TY - GEN
T1 - Contemporary cybercrime: A taxonomy of ransomware threats & mitigation techniques
AU - Nadir, Ibrahim
AU - Bakhshi, Taimur
PY - 2018/4/26
Y1 - 2018/4/26
N2 - An ever-increasing number of Internet-enabled devices over the past decade have highlighted the requirement for robust cybersecurity primitives to effectively deal with contemporary forms of cybercrime. Among the recent cybercrime threat canvass, ransomware has come to limelight as a prominent form of crypto-virus, aiming to hamper everyday user device operation through unsolicited encryption of device data. The perpetrators on successfully encrypting user data, require a payment or ransom, often in the form of digital currencies to furnish a decryption key. Depending on the urgency and criticality of data restoration, both novice users as well as corporate organizations have been observed to pay significant compensations for reinstating normal operation, often without any post-payment assurances. The present paper seeks to review the history and recent evolution of ransomware attacks, providing a detailed taxonomic classification of the inherent attack vectors and currently available mitigation techniques. Furthermore, preventive recommendations are discussed to aid users and organizations in securing devices against ransomware threats. Finally, financial and long-term implications of making ransom payments, along with online resources made available by security and law-enforcement concerns are overviewed to increase end user awareness and equip them against this increasingly successful form of recent cybercrime.
AB - An ever-increasing number of Internet-enabled devices over the past decade have highlighted the requirement for robust cybersecurity primitives to effectively deal with contemporary forms of cybercrime. Among the recent cybercrime threat canvass, ransomware has come to limelight as a prominent form of crypto-virus, aiming to hamper everyday user device operation through unsolicited encryption of device data. The perpetrators on successfully encrypting user data, require a payment or ransom, often in the form of digital currencies to furnish a decryption key. Depending on the urgency and criticality of data restoration, both novice users as well as corporate organizations have been observed to pay significant compensations for reinstating normal operation, often without any post-payment assurances. The present paper seeks to review the history and recent evolution of ransomware attacks, providing a detailed taxonomic classification of the inherent attack vectors and currently available mitigation techniques. Furthermore, preventive recommendations are discussed to aid users and organizations in securing devices against ransomware threats. Finally, financial and long-term implications of making ransom payments, along with online resources made available by security and law-enforcement concerns are overviewed to increase end user awareness and equip them against this increasingly successful form of recent cybercrime.
U2 - 10.1109/icomet.2018.8346329
DO - 10.1109/icomet.2018.8346329
M3 - Conference contribution
T3 - 2018 International Conference on Computing, Mathematics and Engineering Technologies (iCoMET)
BT - Conference Proceedings 2018 International Conference on Computing, Mathematics and Engineering Technologies
PB - Institute of Electrical and Electronics Engineers
T2 - 2018 International Conference on Computing, Mathematics and Engineering Technologies
Y2 - 3 March 2018 through 4 March 2018
ER -