstly, the payload
(mssecsvc.exe): this is the spread file, encrypting the main file system and executes malicious
behavior. Secondly, the ransom program (taskche.exe): the program itself containing an
encrypted public key, the decrypted version being retained by the attacker, which encrypts both
the sub-private and public key and saves it. The AES key encrypts the file contents to be saved
as M2, which is further encrypted with the sub-public key and saved as M1. This merged version
has an added header ‘WANNACRY’. Lastly, the ransom program-(@WannaDecryptor@.exe):
this platform demands for the money in bit-coins with the addresses16.
A tech security researcher, Marcus Hutchins from England, successfully developed a
vaccine to this known as ‘Kill-Switch’, a registered domain, effectively reduced the spread of the
15 Gandhi Krunal, A. "Year of Publication: 2017."
16 Mohurle, Savita, and Manisha Patil. "A brief study of Wannacry Threat: Ransomware Attack 2017." International
Journal 8.5 (2017).
configured by Cyence charted an economic loss of 44 billion while others estimated it to be
hundreds of millions. A sum of $130,634.77 involving around 327 payments was recorded
regarding the ransom.
WannaCry evidently initiated its attack in Asia. Gaining access to systems through SMB,
it rapidly spread in multiple networks. On execution the malware first scans the ‘killSwitch’
domain, the absence of the same helped the software to encrypt file system. The ransom
demanded was $300 bit-coins within three days or a lump sum of $600 in seven days. Destined
web addresses were provided where the money was to be sent, ‘wallets’, by the victims.15 The
virus execution process can be precisely fragmented into three parts- firstly, the payload
(mssecsvc.exe): this is the spread file, encrypting the main file system and executes malicious
behavior. Secondly, the ransom program (taskche.exe): the program itself containing an
encrypted public key, the decrypted version being retained by the attacker, which encrypts both
the sub-private and public key and saves it. The AES key encrypts the file contents to be saved
as M2, which is further encrypted with the sub-public key and saved as M1. This merged version
has an added header ‘WANNACRY’. Lastly, the ransom program-(@WannaDecryptor@.exe):
this platform demands for the money in bit-coins with the addresses16.
A tech security researcher, Marcus Hutchins from England, successfully developed a
vaccine to this known as ‘Kill-Switch’, a registered domain, effectively reduced the spread of the
15 Gandhi Krunal, A. "Year of Publication: 2017."
16 Mohurle, Savita, and Manisha Patil. "A brief study of Wannacry Threat: Ransomware Attack 2017." International
Journal 8.5 (2017).
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10SYSTEM SECURITY BREACHES
infection pausing the breakout. This shuts down the software. This was included in the code of
the ransomware to prevent its propagation in quarantined systems. However, not a help for the
already-infected ones, it helped severely in limiting its spread especially in North America and
Asia. Within four days, several security experts claimed to stop the spread with newly designed
updates, among which universities of London and Boston reported, their pay-break system has
the potential to stop the infection. Each encrypted file uses AES key, to decrypt the RSA sub-
private key was required.17 The discovery of the tool, WannaKey potentially retrieves the
required key especially in the Windows XP domain. Another approach was ‘WannaKiwi’ for
Windows 7 and 2008 R2.
CONCLUSION:
On analysis, it is certain to conclude that the scale of attacks and the exposed
vulnerabilities ranged to the enforcement of new updates available for Windows. For self-
protection, it is advisable to avoid any suspicious sites and to keep the system in use updated.
Lastly, strict restriction on paying the ransom and encourage the hackers. Prevention is certainly
prior to the offered antidote.
17 Knobel, Andres. "Technology and online beneficial ownership registries: easier to create companies and better at
preventing financial crimes." (2017).
infection pausing the breakout. This shuts down the software. This was included in the code of
the ransomware to prevent its propagation in quarantined systems. However, not a help for the
already-infected ones, it helped severely in limiting its spread especially in North America and
Asia. Within four days, several security experts claimed to stop the spread with newly designed
updates, among which universities of London and Boston reported, their pay-break system has
the potential to stop the infection. Each encrypted file uses AES key, to decrypt the RSA sub-
private key was required.17 The discovery of the tool, WannaKey potentially retrieves the
required key especially in the Windows XP domain. Another approach was ‘WannaKiwi’ for
Windows 7 and 2008 R2.
CONCLUSION:
On analysis, it is certain to conclude that the scale of attacks and the exposed
vulnerabilities ranged to the enforcement of new updates available for Windows. For self-
protection, it is advisable to avoid any suspicious sites and to keep the system in use updated.
Lastly, strict restriction on paying the ransom and encourage the hackers. Prevention is certainly
prior to the offered antidote.
17 Knobel, Andres. "Technology and online beneficial ownership registries: easier to create companies and better at
preventing financial crimes." (2017).
11SYSTEM SECURITY BREACHES
References:
Aurangzeb, Sana, et al. "Ransomware: A Survey and Trends." Journal of Information Assurance
& Security 6.2 (2017).
Collier, Roger. "NHS ransomware attack spreads worldwide." (2017): E786-E787.
Edwards, Benjamin, et al. "Strategic aspects of cyberattack, attribution, and blame." Proceedings
of the National Academy of Sciences (2017): 201700442.
Gandhi Krunal, A. "Year of Publication: 2017."
Gordon, William J., Adam Fairhall, and Adam Landman. "Threats to Information Security—
Public Health Implications." New England Journal of Medicine (2017).
Guo, Ziyang, et al. "Optimal linear cyber-attack on remote state estimation." IEEE Transactions
on Control of Network Systems 4.1 (2017): 4-13.
Hammill, Ashley. The rise and wrath of ransomware and what it means for society. Diss. Utica
College, 2017.
Knobel, Andres. "Technology and online beneficial ownership registries: easier to create
companies and better at preventing financial crimes." (2017).
Martin, Guy, James Kinross, and Chris Hankin. "Effective cybersecurity is fundamental to
patient safety." (2017): j2375.
Mattei, Tobias A. "Privacy, Confidentiality, and Security of Health Care Information: Lessons
from the Recent WannaCry Cyberattack." World Neurosurgery 104 (2017): 972-974.
References:
Aurangzeb, Sana, et al. "Ransomware: A Survey and Trends." Journal of Information Assurance
& Security 6.2 (2017).
Collier, Roger. "NHS ransomware attack spreads worldwide." (2017): E786-E787.
Edwards, Benjamin, et al. "Strategic aspects of cyberattack, attribution, and blame." Proceedings
of the National Academy of Sciences (2017): 201700442.
Gandhi Krunal, A. "Year of Publication: 2017."
Gordon, William J., Adam Fairhall, and Adam Landman. "Threats to Information Security—
Public Health Implications." New England Journal of Medicine (2017).
Guo, Ziyang, et al. "Optimal linear cyber-attack on remote state estimation." IEEE Transactions
on Control of Network Systems 4.1 (2017): 4-13.
Hammill, Ashley. The rise and wrath of ransomware and what it means for society. Diss. Utica
College, 2017.
Knobel, Andres. "Technology and online beneficial ownership registries: easier to create
companies and better at preventing financial crimes." (2017).
Martin, Guy, James Kinross, and Chris Hankin. "Effective cybersecurity is fundamental to
patient safety." (2017): j2375.
Mattei, Tobias A. "Privacy, Confidentiality, and Security of Health Care Information: Lessons
from the Recent WannaCry Cyberattack." World Neurosurgery 104 (2017): 972-974.
12SYSTEM SECURITY BREACHES
Mohurle, Savita, and Manisha Patil. "A brief study of Wannacry Threat: Ransomware Attack
2017." International Journal 8.5 (2017).
Naved, Hamid. "CYBER ATTACKS, ESPIONAGE AND INTRUSIONS: THE LAW
GOVERNING THE NEW GLOBAL FRONTLINES."
O’Dowd, Adrian. "NHS patient data security is to be tightened after cyberattack." (2017): j3412.
Richardson, Ronny, and Max North. "Ransomware: Evolution, Mitigation and
Prevention." International Management Review 13.1 (2017): 10.
Shackelford, Scott. "Exploring the ‘Shared Responsibility’of Cyber Peace: Should Cybersecurity
Be a Human Right?." (2017).
Shoukry, Yasser, et al. "Secure state estimation for cyber physical systems under sensor attacks:
a satisfiability modulo theory approach." IEEE Transactions on Automatic Control (2017).
Solon O and Hern A, 'Petya' Ransomware Attack: What Is It And How Can It Be Stopped?' (the
Guardian, 2017) <https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-
cyber-attack-who-what-why-how> accessed 24 August 2017
Mohurle, Savita, and Manisha Patil. "A brief study of Wannacry Threat: Ransomware Attack
2017." International Journal 8.5 (2017).
Naved, Hamid. "CYBER ATTACKS, ESPIONAGE AND INTRUSIONS: THE LAW
GOVERNING THE NEW GLOBAL FRONTLINES."
O’Dowd, Adrian. "NHS patient data security is to be tightened after cyberattack." (2017): j3412.
Richardson, Ronny, and Max North. "Ransomware: Evolution, Mitigation and
Prevention." International Management Review 13.1 (2017): 10.
Shackelford, Scott. "Exploring the ‘Shared Responsibility’of Cyber Peace: Should Cybersecurity
Be a Human Right?." (2017).
Shoukry, Yasser, et al. "Secure state estimation for cyber physical systems under sensor attacks:
a satisfiability modulo theory approach." IEEE Transactions on Automatic Control (2017).
Solon O and Hern A, 'Petya' Ransomware Attack: What Is It And How Can It Be Stopped?' (the
Guardian, 2017) <https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-
cyber-attack-who-what-why-how> accessed 24 August 2017
1 out of 13
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.