Ransomware: Impact, Variants, Working Mechanism, Threats, and Mitigation Tools
VerifiedAdded on 2023/06/12
|15
|3067
|180
AI Summary
This report discusses the impact of Ransomware and the tools to mitigate this problem. It covers five recent varieties of ransomware, the working mechanism of ransomware, potential threats of a ransomware, a case study of one recent attack carried out by a ransomware, and two mitigation tools for tackling the ransomware attack.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: RANSOMWARE
RANSOMWARE
Name of student:
Name of university:
Author’s note:
RANSOMWARE
Name of student:
Name of university:
Author’s note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1RANSOMWARE
Table of Contents
Introduction..............................................................................................................................2
Discussion.................................................................................................................................2
Ransomware and its impacts on society...............................................................................2
Five variants of ransomware.................................................................................................3
Working mechanism of ransomware....................................................................................4
Threats posed by ransomware.............................................................................................5
Case study of WannaCry Ransomware attack.......................................................................5
Mitigation tools to tackle WannaCry Ransomware attack....................................................6
Conclusion................................................................................................................................6
References................................................................................................................................7
Table of Contents
Introduction..............................................................................................................................2
Discussion.................................................................................................................................2
Ransomware and its impacts on society...............................................................................2
Five variants of ransomware.................................................................................................3
Working mechanism of ransomware....................................................................................4
Threats posed by ransomware.............................................................................................5
Case study of WannaCry Ransomware attack.......................................................................5
Mitigation tools to tackle WannaCry Ransomware attack....................................................6
Conclusion................................................................................................................................6
References................................................................................................................................7
2RANSOMWARE
Introduction
This report intends to discuss the impact of Ransomware and the tools to mitigate this
problem. A brief introduction about ransomware and the impacts of ransomware on the society is
discussed. Discussion about five recent varieties of ransomware is stated. The working mechanism of
a ransomware is discussed. The potential threats of a ransomware is briefed. A brief case study of
one recent attack carried out by a ransomware is provided. A recommendation of two mitigation
tools for tackling the ransomware attack and a discussion of the effectiveness of the selected tools is
stated. Lastly, a conclusion of the report is provided.
Ransomware means a subcategory of malware with the help of which, all the data in the
computer of a victim is locked using encryption and huge ransom is demanded before decrypting the
data and the victim has the access to the systems [1]. This is the type of malware that infects the
computer systems restricting the access of a user to that infected system. There are varieties of
ransomware that are targeted to extort cash from victims with the help of on-screen display of alert
[2].
Discussion
Ransomware and its impacts on society
Ransomware are the type of malware using which, unauthorised users infects, puts the
system in lockdown or gains control of the system and demand ransom to normalise the system. The
main intention of a ransomware is to extort money from the owner of the system. The extortion of
money from the victims is done by the attackers with the help of threat of holding the device or
system to ransom, and the threat of releasing or erasing the data to force the payment [3]. This
malicious software is often spread with the method of phishing emails containing malicious
attachments or by downloading drive-by. Drive-by downloading happens when an user mistakenly
visit infected sites and then the malware gets downloaded in the system and installed without the
knowledge of the user [4]. There are several impacts of a ransomware attack in a system such as:
1. Proprietary or sensitive information is lost, maybe permanent or temporary.
2. Regular operations are disrupted.
3. Huge loss of capital takes place while restoring the files and the system.
4. The reputation of an organisation is damaged [5].
Introduction
This report intends to discuss the impact of Ransomware and the tools to mitigate this
problem. A brief introduction about ransomware and the impacts of ransomware on the society is
discussed. Discussion about five recent varieties of ransomware is stated. The working mechanism of
a ransomware is discussed. The potential threats of a ransomware is briefed. A brief case study of
one recent attack carried out by a ransomware is provided. A recommendation of two mitigation
tools for tackling the ransomware attack and a discussion of the effectiveness of the selected tools is
stated. Lastly, a conclusion of the report is provided.
Ransomware means a subcategory of malware with the help of which, all the data in the
computer of a victim is locked using encryption and huge ransom is demanded before decrypting the
data and the victim has the access to the systems [1]. This is the type of malware that infects the
computer systems restricting the access of a user to that infected system. There are varieties of
ransomware that are targeted to extort cash from victims with the help of on-screen display of alert
[2].
Discussion
Ransomware and its impacts on society
Ransomware are the type of malware using which, unauthorised users infects, puts the
system in lockdown or gains control of the system and demand ransom to normalise the system. The
main intention of a ransomware is to extort money from the owner of the system. The extortion of
money from the victims is done by the attackers with the help of threat of holding the device or
system to ransom, and the threat of releasing or erasing the data to force the payment [3]. This
malicious software is often spread with the method of phishing emails containing malicious
attachments or by downloading drive-by. Drive-by downloading happens when an user mistakenly
visit infected sites and then the malware gets downloaded in the system and installed without the
knowledge of the user [4]. There are several impacts of a ransomware attack in a system such as:
1. Proprietary or sensitive information is lost, maybe permanent or temporary.
2. Regular operations are disrupted.
3. Huge loss of capital takes place while restoring the files and the system.
4. The reputation of an organisation is damaged [5].
3RANSOMWARE
Five variants of ransomware
1. CryptXXX: this type of ransomware has the ability to lock the files of the system of a victim as
well as capabilities of stealing Bitcoin. An upgraded version of this ransomware known as
CryptXXX 3.0 has a better encryption tool that prevents the use of free decrypter tools that
are available online. The specific nature of this type of ransomware is that it restores the
desktop wallpaper to an image that is alike the refurbished Tor payment site [10].
2. Crysis: this type of ransomware majorly targets the individuals and organisations. This kind
of ransomware is spread through poisoned emails comprising of attachments with double
file extensions that masks the malicious files as non-executable files. This type of
ransomware was also spread among the users as installers for some legitimate applications
such as Microsoft Excel, iExplorer and WinRar. It has the ability to make the systems
unstable.
3. BlackShades: this ransomware has been caught targeting the users who speak English and
Russian with a ransom amount, which are payable with bitcoins. The codes of this
ransomware was difficult to recognise as these codes were left clouded and when the codes
of this malware was scrutinised, it communicated with the analysts. This malware uses 256-
bit encryption for encrypting 195 file types. They are generally found in the folders of drive
C: such as, Documents, Downloads, Desktop, Music, Videos, Picture and Public [11].
4. Apocalypse: this kind of ransomware has a requirement of communication between the data
kidnapper and the victim. This communication takes place when the hacker demands the
email of the victim for sharing the ransom instructions after affixing affected files with
a .encrypted extension. It also generates an autorun entry that signals the ransomware to
start whenever the user logs into the system.
5. RAA: this ransomware led may people to believe that this malware was built by the use of
web-based language, which is javascript. The uniqueness of this ransomware lies in the fact
that it was originally created for interpretation by the browsers. Later, it was found that this
malware was using Jscript and not Javascript.
Five variants of ransomware
1. CryptXXX: this type of ransomware has the ability to lock the files of the system of a victim as
well as capabilities of stealing Bitcoin. An upgraded version of this ransomware known as
CryptXXX 3.0 has a better encryption tool that prevents the use of free decrypter tools that
are available online. The specific nature of this type of ransomware is that it restores the
desktop wallpaper to an image that is alike the refurbished Tor payment site [10].
2. Crysis: this type of ransomware majorly targets the individuals and organisations. This kind
of ransomware is spread through poisoned emails comprising of attachments with double
file extensions that masks the malicious files as non-executable files. This type of
ransomware was also spread among the users as installers for some legitimate applications
such as Microsoft Excel, iExplorer and WinRar. It has the ability to make the systems
unstable.
3. BlackShades: this ransomware has been caught targeting the users who speak English and
Russian with a ransom amount, which are payable with bitcoins. The codes of this
ransomware was difficult to recognise as these codes were left clouded and when the codes
of this malware was scrutinised, it communicated with the analysts. This malware uses 256-
bit encryption for encrypting 195 file types. They are generally found in the folders of drive
C: such as, Documents, Downloads, Desktop, Music, Videos, Picture and Public [11].
4. Apocalypse: this kind of ransomware has a requirement of communication between the data
kidnapper and the victim. This communication takes place when the hacker demands the
email of the victim for sharing the ransom instructions after affixing affected files with
a .encrypted extension. It also generates an autorun entry that signals the ransomware to
start whenever the user logs into the system.
5. RAA: this ransomware led may people to believe that this malware was built by the use of
web-based language, which is javascript. The uniqueness of this ransomware lies in the fact
that it was originally created for interpretation by the browsers. Later, it was found that this
malware was using Jscript and not Javascript.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4RANSOMWARE
Working mechanism of ransomware
Ransomware is the most sinister threats for an organisation due to the tendency of
ransomware being one of the most profitable types of malware outbreak. In this type of malicious
activity, the user do not have any option but paying the cybercriminal as non-compliance might lead
leak of sensitive data or even loss of data. Once the ransom is paid, then the cybercriminal decrypts
the original files and data. The mechanism of a ransomware attack works in five phases:
1. Phase 1: manipulation and infection
A successful malicious software needs to be first installed in a computer. This may happen
with the knowledge of the user or unknowingly by the user. This process takes place generally by
phishing of e-mails or toolkit for exploitation. Exploitation of security holes in some software
applications is carried out by a malicious toolkit. In case of cryptolocker malware, Angler Exploit Kit is
a common method of gaining access due to its higher efficiency in gaining execution [6].
2. Phase 2: delivering and execution of the malware
As soon as the execution is completed, within seconds, the actual ransomware is delivered
in to the system of the victim. After the execution is done, appropriate persistence mechanisms are
put in place. Delivery of ransomware can take place via means like delivery using emails, delivery
using websites or delivery using files. Delivery using emails works with the mechanism using
malicious emails that are sent to the computer of victims and they are tricked into opening those
emails and download the attachment files in those emails. Delivery using websites when a user
accesses a website that is compromised and redirecting them to an exploit kit landing page, which
activates installation of the payload of the ransomware.
3. Phase 3: spoliation of backup
In this phase, the backups of the files and data of the computer of the victim is deleted. This
is carried out just to make sure that there is possibility of recovering back from that attack. The data
and folders residing in the system of the victim is targeted complete deletion of all files takes place.
But this method is limited to some cybercrime software, majority of the malicious programs do not
bother to carry out this task. The ability to recover from this type of attack is minimal [7].
4. Phase 4: file encryption
After the compromisation of backups is done, the ransomware establishes some encryption
keys, which can be used for unlocking files as soon as the ransom demand is paid by the victim. For
Working mechanism of ransomware
Ransomware is the most sinister threats for an organisation due to the tendency of
ransomware being one of the most profitable types of malware outbreak. In this type of malicious
activity, the user do not have any option but paying the cybercriminal as non-compliance might lead
leak of sensitive data or even loss of data. Once the ransom is paid, then the cybercriminal decrypts
the original files and data. The mechanism of a ransomware attack works in five phases:
1. Phase 1: manipulation and infection
A successful malicious software needs to be first installed in a computer. This may happen
with the knowledge of the user or unknowingly by the user. This process takes place generally by
phishing of e-mails or toolkit for exploitation. Exploitation of security holes in some software
applications is carried out by a malicious toolkit. In case of cryptolocker malware, Angler Exploit Kit is
a common method of gaining access due to its higher efficiency in gaining execution [6].
2. Phase 2: delivering and execution of the malware
As soon as the execution is completed, within seconds, the actual ransomware is delivered
in to the system of the victim. After the execution is done, appropriate persistence mechanisms are
put in place. Delivery of ransomware can take place via means like delivery using emails, delivery
using websites or delivery using files. Delivery using emails works with the mechanism using
malicious emails that are sent to the computer of victims and they are tricked into opening those
emails and download the attachment files in those emails. Delivery using websites when a user
accesses a website that is compromised and redirecting them to an exploit kit landing page, which
activates installation of the payload of the ransomware.
3. Phase 3: spoliation of backup
In this phase, the backups of the files and data of the computer of the victim is deleted. This
is carried out just to make sure that there is possibility of recovering back from that attack. The data
and folders residing in the system of the victim is targeted complete deletion of all files takes place.
But this method is limited to some cybercrime software, majority of the malicious programs do not
bother to carry out this task. The ability to recover from this type of attack is minimal [7].
4. Phase 4: file encryption
After the compromisation of backups is done, the ransomware establishes some encryption
keys, which can be used for unlocking files as soon as the ransom demand is paid by the victim. For
5RANSOMWARE
establishing further lock-down of the local system of the user, the ransomware malware performs an
exchange of secure keys with the control server and the command.
5. Phase 5: User notification and cleanup
After the completion of the legwork of encryption of the ransomware and the capabilities of
the backup of company is compromised, the demand of payment in exchange for the files of the
user is placed. This usually happens with a ransom note that the victim receives. The exchange of
money and the files takes place after few days, during which the user is completely vulnerable
without the data and files. Sometimes ransom are asked for more than one time for the files [8].
Threats posed by ransomware
Ransomware is a tool that is used to place malicious software in a system and is used to lock
using encryption of the data and it is only decrypted when ransom is paid for that data. The threats
of ransomware is that it can be used to extort money from the victims and also use the information
on the system for other malicious intents. The backup files are deleted by the software of
ransomware, which can lead to sensitive data loss and huge amount of money is invested to retrieve
the data. There is a case of persistent payload, which guarantees that the malware can be used for
future purposes. The restore functions of systems are disabled, which means there is no way to
recover from these types of attacks [9].
Case study of WannaCry Ransomware attack
This attack was a worldwide cyberattack that happened in May 2017 [12]. It was executed by
the help of WannaCry ransomware cryptoworm. It majorly targeted the computers running
operating system of Microsoft Windows with the help of encryption of data and demanded
payments of ransom in the cryptocurrency of Bitcoin. The propagation of this ransomware took
place with the help of EternalBlue, which is an exploit that was released in older windows by the
Shadow Brokers. This ransomware installed backdoors into infected systems, which acted as an
advantage of this ransomware. This attack was stopped with the help of emergency patches that
were released by Microsoft and with the help of kill switch that prohibited the outbreak of this
malware to other computers. It was estimated to have affected around 200,000 computers [13].
Experts suggested that the place of origin of this ransomware was in North Korea or the agencies
that are working for this country. As this malware has the ability to spread itself, it is therefore also
considered to be a network worm. This malware uses EternalBlue to gain access into the system and
then uses DoublePulsar tool to execute and make a duplicate of itself.
establishing further lock-down of the local system of the user, the ransomware malware performs an
exchange of secure keys with the control server and the command.
5. Phase 5: User notification and cleanup
After the completion of the legwork of encryption of the ransomware and the capabilities of
the backup of company is compromised, the demand of payment in exchange for the files of the
user is placed. This usually happens with a ransom note that the victim receives. The exchange of
money and the files takes place after few days, during which the user is completely vulnerable
without the data and files. Sometimes ransom are asked for more than one time for the files [8].
Threats posed by ransomware
Ransomware is a tool that is used to place malicious software in a system and is used to lock
using encryption of the data and it is only decrypted when ransom is paid for that data. The threats
of ransomware is that it can be used to extort money from the victims and also use the information
on the system for other malicious intents. The backup files are deleted by the software of
ransomware, which can lead to sensitive data loss and huge amount of money is invested to retrieve
the data. There is a case of persistent payload, which guarantees that the malware can be used for
future purposes. The restore functions of systems are disabled, which means there is no way to
recover from these types of attacks [9].
Case study of WannaCry Ransomware attack
This attack was a worldwide cyberattack that happened in May 2017 [12]. It was executed by
the help of WannaCry ransomware cryptoworm. It majorly targeted the computers running
operating system of Microsoft Windows with the help of encryption of data and demanded
payments of ransom in the cryptocurrency of Bitcoin. The propagation of this ransomware took
place with the help of EternalBlue, which is an exploit that was released in older windows by the
Shadow Brokers. This ransomware installed backdoors into infected systems, which acted as an
advantage of this ransomware. This attack was stopped with the help of emergency patches that
were released by Microsoft and with the help of kill switch that prohibited the outbreak of this
malware to other computers. It was estimated to have affected around 200,000 computers [13].
Experts suggested that the place of origin of this ransomware was in North Korea or the agencies
that are working for this country. As this malware has the ability to spread itself, it is therefore also
considered to be a network worm. This malware uses EternalBlue to gain access into the system and
then uses DoublePulsar tool to execute and make a duplicate of itself.
6RANSOMWARE
The attack occurred through an uncovered vulnerable SMB port, which was unusual from
the previous attacks using phishing emails. The systems with the Microsoft update from April 2017
were most affected. According to reports, majority of the infected computers were running windows
7 and the systems running on windows xp were less affected [14]. The attack in the systems running
Windows XP failed because the operating system could not execute such dense programs and every
time the system crashed, which prevented the malware from completing the execution and encrypt
the files on the system. The initial attack was suppressed with the help of emergency security
patches released by Microsoft to mitigate the risks of this ransomware. Later after analysis of the
ransomware, a kill switch was designed to prevent further outbreak of the malware.
Mitigation tools to tackle WannaCry Ransomware attack
1. Procmon: This is a monitoring tool, which provides all the desired activity within the
system. As event concludes constantly, Procmon delivers filters so that user do not
get flooded by information while using the platform. These kind of filters exclude or
include processes with specific names, write or read operations and more. The
process involved in this software is that it writes the filtered events into a .PML file,
which is the basic file type of the software and later these files are converted into
CSV file [15].
2. SSDT: once a process that is responsible for encryption of the files have been
discovered by SSDT, the software can search the log to find the place of origin of the
encryption. By the help of this searching process, the log will display every patent
process , and every single action and the location of the files that are created. This
can be helpful to restore the system to a state before the entry of the malicious files
and if there is an entry of the files then it can be deleted and all the process that are
unauthorised can be killed. This will result in total clearing of entire system, along
with the removal of malicious processes and registry and files changes [16].
Conclusion
Therefore it can be concluded that ransomware is a malware with the help of which, all the
data in the computer of a victim is locked using encryption and huge ransom is demanded before
decrypting the data and the victim has the access to the systems. The impacts of ransomware on
society are like Proprietary or sensitive information is lost, maybe permanent or temporary, Regular
operations are disrupted, Huge loss of capital takes place while restoring the files and the system
The attack occurred through an uncovered vulnerable SMB port, which was unusual from
the previous attacks using phishing emails. The systems with the Microsoft update from April 2017
were most affected. According to reports, majority of the infected computers were running windows
7 and the systems running on windows xp were less affected [14]. The attack in the systems running
Windows XP failed because the operating system could not execute such dense programs and every
time the system crashed, which prevented the malware from completing the execution and encrypt
the files on the system. The initial attack was suppressed with the help of emergency security
patches released by Microsoft to mitigate the risks of this ransomware. Later after analysis of the
ransomware, a kill switch was designed to prevent further outbreak of the malware.
Mitigation tools to tackle WannaCry Ransomware attack
1. Procmon: This is a monitoring tool, which provides all the desired activity within the
system. As event concludes constantly, Procmon delivers filters so that user do not
get flooded by information while using the platform. These kind of filters exclude or
include processes with specific names, write or read operations and more. The
process involved in this software is that it writes the filtered events into a .PML file,
which is the basic file type of the software and later these files are converted into
CSV file [15].
2. SSDT: once a process that is responsible for encryption of the files have been
discovered by SSDT, the software can search the log to find the place of origin of the
encryption. By the help of this searching process, the log will display every patent
process , and every single action and the location of the files that are created. This
can be helpful to restore the system to a state before the entry of the malicious files
and if there is an entry of the files then it can be deleted and all the process that are
unauthorised can be killed. This will result in total clearing of entire system, along
with the removal of malicious processes and registry and files changes [16].
Conclusion
Therefore it can be concluded that ransomware is a malware with the help of which, all the
data in the computer of a victim is locked using encryption and huge ransom is demanded before
decrypting the data and the victim has the access to the systems. The impacts of ransomware on
society are like Proprietary or sensitive information is lost, maybe permanent or temporary, Regular
operations are disrupted, Huge loss of capital takes place while restoring the files and the system
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7RANSOMWARE
and the damage on the reputation of an organisation. ransomware works is five phases, which are
manipulation and infecting of the system, delivery and execution of malware in the system,
spoliation of backup, files encryption and user notification and cleanup. There are some threats that
are poseb by ransomware. Some variants of ransomware are CryptXXX, RAA, Blackshades, Crysis
and Apocalypse. The threats of ransomware can be mitigated by using Procmon or SSDT.
References
1. Branche, Patrick O. "Ransomware: An Analysis of the Current and Future Threat
Ransomware Presents." PhD diss., Utica College, 2017.
2. Andronio, Nicoló, Stefano Zanero, and Federico Maggi. "Heldroid: Dissecting and detecting
mobile ransomware." In International Workshop on Recent Advances in Intrusion Detection,
pp. 382-404. Springer, Cham, 2015.
3. Lee, Jun Hak, and Jaewoong Jeong. "Increase of Awareness of the Importance of Information
Security Using Simulation Experiment Technique Model as Ransomware." Advanced Science
Letters 23, no. 10 (2017): 10246-10249.
4. Matsunaka, Takashi, Ayumu Kubota, and Takahiro Kasama. "An approach to detect drive-by
download by observing the web page transition behaviors." In Information Security (ASIA
JCIS), 2014 Ninth Asia Joint Conference on, pp. 19-25. IEEE, 2014.
5. Sharma, Ms Prachi, Mr Shubham Zawar, and Suryakant B. Patil. "Ransomware Analysis:
Internet of Things (Iot) Security Issues, Challenges and Open Problems Inthe Context of
Worldwide Scenario of Security of Systems and Malware Attacks." Int. J. Innov. Res. n Sci.
Eng 2, no. 3 (2016): 177-184.
6. Weckstén, Mattias, Jan Frick, Andreas Sjöström, and Eric Järpe. "A novel method for
recovery from Crypto Ransomware infections." In Computer and Communications (ICCC),
2016 2nd IEEE International Conference on, pp. 1354-1358. IEEE, 2016.
7. Scaife, Nolen, Patrick Traynor, and Kevin Butler. "Making Sense of the Ransomware Mess
(and Planning a Sensible Path Forward)." IEEE Potentials 36, no. 6 (2017): 28-31.
8. Pathak, P. B., and Yeshwant Mahavidyalaya Nanded. "A dangerous trend of cybercrime:
ransomware growing challenge." International Journal of Advanced Research in Computer
Engineering & Technology (IJARCET) Volume 5 (2016).
and the damage on the reputation of an organisation. ransomware works is five phases, which are
manipulation and infecting of the system, delivery and execution of malware in the system,
spoliation of backup, files encryption and user notification and cleanup. There are some threats that
are poseb by ransomware. Some variants of ransomware are CryptXXX, RAA, Blackshades, Crysis
and Apocalypse. The threats of ransomware can be mitigated by using Procmon or SSDT.
References
1. Branche, Patrick O. "Ransomware: An Analysis of the Current and Future Threat
Ransomware Presents." PhD diss., Utica College, 2017.
2. Andronio, Nicoló, Stefano Zanero, and Federico Maggi. "Heldroid: Dissecting and detecting
mobile ransomware." In International Workshop on Recent Advances in Intrusion Detection,
pp. 382-404. Springer, Cham, 2015.
3. Lee, Jun Hak, and Jaewoong Jeong. "Increase of Awareness of the Importance of Information
Security Using Simulation Experiment Technique Model as Ransomware." Advanced Science
Letters 23, no. 10 (2017): 10246-10249.
4. Matsunaka, Takashi, Ayumu Kubota, and Takahiro Kasama. "An approach to detect drive-by
download by observing the web page transition behaviors." In Information Security (ASIA
JCIS), 2014 Ninth Asia Joint Conference on, pp. 19-25. IEEE, 2014.
5. Sharma, Ms Prachi, Mr Shubham Zawar, and Suryakant B. Patil. "Ransomware Analysis:
Internet of Things (Iot) Security Issues, Challenges and Open Problems Inthe Context of
Worldwide Scenario of Security of Systems and Malware Attacks." Int. J. Innov. Res. n Sci.
Eng 2, no. 3 (2016): 177-184.
6. Weckstén, Mattias, Jan Frick, Andreas Sjöström, and Eric Järpe. "A novel method for
recovery from Crypto Ransomware infections." In Computer and Communications (ICCC),
2016 2nd IEEE International Conference on, pp. 1354-1358. IEEE, 2016.
7. Scaife, Nolen, Patrick Traynor, and Kevin Butler. "Making Sense of the Ransomware Mess
(and Planning a Sensible Path Forward)." IEEE Potentials 36, no. 6 (2017): 28-31.
8. Pathak, P. B., and Yeshwant Mahavidyalaya Nanded. "A dangerous trend of cybercrime:
ransomware growing challenge." International Journal of Advanced Research in Computer
Engineering & Technology (IJARCET) Volume 5 (2016).
8RANSOMWARE
9. Tuttle, Hilary. "Ransomware attacks pose growing threat." Risk Management 63, no. 4
(2016): 4.
10. Glet, Michał. "Analysis of cryptographic mechanisms used in ransomware CryptXXX
v3." Biuletyn Wojskowej Akademii Technicznej 65, no. 4 (2016): 93-121.
11. Ahuja, Mridul, and Anuradha Gupta. "Detecting Backdoors in Windows
Processes." network 6: 2.
12. Mohurle, Savita, and Manisha Patil. "A brief study of wannacry threat: Ransomware attack
2017." International Journal of Advanced Research in Computer Science 8, no. 5 (2017).
13. Collier, Roger. "NHS ransomware attack spreads worldwide." (2017): E786-E787.
14. Chen, Qian, and Robert A. Bridges. "Automated Behavioral Analysis of Malware A Case Study
of WannaCry Ransomware." arXiv preprint arXiv:1709.08753 (2017).
15. Blokhin, Kristina, Josh Saxe, and David Mentis. "Malware similarity identification using call
graph based system call subsequence features." In 2013 IEEE 33rd International Conference
on Distributed Computing Systems Workshops, pp. 6-10. IEEE, 2013.
16. Christensen, J. B., and Niels Beuschau. "Ransomware detection and mitigation tool." (2017).
9. Tuttle, Hilary. "Ransomware attacks pose growing threat." Risk Management 63, no. 4
(2016): 4.
10. Glet, Michał. "Analysis of cryptographic mechanisms used in ransomware CryptXXX
v3." Biuletyn Wojskowej Akademii Technicznej 65, no. 4 (2016): 93-121.
11. Ahuja, Mridul, and Anuradha Gupta. "Detecting Backdoors in Windows
Processes." network 6: 2.
12. Mohurle, Savita, and Manisha Patil. "A brief study of wannacry threat: Ransomware attack
2017." International Journal of Advanced Research in Computer Science 8, no. 5 (2017).
13. Collier, Roger. "NHS ransomware attack spreads worldwide." (2017): E786-E787.
14. Chen, Qian, and Robert A. Bridges. "Automated Behavioral Analysis of Malware A Case Study
of WannaCry Ransomware." arXiv preprint arXiv:1709.08753 (2017).
15. Blokhin, Kristina, Josh Saxe, and David Mentis. "Malware similarity identification using call
graph based system call subsequence features." In 2013 IEEE 33rd International Conference
on Distributed Computing Systems Workshops, pp. 6-10. IEEE, 2013.
16. Christensen, J. B., and Niels Beuschau. "Ransomware detection and mitigation tool." (2017).
9RANSOMWARE
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10RANSOMWARE
11RANSOMWARE
12RANSOMWARE
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13RANSOMWARE
14RANSOMWARE
1 out of 15
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.