Question:
Discuss About The Awareness Education Ransomware Prevention?
IT security is a practice of preventing unauthorized access to organization’s server, files or individual PCs. The attackers or hackers have attacked the system through different types of malware and virus which have affected the organizations data. The attacker of hackers can gain the access through malware, which includes virus, spyware, worms and others. These code are installed in the system to steam information, access files and block them till the time an amount is paid to recover the encryption key. The first attack happened in 1988 to healthcare industry and till today healthcare industry is one main targeted industry. Organizations are taking several steps to protect their system and server from the malware attacks. A huge amount of money is been spent every year to protect their systems and files. Each anti-virus needs to be update every year to add the details of extension of new virus and malware which are been identified by the IT security specialists. This report focuses about the ransom ware background and their attack history. This report also focuses on the fact that why Information security is important and how effectively it can be done.
In recent times, there has been an increase in the number of ransom ware attacks that happens in the world. It is important that different stakeholders must join hands so that the ransom ware attacks can be managed. It can be said that one of the major threat to the large IT systems is the threat from ransomware. The large IT systems like ERP systems should be protected from any external attack. This paper would discuss the background of ransomware and the strategies that should be used to manage the attack of ransomware. It would be correct to say that the proactive ways of protection is better than the reactive way of protection in case of ransomware.
Ransom ware can be defined as a type of malware, which prevents the access of their system either by locking the system screen or by locking the user files unless a ransom is paid. Generally ransom ware families are categorized as crypto-ransom ware, the virus encrypt few file types on infected system and compel the user to pay the some amount through online payment to decrypt the files.
The price of ransom vary on the variant of ransomware, the very common specify ransom payment is usually. During the recent attack of ransom ware there were some alternative payment options as well such as iTunes and Amazon gift cards etc. In some case, the decryption key or unlock tool is not ensure even after getting the desired ransom. Since 2000s, ransomware has been a threat to enterprises, server message blocks (SMBs) and individuals. More than 7600 ransomware attacks has been reported to Internet Crime Complaints between 2005 to March 2016. It was reported that in 2015, more than 2453 ransomware complaints have been received and costed over $1.6 million to its victims. The actual number might be more be much higher than actually reported. In 1989 first ransomware attack occurred targeting the healthcare industry. Since then, healthcare is one of the top target industries for ransomware attack (Savage, Coogan, & Lau, 2015). Early malware developer used to write their own encryption code but today’s attackers are relying on “off the shelf libraries that significantly become harder to crack”. Some attackers develop the toolkit that can be downloaded and deployed by the developer with less technical skills. In 2011, a ransomware was introduced that imitate the windows product activation which made more difficult for the user to de-code the genuine notification from threats (Kharraz, Robertson, Balzarotti, Bilge, & Kirda, 2015).
Across industry, there is heightened concern about this malware due to few cases which illustrate that ransomware isn’t only a threat to the individual consumers as well as to the enterprises. Ransomware attackers are usually motivated with the leverage of profits, there are no specific reasons that why would attackers attack certain organization or industry. There are certain risk associated with the increasing threat with the type of malware attacks. Risk is a actually a combination of probability and impact (Singh, Jeong, & Park, 2016)
The above picture will help the security team of organization to understand and prioritize the risk according to their past behavior. According to the data from Microsoft security intelligence report, ransomware encounter less frequently that other type of malwares. The encounter rate for malware is the percentage of computers running the real tine Microsoft security software that can help in directly detecting malware or any other unwanted software. These security software have reported to block different malware from installing them into PCs. Encountered rate can also be differentiated according to locations, such as the probability of encountering ransomware may be higher in some location then other. For example, the encountered rate in Mexico is higher than other location by 5 times. France and Canada has 4.4 time more than worldwide. The encountered rate indicates the probability of risk as per the location and their virus types.
Ransomware aren’t very established as of this moment, but this doesn’t make it less agonizing to protect the organization system from these attacks. There are several anti-virus software are been introduced to protect the system from the malware attacks. These anti-virus systems needs to be updated every year to ensure all the new extension of virus are been added to the system list. These anti-viruses help the system to protect through recognizing the malware and block it by installing in the systems (Gupta, 2008). It would be correct to say that organizations must have the policy to manage the internal and external risks associated with ransomware.
Ransomware is one most dangerous virus that is targeting different vertical of people such as small medium business and individuals. The attackers have been attacking industry in no particular pattern rather healthcare industry being on their most targeted industry. These malware could be address into certain ways such as SMBs could ensure that they have created a remote backup of their data. The backup could be taken on cloud as mounted drives is also one target of attacker and are often not effective against ransomware. The basic IT protection could also be taken for the files which are shared within the network, including the basic VPN setup for the employees who work from home. Basic education could be given to the employees about email phishing and cyber threats and their different ways of addressing them. If in case, virus has attacked any system, then in that case the system should be isolated ensuring that it doesn’t spread around the network. It is important that this isolation should happen as soon as possible. The early isolation would minimize the chances of spread of ransomware.
In the case of SMBs, the upper management is aware about the threats and wants to be protected by it, but not much steps are taken by them to protect their system from the attack well in advance.
Ransom ware is one of the fastest growing classes of malicious software and from past few years the attack has evolved from simple screen blocking to demanding payments to something more dangerous. Ransom ware can be categorized into two classes: scare ware and lockers. Scare ware is a social engineering attack that shows an official notice of fine. A locking or encrypted attack encrypts the file, operating system kernel or master boot and reveals the encryption key once the ransom amount has been recovered.
It is important for the organization to understand and calculate the risk and plan the security as per the set priority. It is said that information security can be improved not by throwing the technical solution at the problem but also by creating the awareness at the same time (Luo & Liao, 2007).
Conclusion
According to the security experts, expect ransom ware will continue to loom large as a threat to endpoint machines. Other than ransom ware advance persistent threat (APT) attacks will appear to major threat in future. Through this malware, the attackers gain access to the network and lays low for a long period to pilfer data. These are associated with nation-state threat group. APT attackers would be mostly targeted to large organizations and usually use social engineering through emails to attract user by giving them the access via clicking or by downloading the attachment. The attackers may spoof the emails and make it look like a LinkedIn request and by clicking on it the user may download the malware code into the user system. In past 10years, the rate of these attacks have immensely increased and will keep growing. With time, there will many new form of malware that will be introduced and the threat to these malware would also be innovative each time. It is important to secure the systems not only individual but also of the organization. There are certain ways through which the system can be secured such as by creating the awareness about these attacks to the organization’s employees, backing up the data offline, which will help during recovering of data (Police, 2006).
Reference
Andronio, N., Zanero, S. and Maggi, F., 2015, November. Heldroid: Dissecting and detecting mobile ransomware. In International Workshop on Recent Advances in Intrusion Detection (pp. 382-404). Springer International Publishing.
Gupta, J.N. ed., 2008. Handbook of research on information security and assurance. IGI Global.
Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L. and Kirda, E., 2015, July. Cutting the gordian knot: A look under the hood of ransomware attacks. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 3-24). Springer, Cham.
Luo, X. and Liao, Q., 2007. Awareness education as the key to ransomware prevention. Information Systems Security, 16(4), pp.195-202.
Mercaldo, F., Nardone, V., Santone, A. and Visaggio, C.A., 2016, June. Ransomware steals your phone. formal methods rescue it. In International Conference on Formal Techniques for Distributed Objects, Components, and Systems (pp. 212-221). Springer, Cham.
Police, R.C.M., 2006. Future Trends in Malicious Code–2006 Report. Information Technology Security Report Lead Agency Publication R2, 2.
Savage, K., Coogan, P. and Lau, H., 2015. The evolution of ransomware. Symantec, Mountain View.
Scaife, N., Carter, H., Traynor, P. and Butler, K.R., 2016, June. Cryptolock (and drop it): stopping ransomware attacks on user data. In Distributed Computing Systems (ICDCS), 2016 IEEE 36th International Conference on (pp. 303-312). IEEE.
Singh, S., Jeong, Y.S. and Park, J.H., 2016. A survey on cloud computing security: Issues, threats, and solutions. Journal of Network and Computer Applications, 75, pp.200-222.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download