Investigative Analysis and Technical Overview of Ransomware Based Attacks. Case Study: WannaCry

Pascariu, Cristian; BARBU, Ionuț-Daniel; Bacivarov, Ioan

doi:10.19107/ijisc.2017.01.06

Cited by 6 publications

(2 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is the lowest hanging fruit. Most of the attacks we see in the field right now are targeting uninformed people" (Mak, 2017) The United Kingdom National Health Service cyberattack of May 2017, which spread ransomware -WannaCryinfecting hundreds of thousands of computers across 150 countries, is the perfect example; it was executed by tricking people into clicking on a link or opening email attachments that ultimately released malware onto their computer system (Mohurle and Patil, 2017;Pascariu et al, 2017;Collier, 2017). Such human fallibility or error remains the largest factor behind security breaches, even though only 30 per cent of organizations, according to one report, viewed it as a serious concern.…”

Section: Uae Cyber Security Legislative and Regulatory Measuresmentioning

confidence: 99%

Seeking economic cyber security: a Middle Eastern example

Gibbs

2020

JMLC

View full text Add to dashboard Cite

Purpose The transformation of the United Arab Emirates (UAE) into an important global economic player has been accompanied by digitalization that has also left it at a risk to cybercrime. Concurrent with the rise in technology use, the UAE fast became one of the most targeted countries in the world. The purpose of this paper is to discuss how the UAE has tried to cope with accelerating levels of cyber threat using legislative and regulatory efforts as well as public- and private-sector initiatives meant to raise cybersecurity awareness. Design/methodology/approach The paper surveys the UAE’s cybersecurity legislative, regulatory and educational initiatives from 2003 to 2019. Findings Because the human factor still remains the number one reason for security breaches, robust cyber laws alone are not enough to protect against cyber threats. Building public awareness and educating internet users about cyber risks and safety have become essential components of the UAE's efforts in building a more secure cyber environment for the country. Research limitations/implications The paper relies on English-language translations of primary sources (laws) originally in Arabic, as well as English-language studies from local media. This should not be considered a problem, as English is established as the language of business and commerce in the UAE. Practical implications The paper provides a detailed overview of the country’s cybersecurity environment to guide and aide practitioners with risk assessment and legal and regulatory compliance. Originality/value The paper presents a comprehensive overview of the UAE’s cybersecurity legislative, regulatory and educational environment. It also surveys government and private sector initiatives directed in protecting the country’s cyberspace.

show abstract

Section: Uae Cyber Security Legislative and Regulatory Measuresmentioning

confidence: 99%

Seeking economic cyber security: a Middle Eastern example

Gibbs

2020

JMLC

View full text Add to dashboard Cite

show abstract

“…The relevant crypto mining files are also downloaded during this time window. This particular malware strain exploits the SMB service on port 445, just like WannaCry [32]. Interestingly, the malware blocks access to port 445 on the infected host.…”

Section: Memory Resident Crypto Miningmentioning

confidence: 99%

Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks

Zimba¹,

Wang²,

Chen³

et al. 2019

KSII TIIS

View full text Add to dashboard Cite

Recently, ransomware has earned itself an infamous reputation as a force to reckon with in the cybercrime landscape. However, cybercriminals are adopting other unconventional means to seamlessly attain proceeds of cybercrime with little effort. Cybercriminals are now acquiring cryptocurrencies directly from benign Internet users without the need to extort a ransom from them, as is the case with ransomware. This paper investigates advances in the cryptovirology landscape by examining the state-of-the-art cryptoviral attacks. In our approach, we perform digital autopsy on the malware's source code and execute the different malware variants in a contained sandbox to deduce static and dynamic properties respectively. We examine three cryptoviral attack structures: browser-based crypto mining, memory resident crypto mining and cryptoviral extortion. These attack structures leave a trail of digital forensics evidence when the malware interacts with the file system and generates noise in form of network traffic when communicating with the C2 servers and crypto mining pools. The digital forensics evidence, which essentially are IOCs include network artifacts such as C2 server domains, IPs and cryptographic hash values of the downloaded files apart from the malware hash values. Such evidence can be used as seed into intrusion detection systems for mitigation purposes.

show abstract

State Cybersecurity Governance in the Fourth Industrial Revolution: An International Law Perspective

Lenong

2020

Lecture Notes in Electrical Engineering

View full text Add to dashboard Cite

Investigative Analysis and Technical Overview of Ransomware Based Attacks. Case Study: WannaCry

Cited by 6 publications

References 0 publications

Seeking economic cyber security: a Middle Eastern example

Seeking economic cyber security: a Middle Eastern example

Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks

State Cybersecurity Governance in the Fourth Industrial Revolution: An International Law Perspective

Contact Info

Product

Resources

About