WannaCry Ransomware: Critical Analysis & Digital Information Security
VerifiedAdded on 2023/06/06
|6
|1196
|210
Report
AI Summary
This report provides a critical analysis of the WannaCry ransomware attack, which occurred in May 2017 and affected over 200,000 computers across 150 countries. It emphasizes the importance of managing the security of digital information and information systems to prevent such attacks. The r...
Read More
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: WANNACRY RANSOMWARE
Critical Analysis of WannaCry Ransomware
Name of the Student
Name of the University
Author’s Note:
Critical Analysis of WannaCry Ransomware
Name of the Student
Name of the University
Author’s Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
WANNACRY RANSOMWARE
1. Critical Analysis for Justifying the Need for Managing Security of Digital Information
and Information Systems in WannaCry Ransomware Attack
According to Mohurle and Patil 2017, ransomware virus software is one of the most
significant and vulnerable software that is being used by the attackers for spreading
vulnerabilities. This type of virus is the malicious software, which threatens for publishing
the confidential data or perpetually blocking the access to that data, until and unless a specific
ransom is being paid. The WannaCry Ransomware attack occurred in May 2017 by a
ransomware cryptoworm, known as WannaCry worm. The threat was spread throughout the
world. The several systems, which were running the operating system of Microsoft Windows,
were targeted in the attack.
As per Mattei 2017, the privacy, confidentiality and security of the digital information
as well as information systems for the WannaCry ransomware attack is extremely important
and significant. The ransomware affected more than 200000 computers in about 150
countries. The security and confidentiality of these computers were highly required for
preventing the access of the sensitive information and data. This WannaCry ransomware took
advantage of the inherent vulnerability of the Microsoft Windows. Although the overall patch
was free for the users, who are running the Windows versions, extra payment was required
for excess security. Moreover, this type of information systems should also have end users’
security.
Yaqoob et al. 2017 state that, the increase of usages of smart phones, sensors and
computers had led to the vulnerable attack of WannaCry ransomware. The major security
concerns of this attack are being checked after this attack took place. The security awareness
was extremely important for raising the total information security or information systems’
security. This helped in ensuring security as well as privacy issues that were common for the
WANNACRY RANSOMWARE
1. Critical Analysis for Justifying the Need for Managing Security of Digital Information
and Information Systems in WannaCry Ransomware Attack
According to Mohurle and Patil 2017, ransomware virus software is one of the most
significant and vulnerable software that is being used by the attackers for spreading
vulnerabilities. This type of virus is the malicious software, which threatens for publishing
the confidential data or perpetually blocking the access to that data, until and unless a specific
ransom is being paid. The WannaCry Ransomware attack occurred in May 2017 by a
ransomware cryptoworm, known as WannaCry worm. The threat was spread throughout the
world. The several systems, which were running the operating system of Microsoft Windows,
were targeted in the attack.
As per Mattei 2017, the privacy, confidentiality and security of the digital information
as well as information systems for the WannaCry ransomware attack is extremely important
and significant. The ransomware affected more than 200000 computers in about 150
countries. The security and confidentiality of these computers were highly required for
preventing the access of the sensitive information and data. This WannaCry ransomware took
advantage of the inherent vulnerability of the Microsoft Windows. Although the overall patch
was free for the users, who are running the Windows versions, extra payment was required
for excess security. Moreover, this type of information systems should also have end users’
security.
Yaqoob et al. 2017 state that, the increase of usages of smart phones, sensors and
computers had led to the vulnerable attack of WannaCry ransomware. The major security
concerns of this attack are being checked after this attack took place. The security awareness
was extremely important for raising the total information security or information systems’
security. This helped in ensuring security as well as privacy issues that were common for the
2
WANNACRY RANSOMWARE
organization that had faced WannaCry ransomware attack. The next requirement of the
information system security is that innovation is eventually supported by this method. A
proper security strategy is required for this purpose and hence freedom is enabled for using
the new technologies.
According to Thomas and Galligher 2018, the backup systems are to be evaluated
within the information security risk assessments for combating ransomware. For the
WannaCry ransomware attack, most of the information systems did not have the ability for
backup systems and hence the organizations or victims were not at all prepared. Thus, the
attackers were able to exploit all types of sensitive data or information. The information
security risk assessment is the significant procedure for performing the objective analysis of
the efficiency and effectiveness of the security controls of the organization. This would be
helpful for the protection of several assets and then determination of the loss, which is to be
incurred for those specific assets.
Therefore, from the above critical analysis, it could be concluded that the requirement
of the security management is extremely important for the digital information as well as the
information system. The most basic methods of this security management are extraction of
data, synthesizing the data and utilizing the scoping review for conducting the field mapping.
Furthermore, innovation and data protection are enhanced by this technique. The
interoperability and integration are also supported for the information security, compliance
management and privacy. The WannaCry ransomware attack had substantially proved that
there is a requirement of better security management for controlling the various risks and
threats.
WANNACRY RANSOMWARE
organization that had faced WannaCry ransomware attack. The next requirement of the
information system security is that innovation is eventually supported by this method. A
proper security strategy is required for this purpose and hence freedom is enabled for using
the new technologies.
According to Thomas and Galligher 2018, the backup systems are to be evaluated
within the information security risk assessments for combating ransomware. For the
WannaCry ransomware attack, most of the information systems did not have the ability for
backup systems and hence the organizations or victims were not at all prepared. Thus, the
attackers were able to exploit all types of sensitive data or information. The information
security risk assessment is the significant procedure for performing the objective analysis of
the efficiency and effectiveness of the security controls of the organization. This would be
helpful for the protection of several assets and then determination of the loss, which is to be
incurred for those specific assets.
Therefore, from the above critical analysis, it could be concluded that the requirement
of the security management is extremely important for the digital information as well as the
information system. The most basic methods of this security management are extraction of
data, synthesizing the data and utilizing the scoping review for conducting the field mapping.
Furthermore, innovation and data protection are enhanced by this technique. The
interoperability and integration are also supported for the information security, compliance
management and privacy. The WannaCry ransomware attack had substantially proved that
there is a requirement of better security management for controlling the various risks and
threats.
3
WANNACRY RANSOMWARE
2. Reducing Impact of WannaCry Ransomware Attack and Prevention of a Current
Experience
Reducing Impact of Ransomware: The overall impact of the WannaCry
Ransomware could have been reduced to a greater level by including various cyber security
methods. These are given below:
i) Antivirus: Each and every system should have been secured with proper installation
of antivirus (Thomas 2018). Moreover, this particular software should be upgraded
periodically in all computer systems. The antivirus is based on the digital signatures so that
the new variants might be slipping through these loopholes.
ii) Data Backups: The confidential data should be backed up periodically, so that
even if there is any type of security issue in information system, the user does not face any
problem due to this.
iii) Restriction of Administrative Rights: The significant administrative rights should
be eventually restricted so that the unauthorized users do not get any hold of the data (Zimba,
Simukonda and Chishimba 2017).
iv) Installation of Firewalls: Another important and significant software that is
required for reducing the impact of ransomware attack is the installation of firewalls.
Personal Experience: I had once faced similar situation for ransomware attack in my
school. One of the attackers had acquired the passwords of the computer systems’ in our
school and then demanded for ransom from the school authorities. These computer systems
consisted of all the confidential and sensitive data that were not to be exploited under any
circumstances. A proper risk management was present for reducing the information security
threats and vulnerabilities, however, our school’s systems were not protected with top rated
WANNACRY RANSOMWARE
2. Reducing Impact of WannaCry Ransomware Attack and Prevention of a Current
Experience
Reducing Impact of Ransomware: The overall impact of the WannaCry
Ransomware could have been reduced to a greater level by including various cyber security
methods. These are given below:
i) Antivirus: Each and every system should have been secured with proper installation
of antivirus (Thomas 2018). Moreover, this particular software should be upgraded
periodically in all computer systems. The antivirus is based on the digital signatures so that
the new variants might be slipping through these loopholes.
ii) Data Backups: The confidential data should be backed up periodically, so that
even if there is any type of security issue in information system, the user does not face any
problem due to this.
iii) Restriction of Administrative Rights: The significant administrative rights should
be eventually restricted so that the unauthorized users do not get any hold of the data (Zimba,
Simukonda and Chishimba 2017).
iv) Installation of Firewalls: Another important and significant software that is
required for reducing the impact of ransomware attack is the installation of firewalls.
Personal Experience: I had once faced similar situation for ransomware attack in my
school. One of the attackers had acquired the passwords of the computer systems’ in our
school and then demanded for ransom from the school authorities. These computer systems
consisted of all the confidential and sensitive data that were not to be exploited under any
circumstances. A proper risk management was present for reducing the information security
threats and vulnerabilities, however, our school’s systems were not protected with top rated
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
WANNACRY RANSOMWARE
antivirus and firewalls. Hence, this ransomware took place. However, with the timely
involvement of two cyber security experts, we were able to stop the threat from spreading any
further and thus our systems were protected.
WANNACRY RANSOMWARE
antivirus and firewalls. Hence, this ransomware took place. However, with the timely
involvement of two cyber security experts, we were able to stop the threat from spreading any
further and thus our systems were protected.
5
WANNACRY RANSOMWARE
References
Mattei, T.A., 2017. Privacy, Confidentiality, and Security of Health Care Information:
Lessons from the Recent WannaCry Cyberattack. World neurosurgery, 104, pp.972-974.
Mohurle, S. and Patil, M., 2017. A brief study of wannacry threat: Ransomware attack
2017. International Journal of Advanced Research in Computer Science, 8(5).
Thomas, J. and Galligher, G., 2018. Improving backup system evaluations in information
security risk assessments to combat ransomware.
Thomas, J., 2018. Individual cyber security: Empowering employees to resist spear phishing
to prevent identity theft and ransomware attacks.
Yaqoob, I., Ahmed, E., ur Rehman, M.H., Ahmed, A.I.A., Al-garadi, M.A., Imran, M. and
Guizani, M., 2017. The rise of ransomware and emerging security challenges in the Internet
of Things. Computer Networks, 129, pp.444-458.
Zimba, A., Simukonda, L. and Chishimba, M., 2017. Demystifying Ransomware Attacks:
Reverse Engineering and Dynamic Malware Analysis of WannaCry for Network and
Information Security. Zambia ICT Journal, 1(1), pp.35-40.
WANNACRY RANSOMWARE
References
Mattei, T.A., 2017. Privacy, Confidentiality, and Security of Health Care Information:
Lessons from the Recent WannaCry Cyberattack. World neurosurgery, 104, pp.972-974.
Mohurle, S. and Patil, M., 2017. A brief study of wannacry threat: Ransomware attack
2017. International Journal of Advanced Research in Computer Science, 8(5).
Thomas, J. and Galligher, G., 2018. Improving backup system evaluations in information
security risk assessments to combat ransomware.
Thomas, J., 2018. Individual cyber security: Empowering employees to resist spear phishing
to prevent identity theft and ransomware attacks.
Yaqoob, I., Ahmed, E., ur Rehman, M.H., Ahmed, A.I.A., Al-garadi, M.A., Imran, M. and
Guizani, M., 2017. The rise of ransomware and emerging security challenges in the Internet
of Things. Computer Networks, 129, pp.444-458.
Zimba, A., Simukonda, L. and Chishimba, M., 2017. Demystifying Ransomware Attacks:
Reverse Engineering and Dynamic Malware Analysis of WannaCry for Network and
Information Security. Zambia ICT Journal, 1(1), pp.35-40.
1 out of 6
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.