Professional Documents
Culture Documents
Abstract: The rapid evolution of information technologies unlocks new opportunities for
business organizations to achieve competitive advantages and economies of scale. But at the same
time that technological advancement is used by the cybercrime to develop new attack types. The
present paper gives a brief overview of the ransomware and the reasons behind its massive
adoption by the cybercriminals.
Ransomware became one of the key cyber threats targeting business organizations.
It uses different vectors to disseminate and attacks data availability. The McAfee CEO,
Christopher D. Young, recently told that ransomware is today's modern-day extortion,
and it's something that criminals are going to continue to drive because they can make
money of it.
Ransomware is a piece of sophisticated malicious software that is used to digitally
extort the victims to pay a specific amount of money, usually in cryptocurrency, so that
they regain access to their devices or files. We use the term device because ransomware
targets not only computers (with Windows, Linux, Mac OS) but also mobile devices
(with Android, iOS), IoT devices and even industrial control systems. There are two
main types of ransomware [12]:
Locker ransomware –locks the victim’s device and use a pop-up or browser
window to show the ransom message. As the name imply the device is
unusable until the ransom is paid.
Crypto ransomware – use encryption to encrypt the victim’s files on the
device and then shows a pop-up or browser window to display the ransom
message. In this case the device itself can be used, only the victim’s files are
encrypted.
The idea behind the ransomware is not a new one. It dates back to 1989 when the
AIDS Trojan (PC Cyborg) was created and propagated on a 5,25’’ floppy disk to 20 000
people [8]. In 1996 Young and Yung proposed a method for using public key
cryptography in ransomware and in a later publication they indicate that combining
strong cryptographic algorithms and malware will pose a new threat for the security of the
information systems [13, 14].
It wasn’t until 2014 when cybercriminals started to use crypto ransomware as a main
malware tool for cyber extortion. Since then every year there is a rise in the number of
ransomware attacks. Hampton et al. in their study of the evolution of malware over a period
of 26 years state that to be a successful, ransomware needs to align three core technologies:
164 – Conferinţa Internaţională, ediţia a XIV-a, 20-21 martie 2018
References
1. Carbon Black. The Ransomware Economy (2017). Available [Online]
https://cdn.www.carbonblack.com/wp-content/uploads/2017/10/Carbon-Black-
Ransomware-Economy-Report-101117.pdf [Accessed 1st March, 2018]
2. CloudFlare. Inside the infamous Mirai IoT Botnet: A Retrospective Analysis
(2017). Available [Online] https://blog.cloudflare.com/inside-mirai-the-infamous-
iot-botnet-a-retrospective-analysis/ [Accessed 1st March, 2018]
166 – Conferinţa Internaţională, ediţia a XIV-a, 20-21 martie 2018