Security Assurance Against Cybercrime Ransomware

Cybercrime is not only a social ill but it does also pose a tremendous threat to our virtual world of personal, corporate and national data security. The recent global cyberattack of WannaCry ransomware has created an adverse effect on worldwide financials, healthcare and educational sectors, highlighting the poor state of cyber security and its failure. This growing class of cyber attackers is gradually becoming one of the fundamental security concerns that require immediate attention of security researchers. This paper explores why the volume and severity of cyberattacks are far exceeding with the capabilities of their mitigation techniques and how the preventive safety measures could reduce the losses from cybercrime for such type of attacks in future. It further expresses the need to have a better technological vision and stronger defenses, to change the picture where human cognition might be the next big weapon as a security assurance toolkit.

[1]  M. Mitchell Waldrop,et al.  How to hack the hackers: The human side of cybercrime , 2016, Nature.

[2]  Steve Mansfield-Devine,et al.  The Ashley Madison affair , 2015, Netw. Secur..

[3]  James Kinross,et al.  Effective cybersecurity is fundamental to patient safety , 2017, British Medical Journal.

[4]  Paul Simmonds The digital identity issue , 2015, Netw. Secur..

[5]  Michael K. Bergman White Paper: The Deep Web: Surfacing Hidden Value , 2001 .

[6]  Kenning Arlitsch,et al.  Staying Safe: Cyber Security for People and Organizations , 2014 .

[7]  Habib ur Rehman,et al.  Strengthening the bitcoin safety: a graded span based key partitioning mechanism , 2020 .

[8]  Kristin Shields Cybersecurity: Recognizing the Risk and Protecting Against Attacks , 2015 .

[9]  Simon Parkin,et al.  Learning from "Shadow Security": Why understanding non-compliant behaviors provides the basis for effective security , 2014 .

[10]  Barry Irwin,et al.  Dridex: Analysis of the traffic and automatic generation of IOCs , 2016, 2016 Information Security for South Africa (ISSA).

[11]  Yvo Desmedt,et al.  How to Attack Two-Factor Authentication Internet Banking , 2013, Financial Cryptography.

[12]  Manisha Patil,et al.  A brief study of Wannacry Threat: Ransomware Attack 2017 , 2017 .

[13]  J. Busemeyer,et al.  Quantum cognition: a new theoretical approach to psychology , 2015, Trends in Cognitive Sciences.

[14]  Keith W. Ross,et al.  I Know What You're Buying: Privacy Breaches on eBay , 2014, Privacy Enhancing Technologies.

[15]  Cath Everett,et al.  Ransomware: to pay or not to pay? , 2016 .

[16]  Roger Collier NHS ransomware attack spreads worldwide , 2017, Canadian Medical Association Journal.

[17]  Sven Türpe Security Testing: Turning Practice into Theory , 2008, 2008 IEEE International Conference on Software Testing Verification and Validation Workshop.

[18]  UniKL MIIT,et al.  Privacy and Security of Cloud Computing: A Comprehensive Review of Techniques and Challenges , 2018 .

[19]  Khurram Mustafa,et al.  Security of Web Application: State of the Art , 2017 .

[20]  A Gandhi Krunal,et al.  Survey on Ransomware: A New Era of Cyber Attack , 2017 .

[21]  Patrick Traynor,et al.  CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data , 2016, 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS).

[22]  Sharon Weinberger,et al.  Computer security: Is this the start of cyberwarfare? , 2011, Nature.

[23]  Naren Ramakrishnan,et al.  Detection of stealthy malware activities with traffic causality and scalable triggering relation discovery , 2014, AsiaCCS.

[24]  He Liu,et al.  Click Trajectories: End-to-End Analysis of the Spam Value Chain , 2011, 2011 IEEE Symposium on Security and Privacy.

[25]  Christophe Rosenberger,et al.  Local user-centric identity management , 2014, Journal of Trust Management.