Top

Published in:

2021 | OriginalPaper | Chapter

2. Genesis of Ransomware

Author : Matthew Ryan

Published in: Ransomware Revolution: The Rise of a Prodigious Cyber Threat

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

This chapter discusses the formation of ransomware attacks, adaptive attack methodologies and how ransomware attacks can be classified. Analysis of the major ransomware attacks highlights why these cyberattacks have and continue to pose such a significant threat to critical infrastructure, governments, enterprises and individual citizens’ devices and networks. The following section of the chapter discusses common ransomware countermeasures, their limitations and alternative approaches to prevent and detect ransomware attacks. The final section briefly details some of the major ransomware attacks that have occurred and the rapid increase in attack volume and encryption sophistication since 2013.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Introduction

next chapter Evolution of Applied Cryptography

Note: A zero-day exploit is the term used to describe a bug or vulnerability within a software or hardware platform that has not been reported to the product developer or to its users. See Ganame et al. (2017).

Note: Whilst decryption can potentially be sped up further by the application of decryption tools such as password dictionaries and rainbow tables, the decryption process remains a mathematical process that ultimately may or may not be significantly influenced by the application of these decryption tools.

Note: Whilst there are exceptions, cybercriminals are a business, and from that perspective when they threaten to leak a victims data, they must make good on that threat – their business model is reliant on the element of fear. In the same way, when their ransomware attack spreads, they are reliant on victims informing the next victim just to pay the ransom demand, and they will get their data back. If profit is the primary objective, then the attackers must remove any doubt from the victim’s mind in order to get paid.

Note: Many organisations continue to assess their cyber risk periodical basis (i.e., quarterly or annually). Whilst organisations are increasingly monitoring their external environments, the processes required to alter their risk profiles and act on this information remain relatively underdeveloped.

Note: For example, organisations may elect to use generic ISO risk management standards or more specialised cybersecurity risk management framework such as NIST 800, ISO27001, COBIT5, or a combination of multiple standards.

M. AL-Hawawreh, F. den Hartog, E. Sitnikova, Targeted ransomware: A new cyber threat to edge system of brownfield industrial Internet of Things. IEEE Internet Things J. 6(4), 7137–7151 (2019). https://doi.org/10.1109/JIOT.2019.2914390

Australian Signals Directorate, Australian Government Information Security Manual (Department of Defence, Canberra, 2020) Available online: https://www.cyber.gov.au/sites/default/files/2019-08/Australian%20Government%20Information%20Security%20Manual%20%28August%202019%29.pdf. Accessed 11 Aug 2019

Australian Cyber Security Centre, Strategies to Mitigate Cyber Security Incidents – Mitigation Details (Australian Signals Directorate, Canberra, 2018). Available online: https://www.cyber.gov.au/sites/default/files/2019-03/Mitigation_Strategies_2017_Details_0.pdf. Accessed 23 May 2018

M. Becher, F.C. Freiling, J. Hoffmann, T. Holz, S. Uellenbeck, C. Wolf, Mobile security catching up? revealing the nuts and bolts of the security of mobile devices, IEEE symposium on security and privacy (SP). Oakland, California, USA, 2011, 96–111

R. Bejtlich, The Practice of Network Security Monitoring: Understanding Incident Detection and Response (No Starch Press, San Francisco, 2013)

L. Clutterbuck, Terrorists have to be lucky once; targets, every time. Available online: https://www.rand.org/blog/2008/11/terrorists-have-to-be-lucky-once-targets-every-time.html. Accessed 12 May 2019

K. Ganame, M. Allaire, G. Zagdene, O. Boudar, Network behavioral analysis for zero-day malware detection – a case study, in First International Conference, ISDDC, (Springer, Vancouver, 2017)

A. Greenberg, A guide to Lockergoga, the ransomware crippling industrial firms, WIRED. (2019). Available online: https://www.wired.com/story/lockergoga-ransomware-crippling-industrial-firms/. Accessed 18 Apr 2019

B. Levin, D. Simpson, Ransomware. 4 Apr 2019. Available online: https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/ransomware-malware. Accessed 9 May 2019

J. Melton, Detecting ransomware through power analysis. Master of Science Electrical Engineering Naval Postgraduate School. (June 2018). Available online: https://calhoun.nps.edu/bitstream/handle/10945/59721/18Jun_Melton_Jacob.pdf?sequence=1&isAllowed=y. Accessed 11 Feb 2019

T. Micro, Best practices: Ransomware. (2017a). Available online: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/best-practices-ransomware. Accessed 5 May 2019

T. Micro, Ransomware. (2017b). Available online: https://www.trendmicro.com/vinfo/us/security/definition/ransomware. Accessed 18 May 2019

T. Moore, R. Clayton, R. Anderson, The economics of online crime. J. Econ. Perspect. 23(3), 3–20 (2009)CrossRef

National Institute of Standards and Technology, Data integrity: Recovering from ransomware and other destructive events. 1800-11. National Institute of Standards and Technology. (2018). Available online: https://www.nccoe.nist.gov/publication/1800-11/index.html. Accessed 27 Apr 2018

L.H. Newman, Menancing malware shows the dangers of industrial sabotage, WIRED. (2018). Available online: https://www.wired.com/story/triton-malware-dangers-industrial-system-sabotage/. Accessed 23 Feb 2018

Palisse, A., H. Le Bouder, J.-L. Lanet, C. Le Guernic, A. Legay, Ransomware and the Legacy Crypto API, The 11th International Conference on Risks and Security of Internet and Systems. Roscoff, France, 5th–7th September 2016 (Springer, 2016)

Ponemon Institute, 2017 cost of cyber crime: Insights on the security investments that make a difference, (2017). Available online: https://www.accenture.com/t20170926T072837Z__w__/us-en/_acnmedia/PDF-61/Accenture-2017-CostCyberCrimeStudy.pdf. Accessed 23 May 2018

J.-L. Richet, Extortion on the Internet: The rise of Crypto-ransomware, Cybercrime. (2015). Available online: https://blogs.harvard.edu/jeanlouprichet/files/2015/07/Extortion_on_the_Internet_Rise_of_Crypto_Ransomware.pdf. Accessed 1 Aug 2019

P. Singer, A. Friedman, Cybersecurity and Cyberwar: What Everyone Needs to Know (Oxford University Press, New York, 2014)CrossRef

M. Singleton, The World’s Fastest Supercomputer is back in America, The Verge. 12 June 2018 (2018) [Online]. Available online: https://www.theverge.com/circuitbreaker/2018/6/12/17453918/ibm-summit-worlds-fastest-supercomputer-america-department-of-energy. Accessed 18 Feb 2019

S. Stolfo, S. Bellovin, D. Evans, Measuring security. IEEE Secur. Priv.9(3), 88 (2011)CrossRef

Symantec Security Center, What is ransomware? And how to help prevent it. (2019). Available online: https://us.norton.com/internetsecurity-malware-ransomware-5-dos-and-donts.html. Accessed 13 Jan 2020

United States Department of Commerce, National Institute of Standards and Technology Special Publication 800-53: Security and Privacy Controls for Information Systems and Organizations. National Institute of Standards and Technology. Available online: https://csrc.nist.gov/csrc/media/publications/sp/800-53/rev-5/draft/documents/sp800-53r5-draft.pdf. Accessed 3 May 2019

R. Wainwright, The ascent of the CISO, Deloitte Cyber. (2019). Available online: https://www2.deloitte.com/nl/nl/pages/risk/articles/the-ascent-of-the-ciso.html. Accessed 7 May 2019

J. Wolff, Classes of Defense for Computer Systems. Doctor of Philosophy in Engineering Systems: Technology, Management, and Policy Massachusetts Institute of Technology, June 2015

J. Wolff, You’ll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches (The MIT Press, Cambridge, 2018)CrossRef

T. Zhang, H. Antunes, S. Aggarwal, Defending connected vehicles against malware: Challenges and a solution framework. IEEE Internet Things J.1(1), 10–21 (2014)CrossRef

Title: Genesis of Ransomware
Author: Matthew Ryan
Publisher: Springer International Publishing
Book: Ransomware Revolution: The Rise of a Prodigious Cyber Threat
Print ISBN: 978-3-030-66582-1

Electronic ISBN: 978-3-030-66583-8

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-3-030-66583-8_2

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner