Abstract
Over the years, there has been a significant increase in cyber security risks and vulnerabilities with one of the most severe threat being ransomware attacks. Ransomware, a variant of malware, encrypts files, data, and often locks computer systems, and retains the decryption key until victims pay a ransom. Current method of ransomware mitigation is the analysis and classification of the ransomware and its variants to propose solution for detection and prevention. This mitigation approach omits technology users as part of the solution especially given their role in falling prey to ransomware by means of social engineering attack vectors. The purpose of this qualitative study was to highlight current and emerging ransomware vectors, and to identify cyber security awareness and education solutions that can be applied to mitigate socially engineered ransomware attacks. A semi-structured interview with executives and managers from several financial, technology, construction, transportation, education, and health industries revealed the lack of current awareness and training approaches to mitigate against socially engineered ransomware attacks. This study recommends some specific cybersecurity training and awareness approaches to consider in order to enable technology users resist and mitigate against ransomware attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kostopoulos, G.K.: Cyberspace and Cybersecurity, Second. Taylor and Francis (2017)
FBI. 2018 Internet Crime Report. Federal Bureau of Investigation (2018)
Moore, C.: Detecting ransomware with honeypot techniques. In: 2016 Cybersecurity Cyberforensics Conference (CCC), pp. 77–81 (2016)
Wilding, E.: Popp goes the weasel. Virus Bull. 20 (1992)
Young, Y., Yung, M.: Cryptovirology: extortion-based security threats and countermeasures. In: Proceedings of the IEEE Symposium Security Privacy, pp. 129–140 (1996)
Hampton, N., Baig, Z.A., Zeadally, S.: Ransomware behavioural analysis on windows platforms. J. Inform. Secur. Appl. 40, 44–51 (2018)
Bello, A., Mahadevan, V.: A cloud based conceptual identity management model for secured internet of things operation. J. Cyber Secur. Mobility 8(1), 53–74 (2019)
Lueth, K.L.: State of the IoT 2018: Number of IoT devices now at 7B - Market accelerating. IOT Analytics (2018). https://iot-analytics.com/product/state-of-the-iot-02–2017/. Accessed 14 May 2019
O’Kane, P., Sezer, S., Carlin, D.: Evolution of ransomware. IET Netw. 7(5), 321–327 (2018)
Hull, G., John, H., Arief, B.: Ransomware deployment methods and analysis: views from a predictive model and human responses. Crime Sci. 8(1), 2 (2019)
Bajpai, P., Sood, A.K., Enbody, R.: A key-management-based taxonomy for ransomware. In: APWG Symposium on Electronic Crime Research, pp. 1–12 (2018)
Zimba, A., Mulenga, M.: A dive into the deep: demystifying wannacry crypto ransomware network attacks via digital forensics. Int. J. Inform. Technol. Secur. 4(2), 57–68 (2018)
Salvi, M.H.U., Kerkar, M.R.V.: Ransomware: a cyber extortion. Asianj J. Convergence Technol. 2 (2016)
Gibbs, S.: Wannacry: Hackers Withdraw £108,000 Of Bitcoin Ransom| Technology| The Guardian (2017). https://www.theguardian.com/technology/2017/aug/03/wannacry-hackers-withdraw-108000-pounds-bitcoin-ransom. Accessed 28 Oct 2019
Bistarelli, S., Parroccini, M., Santini, F.: Visualising bitcoin flows of ransomware: wannacry one week later. In: ITASEc, p. 8 (2018)
Liao, K., Zhao, Z., Doupe, A., et al.: Behind closed doors: measurement and analysis of cryptolocker ransoms In: Bitcoin. APWG Symposium on Electronic Crime Research, pp. 1–13 (2016)
Ament, C., Jaeger, L.: Unconscious on their own ignorance: overconfidence. Inform. Secur. 13 (2017)
Wang, J., Li, Y., Rao, H.R.: Overconfidence in phishing email detection. J. Assoc. Inform. Syst. 17(11) (2016)
Zimba, A., Wang, Z., Chen, H.: Reasoning crypto ransomware infection vectors with bayesian networks. In: IEEE International Conference Intelligence and Security Informatics, pp. 149–151 (2017)
Gallegos-Segovia, P.L., Bravo-Torres, J.F., Larios-Rosillo, V.M., et al.: Social engineering as an attack vector for ransomware. In: CHILEAN Conference on Electrical, Electronics Engineering, and Informatics and Communication Technologies, pp. 1–6 (2017)
Al-rimy, B.A.S., Maarof, M.A., Shaid, S.Z.: Ransomware threat success factors, taxonomy, and countermeasures: a survey and research directions. Comput. Secur. 74, 144–166 (2018)
Ferreira, A.: Why ransomware needs a human touch. In: International Carnahan Conference on Security Technology, pp. 1–5 (2018)
Conti, M., Dragoni, N., Lesyk, V.: A survey of man in the middle attacks. IEEE Commun. Surv. Tutorials 18(3), 2027–2051 (2016)
Provos, N., Mavrommatis, P., Rajab, M.A., et al.: All Your iFRAMEs Point to Us, p. 15 (2008)
Wang, Z., Wu, X., Liu, C., et al.: Ransomtracer: exploiting cyber deception for ransomware tracing. In: IEEE Third International Conference Data Science Cyberspace, pp. 227–234 (2018)
Symantec: Android.Lockdroid.E| Symantec (2015). https://www.symantec.com/security-center/writeup/2014–103005–2209-99. Accessed 21 May 2019
Chen, Z.G., Kang, H-S., Yin, S.N., et al.: Automatic ransomware detection and analysis based on dynamic API calls flow graph. In: RACS, pp. 196–201 (2017)
Sheen, S., Yadav, A.: Ransomware detection by mining API call usage. In: International Conference Advance Computing Communication Information, pp. 983–987 (2018)
Lika, R.A., Murugiah, D., Brohi, S.N., Ramasamy, D.: NotPetya: cyber attack prevention through awareness via gamification. In: International Conference on Smart Computing and Electronic Enterprise, pp. 1–6 (2018)
Alzahrani, A., Alshehri, A., Alharthi, R., et al.: An overview of ransomware in the windows platform. In: Conference on Computer Science and Computational Intelligence, pp. 612–617 (2017)
Maiorca, D., Mercaldo, F., Giacinto, G., et al.: R-PackDroid: API package-based characterization and detection of mobile ransomware. In: SA, pp. 1718–1723 (2017)
Scaife, N., Carter, H., Traynor, P., et al.: CryptoLock (and Drop It): stopping ransomware attacks on user data. In: IEEE 36th. International Conference Distributed Computing Systems, pp. 303–312 (2016)
Al-rimy, B.A.S., Maarof, M.A., Prasetyo, Y.A., et al.: Zero-day aware decision fusion-based model for crypto-ransomware early detection. Int. J. Integr. Eng. 10(6), 82–88 (2018)
Homayoun, S.: DRTHIS: deep ransomware threat hunting and intelligence system at the fog layer. Future Gener. Comput. Syst. 90, 94–104 (2019)
Azmoodeh, A., Dehghantanha, A., Conti, M., et al.: Detecting crypto-ransomware. In: Iot Network Based Energy Consumption Footprint, vol. 9, no. 4 (2018)
Torres, P.E.P., Yoo, S.G.: Detecting and neutralizing encrypting ransomware attacks by using machine-learning techniques: a literature review. Int. J. Appl. Eng. Res. 12(18), 7902–7911 (2017)
Sgandurra, D., Muñoz-González, L., Mohsen, R., et al.: Automated dynamic analysis of ransomware: benefits, limitations and use for detection arXiv:1609.03020 [cs] (2016)
Zhang, H., Xiao, X., Mercaldo, F., et al.: Classification of ransomware families with machine learning based on n-gram of opcodes. Future Gener. Comput. Syst. 90, 211–221 (2019)
Dion, Y.L., Joshua, A., Brohi, S.N.: Negation of ransomware via gamification and enforcement of standards. In: Proceedings of the 2017 International Conference on Computer Science and Artificial Intelligence, pp. 203–208 (2017)
Luo, X., Liao, W.: Awareness education as the key to ransomware prevention. Inform. Syst. Secur. 16(4), 195–202 (2007)
Raman, R., Lal, A.K.: Achuthan: serious games based approach to cyber security concept learning: indian context. In: 2014 International Conference on Green Computing, Communication and Electrical Engineering (ICGCCEE), Coimbatore, India, pp. 1–5 (2014)
Aldawood, H., Skinner, G.: An academic review of current industrial and commercial cyber security social engineering solutions. In: Proceedings of the 3rd International Conference Cryptography, Security and Privacy. ICCSP 2019, Kuala Lumpur, Malaysia, pp. 110–115 (2019)
Tillmann, N., de Halleux, J., Xie, T.: Pex for fun: engineering an automated testing tool for serious games in computer science, p. 9 (2011)
Micallef, N., Arachchilage, N.: Involving users in the design of a serious game for security questions education. arXiv:1710.03888 [cs] (2017)
Beckers, K., Pape, S., Fries, V.: HATCH: hack and trick capricious humans – a serious game on social engineering. In: Proceedings of the 30th International BCS Human Computer Interaction Conference (2016)
Soceanu, A., Vasylenko, M., Gradinaru, A.: Improving cybersecurity skills using network security virtual labs. In: International MultiConference Engineering Computer Science, Hong Kong, vol. 2, p. 6 (2017)
Krombholz, K., Hobel, H., Huber, M., et al.: Advanced social engineering attacks. J. Inform. Secur. Appl. 22, 113–122 (2015)
Veksler, V.D., Buchler, N., Hoffman, B.E., et al.: Simulations in cyber-security: a review of cognitive modeling of network attackers, defenders, and users. Front. Psychol. 9 (2018)
Crouse, P., Farmer, R.: Information security awareness: a course module using simulated spear-phishing. Inform. Secur. Educ. J. 3(1), 21–25 (2016)
Alarcon-Ramirez, A., Martinez-Pabón, M., Kim, C.: Design and prototype of a wireless tailgate detection system using sun spot platform. Int. J. Embed. Syst. Appl. 14 (2011)
Airehrour, D., Nair, N.V., Madanian, S.: Social engineering attacks and countermeasures in the new zealand banking system: advancing a user-reflective mitigation model. Inform. 9(5), 110 (2018)
Social-Engineer LLC.: The 2018 Social Engineering Capture the Flag. Report (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Bello, A., Maurushat, A. (2020). Technical and Behavioural Training and Awareness Solutions for Mitigating Ransomware Attacks. In: Silhavy, R. (eds) Applied Informatics and Cybernetics in Intelligent Systems. CSOC 2020. Advances in Intelligent Systems and Computing, vol 1226. Springer, Cham. https://doi.org/10.1007/978-3-030-51974-2_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-51974-2_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-51973-5
Online ISBN: 978-3-030-51974-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)