Sunday, December 8, 2019
Cybersecurity and Impact on Data Protection â⬠MyAssignmenthelp.com
Question: Discuss about the Cybersecurity and Impact on Data Protection. Answer: Introduction On 27th June 2017, a global cyber attack called Petya affected a wide range of organization sectors like media, telecom, transportation, power. Petya it also known as Petwrap, NotPetya, Petna, Golden eye. The main intention behind this is to encrypt the computers and demand a ransom. This ransomware is similar to wannacry ransomware attack that took place in May 2017(Akkas, Chachamis Fetahu, 2017). This ransomware affected the countries like United States, Netherland, France, India, Spain and Russia and Ukraine. Ukraine is mainly affected as it uses auto update feature of a software name M.E.Doc which is used for tax calculation of any firm working in this country. It also affected the security system of banks, energy companies, and government agencies (Batcheller et al., 2017). Certain preventive measure has been taken by organization to reduce risk of malware. Each organization should have a security awareness-training program for their employees to minimize the effect of ransomware (Choi, Scott LeClair, 2016). On the 27th June 2017 Petya ransomware came into action by encrypting computers from all across the globe. Petya is also known as Petwrap, Notpetya and GoldenEye in some of the countries. Petya mainly affected certain sectors like financial services, telecom and government agencies (Batcheller et al., 2017). Among all the countries from the globe Ukraine has been affected the most. It has got the hardest hit among all the nation due to the use of an auto update feature of M.E.Doc software. This particular software is mainly used for tax calculation of various firms operating in Ukraine (Choi, Scott LeClair, 2016). This attack mainly affected the banks, government agencies, media outlets operating in Ukraine. On comparison to wannacry ransomware petya has a less impact on the various systems. Petya has several windows hacking tools like PsExec and WMIC which is used to gather important information from the infected system(Akkas, Chachamis Fetahu, 2017). When a system is affected by Petya malware then it does not boot to windows, instead of that it shows a message with content that the user files are no longer accessible as they have been encrypted and nobody can recover the files until and unless ransom is provided to them. (Ivanova, 2017). How and why it occurred It is a second cyber attack after WannaCry breakout in May 2017. It has some characteristic similar to wannacry ransomware. Petya use more sophisticated method than wannacry ransomware (Batcheller et al., 2017). Petya used some windows administration tools like PsExec and WMIC for its impact on the various people of the world. This attack was mainly used to permanently encrypt all the data on an infected system. The malware was designed in such way that even if the victim pays the ransom, the data cannot be decrypt and recovered (Choi, Scott LeClair, 2016). Petya attack was mainly generated to maximize destruction on targeted organization of various nation. Some report from international organization suggested that this cyber attack is not initiated to gain money (Rosenberg et al., 2017). When a system is affected by Petya then the system does not boot up to Windows instead of it shows a highlighted box with message of encryption. The message tells the system user that the required files are more accessible and nobody can recover important files without decryption service. Petya malware came into action with the help of updating softwares. Pushing emails are also used for this attack. The malware not only affected files but it also encrypted the hard drives MBR and MFT. Petya took place due to the lack of cyber threats and breach awareness among the various organization of the world. Employee of various organization have good knowledge on various cyber security practices and use of third party softwares. Organization do not have any cyber security program, doing such program will help the employee as it will create awareness among them (Laszka, Farhang Grossklags 2017). Possible Solution A new file name vaccine is mainly used by researchers to stop the attack of this malware. Vaccine file is mainly placed in Windows directory which has a moderate success in stopping the execution of this malware. Malware and most of its components need administration right to run in any system, so organization must check the privileged access policies in their systems(Rosenberg et al., 2017). Every organization should have a security awareness program to educate their employees about various cyber attacks. Organization should have a tested backup and speedy recovery option for important information in their drive. Organization should check various system and data on the network. They must confirm that systems must be connected to internet only it is necessary. Security program and penetration test must be conducted across the various organizations of the world to minimize cyber attacks. Certain plans like effective enterprise and business continuity must be followed by organization t o measure effectiveness against ransomware and other attacks (Shackelford, 2017). From the above discussion it can be concluded that organization should create cyber security awareness among the employees. Petya attack took place due to an auto update feature of a software name M.E.Doc (Akkas, Chachamis Fetahu, 2017). A file named vaccine is developed by researchers to stop the attack of this malware. Cyber attack like Petya is not motivated to have financial gain instead of that it mainly focuses on bringing destruction to some specified organization (Rosenberg et al., 2017). Security awareness training programs must be conducted in every organization to create an awareness of various cyber attacks. Cyber security in different organization must be improved in order to cut the effects of various malwares (Zhukov, 2013). On 12 may 2017, a ransomware attack took place across a wide range of sectors ranging from health care to telecommunications (Martin, Kinross Hankin, 2017). A report stated that wannacry affected around 300,000 systems from 150 countries. Countries like Russia and China are affected mostly because of usage of high percentage of legacy softwares (Asch, Mattock Hosek, 2013). To minimize the effect of this ransomware certain kill switch technique was launched. Wannacry is a type of ransomware which mainly encrypts files, disk and locks systems (Martin, Kinross Hankin, 2017). A ransom of around 300 to 600 has been demanded in three bitcoin accounts against decrypting of files (Ehrenfeld, 2017). On 12 May 2017 a ransomware attack took place across a wide range of sectors like health care, government, telecommunication and gas. A report confirmed that it affected around 300,000 system from 150 countries. Countries like Russia and China are mostly affected due to high usage of legacy software (Ehrenfeld, 2017). The attackers initial attacked vectors . Then the malware named Wannacry encrypts the files present in the victims system and after that a ransom equating to 300 to 600 dollars has been demanded in bitcoins. Microsoft deserve some blame for poor windows security which resulted in Wannacry ransomware attack. The main problem that most of the system across the globe that has windows operating systems either they do not have automatic updates enabled or are so backdated that they cannot have security updates provided by Microsoft (Kuner et al ., 2017). Initially the attackers choose phishing emails as the mode of delivery of this malware. Wannacry attack took place across a wide range of sectors like health care, government, telecommunication and gas. A report confirmed that it affected around 300,000 system from 150 countries. Countries like Russia and China are mostly affected due to high usage of legacy software(Young Yung, 2017). In India Wannacry has effect like it hacked computers of Andhra Pradesh police department(Mohurle Patil, 2017). Chinas official agency Xinhua reported that many secondary schools and universities were affected due to this ransomware (Vuolo, 2017). Wannacry was developed using a piece of NSA code released by a group of hackers known as Shadow Brokers. The system infected are mostly found to be out of date (Rubin et al., 2016). In the beginning phishing emails are chosen as the mode of delivery of this malware. Attackers also used public accessible message block to spread the malware in a worm like way across the various system of the world. As soon as the infection starts the wannacry comes out with kill switch URL in order to check whether the malware is in sandbox environment or not (Mohurle Patil,2017). If the URL does not respond back then the malware starts to encrypt the victims file present in the system by using a method known as AES-128 cipher. After the encryption of victims file a ransom note is generated on the victims machine. The ransom note is made in text from library using rich text format (RTF) in multiple languages. The language of the note depends on machine location. When a system is affected by Wannacry ransomware malware then it typically affects the central information system for its activation. After that encryption of files takes place on the desired system with the help of infor mation from central information system (Ehrenfeld, 2017). After the successful encryption of files a ransom message is displayed on the system to decrypt the files. It continuously scans the internet IP in order to infect other systems (Martin, Kinross Hankin, 2017). Attacks like wannacry ransom can be prevented by using certain measures like backing up of network drives and care should be taken that all the important information are backed up by the employees (Sutherland et al,.2016). Phishing awareness must be generated among various employees of organization to avoid clicking on mails from unknown source (Mohurle Patil,2017). Organization should invest capital in right technologies so that ransomware can be detected easily(Asch, Mattock Hosek, 2013). Use of spam filters must be increased so that all incoming and outgoing e-mails can be detected easily (Kuner et al ., 2017). Antivirus must be updated to detect and prevent the systems from malware. The use of cloud services will prevent ransomware infection on various systems. Organization should frequently check the various system and data on the network (Mohurle Patil, 2017). They must ensure that systems are connected to internet only when it is necessary(Rubin et al., 2016). Conclusion From the above discussion it can be concluded that organization should create cyber security awareness among the employees. Wannacry ransomware attack took place on 12 May 2017 (Young Yung, 2017). A mechanism known as kill switch has been developed by researchers to stop the attack of this malware. As soon as the infection starts in the system then wannacry comes out with kill switch URL in order to check whether the malware is in sandbox environment or not(Asch, Mattock Hosek, 2013). If the URL does not respond back then the malware starts to encrypt the victims file present in the system by using a method known as AES-128 cipher (Kuner et al ., 2017). Security awareness training programs must be conducted in every organization to create an awareness of various cyber attacks. Cyber security in different organization must be improved in order to cut the effects of various malware (Vuolo, 2017). References Akkas, A., Chachamis, C. N., Fetahu, L. (2017). Malware Analysis of WanaCry Ransomware. Batcheller, A., Fowler, S. C., Cunningham, R., Doyle, D., Jaeger, T., Lindqvist, U. (2017). Building on the Success of Building Security In.IEEE Security Privacy,15(4), 85-87. Choi, K. S., Scott, T. M., LeClair, D. P. (2016). Ransomware against police: diagnosis of risk factors via application of cyber-routine activities theory.International Journal of Forensic Science Pathology. Ivanova, T. P. (2017). Studying the impacts of event tourism on the host communities in Bulgaria. Laszka, A., Farhang, S., Grossklags, J. (2017). On the Economics of Ransomware.arXiv preprint arXiv:1707.06247. Rosenberg, I., Shabtai, A., Rokach, L., Elovici, Y. (2017). Generic Black-Box End-to-End Attack against RNNs and Other API Calls Based Malware Classifiers.arXiv preprint arXiv:1707.05970. Shackelford, S. (2017). Exploring the Shared Responsibilityof Cyber Peace: Should Cybersecurity Be a Human Right?. Zhukov, I., Dmitry, M., Andrey, S., Dmitry, K., Anastasia, T., Alexander, Z. (2013). Security Software Green Head for Mobile Devices Providing Comprehensive Protection from Malware and Illegal Activities of Cyber Criminals.International Journal of Computer Network and Information Security,5(5), 1. Asch, B. J., Mattock, M. G., Hosek, J. (2013).A new tool for assessing workforce management policies over time. Rand Corporation. Ehrenfeld, J. M. (2017). WannaCry, Cybersecurity and Health Information Technology: A Time to Act.Journal of Medical Systems,41(7), 104. Kuner, C., Svantesson, D. J. B., H Cate, F., Lynskey, O., Millard, C. (2017). The rise of cybersecurity and its impact on data protection.International Data Privacy Law,7(2), 73-75. Martin, G., Kinross, J., Hankin, C. (2017). Effective cybersecurity is fundamental to patient safety. Mohurle, S., Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack 2017.International Journal,8(5). Rubin, J., Taylor, J., Krapels, J., Sutherland, A., Felician, M., Liu, J., ... Rohr, C. (2016). Testing the Connection Between Social Spending and Better Health. Sutherland, J., Taylor, J., Krapels, J., Rubin , A., Felician, M., Liu, J., ... Rohr, C. (2016). Testing the Connection Between Social Spending and Better Health. Vuolo, J. (2017). Should we be using water filled gloves under the heel to prevent pressure ulcers?.benefits,10, 32. Young, A. L., Yung, M. (2017). Cryptovirology: The birth, neglect, and explosion of ransomware.Communications of the ACM,60(7), 24-26.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.