Cybersecurity Analysis of Uiwix Ransomware
VerifiedAdded on 2020/04/01
|14
|2958
|38
AI Summary
This assignment delves into the analysis of a new ransomware variant called Uiwix. It examines the characteristics of this malware, its potential impact on organizations, and proposes mitigation strategies. The analysis highlights the absence of a “Kill Switch” in Uiwix compared to older variants, emphasizing its evolving nature. It also discusses the importance of updated incident response plans, endpoint monitoring, and disaster preparedness in countering this threat.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: RISK MITIGATION AND SECURITY PLAN
Ransomware Threats and Mitigation Plan
Name of the Student
Name of the University
Author’s Note
Ransomware Threats and Mitigation Plan
Name of the Student
Name of the University
Author’s Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1RISK MITIGATION AND SECURITY PLAN
Table of Contents
Introduction......................................................................................................................................2
Background......................................................................................................................................2
Risk and Security concerns of Ransomware...................................................................................3
Strategies for addressing Risks and Security Concerns...................................................................6
Conclusion and Future Trends.......................................................................................................10
References......................................................................................................................................12
Table of Contents
Introduction......................................................................................................................................2
Background......................................................................................................................................2
Risk and Security concerns of Ransomware...................................................................................3
Strategies for addressing Risks and Security Concerns...................................................................6
Conclusion and Future Trends.......................................................................................................10
References......................................................................................................................................12
2RISK MITIGATION AND SECURITY PLAN
Introduction
The report is aimed to present the scenario of ransomware attack over several ranges of
sectors such as healthcare, government, and telecommunication. The ransomware attack is
identified as “WannaCry” and it gradually spread over 150 countries and within 300,000
systems. The most affected countries are recognized to be China and Russia and the reason is
identified to usage of legacy software and significant impacts especially for UK National Health
Service (Shackelford, 2017). The spread of ransomware clogged the working and activity of
these sectors even after launching the attack in the first place. As per the major findings, the
“Kill Switch” did the trick of slowing the activities of the affected sectors.
Background
“WannaCry” ransomware attack is one kind of ransomware that extorts as a malware and
it can encrypt files, disks, and it can lock computers. The malware makes demands of
approximate value of $300 to $600 as payment over Bitcoin accounts within three days in place
of decrypting the stolen files. “WannaCry” spreads throughout SMB (Server Message Block)
protocol that operates over 445 and 139 ports (Mohurle & Patil, 2017). Windows operating
system typically uses it for make communication between file systems inside a network grid.
When the ransomware is successfully installed in a system; this ransomware first scans through
the entire system to find out vulnerabilities exist. “WannaCry” ransomware first checks about
backdoors inside the system such as DoublePulsar duly exist in the affected systems (Collier,
2017). DoublePulsar and EternalBlue, both can exploit SMB vulnerability and this information
Introduction
The report is aimed to present the scenario of ransomware attack over several ranges of
sectors such as healthcare, government, and telecommunication. The ransomware attack is
identified as “WannaCry” and it gradually spread over 150 countries and within 300,000
systems. The most affected countries are recognized to be China and Russia and the reason is
identified to usage of legacy software and significant impacts especially for UK National Health
Service (Shackelford, 2017). The spread of ransomware clogged the working and activity of
these sectors even after launching the attack in the first place. As per the major findings, the
“Kill Switch” did the trick of slowing the activities of the affected sectors.
Background
“WannaCry” ransomware attack is one kind of ransomware that extorts as a malware and
it can encrypt files, disks, and it can lock computers. The malware makes demands of
approximate value of $300 to $600 as payment over Bitcoin accounts within three days in place
of decrypting the stolen files. “WannaCry” spreads throughout SMB (Server Message Block)
protocol that operates over 445 and 139 ports (Mohurle & Patil, 2017). Windows operating
system typically uses it for make communication between file systems inside a network grid.
When the ransomware is successfully installed in a system; this ransomware first scans through
the entire system to find out vulnerabilities exist. “WannaCry” ransomware first checks about
backdoors inside the system such as DoublePulsar duly exist in the affected systems (Collier,
2017). DoublePulsar and EternalBlue, both can exploit SMB vulnerability and this information
3RISK MITIGATION AND SECURITY PLAN
was disclosed from Shadows hacking group in April. How the attack is conducted and how it
hampers the system activities are mentioned in following steps:
1. Attackers utilize yet-to-be-confirmed attack vector initially
2. “WannaCry” encrypts all files in victim’s system with using AES-128 cipher.
The ransomware deletes the encrypted files’ shadow copies and then it shows
a ransom note in front of user requesting $300 or $600 in Bitcoin.
3. Tor.exe is utilized from wannacrydecryptor.exe; and this initiates between tor
node connections in order to connect with the attacker (Gordon, Fairhall &
Landman, 2017). This way, the tor.exe makes the attack completely difficult
for tracking the attacker and it is considered as impossible to track down the
attacker.
4. For infected system, the IP address is checked and then the IP addresses over
similar subnet are scanned so that additional insecure and vulnerable systems
can be connected through port 445 over TCP protocol (Batcheller et al., 2017).
5. Once, one system is connected successfully, the containing data exploit
payload is transferred.
Risk and Security concerns of Ransomware
Global impact of “WannaCry” ransomware is high and it stated that on an overall
measure; over 226,800 ransomware occurred as of May 2017. On an estimate, approximately 30-
40 publicly known companies were under likely category that faced major impact from
ransomware attack (Martin, Kinross & Hankin, 2017). There were instances of Russian Interior
Ministry, Telefonica (Spain’s largest telecommunication organization), and FedEx. UK National
was disclosed from Shadows hacking group in April. How the attack is conducted and how it
hampers the system activities are mentioned in following steps:
1. Attackers utilize yet-to-be-confirmed attack vector initially
2. “WannaCry” encrypts all files in victim’s system with using AES-128 cipher.
The ransomware deletes the encrypted files’ shadow copies and then it shows
a ransom note in front of user requesting $300 or $600 in Bitcoin.
3. Tor.exe is utilized from wannacrydecryptor.exe; and this initiates between tor
node connections in order to connect with the attacker (Gordon, Fairhall &
Landman, 2017). This way, the tor.exe makes the attack completely difficult
for tracking the attacker and it is considered as impossible to track down the
attacker.
4. For infected system, the IP address is checked and then the IP addresses over
similar subnet are scanned so that additional insecure and vulnerable systems
can be connected through port 445 over TCP protocol (Batcheller et al., 2017).
5. Once, one system is connected successfully, the containing data exploit
payload is transferred.
Risk and Security concerns of Ransomware
Global impact of “WannaCry” ransomware is high and it stated that on an overall
measure; over 226,800 ransomware occurred as of May 2017. On an estimate, approximately 30-
40 publicly known companies were under likely category that faced major impact from
ransomware attack (Martin, Kinross & Hankin, 2017). There were instances of Russian Interior
Ministry, Telefonica (Spain’s largest telecommunication organization), and FedEx. UK National
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4RISK MITIGATION AND SECURITY PLAN
Health Service (NHS) was hit with ransomware along with 16 out of 47 NHS trusts were
affected. Once, the service recovered from the ransomware attack; routine surgery checkup and
some doctor appointments were cancelled (Martin et al., 2017). There exist some major reports
that China and more than 40,000 organizations faced and were affected and this attack involved
60 academic institutions as well. Russia appeared to be most significant victim of this
“WannaCry” ransomware attack. Kaspersky Labs investigated the case and identified that
Russian organizations were running large proportion of dated and un-patched systems (Floridi,
2017). “WannaCry” ransomware was designed for conducting an international attack over
several countries and multiple systems; this ransomware can demand the ransom amount in 28
different languages.
Initially the vector was chosen for “WannaCry” ransomware was reported to be phishing
emails and no sufficient data existed to prove this information. However, some other sources
claimed about other vectors such as public-accessible and vulnerable SMB (Server Message
Block) for spreading malware in form of worm-life (Wirth, 2017). The infection took place and
the “WannaCry” ransomware beacons out “Kill Switch” URL for determining whether the
malware is in Sandbox environment. In case, the URL is irresponsive, then malware starts to
encrypt victim system files with utilizing AES-128 cipher. The encrypted files are appended with
file extension of .wncry along with other files (Clarke & Youngstein, 2017). In spite of other
ransomware attacks, the “WannaCry” ransomware carries out encryption of victim system files
with name changes and created new files regardless until or unless the system is infected.
Furthermore, a ransom note is placed for showing in victim’s system (Swenson, 2017). The
ransom note was prepared using text from library of .rtf format (rich text format) files and note
was available at multiple languages based on system location. The ransom demand requires
Health Service (NHS) was hit with ransomware along with 16 out of 47 NHS trusts were
affected. Once, the service recovered from the ransomware attack; routine surgery checkup and
some doctor appointments were cancelled (Martin et al., 2017). There exist some major reports
that China and more than 40,000 organizations faced and were affected and this attack involved
60 academic institutions as well. Russia appeared to be most significant victim of this
“WannaCry” ransomware attack. Kaspersky Labs investigated the case and identified that
Russian organizations were running large proportion of dated and un-patched systems (Floridi,
2017). “WannaCry” ransomware was designed for conducting an international attack over
several countries and multiple systems; this ransomware can demand the ransom amount in 28
different languages.
Initially the vector was chosen for “WannaCry” ransomware was reported to be phishing
emails and no sufficient data existed to prove this information. However, some other sources
claimed about other vectors such as public-accessible and vulnerable SMB (Server Message
Block) for spreading malware in form of worm-life (Wirth, 2017). The infection took place and
the “WannaCry” ransomware beacons out “Kill Switch” URL for determining whether the
malware is in Sandbox environment. In case, the URL is irresponsive, then malware starts to
encrypt victim system files with utilizing AES-128 cipher. The encrypted files are appended with
file extension of .wncry along with other files (Clarke & Youngstein, 2017). In spite of other
ransomware attacks, the “WannaCry” ransomware carries out encryption of victim system files
with name changes and created new files regardless until or unless the system is infected.
Furthermore, a ransom note is placed for showing in victim’s system (Swenson, 2017). The
ransom note was prepared using text from library of .rtf format (rich text format) files and note
was available at multiple languages based on system location. The ransom demand requires
5RISK MITIGATION AND SECURITY PLAN
paying either $300 or $600 worth of Bitcoin for decryption key. Once the system is infected, the
user can view only a screen with instructions for paying the ransom.
Figure 1: “WannaCry” ransomware screen
(Source: Young & Yung, 2017, pp. 25)
The “WannaCry” ransomware used EternalBlue for exploitation, NSA created this
EternalBlue, and Shadows Brokers have released it during 14 April 2017. The malware has
capability of checking backdoors existing such as DoublePulsar; this too was released from
Shadow Brokers for helping in propagation within client networks (Yaqoob et al., 2017). In case,
the organization is trying to route through proxy internet access; the “Kill Switch” will not pause
the ongoing attack.
paying either $300 or $600 worth of Bitcoin for decryption key. Once the system is infected, the
user can view only a screen with instructions for paying the ransom.
Figure 1: “WannaCry” ransomware screen
(Source: Young & Yung, 2017, pp. 25)
The “WannaCry” ransomware used EternalBlue for exploitation, NSA created this
EternalBlue, and Shadows Brokers have released it during 14 April 2017. The malware has
capability of checking backdoors existing such as DoublePulsar; this too was released from
Shadow Brokers for helping in propagation within client networks (Yaqoob et al., 2017). In case,
the organization is trying to route through proxy internet access; the “Kill Switch” will not pause
the ongoing attack.
6RISK MITIGATION AND SECURITY PLAN
Strategies for addressing Risks and Security Concerns
In case the user notices about the ransomware attack occurred to someone’s system, and
the user can view the extensions changed as the specified ones. The user can easily identify
themselves as victims of this ransomware attack (Gandhi, (2017). When someone identifies
about the scenario; then he or she can perform following actions to reduce the impacts.
1) All network connections should be disconnected from internal and external
storage immediately.
2) The computer should be shut down and IT teams should be instantaneously
informed.
3) Any amount of ransomware should be paid to the hacker; as the payment of
ransom to the attackers increase chances of illegal activities over the entire
ecosystem and there exists no guarantee of getting stolen data back (Fimin,
2017).
4) Before taking experts’ advice; all backups should be kept safeguarded.
These were general recommendations for users who suspect that he or she is a victim of
this ransomware. However, before this ransomware attack occurs, there are some organization
side recommendations and employee side recommendations (Millard, 2017). The organization-
level recommendations are identified as following:
I. SMB ports, RDP (Remote desktop protocol) will be kept blocked over the
network grid as well as 445, 139 port for SMB and 3389 port for RDP should be
blocked. SMB should be kept blocked until the organization came up with a
group policy or endpoint solution.
Strategies for addressing Risks and Security Concerns
In case the user notices about the ransomware attack occurred to someone’s system, and
the user can view the extensions changed as the specified ones. The user can easily identify
themselves as victims of this ransomware attack (Gandhi, (2017). When someone identifies
about the scenario; then he or she can perform following actions to reduce the impacts.
1) All network connections should be disconnected from internal and external
storage immediately.
2) The computer should be shut down and IT teams should be instantaneously
informed.
3) Any amount of ransomware should be paid to the hacker; as the payment of
ransom to the attackers increase chances of illegal activities over the entire
ecosystem and there exists no guarantee of getting stolen data back (Fimin,
2017).
4) Before taking experts’ advice; all backups should be kept safeguarded.
These were general recommendations for users who suspect that he or she is a victim of
this ransomware. However, before this ransomware attack occurs, there are some organization
side recommendations and employee side recommendations (Millard, 2017). The organization-
level recommendations are identified as following:
I. SMB ports, RDP (Remote desktop protocol) will be kept blocked over the
network grid as well as 445, 139 port for SMB and 3389 port for RDP should be
blocked. SMB should be kept blocked until the organization came up with a
group policy or endpoint solution.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7RISK MITIGATION AND SECURITY PLAN
II. Privilege escalation request for users should be prevented from being granted in
case one user requires running unknown software as an administrator (Mohurle &
Patil, 2017).
III. Windows operating system and Microsoft software should be patched up
specifically for MS17-010. Unsupported or out-of-date operating systems should
be reconfigured or upgraded for preventing SMB and RDP invasion.
IV. All employees should be notified for not opening unknown attachments over
emails (Gordon, Fairhall & Landman, 2017). In case any employee faces doubt
about emails and attachment; they should read though the mail without opening
the attachment.
V. Office macros should be disabled by a group policy.
VI. Scanning of all attachments should be considered from every endpoint, terminal,
and email gateways (Batcheller et al., 2017). The uPNP should be disabled over
every gateway, firewall, proxy servers and routers.
Some additional precautions should be maintained as following that are mentioned with
necessary details:
Maintenance of backup: The critical data backups should be maintained and rate of data
generation should be maintained (Martin, Kinross & Hankin, 2017). Timeline should be aligned
with procedures for restoring system should be conducted over Business Continuity Plan (BCP).
Organization’s incident response should be reviewed and disaster preparation plans should be
verified over address recovery from ransomware event.
II. Privilege escalation request for users should be prevented from being granted in
case one user requires running unknown software as an administrator (Mohurle &
Patil, 2017).
III. Windows operating system and Microsoft software should be patched up
specifically for MS17-010. Unsupported or out-of-date operating systems should
be reconfigured or upgraded for preventing SMB and RDP invasion.
IV. All employees should be notified for not opening unknown attachments over
emails (Gordon, Fairhall & Landman, 2017). In case any employee faces doubt
about emails and attachment; they should read though the mail without opening
the attachment.
V. Office macros should be disabled by a group policy.
VI. Scanning of all attachments should be considered from every endpoint, terminal,
and email gateways (Batcheller et al., 2017). The uPNP should be disabled over
every gateway, firewall, proxy servers and routers.
Some additional precautions should be maintained as following that are mentioned with
necessary details:
Maintenance of backup: The critical data backups should be maintained and rate of data
generation should be maintained (Martin, Kinross & Hankin, 2017). Timeline should be aligned
with procedures for restoring system should be conducted over Business Continuity Plan (BCP).
Organization’s incident response should be reviewed and disaster preparation plans should be
verified over address recovery from ransomware event.
8RISK MITIGATION AND SECURITY PLAN
Endpoint and terminal monitoring: The terminal monitoring tools can provide visibility
to the IT team showing abnormal behavior that may occur over the terminals. The abnormal
situations can identify how the ransomware can occur over the endpoints. Antivirus tools cannot
track the ransomware it lags behind ransomware (Martin et al., 2017). Endpoint monitoring can
perform visualizing that processes and network traffic that run in the endpoints; the endpoint can
block the unnecessary (potentially harmful) processes until verification is scanned.
Email filtering: The email filtering is essential for scanning through the email
attachments and this strategy will prevent a number of malware attacks along with Locky
ransomware. The filtering can track down recommended blocking of executable and zip
attachment files along with filtering attachments so that manual review can be performed
(Floridi, 2017). The filtering can block the attachments for suing secure transfer option to allow
the attachments without launching any harmful software.
Security Awareness Training: The security awareness-training program is essential for
employees to take lessons from malicious hacking attacks. These tools are useful for
implementation; though in long run, employees should be able to easily identify any insecure
reason (Wirth, 2017). Security awareness training is identified as significant way to reduce
susceptibility and vulnerability from personnel towards ransomware campaigns.
In an overall, Effective Enterprise Incident Response plan should be tested and measured
for identifying effectiveness nature for ransomware attacks. The response plan can be updated
for reflecting existing cyber threat environment. Critical systems should not be connected with
internet or those systems will be accessible over any network (Clarke & Youngstein, 2017).
Endpoint and terminal monitoring: The terminal monitoring tools can provide visibility
to the IT team showing abnormal behavior that may occur over the terminals. The abnormal
situations can identify how the ransomware can occur over the endpoints. Antivirus tools cannot
track the ransomware it lags behind ransomware (Martin et al., 2017). Endpoint monitoring can
perform visualizing that processes and network traffic that run in the endpoints; the endpoint can
block the unnecessary (potentially harmful) processes until verification is scanned.
Email filtering: The email filtering is essential for scanning through the email
attachments and this strategy will prevent a number of malware attacks along with Locky
ransomware. The filtering can track down recommended blocking of executable and zip
attachment files along with filtering attachments so that manual review can be performed
(Floridi, 2017). The filtering can block the attachments for suing secure transfer option to allow
the attachments without launching any harmful software.
Security Awareness Training: The security awareness-training program is essential for
employees to take lessons from malicious hacking attacks. These tools are useful for
implementation; though in long run, employees should be able to easily identify any insecure
reason (Wirth, 2017). Security awareness training is identified as significant way to reduce
susceptibility and vulnerability from personnel towards ransomware campaigns.
In an overall, Effective Enterprise Incident Response plan should be tested and measured
for identifying effectiveness nature for ransomware attacks. The response plan can be updated
for reflecting existing cyber threat environment. Critical systems should not be connected with
internet or those systems will be accessible over any network (Clarke & Youngstein, 2017).
9RISK MITIGATION AND SECURITY PLAN
Vulnerability management should be ensured within robust and natured enterprise-level
program.
Additionally, some useful Employee-level recommendations are identified for conducting
safety against ransomware threats. The recommendations are identified as following:
I. Internet should be disconnected and all data should be kept under backup in
encrypted format in removable hard drives. The hard drives should be
disconnected into a secure location once, the backup is completed.
II. The attachments should not be opened from unknown sender emails; the
attachments should not be downloaded (Swenson, (2017). Any unauthorized
software should not be downloaded or installed.
III. Personal emails should not be checked in office systems; as most of the free
email services will not have advanced security protocol for scanning the
attachments.
IV. If unusual hard drive activity over computer is suspected; the user is
recommended to shut down the system immediately and IT team administrator
should be notified (Young & Yung, 2017).
V. In office documents, macros will not be enabled.
Some IT administrator side recommendations are identified as following that should
considered in security planning and preventing risks from ransomware.
i. Network sharing should be stopped and disconnected from idle computers
and servers. Network sharing should be rechecked with writing permissions.
Vulnerability management should be ensured within robust and natured enterprise-level
program.
Additionally, some useful Employee-level recommendations are identified for conducting
safety against ransomware threats. The recommendations are identified as following:
I. Internet should be disconnected and all data should be kept under backup in
encrypted format in removable hard drives. The hard drives should be
disconnected into a secure location once, the backup is completed.
II. The attachments should not be opened from unknown sender emails; the
attachments should not be downloaded (Swenson, (2017). Any unauthorized
software should not be downloaded or installed.
III. Personal emails should not be checked in office systems; as most of the free
email services will not have advanced security protocol for scanning the
attachments.
IV. If unusual hard drive activity over computer is suspected; the user is
recommended to shut down the system immediately and IT team administrator
should be notified (Young & Yung, 2017).
V. In office documents, macros will not be enabled.
Some IT administrator side recommendations are identified as following that should
considered in security planning and preventing risks from ransomware.
i. Network sharing should be stopped and disconnected from idle computers
and servers. Network sharing should be rechecked with writing permissions.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10RISK MITIGATION AND SECURITY PLAN
ii. All passwords will be changed for safeguarding the common domain
administration accounts, the logging into system should be refrained and the
accounts will be used for authorizing some specific actions for standard
operating procedures.
iii. Backup solutions should be ensured for providing write access towards the
accounts for hard configured over backup solutions (Gandhi, 2017). User
accounts should have only read access.
iv. Volume wise shadow copy option should be enabled and group policy should
be enforced. Endpoint security solution and anti-malware or anti-ransomware
modules will be enabled.
v. Privilege escalation should be escalated from unknown programs and
processes (Yaqoob et al., 2017). Manual signature on endpoint security
should be created and file hashes should be monitored.
Conclusion and Future Trends
The report stated that NHS hospitals faced ransomware hits once, EY cyber threat
intelligence (CTI) to follow UK researcher. The researchers may obtain malware with which the
researcher have analyzed and discovered for reference to unregistered domain. The domain is
identified as worm-like attack; the researcher should consider the impacts and entire situation of
ransomware so that security options can be obtained. However, new variants of malware such as
Uiwix do not have this “Kill Switch”. Over new variants has not yet confirmed and the outcomes
are limited at this moment; some updates should be published to make information available
about the attack. Organization’s incident response should be reviewed and disaster preparation
ii. All passwords will be changed for safeguarding the common domain
administration accounts, the logging into system should be refrained and the
accounts will be used for authorizing some specific actions for standard
operating procedures.
iii. Backup solutions should be ensured for providing write access towards the
accounts for hard configured over backup solutions (Gandhi, 2017). User
accounts should have only read access.
iv. Volume wise shadow copy option should be enabled and group policy should
be enforced. Endpoint security solution and anti-malware or anti-ransomware
modules will be enabled.
v. Privilege escalation should be escalated from unknown programs and
processes (Yaqoob et al., 2017). Manual signature on endpoint security
should be created and file hashes should be monitored.
Conclusion and Future Trends
The report stated that NHS hospitals faced ransomware hits once, EY cyber threat
intelligence (CTI) to follow UK researcher. The researchers may obtain malware with which the
researcher have analyzed and discovered for reference to unregistered domain. The domain is
identified as worm-like attack; the researcher should consider the impacts and entire situation of
ransomware so that security options can be obtained. However, new variants of malware such as
Uiwix do not have this “Kill Switch”. Over new variants has not yet confirmed and the outcomes
are limited at this moment; some updates should be published to make information available
about the attack. Organization’s incident response should be reviewed and disaster preparation
11RISK MITIGATION AND SECURITY PLAN
plans should be verified over address recovery from ransomware event. Endpoint monitoring can
perform visualizing that processes and network traffic that run in the endpoints; the endpoint can
block the unnecessary (potentially harmful) processes until verification is scanned.
plans should be verified over address recovery from ransomware event. Endpoint monitoring can
perform visualizing that processes and network traffic that run in the endpoints; the endpoint can
block the unnecessary (potentially harmful) processes until verification is scanned.
12RISK MITIGATION AND SECURITY PLAN
References
Batcheller, A., Fowler, S. C., Cunningham, R., Doyle, D., Jaeger, T., & Lindqvist, U. (2017).
Building on the Success of Building Security In. IEEE Security & Privacy, 15(4), 85-87.
Clarke, R., & Youngstein, T. (2017). Cyberattack on Britain’s National Health Service—A
Wake-up Call for Modern Medicine. New England Journal of Medicine.
Collier, R. (2017). NHS ransomware attack spreads worldwide.
Fimin, M. (2017). Are employees part of the ransomware problem?. Computer Fraud &
Security, 2017(8), 15-17.
Floridi, L. (2017). The Unsustainable Fragility of the Digital, and What to Do About
It. Philosophy & Technology, 1-3.
Gandhi, K. A. (2017). Survey on Ransomware: A New Era of Cyber Attack. International
Journal of Computer Applications, 168(3).
Gordon, W. J., Fairhall, A., & Landman, A. (2017). Threats to Information Security—Public
Health Implications. New England Journal of Medicine, 377(8), 707-709.
Martin, G., Kinross, J., & Hankin, C. (2017). Effective cybersecurity is fundamental to patient
safety.
Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity and healthcare:
how safe are we?. Bmj, 358, j3179.
References
Batcheller, A., Fowler, S. C., Cunningham, R., Doyle, D., Jaeger, T., & Lindqvist, U. (2017).
Building on the Success of Building Security In. IEEE Security & Privacy, 15(4), 85-87.
Clarke, R., & Youngstein, T. (2017). Cyberattack on Britain’s National Health Service—A
Wake-up Call for Modern Medicine. New England Journal of Medicine.
Collier, R. (2017). NHS ransomware attack spreads worldwide.
Fimin, M. (2017). Are employees part of the ransomware problem?. Computer Fraud &
Security, 2017(8), 15-17.
Floridi, L. (2017). The Unsustainable Fragility of the Digital, and What to Do About
It. Philosophy & Technology, 1-3.
Gandhi, K. A. (2017). Survey on Ransomware: A New Era of Cyber Attack. International
Journal of Computer Applications, 168(3).
Gordon, W. J., Fairhall, A., & Landman, A. (2017). Threats to Information Security—Public
Health Implications. New England Journal of Medicine, 377(8), 707-709.
Martin, G., Kinross, J., & Hankin, C. (2017). Effective cybersecurity is fundamental to patient
safety.
Martin, G., Martin, P., Hankin, C., Darzi, A., & Kinross, J. (2017). Cybersecurity and healthcare:
how safe are we?. Bmj, 358, j3179.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13RISK MITIGATION AND SECURITY PLAN
Millard, W. B. (2017). Where Bits and Bytes Meet Flesh and Blood: Hospital Responses to
Malware Attacks.
Mohurle, S., & Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack
2017. International Journal, 8(5).
Shackelford, S. (2017). Exploring the ‘Shared Responsibility’of Cyber Peace: Should
Cybersecurity Be a Human Right?.
Swenson, G. (2017). Bolstering Government Cybersecurity Lessons Learned from WannaCry.
Wirth, A. (2017). It's Time for Belts and Suspenders. Biomedical Instrumentation &
Technology, 51(4), 341-345.
Yaqoob, I., Ahmed, E., Rehman, M. H., Ahmed, A. I. A., Al-garadi, M. A., Imran, M., &
Guizani, M. (2017). The rise of ransomware and emerging security challenges in the
Internet of Things. Computer Networks.
Young, A. L., & Yung, M. (2017). Cryptovirology: The birth, neglect, and explosion of
ransomware. Communications of the ACM, 60(7), 24-26.
Millard, W. B. (2017). Where Bits and Bytes Meet Flesh and Blood: Hospital Responses to
Malware Attacks.
Mohurle, S., & Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack
2017. International Journal, 8(5).
Shackelford, S. (2017). Exploring the ‘Shared Responsibility’of Cyber Peace: Should
Cybersecurity Be a Human Right?.
Swenson, G. (2017). Bolstering Government Cybersecurity Lessons Learned from WannaCry.
Wirth, A. (2017). It's Time for Belts and Suspenders. Biomedical Instrumentation &
Technology, 51(4), 341-345.
Yaqoob, I., Ahmed, E., Rehman, M. H., Ahmed, A. I. A., Al-garadi, M. A., Imran, M., &
Guizani, M. (2017). The rise of ransomware and emerging security challenges in the
Internet of Things. Computer Networks.
Young, A. L., & Yung, M. (2017). Cryptovirology: The birth, neglect, and explosion of
ransomware. Communications of the ACM, 60(7), 24-26.
1 out of 14
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.