Work place: National Institute of Public Administration/Information & Communications Technology, Lusaka, 10101, Zambia
Research Interests: Software Development Process, Computer systems and computational processes, Information Security, Network Security, Information Systems
Mumbi Chishimba holds a Master’s and Bachelor’s Degree in Computer Science from Mulungushi University in the department of Computer Science and Information Technology. Currently, he is with the National Institute of Public Administration (NIPA) where is he is serving as the information systems analyst and developer. His research interests are information systems management, software algorithm development, and information and network security.
DOI: https://doi.org/10.5815/ijcnis.2019.01.03, Pub. Date: 8 Jan. 2019
The devasting effects of ransomware have continued to grow over the past two decades which have seen ransomware shift from just being opportunistic attacks to carefully orchestrated attacks. Individuals and business organizations alike have continued to fall prey to ransomware where victims have been forced to pay cybercriminals even up to $1 million in a single attack whilst others have incurred losses in hundreds of millions of dollars. Clearly, ransomware is an emerging cyber threat to enterprise systems that can no longer be ignored. In this paper, we address the evolution of the ransomware and the associated paradigm shifts in attack structures narrowing down to the technical and economic impacts. We formulate an attack model applicable to cascaded network design structures common in enterprise systems. We model the security state of the ransomware attack process as transitions of a finite state machine where state transitions depict breaches of confidentiality, integrity, and availability. We propose a ransomware categorization framework that classifies the virulence of a given ransomware based on a proposed classification algorithm that is based on data deletion and file encryption attack structures. The categories that increase in severity from CAT1 to CAT5 classify the technical prowess and the overall effectiveness of potential ways of retaining the data without paying the ransom demand. We evaluate our modeling approach with a WannaCry attack use case and suggest mitigation strategies and recommend best practices based on these models.[...] Read more.
Subscribe to receive issue release notifications and newsletters from MECS Press journals