Current Ransomware Threats

Abstract

Ransomware continues to be a grave security threat to both organizations and individual users. The increased sophistication in ransomware design provides enhanced accessibility and distribution capabilities that enable attackers of all types to employ this malicious tool. This report discusses ransomware, including an explanation of its design, distribution, execution, and business model. Additionally, the report provides a detailed discussion of encryption methods and runtime activities, as well as indicators that are useful in their detection and mitigation. Ransomware has evolved into a sophisticated tool that is usable by even non-technical persons and has multiple variants offered as Ransomware as a Service (RaaS). RaaS decreases the risk for ransomware authors, since they do not perform attacks, and reduces the affiliates' cost to mount attacks. Additionally, as of 2019, some ransomware families have started threatening public disclosure of a victim's sensitive data if they do not pay a ransom and are following through with the threat.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 01, 2020
Accession Number
AD1130447

Entities

People

  • Alexandra Parisi
  • Marisa M. O'meara
  • Marisa Midler

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Anti-Malware Software
  • Anti-Virus Software
  • Command And Control
  • Computer Network Security
  • Computer Program Documentation
  • Computer Program Reliability
  • Computer Programming
  • Computers
  • Cyberattacks
  • Cybersecurity
  • Data Exfiltration
  • Data Leakages
  • Electronic Mail
  • Information Security
  • Information Systems
  • Malware
  • New Jersey
  • Operating Systems
  • Software Development
  • United States
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Naval Engineering and Maritime Security

Technology Areas

  • Cyber