logo

Sample Assignment on Cryptolocker

   

Added on  2021-06-14

4 Pages1264 Words163 Views
 | 
 | 
 | 
1.How does CryptoLocker infect a machine on the network?Answer – Cryptolocker is a ransomware trojan that gains admittance to a Microsoftwindows working framework. Ransomware programming is malignant programmingthat gets into the client PC through email or some system related means and scramblesthe information or unendingly pieces access to it and requests that the client paypayment to decode it. Cryptolocker is a progress ransomware which enters thecasualty's PC through covering up in email or finding a secondary passage to PC, atthat point it begins tainting the casualty's PC without telling the PC. It addresses itsfocal server and begins scrambling the principle framework information utilizing RSAcalculation (called open key cryptography) and locks it. (Ducklin, 2013, p.4) Theaggressor holds the private key in their control server and without it client won't havethe capacity to get to the PC. At that point show message comes which offers tounscramble the information if a payment is paid to them inside the stipulated time.They undermines if cash isn't paid they will release the information or erase theprivate key. Infact paying does not ensure the decoding procedure. Furthermore, if thecash isn't paid them, they erase the key. At that point the best way to decode theinformation is by online specialist organization which will cost them considerablymore in higher bitcoins. (Wikipedia, 2018, p.4).(Anonymous, 2015).2.From a network security perspective, what is the best approach in defendingyour corporate network resources from CryptoLocker infections? Detail out themachines and/or software resources that you would need to defend.Answer – On the off chance that Cyrptolocker ransomware hits one PC, it begins tocollect as much as information to the end purpose of the PC. In corporate system there
Sample Assignment on Cryptolocker_1

are numerous PCs associated by means of Ethernet or remotely, this malware figuresout how to different PCs and taints them too and the other way around. The best wayto deal with keep the pernicious exercises is to make awareness about how theCryptolocker attacks the PC. Putting a little manual in each work area or making ascreen capture of manual in representatives work area will likewise help them to takeout the danger of malware assaults. There are numerous more methodologies whichwill put down the danger of assaults. They are:a.Creating a reinforcement framework which isn't mapped to the working PC andfollowing a general reinforcement plan. (Myers, 2013, p.4)b.Updating or patching the software will help to install latest security updates. c.It is good to have security suite such as firewall, anti-malware software installedin your network. It will enable us to recognize dangers or suspicious conduct.Malware creators oftentimes convey new variations, to attempt to stay away fromlocation, so this is the reason it is vital to have the two layers of security. On theoff chance that you keep running over a ransomware variation that is new to thepoint that it moves beyond hostile to malware programming, it might at present begotten by a firewall when it endeavours to interface with its Command andControl (C&C) server to get directions for encoding your documents.We need to defend Microsoft based windows operating system. As of now it’s theonly one which is vulnerable to the attack. Generally the older versions ofwindows operating system are prone to attack. (Ganorkar & Kandasamy, 2017,p.4).3.If upon detecting an infected machine an alarm is raised in the corporation's ITdepartment. As a security analyst, what will your approach be for containing thethreat, mitigating its effect and post-incident action?Answer – As a security analyst understanding my business is casualty to aransomware assault I would stop network access of my computer to further spreadingto other computers. Crippling system access for PCs known to be contaminated byviruses or other malware (so they can be isolated) and obstructing the records ofclients that may have been engaged with bad behaviour. Finding a way to review or erase data, for example, reviewing messages, requestingthat unintended beneficiaries pulverize duplicates or debilitating connections thathave been erroneously posted. Survey the degree and seriousness of the break. The
Sample Assignment on Cryptolocker_2

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents