Information Technology Management: Crypto-Locker Ransomware Analysis

Verified

Added on 2023/04/20

AI Summary

This report provides an overview of the Crypto-Locker ransomware virus, a type of malware that restricts user access to infected computer systems and demands payment for restoring access. It details how Crypto-Locker infects systems, primarily through phishing emails with malicious attachments, and its ability to encrypt files on local drives, shared networks, and cloud storage. The report also outlines preventive measures recommended by US-CERT, including routine data backups, maintaining updated antivirus software, keeping operating systems and software current, avoiding unsolicited links in emails, being cautious when opening email attachments, and practicing safe web browsing. This analysis helps users understand the threat posed by Crypto-Locker and implement strategies to protect their computer networks.

Running head: INFORMATION TECHNOLOGY MANAGEMENT
Information Technology Management
Name of Student-
Name of University-
Author’s Note-

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1INFORMATION TECHNOLOGY MANAGEMENT
Crypto-Locker Ransomware Virus
When talked about malware, ransomware is very new and recent virus that is on the
trend. There are many other viruses that are on this way such as Trojan, Spyware, as well as
Viruses. But the most familiar attack of computer virus is the Ransomware virus.
US-CERT (United States Computer Emergency Readiness Team) got alerted of a
malware in the year 2013 which was a type of ransomeware attack. The name of the
ransomeware virus was named as Crypto-Locker that is a new type of ransomware (Richardson
& North, 2017). This malware restricts the user to access the computer that is infected and
demands payment from the victim in order to return the access of the system to them. The main
method of infection is phishing emails that contained malicious attachments.
How it worked
The Crypto-Locker is a malware that has ability in finding the files in a computer system
and encrypt the files that are located in the shared network or external drives or can be even from
the drives that has same cloud storage (Kharraz et al., 2015). If a single computer on the network
gets infected, all the drives on that particular network might also get infected. Crypto-Locker
attacker then connects the C2 server of the attacker for depositing the asymmetric encryption key
away from the victim’s reach. All the files on the victim’s side are encrypted using the
asymmetric encryption.
Prevention
As recommended by US-CERT the users should take the below listed preventive
measures for protecting the computer networks.

2INFORMATION TECHNOLOGY MANAGEMENT
 The users should have routine backups consisting of important files.
 Maintain their anti-virus installed in their systems.
 Keep their OS and Software all updated.
 They should not follow any unsolicited links in their emails.
 They should be aware of opening the attachments in their emails.
 They should lastly follow safe practices while browsing their web.

3INFORMATION TECHNOLOGY MANAGEMENT
References
Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., & Kirda, E. (2015, July). Cutting the
gordian knot: A look under the hood of ransomware attacks. In International Conference
on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 3-24).
Springer, Cham.
Richardson, R., & North, M. (2017). Ransomware: Evolution, mitigation and
prevention. International Management Review, 13(1), 10-21.