Free Essay

Cyber

In:

Submitted By cebingersmith
Words 833
Pages 4
Cryptolocker Ransomware: A Ransom no more!
Christopher S Ebingersmith
University of Maryland University College
June 24, 2015

Introduction

Cryptolocker Ransomware is part of a larger number of malware campaigns infecting large numbers of computer systems. This new variant of ransomware is more egregious in nature as it not only holds the system hostage as other types of ransomware, but through the course of infection a great number files, when found, are encrypted by this malware. The primary vector of infection is through the use of phishing email attempts to entice unwitting users to click on malicious attachments. Once the system is infected Cryptolocker hides, slowly beginning to affect the availability of files on the affected system communicating back to the “attackers’ command and control (C2) server to deposit the asymmetric key out of the victim’s reach.” (Alert, 2013)
Cryptolocker, which only seems to affect Windows based targets, first popped up on security radars in September of 2013, “and these early versions were distributed via social engineering and spam emails that try to entice business professionals into opening an attached Zip file.” (Kostadinov, 2014) The zip files were thinly disguised as a 20kb file with some file names between 13 and 17 characters that mimicked “the look of legitimate businesses and through phony FedEx and UPS tracking notices.”(Alert, 2013) Spamming was the primary method utilized to infect potential hosts; this really contained an embedded Trojan (Downloader.Upatre). (Kostadinov, 2014) This was really the tip of the iceberg of this infection. Subsequently, Downloader.Uptare, would “download the Gameover Zeus Trojan (a.k.a. Trojan.Zbot), which in turn will download Trojan.CryptoLocker.” (Kostadinov, 2014) Cryptolocker is a very different beast though: It allows normal operation to occur for a time, “but your personal files, such as documents, spreadsheets and images, are encrypted.” (Ducklin, 2013) There is a laundry list of files affected by this malware. Once embedded inside the host, it calls “home”, back to the command and control server, and it may use “Domain Generation Algorithm (DGA), which can generate 1,000 domains daily and hold onto the first available line, to seek a live C2 server.”(Ducklin, 2013) It has to find a proper command and control server containing the right private key to decrypt the message sent in order to communicate. The next step is dump the public key in order to encrypt affected files with the unique key sending it back to the command and control server.
Each file is encrypted with a unique AES key, which in turn is encrypted with the RSA public key received from the C2 server. The encrypted key, a small amount of metadata, and the encrypted file contents are then written back to disk, replacing the original file. Encrypted files can only be recovered by obtaining the RSA private key held exclusively by the threat actors. (Jarvis, 2013)
What we see is that while you can use antivirus (anti-malware) software, this only mitigates part of the problem, which would be any additional viruses or Trojans downloaded to your system. If the system gets infected and you find your files become encrypted, the only safeguard is to have a clean backup from which you can pull clean data. (Ducklin, 2013) If you did the research, you might be able to “black hole” at least some of the domains through policies to modify the localhosts file in computer systems and add the black hole list to your proxy server (if you use one). As an added layer of defense, network administrators could try to resolve known domains to IP address blocking them at the perimeter to prevent actual communication with the command and control server(s) involved in passing the encryption keys. Also, if possible, “enable Inbound and Outbound inspection of HTTP, FTP, IMAP, SMTP, POP3, CIFS/NetBIOS and TCP Stream.”(Best Practices, 2014) User awareness training is the keystone to all of this: if you are not educating them, they will show you they are the weakest link in the chain. A multilateral defense strategy is necessary to defend against this and other threats as they evolve over time; if you aren’t vigilant in the cyber realm, you are as good as hacked.

References
Alert (TA13-309A). (2013, November 5). Retrieved June 24, 2015, from https://www.us-cert.gov/ncas/alerts/TA13-309A
Best Practices to protect against CryptoWall and CryptoLocker (SW12434). (2014, November 11). Retrieved June 25, 2015, from https://support.software.dell.com/kb/sw12434
Ducklin, P. (2013, October 18). CryptoLocker ransomware - see how it works, learn about prevention, cleanup and recovery. Retrieved June 24, 2015, from https://nakedsecurity.sophos.com/2013/10/18/cryptolocker-ransomware-see-how-it-works-learn-about-prevention-cleanup-and-recovery/ Jarvis, K. (2013, December 18). CryptoLocker Ransomware - Dell SecureWorks. Retrieved June 24, 2015, from http://www.secureworks.com/cyber-threat-intelligence/threats/cryptolocker- ransomware/
Kostadinov, D. (2014, February 6). RansomWar(e) - InfoSec Institute. Retrieved June 24, 2015, from http://resources.infosecinstitute.com/ransomware/

Similar Documents

Free Essay

Cyber Security: Cyber Terrorism

...Introduction Cyber security refers to the practices and processes that are used in technologies such as networks, computers, information and programs from damages by unwarranted entities (Ahmad, Yunos & Sahib, 2012). There are different attacks towards technology which may distort information or be used to create tension in an organization. Information stored in computers has some level of privacy and this depends on the level of sensitivity that such information may have towards that organization. Business strategies, political discussions and government documents are some of the documents that require a higher degree of privacy. However, there are individuals who cause deliberate attacks on the information systems of organizations and governments in order to unlawfully access information or distort the meaning of such data. The intention of cyber attacks has led to the classification of these attacks into particular classes. For example, we have cyber bullying and cyber terrorism. Under cyber bullying, the attackers use technology to abuse and intimidate their targets. Cyber bullying has been common through the presence of the social media where an individual will use pseudo-accounts to publish half truths about others with a bid to embarrass them. On the other hand, cyber terrorism involves the use of technology to access vital government sites in order to cause harm and fear in the society through terrorism activities. Brunst (2010) indicates that cyber terrorist activities...

Words: 1810 - Pages: 8

Premium Essay

Cyber Security

...Cyber security is a critical and growing issue in the world today. President Obama said this issue is, "one of the most serious economic and national security threats our nation faces" (Cybersecurity). The United States is one of the most computer dependent societies and has the most computer dependent military and intelligence agencies. With more and, more of our country being ran by technology we are at a bigger risk of attack. A cyber attack could be the most devastating attack our country has ever faced. An attack on America’s cyber infrastructure could cripple the country and put us at an even greater risk of a normal attack. FBI Director said “Counterterrorism — stopping terrorist attacks — with the FBI is the present number one priority. But down the road, the cyber threat, which cuts across all FBI programs, will be the number one threat to the country” (Paganini). The message is clear the cyber security threat we are facing today is a dangerous and growing threat that has serious offensive potential and is often difficult to detect or prevent. An attack on a nation’s critical infrastructure can be devastating and when you add the fact that cyber attacks often do not make themselves know until it is to late could make for a devastating first strike prior to an invasion. Cyber security is defined as measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack. The term “cyber security threat” means...

Words: 2041 - Pages: 9

Free Essay

Cyber Bullying

...Cyber Bullying Table of Contents I. Cover page II. Table of Contents III. Report It only seems like yesterday that teachers would have to stand on the play ground during recess and monitor the bullies, who would try to take another child’s lunch money, or to take a note being passed around in the classroom that would read something like “I will see you on the play ground after school.” A way to help prevent your child from being one of the many bullying victims is to know what the risk factors are of your child becoming one of the bullying victims. When it comes to being a bullying victim, children, teens and adults are those who don't get along well with others, have few or no friends, is less popular than others, what color their skin is, or what kind of clothes they wear, because they wear glasses, and what kind of house they live in. Now here we are in the year 2011, dealing with an entirely different style of bullying, which we all know is called “CYBERBULLYING”. No longer are the days of having the teacher send the student to the principal’s office or a phone call home to mom and dad. Friends and family of victims are also taking part when cyber bullying occurs. They may find themselves in difficult situations where they are peer pressured into participating in the bullying, afraid that if they don't play along, or they could become a target. They may feel that they have no power to stop it or start feeling guilty for not having spoken out against the...

Words: 1506 - Pages: 7

Premium Essay

Cyber Bullying

...2011 Cyber Bullying StopCyberbullying.org, an expert group on internet safety defines cyber bullying as: "a situation when a child, tween or teen is repeatedly 'tormented, threatened, harassed, humiliated, embarrassed or otherwise targeted' by another child or teenager using text messaging, email, instant messaging or any other type of digital technology.” It has to have a minor on both sides, or at least have been initiated by a child against another child. Once adults become involved, it is cyber harassment or cyber stalking. Adult cyber harassment or cyber stalking is never called cyber bullying. The way a child does this bullying is only limited by their imagination and their access to technology, and the cyber bully one moment could become the victim the next. It has been suggested by the BBC that cyber-bullying may be influenced by videos that are uploaded to video sharing websites online, which contain offensive content or examples of acts of bullying. Websites that currently do not filter such videos, such as YouTube, have been asked to take legal action against videos of people being attacked, harassed or ridiculed, in order to reduce cyber bullying as a result. The kids often change roles, going from victim to bully and back again. Cyber bullying is usually not a one-time thing, unless it includes a death threat or a threat that would do serious bodily harm. Children have even killed each other and committed suicide after being involved in a cyber bullying...

Words: 1054 - Pages: 5

Premium Essay

Cyber Warfare

...Computers have modernized terrorism in the same way cyber terrorism revolutionized information warfare. There is no distinct definition of Cyber terrorism; however, its threat is as real as waging war but with weapons of automation. Terrorists have begun to exploit the availability of information with the malicious intent to sabotage; conversely, there are those who are not quite sure if information warfare - cyber terrorism is an actual threat. This research paper will briefly explore the history of cyber terrorism, the friend the internet has been to terrorist and how we can make the internet safer through vigilant tactics of prevention and deterrence. It will also expose the truth about cyber terrorism for the skeptic, reasons not to discount the threat, and why it is paramount their mind is changed. Information Warfare-Cyber Terrorism Did you know there were 18 cybercrime victims every second, 1058 every minute, approximately 64,000 per hour, and 1.5 million per day, that affected over 556 million people within the last year (Norton , 2012)? The internet has made it possible for terrorists to gather our public information and use it against us. As the internet matures so does the terrorist, finding ways to cripple and intimidate. The internet and terrorists have become a real hazard to the health of the cyber world. The government has implemented several organizations to help combat cyber terrorism but have not given it a clear concise definition. Skeptics...

Words: 3494 - Pages: 14

Free Essay

Cyber Bullying

...known as Cyber Bullying. Young people to bully peers can use emails, texts, chats, phones, websites and cameras. It is now a worldwide problem with countless occurrences reported and has yet to get the attention it merits and remains nearly vague from research works. This paper reconnoiters definitional problems, the incidences and potential outcomes of cyber bullying, as well as deliberating possible intervention and prevention stratagems. While most youngsters seem conscious of what cyberbullying involves, occurrences of cyberbullying in educational institutions seem to be minimal. Although students have entree to many technologies, the mainstream seem not to participate in bullying over the internet. However, persons who are cyber bullies are also likely to be targets of cyberbullying. Cyber Bullying Cyber bullying is becoming a crisis with the progression of social media tools. Should government create new laws to protect the people who are being targeted? This is just but one of the many questions people seek for answers. Cyber bullying has been in existence since time in memorial but has gained fame and become more wide spread with the introduction of the internet some few years back. It is common to see instances of cyber bullying nowadays unlike in the past, children are no longer the victims but everyone is; be it old or young, the crime has experienced an exponential growth with the growth of the internet and the tough economic times. Additionally, Cyber Bullies in...

Words: 1542 - Pages: 7

Premium Essay

Cyber Bullying

...Difference Between Cyber Bullying Perpetration and Non-Physical Bullying: Relations to Race, Individual, and Family Predictors Abstract The research in this article is based upon finding a relationship between cyber-bullying perpetration with non-physical bullying. It also works on find the relatedness it has with race, home life, and other issues. They use children in grades 5th through 7th and use three time points, each six months apart. The article finds that cyber-bullying does have a significant overlap with non-physical bullying but when it is compared longitudinal there was less of an overlap. In today’s society, bullying has become a very big problem among adolescents. With all the new forms of communication with technology there has been a lot of cyber-bullying, specifically. It seems to be the new way to harass others and the fact that it is done through technology it makes it less obvious. The reason it is such a big problem though, is because the harassment some of the children endure have caused suicide. This article tries to find the relatedness it has with other factors of children’s lives. If some form of connection can be found then there can be a chance to find a way to stop the problem before it begins or to even see the signs of this type of bullying. For starters, what researchers have noticed is that cyber-bullying is something that is quite new to us today. Because of this it is a topic that is less understood by what the underlying...

Words: 2945 - Pages: 12

Premium Essay

Cyber Bullying

...stop to it and hold cyberbullies accountable for their infractions on innocent people. Educating students about cyberbullying, demonstares how it hurts, prohibiting cell phones on school grounds and taking away the do make it to school grounds will help the school. Lawmakers are in the process of creating more serious and stricter laws against the person and persons doing the bullying. Many states and cities are also creating laws and punishments for people who do such a crime. These people need to be more seriously punished in order to learn how seriously they have hurt the person being bullied. Cyberbullying is hurtful and growing trend that schools everywhere need to get more involved to help put a stop to it. There are many stories of cyber bullying that go to far and sometimes have teenagers committing suicide to escape their torment. Rachael Neblett, a seventeen-year old high school student from Kentucky, took her life October 9, 2006: [She] began receiving threatening emails through her MySpace account, in the summer of 2006. The anonymous emails were of a stalking terroristic nature. Rachael’s parents brought the emails to the attention of the principle of her high school. As the emails included details of her movements during class and after...

Words: 1518 - Pages: 7

Premium Essay

Cyber Bullying

...Cyber bullying New technology benefits society in many ways, but also creates problems and ethical issues, namely those pertaining to cyber bullying. Merriam Webster defines cyber bullying as, “the electronic posting of mean-spirited messages about a person (as a student) often done anonymously.” The development and increased usage of communication and information technology has led cyber bullying to gain traction in society. Legislation and organizations are arising to deal with cyber bullying, a major issue that victims struggle with every day. Cyber bullies’ rhetoric includes, but is not limited to, physical threats, sexual remarks, hate speech, rumors, and slander. Cyber bullies employ various tactics to humiliate and defame their victims, both on a one-on-one level and through public settings. In the more private form, offenders directly insult their victims through intimidating and hostile messages. In the more public form, cyber bullying can include actions such as posting embarrassing or nude photographs of victims without their knowledge or permission. These photos are often adulterated to depict the victim in compromised or defaming poses. Cyber bullies also spread lies and rumors via texts, instant messages, and Facebook posts. Additionally, perpetrators often steal passwords to victims’ online accounts and post humiliating remarks while posing as the victims themselves. Various studies attest to the pervasiveness and severity of cyber bullying in society. The...

Words: 1860 - Pages: 8

Premium Essay

Cyber Bullying

...Cyberbullying by Nicole M. Aune A Research Paper Submitted in Partial Fulfillment of the Requirements for the Master of Science Degree With a Major in School Psychology Approved: 2 Semester Credits The Graduate School University of Wisconsin-Stout December, 2009 ii The Graduate School University of Wisconsin~Stout Menomonie, WI Author: Title: Aune, Nicole M. Cyberbullying Graduate Degree/ Major: MS School Psychology Research Adviser: MonthlYear: Number of Pages: Dr. Amy Schlieve December 2009 29 Style Manual Used: American Psychological Association, 5th edition ABSTRACT A literature review of research pertaining to cyberbullying was completed. Findings indicate that cyberbullying is becoming more prevalent as students spend an increasing amount of time using technology that keeps them connected to people at all hours of the day. There are many different ways in which cyberbullies reach their victims, including instant messaging over the Internet, social networking web sites, text messaging and phone calls to cell phones. There are different forms of cyberbullying including, but not limited to, harassment, impersonation, and cyberstalking. It has been found that there are differences between not only the prevalence of cyberbullying between males and females but also the ways in which males and females cyberbully. Like bullying, cyberbullying is a serious problem which can cause the victim to feel inadequate and overly self-conscious, along with...

Words: 7448 - Pages: 30

Premium Essay

Cyber Bullying

...Studies indicate that cyber-bullying incidents have quadrupled in past five years (Ross). Cyber-bullying has become a huge issue recently. Every time you turn on the news there is another bullying, or a suicide related to bullying, incident being reported. “Love is louder” has been a common phrase among celebrities and influential figures lately. They are trying to send out a message to their followers saying that bullying is not right and should not be tolerated. The expansion of communication technologies is widening the way bully’s can torture their victims. The fact of the matter is, technology is not going anywhere, so we need to figure out a way to put an end to cyber-bullies. Cyber-bullying is becoming a major problem and we all need to do our parts in figuring out what can be done to stop cyber-bullies in their tracks. Cyber-bullies will continue to be a threat to today’s youth until we take preventative measures against them. Before putting a stop to cyber-bullying we must understand why and how a cyber-bully works. After researching and analyzing informative articles on the topic, this research paper aims to inform and answer questions such as: what a cyber-bully is, how they work, whom they target, and how to stop them. By understanding how a cyber-bully works we will be able to better protect youth populations as technology grows. Approximately half of  U.S. students are impacted by traditional bullying each school day (Ross). Cyber-bullying is technology powered and...

Words: 1649 - Pages: 7

Free Essay

Cyber Warfare

...An attack against a computer system or network is how PC Magazine defines a cyber-attack. A Cyber-attack can take many forms, for many reasons and can be executed on a small or large scale. Most cyber-attacks are criminal in nature. These cybercrimes are usually motivated by profit. Recent examples include the cyber-attacks on Visa/MasterCard and attacks on Google’s network by China. The cyber-attacks on Visa and MasterCard were part of “operation payback”, and were carried out by various loose nit groups that organized using social networking sites. “Operation payback” was retaliation against Visa and MasterCard for refusing to continue to do business with the website WikiLeaks. WikiLeaks posted leaked classified U.S. diplomatic communications on their website for the world to see. The United States felt this was a criminal act and pressured Visa and MasterCard to stop processing transactions for WikiLeaks. In response hackers launch “operation payback” which used distributed denial-of-service (DDoS) attacks to crash Visa and MasterCard Servers. Google recently exited the Chinese market. According to the New York Times, “Google linked its decision to sophisticated cyber-attacks on its computer systems that it suspected originated in China and that were aimed, at least in part, at the Gmail user accounts of Chinese human rights activists. The attacks were directed at some 34 companies or entities, most of them in Silicon Valley, California, according to people with knowledge of...

Words: 2021 - Pages: 9

Free Essay

Cyber Bullying

...Cyber Bullying: Negative Consequence Bullying is not new to the school campus; what is new is the independent access that young people of all ages have to the internet and various social media sites. Cyberbullying behavior should not simply be considered an inevitable part of school life and dismissed as a natural consequence of being a teenager. With little supervision, students are engaging in cyberbullying behaviors that are hostile; placing both the cyberbullying victim and the cyberbullying harasser at risk for negative social-emotional and academic consequences. Cyberbullying is the one of the latest issues to be defined by school districts and law enforcement. The Merriam-Webster Dictionary added the word cyberbullying in their 2004 revised edition: “the electronic posting of mean-spirited messages about a person (as a student) often done anonymously.” After interviewing 279 students (ages ten to 18) researchers Heidi Vandebosch and Katrien Van Cleemput further clarified the definition of cyberbullying in 2008. Their research identified specific communication patterns that led them to add that cyberbullying is not just a one time action, but rather “a part of a repetitive pattern of negative offline or online actions;” and the hostile actions are “intended to hurt (by the perpetrator) and perceived as hurtful (by the victim.)” (Vandebosch and Van Cleemput 500) Consistently, cyberbullying is viewed as hostile misbehavior. When considering whether internet...

Words: 1329 - Pages: 6

Free Essay

Living in the Age of Cyber Attacks and Cyber Warfare

...Living in the Age of Cyber Attacks and Cyber Warfare UMUC   If you asked the average person on the street about cybersecurity and cyber warfare, they would probably say they don’t know much about it other than the fact that it involves computers. In fact, for anyone outside of the cybersecurity industry, the closest thing to cyber warfare that they may have experienced was their viewing of the movie War Games, or the fourth installment of the Die Hard series, Live Free or Die Hard. While those movies had a profound impact on the lives of the characters in the script, the audience probably thought it was merely fiction, not fully based on fact. In Live Free or Die Hard, John McClain (played by the indefatigable Bruce Willis) is attempting to stop a domestic cyber-terrorist who is acting out on a vendetta against the United States. The cyber-terrorist is successful in launching an online attack to overload and destroy a power grid that left much of America’s East Coast in darkness. When I first saw this movie, I was curious if an attack like that was really possible; however, most people around me just labeled the movie as “Hollywood’s overactive imagination”. With cyber attacks literally having the ability to affect lives in a nanosecond, it is vital that everyone understand what cyber attacks entail, the impact of these cyber attacks on a domestic and international scale, and knowing what to expect in the future while living in a world dominated by virtual experiences...

Words: 2352 - Pages: 10

Premium Essay

Cyber Bullying

...Cyberbullying Imagine coming home from school and sitting at the computer to get away from the stress of the day. Within a few minutes you're bombarded with messages like "You're ugly…We hate you…Why don't you make us all happy and end your miserable life". Welcome to a world too many teenagers are facing. A world where bullying no longer takes place in the hallways at school or on the way home. Bullying is now more likely to takes place in the murky, often anonymous world of the Internet. About a third (31%) of all students ages 12-14 have been bullied online according to a study by Opinion Research Corporation (2006). This research paper will examine some of the reasons for "cyberbullying," and what may be done about it. What is Cyberbullying? Bill Belsey, President of Bullying.org Canada says, "Cyberbullying involves the use of information and communication technologies such as e-mail, cell phone and pager text messages, instant messaging, defamatory personal Web sites, and defamatory online personal polling Web sites, to support deliberate, repeated, and hostile behavior by an individual or group that is intended to harm others". Nancy Willard, author of "An Educators Guide to Cyberbullying and Cyberthreats" breaks down cyberbullying into the following categories: -Flaming. Online fights using electronic messages with angry or vulgar language. -Harassment. Repeatedly sending nasty, mean, an insulting messages. -Denigration. "Dissing" someone online. Sending or posting...

Words: 4129 - Pages: 17