Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Ransomware and Data Security: How Safe is Our Data?

Verified

Added on 2023/06/03

AI Summary

This article discusses the safety and privacy of our data in the modern world of technology, with a focus on ransomware attacks. It provides measures to prevent ransomware attacks and ensure data security. The article also highlights major ransomware attacks and their impact on data integrity.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SYSTEM
Information System
Student Name:
University Name:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1INFORMATION SYSTEM
With so much discussion about ransomware in the media in recent
times discuss how safe is our data?
Ransomware is a modern form of malicious software denoted as malware
which takes control over the computer of a user and threatens to harm the
system. The malware is invoked into system of the user such that the user is
denied access to their data. A ransom is demanded by the attacker from the
victim so that they are able to gain access to their data or personal
information stored in their computer (Kruse et al. 2017). The users are
provided instructions on their computer screen so that they can pay the fee
for getting the decryption key to access their data. The cost or fee for the
decryption key ranges from few hundred to thousand dollars which has to be
paid by the victim in Bitcoin.
In this modern world of technology, there is abrupt changes in innovation
and rise of emerging technologies however the safety and privacy of our
data still remains a major concern. The data breach or criminal invasion is an
unfortunate consequence of utilizing technology in the modern world. The
information or data plays a significant role in our daily life as well as
improving our living standards (Thomas and Galligher 2018). Our personal
information is being used by most of the major technologies or applications
to provide us with better services and functionalities. The information related
to finance, healthcare and other services are being analyzed by experts so
that they can develop predictions and models to improve our lifestyle based

2INFORMATION SYSTEM
on decisions. Various information are being stored in data banks which is
protected using some security application or technology however it may be
vulnerable to attacks or data breach due to error by human or attack by
intruders. With the recent growth of technology application, there is also
rising incidents of hacking and data breaches.
One such incident of data breach is of Equifax which resulted into exposure
of ten millions people financial information which can be misused as it
included social security number, driver license and other valuable
information (Green 2017). The data being held by the financial reporting
agencies are significant and it is not the only information that can be stolen
and misused. Our personal information is also stored by various applications
that can be stolen or misused and even the healthcare sector is not safe
from data breaches. The data breaches related to healthcare sector requires
immediate response as the attackers may obtain vital information such as
Credit card numbers, Social security and billing data along with other
personally identifiable information. The services and technology providers
have to have to ensure that the information of the customers are secured
through secure firewalls, data encryption and monitoring on a constant basis
(Scaife et al. 2016). There are various factors due to which data breaches
may occur from which failures related to deployment is one of the major
cause behind theft or misuse of personal information. The people should
have trust and rely on various enterprises or databases that store personal

3INFORMATION SYSTEM
information. The data should be kept secure and confidential with the help of
proper encryption techniques or security mechanisms.
Now a days, the data breach has taken a new form in which the data or
information in user computer is being encrypted through a malware that is
ransomware. This malware restricts the user from accessing their data and
the attacker demands for some fee or payment for the decryption key. The
attacker can easily access and misuse personal information by gaining
access to a victim’s computer. It is becoming a major concern in the present
day due to widespread of data online (Yaqoob et al. 2017). There are various
ways in which the attacker can invoke the ransomware in a victim’s
computer. One of the common process is phishing spam that come as
attachments to the victims through email as a file. Once the file is
downloaded an opened by the victim, the attacker could easily gain control
over computer of the victim. The malware can easily infect the victim’s
computer if it is embedded with built-in social engineering tools which are
capable of tricking the users so that they allow administrative privileges
(Everett 2016). Other forms of ransomware are also there such as NotPetya
that looks for security loopholes and exploits the victim’s computer without
the need to trick the user.
There are various ways the victim’s computer can be used once the
malware infects the system. However, the most common type of threat is
that some or all files in the user computer gets encrypted. The user is not

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4INFORMATION SYSTEM
able to access data in their computer and it can be decrypted only with the
help of a mathematical key possessed by the attacker. A message is
displayed on the user screen that explains to the users that the files in their
computer are no longer accessible and it can be decrypted only after
payment to the attacker in the form of Bitcoin.
In some instances, the attackers may represent themselves as a law
enforcement agency that is shutting down the victim’s computer due to
presence of pirated software or illegal content. The payment is being
demanded by the attacker as a fine which ensures that there is less
likelihood of reporting to the authorities by the victims (Gordon, Fairhall and
Landman 2017). A variation also exists in this type of malware which is
called leakware or doxware where the publicizing of the sensitive data on the
hard drive of victim’s computer is threatened by the attacker. The attacker
threatens that the data will be publicized unless a ransom is being paid by
the victim. The encryption ransomware is the most common form of malware
as finding and extracting such sensitive data from the victim’s computer is a
tricky scheme for attackers.
There are various ways in which the attackers choose their target for
infecting with ransomware. In some instance, the attacker targets
universities as there is smaller security teams but huge user base that
access the networks for file sharing. The accessing of the network by huge
number of users without proper security maintenance makes the system

5INFORMATION SYSTEM
vulnerable and the attacker is able to easily penetrate their defense (Cohen,
Hoffman and Adashi 2017). Further, some organizations are also being
targeted as they are more likely to pay the ransom quickly. For example,
government or healthcare agencies needs immediate access to their data
and law firms or other relate agencies also fear compromise of sensitive
data. The ransomware is also widely spreading across the internet and it
may affect any individual accessing files in the web.
There are various ways in which ransomware infection can be prevented to
ensure safety and privacy of our data (Continella et al. 2016). Some of the
measures that can be taken to ensure prevention of ransomware attack are
presented as below:
 The operation system should be kept updated and patched so that
there is less chance of vulnerability that can be exploited.
 Unknown software should not be installed or given administrative
privileges (Bhattacharya and Kumar 2017).
 Antivirus software should be installed for detecting malicious or
unwanted programs so that unauthorized applications can be
executed.
 Backup of files should be taken frequently and automatically to
ensure that valuable information can be retrieved in case of any
malware attack.

6INFORMATION SYSTEM
The fact of ransomware attacks is not unknown and despite of many
research and efforts, the law enforcement agencies are still not capable of
tracking the source of attacks. The payments are being made in the form of
bitcoins so there is no trail of such attacks that can be identified from
transactions. The law enforcement agencies strongly oppose the payment of
ransomware as it only encourages the attackers and provides funding so that
they are able to develop more ransomware (Yao 2018). The organizations
being affected by the ransomware does not consider the long term impact
and starts with a cost benefit analysis to measure the ransom value against
the encrypted data. They find that their data is much valuable and the
ransom is not of significant amount as the value of their data.
According to a research by Pope (2016), it has been found that 66% of
companies verbally show that they prefer not to pay the ransom but the
actual fact is that around 65% companies actually pay ransom when they
face such attack. The attackers keep the ransom amount low within a limit of
$700 to $1300 that can be easily paid by the companies. Some malware are
such sophisticated such that it is able to detect the location of the victim’s
computer and adjust the ransom so that it can match with economy of the
located country. The attacker demands the ransom as rich countries will be
able to pay more than the poor countries. In some situations, discounts are
also being offered depending upon the response time so that the victims are
encouraged to pay more quickly than expected. The price point of the
ransom is set considering that it is sufficient for the criminal but it is low to

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7INFORMATION SYSTEM
the victim as compared to restoring or reconstructing their lost data so that
they can easily make the payment. In the recent days, some companies are
building the potential in their security plans so that they can easily pay the
ransom (Maurya et al. 2018). For example, some large companies in the UK
are not involved with cryptocurrency but holds some reserved bitcoins
specially for making payments for ransom. There are also many tricks played
by the attackers to get ransom as some malware maybe scareware that does
not encrypts all data of the victim and only threatens them with a message
of such attack. There is also a major concern that every time it is not
guaranteed to get the data decrypted as the attacker may run away with the
money. Some of the ransomware existed since 1990’s and throughout the
past years, there has been significant evolution in the malwares (Huang et
al. 2018). The major and worst malwares that are existing and impacting the
data integrity are presented as below:
CryptoLocker: This malware is attacked first in the year 2013 that infected
almost 500,000 machines.
TeslaCrypt: This malware targets the gaming files and it has been
constantly improving since the first attack (Butler 2017).
SimpleLocker: It is the first ransomware attack that widespread focusing on
mobile devices.

8INFORMATION SYSTEM
WannaCry: It was being developed by NSA and then the attackers stole it
which then expanded autonomously from computer to computer through
EternalBlue.
NotPetya: It is also called as EternalBlue that is a part of cyberattack being
directed by Russia against Ukraine.
Locky: It began to spread in 2016 and it was similar to the mode of attack
that occurred in Dridex, a banking software.
Data security is one of the essential concern in this modern age of
information and communication technology. Presently, the data of
individuals are being widespread in the internet as those are gathered by
many applications or services over the internet (Conti, Dargahi and
Dehghantanha 2018). The security of our data is a major issue that is
bothering both the individuals as well as organizations as they feat the loss
or compromise of their valuable information. It has been found from many
researches that security of confidentiality of data is ensured but there are no
proper security measures to protect the data. The rise of social media and
cloud computing is significantly contributing to the exposure of valuable
information or personal data as those are stored in clouds that can be
accessed by an attacker to get hold of huge customer information. There are
various ways in which data security can be ensured from the perspective of
end user as mentioned below:

9INFORMATION SYSTEM
 Updating and patching the operation system on a regular basis so
that there is less chance of vulnerability that can be exploited.
 The users should not install or give administrative privileges to
software or applications that are unknown to them (Keogh, Gordon
and Marinovic 2018).
 Proper antivirus software or program should be installed so that
malicious or unwanted programs can be detected to stop execution
of unauthorized applications.
 Backup should be taken for valuable or sensitive data frequently and
automatically to ensure that valuable information can be retrieved in
case of any malware attack.
 The users must make use of strong password encryption
mechanisms so that their credentials could not be easily accessed by
the attacker.
One of the most common measure to ensure data security is robust backup
such that only the valuable or sensitive information could be recovered in
case of emergency or external attack (Stephen 2017). The protection of data
from unauthorized access is one of the major consideration that should be
taken care of for securing the data from externa attacks or ransomware. The
most effective way to mitigate the threats being faced in this modern world
due to the advancements in technology as well as malwares affecting data

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10INFORMATION SYSTEM
security is adoption of suitable cybersecurity methods. The data breach or
encryption does not only causes financial impact but it also results into loss
of services that are being offered to the customers. From the overall
analysis, it can said that our data is not safe although the cloud service
providers or other organizations guarantee data security and confidentiality
(Martin et al. 2017). The attacks occurring using ransomware or other
malwares are not easy to prevent however there is a need to take
precautionary measures by individuals as well as organizations to ensure the
safety and security of valuable data.

11INFORMATION SYSTEM
References
Bhattacharya, S. and Kumar, C.R.S., 2017, February. Ransomware: The
CryptoVirus subverting cloud security. In Algorithms, Methodology, Models
and Applications in Emerging Technologies (ICAMMAET), 2017 International
Conference on (pp. 1-6). IEEE.
Butler, J., 2017. Finding an Unlikely Combatant in the War against
Ransomware: Opportunites for Providers to Utilize off-Site Data Backup
within the HIPAA Omnibus and HITECH Amendments. . Louis UJ Health L. &
Pol'y, 11, p.317.
Cohen, I.G., Hoffman, S. and Adashi, E.Y., 2017. Your Money or Your Patient's
Life? Ransomware and Electronic Health Records. Annals of internal
medicine, 167(8), pp.587-588.
Conti, M., Dargahi, T. and Dehghantanha, A., 2018. Cyber Threat Intelligence:
Challenges and Opportunities. Cyber Threat Intelligence, pp.1-6.
Continella, A., Guagnelli, A., Zingaro, G., De Pasquale, G., Barenghi, A.,
Zanero, S. and Maggi, F., 2016, December. ShieldFS: a self-healing,
ransomware-aware filesystem. In Proceedings of the 32nd Annual
Conference on Computer Security Applications (pp. 336-347). ACM.
Everett, C., 2016. Ransomware: to pay or not to pay?. Computer Fraud &
Security, 2016(4), pp.8-12.

12INFORMATION SYSTEM
Gordon, W.J., Fairhall, A. and Landman, A., 2017. Threats to Information
Security—Public Health Implications. New England Journal of
Medicine, 377(8), pp.707-709.
Green, A., 2017. Ransomware and the GDPR. Network Security, 2017(3),
pp.18-19.
Huang, D.Y., Aliapoulios, M.M., Li, V.G., Invernizzi, L., Bursztein, E.,
McRoberts, K., Levin, J., Levchenko, K., Snoeren, A.C. and McCoy, D., 2018,
May. Tracking ransomware end-to-end. In 2018 IEEE Symposium on Security
and Privacy (SP) (pp. 618-631). IEEE.
Keogh, K., Gordon, C. and Marinovic, P., 2018. Cyber security: Global
developments in cyber security law: is Australia keeping pace?. LSJ: Law
Society of NSW Journal, (42), p.82.
Kruse, C.S., Frederick, B., Jacobson, T. and Monticone, D.K., 2017.
Cybersecurity in healthcare: A systematic review of modern threats and
trends. Technology and Health Care, 25(1), pp.1-10.
Martin, G., Martin, P., Hankin, C., Darzi, A. and Kinross, J., 2017.
Cybersecurity and healthcare: how safe are we?. Bmj, 358, p.j3179.
Maurya, A.K., Kumar, N., Agrawal, A. and Khan, R.A., 2018. Ransomware:
Evolution, Target and Safety Measures.
Pope, J., 2016. Ransomware: minimizing the risks. Innovations in clinical
neuroscience, 13(11-12), p.37.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13INFORMATION SYSTEM
Scaife, N., Carter, H., Traynor, P. and Butler, K.R., 2016, June. Cryptolock
(and drop it): stopping ransomware attacks on user data. In Distributed
Computing Systems (ICDCS), 2016 IEEE 36th International Conference
on (pp. 303-312). IEEE.
Stephen, J., 2017. Beware the ransomware: Protecting your data more
important than ever. Wisconsin Law Journal.
Thomas, J. and Galligher, G., 2018. Improving backup system evaluations in
information security risk assessments to combat ransomware.
ur Rehman, H., Yafi, E., Nazir, M. and Mustafa, K., 2018, October. Security
Assurance Against Cybercrime Ransomware. In International Conference on
Intelligent Computing & Optimization (pp. 21-34). Springer, Cham.
Yao, D.D., 2018, June. Data Breach and Multiple Points to Stop It.
In Proceedings of the 23nd ACM on Symposium on Access Control Models
and Technologies (pp. 1-1). ACM.
Yaqoob, I., Ahmed, E., ur Rehman, M.H., Ahmed, A.I.A., Al-garadi, M.A.,
Imran, M. and Guizani, M., 2017. The rise of ransomware and emerging
security challenges in the Internet of Things. Computer Networks, 129,
pp.444-458.

1 out of 14

+13062052269

info@desklib.com

Ransomware and Data Security: How Safe is Our Data?

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Ransomware Attacks and Data Security

Data Safety considering Ransomware

Contemporary Cyber Security Issues

Ransomware Attack and its Impact

Understanding Ransomware Threats and Prevention

Assignment on CYBER SECURITY: WannaCry Attack