Ransomware Attacks: Prevention and Impact

Verified

Added on  2020/02/19

|10
|2036
|86
AI Summary
The assignment delves into the nature of ransomware attacks, focusing on how they operate and the devastating consequences they inflict. It examines a specific example of a hospital affected by ransomware, highlighting the disruption to vital services and patient care. The document then outlines practical measures organizations can take to mitigate the risk of ransomware attacks, including regular data backups, disabling macros, and utilizing Microsoft Office viewers.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
2INFORMATION SECURITY
Table of Contents
Part A...............................................................................................................................................3
Introduction..................................................................................................................................3
How and why did the situation arise?..........................................................................................3
Possible solution to the problem..................................................................................................3
Conclusion...................................................................................................................................5
References....................................................................................................................................6
Part B...............................................................................................................................................7
What was the problem?...............................................................................................................7
Who are affected and how...........................................................................................................7
How as the attack carried out?.....................................................................................................8
What could have been done to prevent the attack?......................................................................9
References..................................................................................................................................10
Document Page
3INFORMATION SECURITY
Part A
Introduction
The report puts emphasis on a subsidiary of the California association of Realtor which
was a real estate business service (REBS) provider (Marsh, 2017). The company was a victim of
the data breach. The aspect of the breach was that the organizations online payment system was
mainly infected with a malware.
This report puts direct emphasis on the different aspects of the attack and how the actual
attack did was originated and what could have been the possible solution of the attack.
How and why did the situation arise?
The main situation arose when the users made an online payment with the help of the
website. During the transaction period or during the time frame personal information of the user
were copied by the malware and transmitted to a unknown third party user. The third person user
mainly included the hacker who would directly use the information for their own benefit.
Sensitive information that was accessed was mainly the user name, credit card or debit card
number, credit or debit card expiry date and credit card verification code (Alazab & Broadhurst,
2017).
Possible solution to the problem
All users who are involved in the online payment activity always want to access a
payment gateway which is highly secured. The user always gave their personal information of
the website which may include much sensitive information like credit card or debit card number,
their expiry date as well as the verification code. Typically when a user uses the online payment
Document Page
4INFORMATION SECURITY
option to make a purchase, cardholder data is in the clear as it leaves the terminal of the
merchant and the data is not protected until the entire process in the gateway is tokenized or
encrypted at rest with regards to the platforms processing at the warehouse (Ryder, 2016). This
can be considered as a fundamental flawed model of the usually puts the data at risk of either
being compromised or at a stack of fraud which leads the entire data in the hand of the criminals.
The process can be rectified by the use of a hardware protected tamper resistant security
model (TRSM); the data is protected as soon as the information is put over the internet using any
payment portal. The process is mainly an intersection of strong encryption which is end to end
with tampering resistant hardware and tokenization which is helpful in a way that it replaces the
card number 16 digit payment account number with token values, by this mean the customer is
provided with optimal protection.
There are much technological solution in order to safe guards the online payment aspect
and the features associated with the technology. Industry collaboration can be considered as a
component which can be considered as an integral part in the fight against cyber crime (Ryder,
2016). The stakes in this topic are alarmingly high all around. There are many groups working
towards the betterment in this technological aspect one such example of a group is Payment
processing information sharing council (PPISC) created by heartland, this group has brought the
industry closers with the direct security aspect providing processor information which are
critical and insight into activity that can be considered as criminal activity (Khosla & Dubey,
2016). All the working groups who are involved in such activity they are mainly termed as good
boy need to work together so the protection can be done in order to achieve the goal of securing
the world of internet completely.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
5INFORMATION SECURITY
In this case the final outcome was the removal of the malware which infected the system
and the organization has implemented a new online payment portal known as PayPal.
Conclusion
It can be concluded that in any online payment portal is one of the most important aspects
which have to deal with and the solution with regards to the problem should be achieved as soon
as possible. The websites which deal with online payment usually comprise of many vital
information which can to be protected. If the stated information is in the hand of any third person
it could lead to a big problem. The security aspect should be considered as a main priority any
aspect of technology.
Document Page
6INFORMATION SECURITY
References
Alazab, M., & Broadhurst, R. (2017). An Analysis of the Nature of Spam as Cybercrime. In
Cyber-Physical Security (pp. 251-266). Springer International Publishing.
Khosla, P., & Dubey, P. (2016). Survey Paper on Cyber Crime: A Threat to National Security.
IITM Journal of Management and IT, 7(1), 62-65.
Liang, G., Weller, S. R., Zhao, J., Luo, F., & Dong, Z. Y. (2017). The 2015 ukraine blackout:
Implications for false data injection attacks. IEEE Transactions on Power Systems, 32(4),
3317-3318.
Marsh, D. (2017). Are Ethical Hackers the Best Solution for Combating the Growing World of
Cyber-Crime? (Doctoral dissertation, University Honors College, Middle Tennessee State
University).
Paté‐Cornell, M., Kuypers, M., Smith, M., & Keller, P. (2017). Cyber Risk Management for
Critical Infrastructure: A Risk Analysis Model and Three Case Studies. Risk Analysis.
Ryder, N. (2016). Cyber crime and terrorist financing.
Document Page
7INFORMATION SECURITY
Part B
What was the problem?
WannaCry is an attack on the computer system which has mainly window based
operating system. It is considered as a cyber attack which hit the global market. The WannaCry
is a virus. The main concept of the attack was that the virus would encrypt all the files and other
information in the computer system and it would directly demand for ransom in order to decrypt
the files. The ransom was asked mainly in the form of bit coin crypto currency. The crypto
currency is mainly a asset which is in digital form which is designed to work as per a medium
which can be used as a exchange. As per it was estimated that around 230000 computers all over
the world were victim of the thread which was conducted in 150 countries around the world. The
virus was considered mainly as a network worm which has the capability of moving from one
machine to another, it used EthernalBlue to exploit the window system in order to gain access
over the system. The files or the system which are usually affected by the attack usually
displayed a ransom note as a technique of the demand of the bitcoin (Pei et al., 2016).
Who are affected and how
Technology innovations are taking place in very sphere and in every aspect. But it is
always taken into consideration that with every technological aspect their always lies some
technological risk, these risk are directly linked with the technology. The main affected parts
with the virus lied in every angle that can be thought of, from big organization to hospitals to
emergency services. It was reported that in major organization the virus was infected and
important data was accessed. The result of the attack was the important information related to the
organization was in the encrypted form. In the field of medical the hospitals equipment displayed

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
8INFORMATION SECURITY
the message of the virus and ransom was asked in order for their proper working. This affected
the overall working of the machine and the overall working of the hospitals who were affected.
The emergency aspect where also a affected area. The attack stagnated the overall working of the
service due to the attack.
How as the attack carried out?
The attack was carried out merely by an unwanted message or attached to a downloading
file. The attack would directly infect the overall data areas in the system and access the root of
operating system. The file after the attack are encrypted, by which the files cannot be no longer
be accessed. The access can be done by paying ransom money in the form of bitcoin. This could
be very much critical if it is related to services where it directly related to some very important
files relating to an organization or an emergency service aspect.
What could have been done to prevent the attack?
Putting direct emphasis on the company or the organization who have been affected by
the ransom ware attack the following implementation can be made in order to protect the
company from the attack
1. Back up of files regularly and keeping the recent back up
The backup of the data can be a savior when it comes to saving an individual from any
sort of attack like ransom ware. Encryption can be also done on the back up files so that the data
can be retrieved only by the authenticated user (Nayak, Mishra & Ram, 2016).
2. Don’t enable macros
Document Page
9INFORMATION SECURITY
In office documents there can be many ransomware that usually trick the user into
enabling macros. Microsoft have just launched a new office tool namely office 2016 that can
directly limit the macros functionality by preventing the user to enable them on regards to the
document downloaded from the internet.
3. Installation of Microsoft office viewer
This implementation would enable the user to see what a word or excel file document
looks like. The viewer in this aspect does not support macros as a result of which the user
doesn’t have to take any consideration regarding the macros.
References
Babu, C. M., & Sasankar, A. B. (2017). Intrusion Detection Systems for Mobile Ad-Hoc
Networks. International Journal, 5(5).
Komar, M., Sachenko, A., Kochan, V., & Skumin, T. (2016, April). Increasing the resistance of
computer systems towards virus attacks. In Electronics and Nanotechnology (ELNANO),
2016 IEEE 36th International Conference on (pp. 388-390). IEEE.
Michael, D. (2017). Virus Wanna Cry là gì và phòng tránh?| Michael Duy.
Document Page
10INFORMATION SECURITY
Morehouse, M. A., Lovecký, T., Read, H., & Woodman, M. (2017). Quantify? or, Wanna Cry?
Integrating Methods Training in the IR Classroom. International Studies Perspectives,
18(2), 225-245.
Nayak, P. K., Mishra, D., & Ram, S. (2016). Attack of malicious objects in computer network
under antivirus and quarantine defence. International Journal of Applied Engineering
Research, 11(9), 6250-6253.
Pei, Y., Pei, H., Liang, X., & Zhu, M. (2016). Optimal control of a computer virus model with
network attacks. Communications in Mathematical Biology and Neuroscience, 2016,
Article-ID.
Renaud, K. (2017). It makes you Wanna Cry.
1 out of 10
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]