Free Essay

Cyber

In: Computers and Technology

Submitted By cebingersmith
Words 833
Pages 4
Cryptolocker Ransomware: A Ransom no more!
Christopher S Ebingersmith
University of Maryland University College
June 24, 2015

Introduction

Cryptolocker Ransomware is part of a larger number of malware campaigns infecting large numbers of computer systems. This new variant of ransomware is more egregious in nature as it not only holds the system hostage as other types of ransomware, but through the course of infection a great number files, when found, are encrypted by this malware. The primary vector of infection is through the use of phishing email attempts to entice unwitting users to click on malicious attachments. Once the system is infected Cryptolocker hides, slowly beginning to affect the availability of files on the affected system communicating back to the “attackers’ command and control (C2) server to deposit the asymmetric key out of the victim’s reach.” (Alert, 2013)
Cryptolocker, which only seems to affect Windows based targets, first popped up on security radars in September of 2013, “and these early versions were distributed via social engineering and spam emails that try to entice business professionals into opening an attached Zip file.” (Kostadinov, 2014) The zip files were thinly disguised as a 20kb file with some file names between 13 and 17 characters that mimicked “the look of legitimate businesses and through phony FedEx and UPS tracking notices.”(Alert, 2013) Spamming was the primary method utilized to infect potential hosts; this really contained an embedded Trojan (Downloader.Upatre). (Kostadinov, 2014) This was really the tip of the iceberg of this infection. Subsequently, Downloader.Uptare, would “download the Gameover Zeus Trojan (a.k.a. Trojan.Zbot), which in turn will download Trojan.CryptoLocker.” (Kostadinov, 2014) Cryptolocker is a very different beast though: It allows normal operation to occur for a time, “but your personal files, such as documents, spreadsheets and images, are encrypted.” (Ducklin, 2013) There is a laundry list of files affected by this malware. Once embedded inside the host, it calls “home”, back to the command and control server, and it may use “Domain Generation Algorithm (DGA), which can generate 1,000 domains daily and hold onto the first available line, to seek a live C2 server.”(Ducklin, 2013) It has to find a proper command and control server containing the right private key to decrypt the message sent in order to communicate. The next step is dump the public key in order to encrypt affected files with the unique key sending it back to the command and control server.
Each file is encrypted with a unique AES key, which in turn is encrypted with the RSA public key received from the C2 server. The encrypted key, a small amount of metadata, and the encrypted file contents are then written back to disk, replacing the original file. Encrypted files can only be recovered by obtaining the RSA private key held exclusively by the threat actors. (Jarvis, 2013)
What we see is that while you can use antivirus (anti-malware) software, this only mitigates part of the problem, which would be any additional viruses or Trojans downloaded to your system. If the system gets infected and you find your files become encrypted, the only safeguard is to have a clean backup from which you can pull clean data. (Ducklin, 2013) If you did the research, you might be able to “black hole” at least some of the domains through policies to modify the localhosts file in computer systems and add the black hole list to your proxy server (if you use one). As an added layer of defense, network administrators could try to resolve known domains to IP address blocking them at the perimeter to prevent actual communication with the command and control server(s) involved in passing the encryption keys. Also, if possible, “enable Inbound and Outbound inspection of HTTP, FTP, IMAP, SMTP, POP3, CIFS/NetBIOS and TCP Stream.”(Best Practices, 2014) User awareness training is the keystone to all of this: if you are not educating them, they will show you they are the weakest link in the chain. A multilateral defense strategy is necessary to defend against this and other threats as they evolve over time; if you aren’t vigilant in the cyber realm, you are as good as hacked.

References
Alert (TA13-309A). (2013, November 5). Retrieved June 24, 2015, from https://www.us-cert.gov/ncas/alerts/TA13-309A
Best Practices to protect against CryptoWall and CryptoLocker (SW12434). (2014, November 11). Retrieved June 25, 2015, from https://support.software.dell.com/kb/sw12434
Ducklin, P. (2013, October 18). CryptoLocker ransomware - see how it works, learn about prevention, cleanup and recovery. Retrieved June 24, 2015, from https://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/ Jarvis, K. (2013, December 18). CryptoLocker Ransomware - Dell SecureWorks. Retrieved June 24, 2015, from http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker- ransomware/
Kostadinov, D. (2014, February 6). RansomWar(e) - InfoSec Institute. Retrieved June 24, 2015, from http://resources.infosecinstitute.com/ransomware/

Similar Documents

Premium Essay

Cyber Scam

...CYBER SCAM AND ITS EFFECTS November 27, 2011 SUBMITTED BY: FETALVER, FRANCIS VIOLETA, ROGENE CRIS SUBMITTED TO: MRS. MARY GRACE P. ALFANTA I Introduction Background of the Study Experts and law-enforcement officials who track Internet crime say scams have intensified in the past six months, as fraudsters take advantage of economic confusion and anxiety to target both consumers and businesses. Thieves are sending out phony emails and putting up fake Web sites pretending to be banks, mortgage-service providers or even government agencies like the Federal Bureau of Investigation or the Federal Deposit Insurance Corp. Cell phones and Internet-based phone services have also been used to seek out victims. The object: to drain customer accounts of money or to gain information for identity theft. Most scams are done by e-mail (Spam). They entice users to give them critical information like usernames, passwords, credit card information, or other types of account information. Most of these e-mails can easily be identified as fraudulent, by identifying a couple of general characteristics. If someone pretending to represent a company or organization contact you by e-mail to supply them with usernames, passwords or other critical information by e-mail, then you can be certain it’s fraudulent. Today we have something we call SSL (Secure Socket Layer). E-mail is one of the most un-secure methods to send user information and passwords. Most......

Words: 2516 - Pages: 11

Premium Essay

Cyber Bullying

...Cyber-bullying among juveniles is a growing and severely dangerous problem that most are unaware of. Many educators and legislators are afraid to cross the line of right and wrong and will not punish these children as they should be. Unsurprisingly these juveniles are doing this when the parents are not present. Surprisingly though most of these children are in elementary school and are not even old enough to have a Facebook or other social network sites. “The incidence of cyber-bullying increases during elementary school, peaks in middle school and decreases in high school.”(Snakenborg, Van Acker, Gable page 90). This goes to show that parents need to be more aware and more controlling over what their children are doing and who they are hanging out with. Cyber-bullying also has a different outcome when looking at the aspects of males and females. During face to face bullying, “males are the primary instigators and victims.” (Snakenborg, Van Acker and Gable. Page 90.) When cyber-bullying females are “25% more likely victims.”(Snakenborg, Van Aker and Gable. Page 90). This increases the one that is bullying’s control over the situation because they believe that they are reaming anonymous. Having a sense of control can heighten a juvenile’s belief that they fit in and can be with friends with a certain crowd of people. A juvenile’s behavior is a major factor into why they would bully another peer on through electronic devices. This depends on the motivation which varies......

Words: 601 - Pages: 3

Premium Essay

Cyber Bullying

...Cyber bullying Everyone take a minute to close your eyes. Raise your hand if you have ever been the victim of bullying, now open your eyes. Now raise your hand if you have ever been the bully, now open your eyes. Finally, raise your hand if you have ever watched someone being bullied, open your eyes. We can all think of experiences involving bullying, whether we were the victim, the bully or a witness. More recently though, cyber bullying has sky rocketed due to all the social media sites now available to use. Cyber bullying and just bullying in general, has caused so many lives of young teens and adults to be taken. In order to put an end to it, or even help the popularity of it, we must open our eyes and look the bully right in the face. Cyber bullying is when someone is tormented, threatened, harassed, humiliated, or just a target by a mobile phone or internet, most of the time, both. Cyber bullying can include anything from the list provided above, by text message, instant message, email, blogs, social websites, etc. As more and more children gain access to these, the more people are being harmed. This topic is usually forgotten about once children reach 18, out of high school, which makes the severity of the topic increase. Cyber bullying does not go away with age, race, ethnicity, eye color, hair color, wealth, etc, it just takes on a different name with more consequences that could affect someone for the rest of their life. While growing up, movies make a...

Words: 882 - Pages: 4

Premium Essay

Cyber-Crime

...“Cyber-crime,” which refers to any criminal activity committed with the aid of or in the arena of the Internet and similar telecommunications, is both a new incarnation of old crimes through a new medium, and a unique entity all its own. It differs from physical crime in four ways. It is easy to commit, requiring minimal resources for great potential damage, being committable in a jurisdiction in which the perpetrator is not physically present, and often, not being entirely clearly illegal. A cyber crime that was committed recently is the “Gozi” virus that infected a million computers including NASA computers and bank computers. The Gozi virus is also known as a Trojan. It infiltrated businesses the way a wooden horse rolled into Troy. The wooden horses, in this case, are the employees of businesses who click on suspicious links in an e-mail, or fail to recognize a phony banking website when they see one. The virus and other malicious software infected individuals' and businesses' computers, and then stole log-in information for online banking and other accounts. One program even imitated a bank's website, tricking users into giving away their PINs and personal information, such as their mothers' maiden names. The worms and viruses released in the twenty first century posses a higher impact in terms of financial damage and loss of productivity. Today’s sophisticated attacks posses a greater damage potential. Hackers are no longer enthusiastic, cyber......

Words: 1335 - Pages: 6

Free Essay

Cyber Crime

...CYBER CRIME Application Paper Molly Flannery DeVry University CYBER CRIME Application Paper Cyber crime is a crime committed online, as opposed to the physical world. In a business setting, cyber crime can occur in several instances: scams, identity theft, white-collar fraud, check or credit/debit card fraud, retail fraud, auction fraud, employment fraud, etc. (Miller & Jentz, 2012) Credit-card crime is more likely to hurt merchants and credit-card issuers than the consumer. The financial burden shifts from the consumer to the either the merchant or the issuer when purchases are made with stolen credit card numbers. (Miller & Jentz, 2012) My particular world of business consists of healthcare-related information. For example, being a healthcare carrier, our company stores health information as well as personal information. Names, social security numbers, health diagnoses, etc., are readily available throughout our organization. Not only is this information extremely important to protect, but in the event of someone having a personal health policy, they may have banking information in our system as well in order to automatically have their monthly premiums deducted. This information can consist of credit card numbers and/or bank account and routing numbers. If someone outside the company were to hack into the system, they would have a plethora of information to choose from. Additionally, if we happened to have a celebrity or otherwise......

Words: 382 - Pages: 2

Free Essay

Cyber Security

...Research Paper – Cyber Security From the growing use of smart phones to access the Internet to rogue employees in the workplace, the threat of cyber terrorism is increasingly on the minds of C-suite executives. At a recent conference sponsored by the Raritan Valley Community College Foundation, security experts addressed the threats, the exposures and the legal issues and best practices to bolster cyber defenses. Virginia Bauer, CEO of East Rutherford-based security company GTBM, explained that many people, like herself, first became familiar with security threats on 9-11(Bauer's husband was killed in the attacks and she has since been a 9-11 families advocate). "To combat the threat, better private and public partnerships are needed to develop solutions, something the 9-11 Commission recommended," she explained. GTBM's main product is Info-Corp(TM), a system that conducts real-time identification checks, scanning local, state, and federal National Crime Information Center (NCIC) databases, the Federal Terrorist Screening Watch List and all 50 states' motor vehicle databases. The identification checks are important to companies because the biggest cyber threat to businesses can be its employees. "Most cyber attacks happen internally," Bauer said. "The people who can be the most threatening to you are sitting in your offices, or are your consultants and vendors." Govi Rao, chairman of the New Jersey Technology Council and president and CEO of Noveda Technologies (a......

Words: 527 - Pages: 3

Free Essay

Cyber Crime

...internet is cyber crime. which is an illegal activity that committed on the internet and this includes email espionage, credit card fraud, spam’s, software piracy download illegal music, steal money from online bank account and so on .It also includes non monetary offenses such as creating and distributing viruses on other computers and posting confidential business information on the internet. Basically cyber crime can be divided into three major categories such as cyber crime against person, cyber crime against property and cyber crime against government. Cyber crime against person includes various crimes like transmission of child pornography, indecent exposure, harassment of any one with the use of email or websites where the asked to enter password, phone number, address, credit card number, bank account number and other information that are needed to steal another parson's identity .furthermore, these type of harassment can be sexual, racial, religious, on gender, nationality or other. These often occur in chat rooms, through news groups and by sending hate emails to interested parties. And badly affect to the younger generation which sometimes leave irreparable injury if not properly controlled. The second category of cyber crime committed against all forms of property including computer vandalism which distraction of others property, transmission of harmful program, stole the technical data base from other person's computer with the help of a corporate cyber......

Words: 540 - Pages: 3

Premium Essay

Cyber Sysems

...DeVry University Alhambra, California Cyber Security Systems By Alvin Canlas (D01621385) Hernando De Leon (D40160634) Arees Dikranian (D01501086) Edward Huron (D01298546) Sandry Kho (D40246297) Chirag Patel (D40152599) Maria Ramirez (D01636860) Jaime Solorzano (D40201380) Submitted in Partial Fulfillment of the Course Requirements for MGMT 404 Project Management Dr. John Lindem October 15, 2014 Executive Summary Information Technology continues to change at a rapid pace. These changes greatly affect the world we live in. Corporate giants such as Target, Home Depot, and Apple have been recent targets of cyber-attacks. To protect customer date we have to constantly adapt to the different style of attacks and adjust to their business technology policies. At Cyber Security Systems (CSS) it is our mission to maintain the continuity of these vital services and preserve the public’s trust in our information systems. In addition, it requires new levels of communication and cooperation among the public and private sector, corporate agencies and departments. Furthermore, it involves protecting our critical infrastructures from intrusion or attack as well as using the infrastructure as a tool with which law-enforcement agencies can gather, analyze and disseminate information. This business plan will provide a vision, purpose, mission and goals for technology at Cyber Security Systems. In addition, it also includes the current organization of......

Words: 4839 - Pages: 20

Premium Essay

Cyber Crimes

...Cyber Crimes Cyber crimes are on some of the hardest crimes for the police to stop and catch the perpetrators because they can commit a crime in one state or country and physically be in another state or country. While the invention of the Internet has had great affects on the growth of technology, it has also given criminals an extremely large place to hide in and the laws are still trying to catch up with the growth of technology. The different technology crimes that occur fall into one of the three following categories: cyber piracy, cyber trespass, and cyber vandalism, and like the original crimes of piracy, trespass, and vandalism these crimes are similar except they happen in digital form. Three Categories of Cybercrime There are three categories of cybercrimes that can cause a lot of trouble for any individual or organization who becomes a victim of these crimes. Cyber piracy, trespass, and vandalism in some ways are similar because they all involve taking advantage of individual people or organizations by stealing personal information through digital techniques. 1. Cyber piracy Cyber piracy has two definitions; the first definition is when a person uses cyber technology unlawfully to produce copies of proprietary information. While the second definition is when a person uses cyber technology to distribute proprietary information, while it is in digital form, across networks. 2. Cyber trespass Cyber trespass has two definitions as well. The first......

Words: 819 - Pages: 4

Premium Essay

Cyber Terrorism

... Name: Institution: Course: Date: Cyber Terrorism Cyber terrorism vs. Physical terrorism In cases where there are the occurrences of both physical terrorism and cyber terrorism, the people behind it carry out their attacks outside the bounds of conventional warfare. In other words, the terrorists carry out attacks in areas that are not ordinarily considered as battlefields as well as on people not normally considered as military personnel. For example, the attacks may entail an individual dressed as a civilian blowing himself up in a packed place or people dressed like civilians hijacking commercial airplanes and flying them to civilian targets like the World Trade Centre. Physical terrorism differs from cyber terrorism in the sense that the later primarily entails carrying out attacks against information found in computers while the former involves an attack against civilians. Those individuals, who dress up as civilians and blow up themselves in a crowded area like a bus constitutes physical terrorism since the attacks aims at destroying human life. Most likely, cyber terrorists use computers or other similar devices to carry out attacks on information found on computers. Cyber terrorism will have more impact than physical terrorism. The main aim of physical terrorism is to cause loss of life whereas cyber terrorism may entail hacking into a country’s critical infrastructure with the sole purpose of causing great harm such as significant damage on the economy or......

Words: 598 - Pages: 3

Premium Essay

Cyber

...advancements and the information technologies used operate the critical infrastructure that feeds the heart of the U.S. economic and people. However, these advancements have also enable a wide range of malicious activities, such as crime, espionage and terrorism. The U.S. and it’s partners are grappling with a number of complex cybersecurity issues ranging from the proper role of government in protecting U.S. intellectual property to the establishment of the global norms for Internet governance. This paper will discuss two emerging technologies, smart and bionics, and will examine the security challenges and cyber threats associated with them. It will outline how these emerging technologies are used by private and government organizations. Dived further into some of the prominent cybersecurity policies and legal implications that might be associated the use of them. Emerging Cyber Technologies There is some much hype about smart technologies such as smart phones; cars and power grids as the technology has proven to be able to move data that is in rest transmit it over the Internet from almost anywhere. Most of the population has become technology-happy these days. Some pore over rumors and specs on technology websites, some even stand in line for days waiting to get their hands on the newest gadgets. Our world has moved from anticipating the new technologies to now demanding it. Most consumers are ill informed when it comes to understanding the number of......

Words: 2506 - Pages: 11

Free Essay

Cyber Security: Cyber Terrorism

...Introduction Cyber security refers to the practices and processes that are used in technologies such as networks, computers, information and programs from damages by unwarranted entities (Ahmad, Yunos & Sahib, 2012). There are different attacks towards technology which may distort information or be used to create tension in an organization. Information stored in computers has some level of privacy and this depends on the level of sensitivity that such information may have towards that organization. Business strategies, political discussions and government documents are some of the documents that require a higher degree of privacy. However, there are individuals who cause deliberate attacks on the information systems of organizations and governments in order to unlawfully access information or distort the meaning of such data. The intention of cyber attacks has led to the classification of these attacks into particular classes. For example, we have cyber bullying and cyber terrorism. Under cyber bullying, the attackers use technology to abuse and intimidate their targets. Cyber bullying has been common through the presence of the social media where an individual will use pseudo-accounts to publish half truths about others with a bid to embarrass them. On the other hand, cyber terrorism involves the use of technology to access vital government sites in order to cause harm and fear in the society through terrorism activities. Brunst (2010) indicates that cyber terrorist......

Words: 1810 - Pages: 8

Premium Essay

Cyber Security

...CYBER SECURITY INTRODUCTION It is also known as “Computer Security or IT security”. It is applied to the security of computer, computer network and the data stored and transmitted over them. Today the computer system are used in wide variety of “smart devices, including Smartphone’s,  televisions and tiny devices as part of the Internet of Things, and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other networks. Computer security covers all the processes and mechanisms by which digital equipment, information and services are protected from unintended or unauthorized access, change or destruction and the process of applying security measures to ensure confidentiality, integrity, and availability of data both in transit and at rest. There are the various elements of the cyber security which are as: 1. Application Security 2. Information Security 3. Network Security 4. Mobile Security 5. Internet Security 6. Cyberwarfare One of the most problematic elements of cybersecurity is the quickly and constantly evolving nature of security risks. The traditional approach has been to focus most resources on the most crucial system components and protect against the biggest known threats, which necessitated leaving some less important system components undefended and some less dangerous risks not protected. "The threat is advancing quicker than we can keep up with it. The threat changes faster than our idea of the risk. It's no......

Words: 3559 - Pages: 15

Premium Essay

Cyber Bullying

...of challenging behaviour and one of the most common and prominent ones is bullying. There are several different types of bullying and I am going to discuss three of them, including the reasons behind these types of bullying and the possible effects on an individual who may be subjected to bullying. The first type of bullying I am going to discuss is cyber bullying. Cyber bullying is a form of bullying that takes place with the use of technology/over the internet. Cyberbullying can include behaviours like sending threatening or nasty to emails to another person or to a group of people. Emails like this can include any type of message from racist comments to sexist comments or just plain nasty names or threats. (Teenwirral.com, 2015) Social networking sites are another way a person can cyberbully an individual. People can post offensive statuses which could either be again, racist, sexist, mean or threatening. They also have the power to post embarrassing pictures of someone or they could just harass someone on their profile by commenting nasty things on the victim’s profile. Social media websites are prominent platform for cyber bullying as the bully has the power to create a fake/anonymous account which can be used to bully a person, without any consequences. This links in to one of the main causes of cyberbullying which is that the bully has the ability to hide behind a device, therefore they aren’t required to take any responsibility for their actions. This lack of......

Words: 896 - Pages: 4

Premium Essay

Cyber

... CYBER WARFARE Student’s Name Institution of Affiliation CYBER WARFARE Cyber warfare is also commonly referred to as the cyber attack. It involves both the attacks and the counter cyber warfare. By definition, it is an intentional breaching of a person’s or community computer system with an intended to fraud money or steal knowledge from the system. Therefore, it involves manipulation of the computer systems, disabling or to wipe out the aggregate information contained in the system of equipment. It has thus been a stern challenge in the economic and national and the world security. As thus, it has become a primary concern for all business people protecting their ideas not to be leaked, in the military due to the protection of national security and also by the government which has to keep it a secret of all what is happening within it. The issue of the cyber attacks has not been one event but something that has occurred over time as a result of inventions and innovations by the governments and security agencies. It was triggered by the need to safeguard one's interests and at the same time keep secrets that if they leak the competitors or the enemies can use them against you. One of the periods that can be credited to giving birth to the period of developments that led to cyber attacks is 1918 all the way to 1939 whereby there was increased military revolution. One of these......

Words: 1263 - Pages: 6