A SURVEY ON RANSOMEWARE: EVOLUTION, GROWTH, AND IMPACT

Hirra Sultan, Aqeel Khalique, Safdar Tanweer, Shah Imran Alam

Abstract


In Information & Communication Technology (ICT), communication plays vital role in current era of technology. Nowadays, ICT is being used among huge population to communicate for different purposes. For security reason, several security mechanisms are taken as standard in different communication technologies. However, security mechanisms only prevent the attack or sometimes reduce the intensity/loss of the damage incurred by the attack. Several attacks have evolved over last two decades as a result of the inability to reduce the intensity/loss of the damage imposed by these attacks. Among lots of attacks, one such attack became very popular because of its impact, lack of knowledge/awareness to prevent it from occurring and technological advancement of the concept used in it. The attack was evolved from Malware and is now commonly called as Ransomware. It is a malware that can encrypt all data of a user and make it inaccessbile to the user unless a ransom amount is paid. The widespread attacks of ransomware across the globe have given it popularity including huge amount of data and financial loss. The ransomware industry generated revenue of USD 5 billion in 2017. In 2018, it is predicted to increase even more. In this paper, we discuss the origin, evolution and growth of ransomware. The various families of ransomware, their attacks and prevention from these attacks have been presented. We also discuss various parameters contributing the growth of these attacks in todays’ technologically advanced world. We conclude with an analysis of several resulting criteria leading towards the creation of the ransomware industry.

Keywords


Information Security, Intrusion Prevention, Security Attacks, Active Attacks, Malware, Ransomware

Full Text:

PDF

References


W. Stallings, “Cryptography and network Security: Principles and Practices”, Prentice Hall, Fifth Edition, 2011.

B. Forouzan, “Cryptography and Network Security”, Tata McGraw Hills, 2007.

B. Schneier, “Applied Cryptography, Second Edition: Proto-cols, Algorithms and Source Code in C”, John Wiley and Sons, 1996.

“What is Malware and How Can We Prevent it”, Norton Security Center, Online article.

“Understanding Ransomware and Ways to Defeat it, White Paper”, McAfee Labs, 2017.

“Ransomware White Paper”, SWGfl, October 2016.

“Ransomware White Paper”, CERT.be, 26th July, 2016.

“Ransomware Holding Your Data Hostage”, White Paper, Deloitte, 12 August 2016.

A. Ivanov, D. Emm, F. Sinitsyn, S. Pontiroli “The Ransomware Revolution”, Kasperksy Security Bulletin, 2016.

“How Ransomware Works”, White paper, LogRythm, May 2016.

J. Wyke, A. Ajjan, “The Current State of Ransomware”, SophosLabs Technical Paper, December 2015.

K. Savage, P. Coogon, H. Lau, “Security Response: The Evolution of Ransomware”, White Paper, Symentac, 6th August 2015.

A special report “Ransomware and Businesses 2016”, Syman-tec, 2016.

[Online] nakedsecurity.sophos.com, [last accessed 2017/07/15].

K. Richards, “Recent ransomware attacks: Data shows 50% growth in 2016”, SecuritySearch, 2016.

J. Crowe, “Ransomware Growth by the Numbers: Ransom-ware Statistics 2017”, Barkley, June, 2017.

J. Crowe, “Ransomware by the Numbers: Must-Know Ransomware Statistics 2016”, Barkley, August 2016.

“White Paper: Ransomware. The virus plumes new depths.” Ethical IT, 9th August, 2017.

“Understanding the Depth of the Global Ransomware Prob-lem”, Osterman Research Survey Report, August 2016.

N. Scaife, H. Carter, P. Traynor, K. Butler, “CryptoLock (and Drop it): Stopping Ransomware Attacks on User Data”, IEEE 36th International Conference on Distributed Computing Sys-tems, 2016.

“Five Things You Need To Know About CryptoLocker”, White Paper, Zscaler, 2017.

G. O’ Gorman, G. McDonald, “Ransomware: A Growing Menace”, White Paper, Symantec, 8th November, 2012.

“Ransomware and Businesses 2016”, White Paper, Symantec, August 2016.

S. Mehmood, “Enterprise Survival Guide for Ransomware At-tacks”, White Paper, SANS Institute Reading Room, 30th April 2016.

“Ransomware and Phishing: How to Avoid Falling Victim to These Threats”, White Paper, Barracuda, 19th January, 2017.

R. S. Sajjan, V. R. Ghorpade, “Ransomware attacks: Radical menace for cloud computing”, International Conference on Wireless Communications, Signal Processing and Net-working (WiSPNET), 2017.

C. L. Gande, R. G. Gutierrez, “Give us this day our daily ran-somware”, IEEE 37th Central America and Panama Convention (CONCAPAN XXXVll), 2017.

D. Caivano, G. Canfora, A. Cocomazzi, A. Pirozzi, C. A. Vis-aggio, “Ransomware at X-Rays”, IEEE International Confer-ence on Internet of Things (iThings) and IEEE Green Compu-ting and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), 2017.

Q. Chen, R. A. Bridges, “Automated Behavioral Analysis of Malware: A Case Study of WannaCry Ransomware”, 16th IEEE International Conference on Machine Learning and Ap-plications (ICMLA), 2017.

H. Kim, D. Yoo, J. Kang, Y. Yeom “Dynamic ransomware protection using deterministic random bit generator”, IEEE Conference on Application, Information and Network Security (AINS), 2017.

B. Kenyon, J. McCafferty, “Ransomware Recovery”, ITNOW, Vol.: 58, Issue: 4, Dec. 2016.

D. Gonzalez, T. Hayajneh, “Detection and prevention of crypto-ransomware”, IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), 2017.

[Online] https://www.computerweekly.com/news/450432488/Ransomware-to-hit-cloud-computing-in-2018-predicts-MIT [last ac-cessed 2018/04/10]

[Online] https://cybersecurityventures.com/ransomware-damage-report-2017-5-billion/ [ last accessed 2018/04/10]

[Online] https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet [ last accessed 2018/04/11]




DOI: https://doi.org/10.26483/ijarcs.v9i2.5858

Refbacks

  • There are currently no refbacks.




Copyright (c) 2018 International Journal of Advanced Research in Computer Science