Cryptovirology Ransomware: A Review of Dissemination and Mitigation Techniques

Authors

Muhammad Imran Sarwar, Department of Computer Science & IT, The Superior University, Lahore, Lahore-54500, PakistanFollow
Louai A. Maghrabi, Department of Software Engineering, College of Engineering, University of Business and Technology, Jeddah, Saudi ArabiaDepartment of Software Engineering, College of Engineering, University of Business and Technology, Jeddah, Saudi ArabiaFollow
Kashif Nisar, Department of Computer Science & IT, The Superior University, Lahore, Lahore-54500, PakistanFollow
Imran Khan, School of Computer Science and Informatics, Cardiff University, Cardiff CF10 3AT, United KingdomFollow

Abstract

Digital assets are generally regarded as one of the most valuable assets for an organization. When they are captured for ransom purposes, a serious problem arises, and ransomware is responsible for this. When ransomware gets onto a computer or other electronic device, the data on it is encrypted, made inaccessible, or taken away until a ransom is paid. The culprits behind these activities release and disseminate new and sophisticated variants of illicit wealth and notorious practices. Hardware and antivirus software that detect intrusions are not a permanent solution, as hackers can bypass them easily. After ransomware has been executed on an electronic device, it is extremely difficult or nearly impossible to recover the data, and now is the time to draw attention to this threat. In this study, various aspects of ransomware’s propagation, encryption, and mitigation techniques are discussed. We have also used the RanSim simulator to detect malware in a system, and details of the experiment are presented in the later sections. The methodology used for this study can be classified as exploratory research to explore the recent literature on the topic. This study contributes by highlighting recent trends in ransomware, their consequences, and prevention and mitigation techniques. Keywords: RanSim, Ransomware, Ransomware Threats and Mitigation, System Implications of Ransomware, Trusted Computing. Digital assets are generally regarded as one of the most valuable assets for an organization. When they are captured for ransom purposes, a serious problem arises, and ransomware is responsible for this. When ransomware gets onto a computer or other electronic device, the data on it is encrypted, made inaccessible, or taken away until a ransom is paid. The culprits behind these activities release and disseminate new and sophisticated variants of illicit wealth and notorious practices. Hardware and antivirus software that detect intrusions are not a permanent solution, as hackers can bypass them easily. After ransomware has been executed on an electronic device, it is extremely difficult or nearly impossible to recover the data, and now is the time to draw attention to this threat. In this study, various aspects of ransomware’s propagation, encryption, and mitigation techniques are discussed. We have also used the RanSim simulator to detect malware in a system, and details of the experiment are presented in the later sections. The methodology used for this study can be classified as exploratory research to explore the recent literature on the topic. This study contributes by highlighting recent trends in ransomware, their consequences, and prevention and mitigation techniques.

Recommended Citation

Imran Sarwar, Muhammad; A. Maghrabi, Louai; Nisar, Kashif; and Khan, Imran (2023) "Cryptovirology Ransomware: A Review of Dissemination and Mitigation Techniques," Information Sciences Letters: Vol. 12 : Iss. 11 , PP -.
Available at: https://digitalcommons.aaru.edu.jo/isl/vol12/iss11/35