IJISC
  • Indexed in

  • Latest News

    July 1, 2024
    Volume 13, Issue 1 of the International Journal of Information Security and Cybercrime was published
    December 27, 2023
    Volume 12, Issue 2 of the International Journal of Information Security and Cybercrime was published
    June 28, 2023
    Volume 12, Issue 1 of the International Journal of Information Security and Cybercrime was published
  • --- More News ---
  • Popular Articles

  • Investigative Analysis and Technical Overview of Ransomware Based Attacks. Case Study: WannaCry


    Author(s): PASCARIU, Cristian; BARBU, Ionuț-Daniel; BACIVAROV, Ioan

    Quick view | Full article | Citations | Views: 3,156


    Author(s) keywords: , , , , , , ,


    Reference keywords: , ,


    Abstract:

    This research represents the starting point of a process of reducing the attack surface in the case of ransomware attacks. The most recent cybersecurity alert - from May 2017- was a global one, and has, once again, drawn attention to the global importance of this issue and the need to take effective actions to counter cyber-attacks.
    The main aim of this article is to describe the virus technical details, concentrating on the phases of the cyber kill chain. This research is intended to present this type of malware on the rise that affects users in both enterprise and personal space as well by encrypting user developed content and restricting access until ransom is paid.
    The authors perform an analysis of WannaCry ransomware from the delivery, infection, mitigation and detection perspectives. This research represents the starting point of a process of reducing the attack surface in the case of ransomware attacks.
    Needless to say, the first layer worth addressing is represented by the weakest chain in the information security link, the end user. With the advent of complex techniques, tactics and procedures used by the adversaries, Information Technology Professionals focus their efforts on defending environments from advanced persistent threats and highly sophisticated attacks. WannaCry ransomware came in as a caveat in this context, a way of reminding the industry that efforts should be divided into addressing the various layers of the defense in depth model.



    References:

    [1]. PASCARIU, C., BARBU, I.D. (2015). Ransomware – an Emerging Threat. International Journal of Information Security and Cybercrime, 4(2), 27-32. Retrieve from https://www.ijisc.com

    [2]. https://www.us-cert.gov/ncas/alerts/TA17-132A

    [3]. https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

    [4]. https://blog.malwarebytes.com/cybercrime/2017/05/wanacrypt0r-ransomware-hits-it-big-just-before-the-weekend/

    [5]. https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/

    [6]. https://www.washingtonpost.com/business/economy/more-than-150-countries-affected-by-massive-cyberattack-europol-says/2017/05/14/5091465e-3899-11e7-9e48-c4f199710b69_story.html

    [7]. https://blog.malwarebytes.com/cybercrime/2017/05/wannadecrypt-your-files/

    [8]. https://blog.malwarebytes.com/cybercrime/2017/05/how-did-wannacry-ransomworm-spread/

    [9]. http://blog.talosintelligence.com/2017/05/wannacry.html



    Additional Information

    Article Title: Investigative Analysis and Technical Overview of Ransomware Based Attacks. Case Study: WannaCry
    Author(s): PASCARIU, Cristian; BARBU, Ionuț-Daniel; BACIVAROV, Ioan
    Date of Publication: 2017-06-29
    Publication: International Journal of Information Security and Cybercrime
    ISSN: 2285-9225 e-ISSN: 2286-0096
    Digital Object Identifier: 10.19107/IJISC.2017.01.06
    Issue: Volume 6, Issue 1, Year 2017
    Section: Studies and Analysis of Cybercrime Phenomenon
    Page Range: 57-62 (6 pages)



    Copyright ©2012-2024
    The International Journal of Information Security and Cybercrime (IJISC)

    All rights reserved
    The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
    No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.