Ransomware: Impact, Variants, Working Mechanism, Threats, and Mitigation Tools
Added on 2023-06-12
15 Pages3067 Words180 Views
Running head: RANSOMWARE
RANSOMWARE
Name of student:
Name of university:
Author’s note:
RANSOMWARE
Name of student:
Name of university:
Author’s note:
1RANSOMWARE
Table of Contents
Introduction..............................................................................................................................2
Discussion.................................................................................................................................2
Ransomware and its impacts on society...............................................................................2
Five variants of ransomware.................................................................................................3
Working mechanism of ransomware....................................................................................4
Threats posed by ransomware.............................................................................................5
Case study of WannaCry Ransomware attack.......................................................................5
Mitigation tools to tackle WannaCry Ransomware attack....................................................6
Conclusion................................................................................................................................6
References................................................................................................................................7
Table of Contents
Introduction..............................................................................................................................2
Discussion.................................................................................................................................2
Ransomware and its impacts on society...............................................................................2
Five variants of ransomware.................................................................................................3
Working mechanism of ransomware....................................................................................4
Threats posed by ransomware.............................................................................................5
Case study of WannaCry Ransomware attack.......................................................................5
Mitigation tools to tackle WannaCry Ransomware attack....................................................6
Conclusion................................................................................................................................6
References................................................................................................................................7
2RANSOMWARE
Introduction
This report intends to discuss the impact of Ransomware and the tools to mitigate this
problem. A brief introduction about ransomware and the impacts of ransomware on the society is
discussed. Discussion about five recent varieties of ransomware is stated. The working mechanism of
a ransomware is discussed. The potential threats of a ransomware is briefed. A brief case study of
one recent attack carried out by a ransomware is provided. A recommendation of two mitigation
tools for tackling the ransomware attack and a discussion of the effectiveness of the selected tools is
stated. Lastly, a conclusion of the report is provided.
Ransomware means a subcategory of malware with the help of which, all the data in the
computer of a victim is locked using encryption and huge ransom is demanded before decrypting the
data and the victim has the access to the systems [1]. This is the type of malware that infects the
computer systems restricting the access of a user to that infected system. There are varieties of
ransomware that are targeted to extort cash from victims with the help of on-screen display of alert
[2].
Discussion
Ransomware and its impacts on society
Ransomware are the type of malware using which, unauthorised users infects, puts the
system in lockdown or gains control of the system and demand ransom to normalise the system. The
main intention of a ransomware is to extort money from the owner of the system. The extortion of
money from the victims is done by the attackers with the help of threat of holding the device or
system to ransom, and the threat of releasing or erasing the data to force the payment [3]. This
malicious software is often spread with the method of phishing emails containing malicious
attachments or by downloading drive-by. Drive-by downloading happens when an user mistakenly
visit infected sites and then the malware gets downloaded in the system and installed without the
knowledge of the user [4]. There are several impacts of a ransomware attack in a system such as:
1. Proprietary or sensitive information is lost, maybe permanent or temporary.
2. Regular operations are disrupted.
3. Huge loss of capital takes place while restoring the files and the system.
4. The reputation of an organisation is damaged [5].
Introduction
This report intends to discuss the impact of Ransomware and the tools to mitigate this
problem. A brief introduction about ransomware and the impacts of ransomware on the society is
discussed. Discussion about five recent varieties of ransomware is stated. The working mechanism of
a ransomware is discussed. The potential threats of a ransomware is briefed. A brief case study of
one recent attack carried out by a ransomware is provided. A recommendation of two mitigation
tools for tackling the ransomware attack and a discussion of the effectiveness of the selected tools is
stated. Lastly, a conclusion of the report is provided.
Ransomware means a subcategory of malware with the help of which, all the data in the
computer of a victim is locked using encryption and huge ransom is demanded before decrypting the
data and the victim has the access to the systems [1]. This is the type of malware that infects the
computer systems restricting the access of a user to that infected system. There are varieties of
ransomware that are targeted to extort cash from victims with the help of on-screen display of alert
[2].
Discussion
Ransomware and its impacts on society
Ransomware are the type of malware using which, unauthorised users infects, puts the
system in lockdown or gains control of the system and demand ransom to normalise the system. The
main intention of a ransomware is to extort money from the owner of the system. The extortion of
money from the victims is done by the attackers with the help of threat of holding the device or
system to ransom, and the threat of releasing or erasing the data to force the payment [3]. This
malicious software is often spread with the method of phishing emails containing malicious
attachments or by downloading drive-by. Drive-by downloading happens when an user mistakenly
visit infected sites and then the malware gets downloaded in the system and installed without the
knowledge of the user [4]. There are several impacts of a ransomware attack in a system such as:
1. Proprietary or sensitive information is lost, maybe permanent or temporary.
2. Regular operations are disrupted.
3. Huge loss of capital takes place while restoring the files and the system.
4. The reputation of an organisation is damaged [5].
3RANSOMWARE
Five variants of ransomware
1. CryptXXX: this type of ransomware has the ability to lock the files of the system of a victim as
well as capabilities of stealing Bitcoin. An upgraded version of this ransomware known as
CryptXXX 3.0 has a better encryption tool that prevents the use of free decrypter tools that
are available online. The specific nature of this type of ransomware is that it restores the
desktop wallpaper to an image that is alike the refurbished Tor payment site [10].
2. Crysis: this type of ransomware majorly targets the individuals and organisations. This kind
of ransomware is spread through poisoned emails comprising of attachments with double
file extensions that masks the malicious files as non-executable files. This type of
ransomware was also spread among the users as installers for some legitimate applications
such as Microsoft Excel, iExplorer and WinRar. It has the ability to make the systems
unstable.
3. BlackShades: this ransomware has been caught targeting the users who speak English and
Russian with a ransom amount, which are payable with bitcoins. The codes of this
ransomware was difficult to recognise as these codes were left clouded and when the codes
of this malware was scrutinised, it communicated with the analysts. This malware uses 256-
bit encryption for encrypting 195 file types. They are generally found in the folders of drive
C: such as, Documents, Downloads, Desktop, Music, Videos, Picture and Public [11].
4. Apocalypse: this kind of ransomware has a requirement of communication between the data
kidnapper and the victim. This communication takes place when the hacker demands the
email of the victim for sharing the ransom instructions after affixing affected files with
a .encrypted extension. It also generates an autorun entry that signals the ransomware to
start whenever the user logs into the system.
5. RAA: this ransomware led may people to believe that this malware was built by the use of
web-based language, which is javascript. The uniqueness of this ransomware lies in the fact
that it was originally created for interpretation by the browsers. Later, it was found that this
malware was using Jscript and not Javascript.
Five variants of ransomware
1. CryptXXX: this type of ransomware has the ability to lock the files of the system of a victim as
well as capabilities of stealing Bitcoin. An upgraded version of this ransomware known as
CryptXXX 3.0 has a better encryption tool that prevents the use of free decrypter tools that
are available online. The specific nature of this type of ransomware is that it restores the
desktop wallpaper to an image that is alike the refurbished Tor payment site [10].
2. Crysis: this type of ransomware majorly targets the individuals and organisations. This kind
of ransomware is spread through poisoned emails comprising of attachments with double
file extensions that masks the malicious files as non-executable files. This type of
ransomware was also spread among the users as installers for some legitimate applications
such as Microsoft Excel, iExplorer and WinRar. It has the ability to make the systems
unstable.
3. BlackShades: this ransomware has been caught targeting the users who speak English and
Russian with a ransom amount, which are payable with bitcoins. The codes of this
ransomware was difficult to recognise as these codes were left clouded and when the codes
of this malware was scrutinised, it communicated with the analysts. This malware uses 256-
bit encryption for encrypting 195 file types. They are generally found in the folders of drive
C: such as, Documents, Downloads, Desktop, Music, Videos, Picture and Public [11].
4. Apocalypse: this kind of ransomware has a requirement of communication between the data
kidnapper and the victim. This communication takes place when the hacker demands the
email of the victim for sharing the ransom instructions after affixing affected files with
a .encrypted extension. It also generates an autorun entry that signals the ransomware to
start whenever the user logs into the system.
5. RAA: this ransomware led may people to believe that this malware was built by the use of
web-based language, which is javascript. The uniqueness of this ransomware lies in the fact
that it was originally created for interpretation by the browsers. Later, it was found that this
malware was using Jscript and not Javascript.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Potential Threats and Mitigation Tools for Ransomwarelg...
|10
|2689
|368
Ransomware: Variants, Working Mechanism, Potential Threats, Mitigation Tools and Recent Attacklg...
|9
|2142
|102
Ransomware and Its Impact on Societylg...
|8
|2495
|62
Overview of Network Security: Types, Working Mechanism, Threats, Mitigation Toolslg...
|9
|1863
|305
Ransomware Attacks and Data Securitylg...
|11
|2489
|194
Malware in Computer System: WannaCry Ransomware and Mirai Attacklg...
|8
|1304
|441