Ransomware Attack in University: A Comprehensive Report and Analysis

Verified

Added on 2022/09/25

AI Summary

This report addresses a ransomware attack that impacted a university's grading system. It begins by defining ransomware and explaining its impact to management, then details the possible infection vectors, emphasizing the importance of network security updates and student awareness. The report explains the role of cryptography in ransomware for a technical audience, covering encryption algorithms and their use. It then analyzes the options available if the university chooses not to pay the ransom, focusing on system rebuilding and enhanced security protocols. The advantages and disadvantages of paying the ransom are considered, including the methods of payment (typically Bitcoin). Finally, the report recommends methods the university should implement to avoid future infections, such as enhanced email filtering, updated antivirus software, and regular software updates. This report is designed to inform and guide the university in mitigating and preventing future cyber security threats.

Running head: RANSOMWARE ATTACK IN UNIVERSITY
RANSOMWARE ATTACK IN UNIVERSITY
Name of the Student
Name of the University
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

RANSOMWARE ATTACK IN UNIVERSITY
Table of Contents
Introduction: 2
Discussion: 2
What is ransomware? Give a short introduction/overview so that management can
understand. 2
What are the possible ways in which an organisation can be infected? 3
What is the role of cryptography in ransomware? 4
If the university decides not to pay the ransom, what are the options? 5
If the university is considering paying the ransom, what are the advantages and
disadvantages? How is payment normally made (and why)?5
Recommend methods the university should take in the future to avoid becoming
infected: 6
References: 7

RANSOMWARE ATTACK IN UNIVERSITY
Introduction:
Cyber security is perhaps the world's most urgent issue today. The exponential
increase in cyber attack frequency and cyber-threat development has compelled cyber-world
protectors to remain alert forever. It is a competition between the guard and the attacker and
it looks like the attacker can always keep a step ahead (Kharraz et al., 2015). This is
emphasized in the study, which presents the event of a latest ransomware attack in a
university that is causing disturbances throughout the scheme.
The aim of the report is to address the management of the university which has
recently been attacked by a group of ransomware that directly has created a negative impact
on the grading system of the university. The eport discusses on the facts of ransomware and
cryptography ransomware on considered situations along with recommendations on the
following attack.
Discussion:
What is ransomware? Give a short introduction/overview so that management
can understand.
Ransomware is a malware format which encrypts the documents of a victim. The
assailant or the attackers then asks the victim to ansom the person for payment to restore
information and withdraw the system hack that has been done by the attackers.
The instructions for paying an amount to get the decryption key are given to users.
The expenses in Bitcoin can vary from several hundred to thousands of dollars, paid for
cybercriminals.
There are a number of ransomware vectors for computer access. Phishing Spam —
attachments to the victims by e-mail that they masquerade as a file they should trust, is one of

RANSOMWARE ATTACK IN UNIVERSITY
the most prevalent delivery technologies (Scaife et al., 2016). After downloaded, they can
pull over the device of the victim, particularly if they have integrated social engineering
instruments that make it possible for users to have admin privileges.
A few other, more violent ransomware types, such as NotPetya, use safety problems
to destroy PCs without having to trick users.
What are the possible ways in which an organisation can be infected?
The possible ways that an organization like universities can be infected by ransom
attacks are, the less secured and least bothered in updating the university network systems.
The attackers generally get the detail of the security level of the network of the university and
the funds of the university and carry on their process of attacking their systems and then
demand high ransom to revive the systems.
The universities have least association with the students on the safety programs of
their network and devices within the university. The students often access vulnerable links
from the systems within the campus which creates a wide scope for the attackers to enter the
system network and create the lag. The poorly patched network security systems are the main
cause of getting in to the vulnerable situation. Click on Flash to play; run browser Ad blocker
software to safeguard against malvertising-borne attacks; and regularly backup, particularly
shared files, which often go to ransomware attacks Recorded Future provides extra
suggestions for thwarting ransomware crashes.
The attackers choose the organisations they target with ransomware in various ways.
It sometimes means that attackers may target universities, for example, for having smaller
safety teams and a distinct user base, which shares many files, make defenses simpler to
penetrate.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

RANSOMWARE ATTACK IN UNIVERSITY
What is the role of cryptography in ransomware?
We get a very hazardous combination of issues when individuals combine
cryptography with malware. This is some kind of computer virus which is called
"ransomware." This sort of virus belongs to the "cryptovirology" area of research. By using
so-called phishing methods, a risk actor delivers the ransomware application to an unknown
victim (Kharaz et al., 2016). The virus file, which is malicious code, will run unless the
database is unlocked. This ransomware executes the software that encrypts user information
on the machine or host infected.
The data include user files such as documents, photographs, multimedia files and even
secret documents. The ransomware targets computer file and uses an authentication algorithm
such as RSA that does not access the file. The only way to access them is by using
instructions that appear enclosed in encrypted documents that the user pays restitution to the
threat actor. It is thus referred to as ransomware, because a way to solve a issue is requested.
The payment is necessary, in most instances Bitcoin, also in cryptocurrency.
Sometimes a more sinister form of ransomware gives users a date to finish paying, or the files
can always be lost. Only with a decryption key or a strong computer can it be recovered when
the file is encrypted (Brewer, 2016).
Encryption ' scrambles ' the file's contents to make it unreadable. A decryption key is
required to ' unscrew ' the file to restore it for ordinary use. Crypto-ransomware mainly
requires the file hostage, which requires a lump for the decryption key necessary for the file
restoration. Crypto-ransomware users most frequently contact us via files or connections
distributed in e-mails: the e-mail message contains connections to the papers' stored online.
In reality, papers are running programs files that download crypto-ransomware on the
computer are placed in the emails. Common crypto-ransomware file formats include:

RANSOMWARE ATTACK IN UNIVERSITY
 Microsoft Word document (file name ends with .doc or .docx)
 Microsoft XSL document (.xsl or .xslx)
 XML document (.xml or .xslx)
 Zipped folder containing a JavaScript file (.zip file containing a .js file)
 Multiple file extensions (e.g., <INVOICE#132435>.PDF.js)
If the university decides not to pay the ransom, what are the options?
If the university decides not to pay the ransom that has been demanded by the
ransomware attackers, the only option that has been left to the authorities of the university is
too rebuilt the system that has been hacked. The ransom attackers also agree in settlements
like paying them later (Richardson & North, 2017). But almost all the organizations that have
decided not to pay, pays focus in re creating a system which is safer than the old system and
bringing in new regulations during using the system of the university.
If the university is considering paying the ransom, what are the advantages
and disadvantages? How is payment normally made (and why)?
It is advantageous to pay the credit union because it may not be as easy as entering a
credit or a digit card on the paid page, rather than restore your information from a backup.
Another benefit is that it can minimize disturbances to the university industry and the
customers by reducing the need to bring offline technologies to prevent changes happening,
so that every system that is very intrusive to the company can be restored. Finally, it may turn
out to be cheaper in terms of real total cash costs than investing IT engineering resources
constantly to retrieve backup information (Kolodenker, et al., 2017).
One of the major disadvantages of paying ransoms is that organisations pay criminals,
reward criminality and thus encourage further crime. Of course, you increase the risk of a

RANSOMWARE ATTACK IN UNIVERSITY
future attack, but if you pay for a ransom, you are probably the victim who is prepared to
make a rescue payment to get the information returning. The main downside of everyone
with a ransom is that there is no assurance that the information will be returned.
The ransom requested by people is very different, but commonly varies between
$200–$400 and has to be paid virtually in currency like bitcoin.
Recommend methods the university should take in the future to avoid
becoming infected:
 Delete e-mails that are suspect. Deals that sound too nice to be true may be
misleading. Contact the supposed source, if in doubt, by phone or using a
public address known to check for the authenticity of the message.
 Click unchecked connections and attachments should be avoided.
Ransomware could bring links.
 Whenever possible using email filtering features. E-mail or spam filtering can
prevent your inbox from receiving a malicious email.
 Installing and keeping antivirus software that is up to date. Keeping the recent
virus definitions in operating system updated.
 Regular update of every device, software and plug-in.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

RANSOMWARE ATTACK IN UNIVERSITY
References:
Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network
Security, 2016(9), 5-9.
Kharaz, A., Arshad, S., Mulliner, C., Robertson, W., & Kirda, E. (2016). {UNVEIL}: A
Large-Scale, Automated Approach to Detecting Ransomware. In 25th {USENIX}
Security Symposium ({USENIX} Security 16) (pp. 757-772).
Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., & Kirda, E. (2015, July). Cutting the
gordian knot: A look under the hood of ransomware attacks. In International
Conference on Detection of Intrusions and Malware, and Vulnerability
Assessment (pp. 3-24). Springer, Cham.
Kolodenker, E., Koch, W., Stringhini, G., & Egele, M. (2017, April). PayBreak: defense
against cryptographic ransomware. In Proceedings of the 2017 ACM on Asia
Conference on Computer and Communications Security (pp. 599-611). ACM.
Richardson, R., & North, M. M. (2017). Ransomware: Evolution, mitigation and
prevention. International Management Review, 13(1), 10.
Scaife, N., Carter, H., Traynor, P., & Butler, K. R. (2016, June). Cryptolock (and drop it):
stopping ransomware attacks on user data. In 2016 IEEE 36th International
Conference on Distributed Computing Systems (ICDCS) (pp. 303-312). IEEE.