An Effective Mitigation Scheme to Defend Against Ransomware Attacks
Ransomware has evolved from its inception with PC Cyborg, which encrypted files and demanded a ransom, to sophisticated threats employing advanced encryption and evasion techniques. This evolution has shifted the target from individual users to larger organisations, creating a multi-billion dollar industry. The exploitation of system vulnerabilities by ransomware highlights the importance of maintaining an up-to-date Common Vulnerabilities and Exposures (CVE) database. The project focuses on identifying ransomware infection factors, evaluating attack vectors, and implementing preventive measures. It also involves developing a local CVE database to filter for ransomware-related CVEs and an automated checklist to assess the presence of specific antiviruses, firewalls, and installed software versions. These efforts are designed to enhance the organisation's ability to detect and mitigate ransomware threats effectively.
Funding
This research project is supported by an ignition grant with Grant No. R-IE2-A405-0002, Singapore Institute of Technology and Ministry of Education, Singapore.
History
Journal/Conference/Book title
The 10th IRC Conference on Science, Engineering and Technology (IRC-SET 2024)Publication date
2024-08-17Version
- Post-print
Corresponding author
Huaqun Guo, huaqun.guo@singaporetech.edu.sgProject ID
- 11679 (R-IE2-A405-0002) Investigating Security Situation Awareness against Ransomware Attacks