Ransomware: Rising Threat of New-Age Digital Extortion

Abstract

What if someone stopped you from accessing your files or using your computer? What if they demanded an amount to get access back to you? Most financial and social interactions revolve around three critical aspects – firstly, the use of digital data and files; secondly, computer systems; and last, the insecure internet. This is where Ransomware using Bitcoin has become a major cause of concern in the form of a new-age digital extortion threat to home and corporate users. This chapter discusses Ransomware and the methods adopted by cybercriminals for holding ransom innocent users' digital data and systems and proposes a malware detection system. Crypto and Locker ransomware is reviewed for their propagation, attack techniques, and new emerging threat vectors, such as file Encryption Ransomware, Screen Lock Ransomware, Windows & Browser Lock, Pop Advertisements, and URL Redirection. The author proposed a Cloud-based malware detection system, performing comparison evaluation with and without the proposed anti-malware solution in the form of sandboxes, so even if the environment got compromised, it could be easily decommissioned and rebuilt from a fresh, clean virtual snapshot. Malware Behavioral environments were set up for analyzing malware before and after receiving malware payload files and logs from infected user devices. Malware Code Analysis gathered assembly code and memory dumps from memory and performed analysis on malware payload instructions. Reporting environment analyzed Web URLs proactively for malicious sites hosting malware code or payloads and checked the user system and devices for before and after analysis logs.