Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Cyber Security- Ransomware attack-2017, Study Guides, Projects, Research of Network security

A Short Research on cyber security wannacry ransomware attack- 2017

Typology: Study Guides, Projects, Research

2016/2017

Uploaded on 12/31/2017

gaurav-sharma-7
gaurav-sharma-7 🇮🇳

4.5

(19)

5 documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
ISSN (PRINT): 2393-8374, (ONLINE): 2394-0697, VOLUME-4, ISSUE-10, 2017
103
CYBER SECURITY (CASE STUDY)
Gaurav Kumar Sharma
B.Tech, Student, Dept. of CSE, Quantum School of Technology, Roorkee, Uttarakhand India
Abstract
Nowadays cybercrime is common problem of
this world. Crime committed using a
computer and the internet to steal a person’s
identity or illegal imports or malicious
programs cybercrime is nothing but where
the computer used as an object or subject of
crime. To protect this issue we have Cyber
Security. Sometimes the security is not good.
It break by attackers, Here in this paper,
consider a case study of attacks what was the
cause or vulnerability of the System who were
Victim. Mainly ransomware attacks.
Keywords: Cybercrime, Cyber Security,
malicious, Attacker, Vulnerability, Victim,
ransomware.
I.
I
NTRODUCTION
Ransomware is a malicious code that is used by
cybercriminals to launch data kidnapping and
lock screen attacks. The motive for ransomware
attacks is monetary, and unlike other types of
attacks. The victim is usually notified that an
exploit has occurred and is given instructions for
how to recover from the attack. Payment is often
demanded in virtual currency to protect the
criminal’s identity. Ransomware malware can be
spread through malicious e-mail attachments,
infected software apps, infected external storage
devices and compromised websites. In a lock
screen attack, the malware may change the
victim’s login credentials for a computing
device; in a data kidnapping attack, the malware
may encrypt files on the infected device as well
as other connected network devices [1].
Types of Ransomware Known:
Till now 12 Ransomware identified [3]:
1. Goldeneye - taking parts of Ukraine
offline.
2. WannaCry -decrypt0r wreaks havoc on
NHS England.
3. Crypto Locker – where ransomware took
off
4. Locky - well engineered, ruthless, clever
5. Petya - locking down the whole system
6. Crysis - Locky copycat with big
ambitions
7. zCrypt – ransomware that behaves like a
virus
8. PowerWare – PowerShell hijacker
9. HydraCrypt – ransomware can be beaten
10. Cerber – ransomware-as-a-service
11. RAA ransomware – ransomware meets
JavaScript
12. Crypto Wall – it’s everywhere
II.
FACTS
ABOUT
RANSOMWARE
[2]
Typical ransomware software uses RSA 2048
encryption to encrypt files. Just to give you an
idea of how strong, this is, an average desktop
computer is estimated to take around 6.4
quadrillion years to crack an RSA 2048 key.
Crypto Locker was followed up by the variant
Crypto Wall, which made $325 million dollars in
18 months, half of that in the United States. By
now there are thousands of ransomware victims,
including a New Jersey School district, police
departments in Maine, Massachusetts &
Chicago.
III.
SYSTEM
AFFECTED
FROM
RANSOMWARE
(WANNACRY)
2017
Windows XP, Windows 8, and Windows Server
2003,Windows Vista, Windows Server 2008,
Windows 7, Windows Server 2008 R2, Windows
8.1, Windows Server 2012, Windows 10,
Windows Server 2012 R2, Windows Server
2016.
After system got affected from wannacry
ransomware Microsoft release the patch for the
system which have Outdated security.[4]
pf3
pf4

Partial preview of the text

Download Cyber Security- Ransomware attack-2017 and more Study Guides, Projects, Research Network security in PDF only on Docsity!

ISSN (PRINT): 2393-8374, (ONLINE): 2394-0697, VOLUME-4, ISSUE-10, 2017

CYBER SECURITY (CASE STUDY)

Gaurav Kumar Sharma B.Tech, Student, Dept. of CSE, Quantum School of Technology, Roorkee, Uttarakhand India

Abstract Nowadays cybercrime is common problem of this world. Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs cybercrime is nothing but where the computer used as an object or subject of crime. To protect this issue we have Cyber Security. Sometimes the security is not good. It break by attackers, Here in this paper, consider a case study of attacks what was the cause or vulnerability of the System who were Victim. Mainly ransomware attacks. Keywords: Cybercrime, Cyber Security, malicious, Attacker, Vulnerability, Victim, ransomware.

I. INTRODUCTION

Ransomware is a malicious code that is used by cybercriminals to launch data kidnapping and lock screen attacks. The motive for ransomware attacks is monetary, and unlike other types of attacks. The victim is usually notified that an exploit has occurred and is given instructions for how to recover from the attack. Payment is often demanded in virtual currency to protect the criminal’s identity. Ransomware malware can be spread through malicious e-mail attachments, infected software apps, infected external storage devices and compromised websites. In a lock screen attack, the malware may change the victim’s login credentials for a computing device; in a data kidnapping attack, the malware may encrypt files on the infected device as well as other connected network devices [1].

Types of Ransomware Known: Till now 12 Ransomware identified [3]:

  1. Goldeneye - taking parts of Ukraine offline. 2. WannaCry -decrypt0r wreaks havoc on NHS England. 3. Crypto Locker – where ransomware took off 4. Locky - well engineered, ruthless, clever 5. Petya - locking down the whole system 6. Crysis - Locky copycat with big ambitions 7. zCrypt – ransomware that behaves like a virus 8. PowerWare – PowerShell hijacker 9. HydraCrypt – ransomware can be beaten 10. Cerber – ransomware-as-a-service 11. RAA ransomware – ransomware meets JavaScript 12. Crypto Wall – it’s everywhere

II. FACTS ABOUT RANSOMWARE [2] Typical ransomware software uses RSA 2048 encryption to encrypt files. Just to give you an idea of how strong, this is, an average desktop computer is estimated to take around 6. quadrillion years to crack an RSA 2048 key. Crypto Locker was followed up by the variant Crypto Wall, which made $325 million dollars in 18 months, half of that in the United States. By now there are thousands of ransomware victims, including a New Jersey School district, police departments in Maine, Massachusetts & Chicago.

III. SYSTEM AFFECTED FROM RANSOMWARE (WANNACRY) 2017 Windows XP, Windows 8, and Windows Server 2003,Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server

After system got affected from wannacry ransomware Microsoft release the patch for the system which have Outdated security.[4]

ISSN (PRINT): 2393-8374, (ONLINE): 2394-0697, VOLUME-4, ISSUE-10, 2017

Figure 1 Ransomware screen

Figure 2 Wannacry Graph

A.The Biggest Cyber-Attacks in History [5] Cyber-attacks have become more and more frequent as the world becomes ever connected by technology. Millions of attacks take place ever year as cyber criminals target critical data and finances. Quite often the attacks will target individuals but what about those on a larger scale? Take a look at five of the biggest cyber- attacks in history.

  1. Google China (2009).
  2. Heart bleed (2012-2014)
  3. PlayStation Network (2011)
  4. Sony Pictures Entertainment (2014)
  5. Yahoo (2012-2014)
  6. Wannacry Ransomware (2017)

B. Attacker uses a yet-to-be-confirmed initial attack vector [6]

  1. WannaCry encrypts files in the victim’s machine using AES-128 cypher, deletes shadow copies.
    1. It then displays a ransom note requesting $300 or $600 in bit coin
    2. Tor.exe is used by wannadecryptor.exe, initiating connections to tor nodes in order toconnect back to the attacker (therefore making this extremely difficult, if not impossible, totrack)
    3. IP address of the infected machine is checked; then IP addresses of the same subnet are
    4. scanned for additional vulnerable machines and connected to via port 445 TCP
    5. When a machine is successfully connected, data containing the exploit payload is transferred

First Ransomware was discovered in 1989 and targeted the health care industry.[6]

s.n o

Name year Comment

1. Tesla Crypt

Feb 2015

Initially targeted online games later it become one of the most seen ransomware.

2. Fusob Apr 2015

It accounted more for more than half of the Infected mobile phones.

3. Tox^ May 2015

It is free to use but the developers get a percentage of ransom.

4. Sleeper ransom

-ware Locker

May 2015

Infected windows machines.

5. Chimera Sep 2015

Leak the encrypted file if the ransom is not paid.

ISSN (PRINT): 2393-8374, (ONLINE): 2394-0697, VOLUME-4, ISSUE-10, 2017

In some extreme cases, it might make sense to pay a ransom if you have no backups and the encrypted files are valuable, Mr. Wysopal said. But he added that with WannaCry, people definitely should not pay the ransom. That’s because the hackers are apparently overloaded with requests from victims asking for their data to be released — and many who have paid the ransom are not hearing back.

VI. CONCLUSION The purpose of this paper is to analyze and to make aware of ransomware and Cyber Crime. So that, they will not be the victim of these crime by using proper security policies. We come to the conclusion WannaCry Ransomware Attack 2017 is one of the catastrophic attack among the attack were happened in past years.

References: [1]http://searchsecurity.techtarget.com/definitio n/ransomware

[2]https://www.wired.com/wpcontent/uploads/ 016/03/RansomwareManual-1.pdf.

[3]http://www.computerworlduk.com/galleries/s ecurity/worst-ransomware-attacks-we-name- internets-nastiest-extortion-malware-3641916/.

[4]https://blogs.technet.microsoft.com/msrc/ 7/05/12/customer-guidance-for-wannacrypt- attacks/.

[5]https://superfast-it.com/five-biggest-cyber- attacks-history/.

[6]http://www.ey.com/Publication/vwLUAssets /ey-wannacry-ransomware-attack/$File/ey- wannacry-ransomware-attack.pdf.

[7]http://www.independent.co.uk/news/uk/hom e-news/nhs-cyber-attack-edward-snowden- accuses-nsa-not-preventing-ransomware- a7733941.html.

[8]http://www.telegraph.co.uk/news/2017/05/ /nhs-cyber-attack-everything-need-know- biggest-ransomware-offensive/.

[9]https://www.forbes.com/sites/realspin/2014/ 2/07/5-ways-to-protect-yourself-from-cyber- attacks/#55a14f445afb.

[10]https://www.nytimes.com/2017/05/15/techn ology/personaltech/heres-how-to-protect- yourself-from-ransomware- attacks.html?mcubz=.