RANSOMWARE PREVENTATIVE APPROACHES

.docx

School

Kennesaw State University *

*We aren’t endorsed by this school

Course

4440

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

Uploaded by kdolph

RANSOMWARE PREVENTATIVE APPROACHES As everyone knows, the weakest link to cyber security attack is humans, so increasing USER AWARENESS is one of the preventative solutions from a ransomware attack. We need to provide simple, easy-to-understand cyber security preventative education for all GT students and employees to help each other to avoid getting the attack. Raising user awareness of ransomware attacks, by setting up an online education/training video on how to identify and to avoid common ransomware scams, can help all GT account users prevent the attack at an early stage. Even though GATECH Cyber security team has the “report incident” link (https://security.gatech.edu/report-incident), most GT IT resource users are not aware of the importance of reporting the security event, and this is exactly the first breach hackers always try to get into. Also, for some elite, important account users that have higher monetary responsibility, such as Bursar office users, Professors, GTRI directors, and other GATECH key employees, should have a ransomware preventative sequence. An example of a preventative sequence within companies and organizations is install antivirus or anti-malware software on the user’s computer and mobile device, put strong and unique password requirements for that specific account, regularly back up files to an external hard drive, never open suspicious email attachments, and user mirror shielding technology such as NeuShield as a failsafe data protection measure (Chung 2019). Moreover, by studying previous big ransomware attacks, preventative measurements on GT ransomware policy can be further enhanced for specific elite accounts. On recent years, most believe that antivirus and anti-malware are ineffective at preventing ransomware attacks because generic malware is in

different category with ransomware attack that usually relates to higher monetary value of one attack. For example, the 2021 Colonial pipeline ransomware attack costed 75 bitcoins ($4.4 million of value at that time) and the attack was successful because the hackers gained an access to a computer system and executed a program on the victim’s computer to add the encryption key to disable the access to the system. By paying the ransom to get the decryption key, it doesn’t guarantee access to the final decryption key for future ransomware attacks. Thus, future ransomware attacks can be prevented by backups of data, key management, and a regular ransomware monitoring mechanism. Data backup is another preventative method to protect your account against Ransomware. Min et al. (Min et al. -2018) proposed Amoeba, an autonomous backup and recovery SSD system to defend against ransomware attack. Unlike other back-up systems, Flash Guard or SSD-insider, Amoeba implements data content-based inspection for high-accuracy ransomware detection. Think of it this way. When you had a fresh PC with all nice-featured app you like, you had all important data saved into a “safety box”, which is your dedicated SSD. Once it gets corrupted by general malware or, worse, a ransomware attack, you can ignore the attack as well as the new data you no longer have access to and afterwards, the system will get restored to get access to the system. In case the access to a specific system that requires an encryption key got hacked, key backup is the preferred method. Most ransomware programs use a symmetric session key for encryption, which is vital for ransomware developers. The Advanced Encryption Standard (AES) is exclusively deployed for data encryption to enable the attack and it usually happens during the encryption process by extracting the exposed keys from system memory.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help