Abstract
AbstractRansomware is a menace to the vibrant digital ecosystem. The exponential growth in ransomware attacks, its detrimental impacts, and the ever‐changing methods adopted by threat actor groups demands a focused understanding of the evolution of ransomware. This would help the organizations devise novel defensive frameworks and security controls against the modern ransomware. In this work, the impacts and evolution of ransomware through different phases up to its current form are detailed. Further, based on the study and analysis of the most prevalent modern ransomware variants, their most used tactics, techniques and procedures (TTPs) are identified as per the MITRE ATT&CK model. This acts as a platform to propose a generic attack model for “modern ransomware.” Building on the existing MITRE mitigation, D3FEND‐based approaches and considering the resource and budget constraints of organizations, a simplified three‐tier defensive model that is cost‐effective and implementable is put forward. Thus, this work aims to open avenues for understanding the TTPs, and attack methodology of “modern ransomware,” thereby developing feasible and implementable defensive security controls.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
