Term 1, 2017
Question 4. Malware Research
Objective: research real malware and gain an understanding of the techniques used in the malware and countermeasures
Ransomware attacks are increasingly publicised. In addition it is estimated there are many more ransomware attacks not being made public, e.g. companies and users paying a ransom but not disclosing the attack. The prevalence of ransomware, and the impact it has on organisations, has led to the discussion of ransomware insurance. Your task is to study what is ransomware, what are the challenges and possible countermeasures, and report on it in an easy-to-understand manner. You must write a short report on ransomware that addresses at least the following issues/topics:
(a)What is ransomware?
(b)What are examples of ransomware attacks? For example, names of malware, organisations attacked.
(c)What are common methods of infection by ransomware?
(d)What is the payload in ransomware? What cryptographic techniques are commonly used?
(e)How is the ransom obtained? What is the role of Bitcoin (or other cryptocurrencies)?
(f)What are the options for users once infected?
(g)What countermeasures should users and organisations take to prevent ransomware attacks?
The above is a guide of what should be covered. You may also address other issues, and you don’t have to address them in the order listed.
There is no minimum/maximum length of the report. As a guide 1 to 2 pages of text (not including pictures) may be appropriate. In addition you may include your own pictures (not pictures from other sources) if they are useful in explaining ransomware. Including pictures from other sources, or including pictures that do not help with the explanation will not gain marks and may lead to reduced marks.
You may assume the audience of the report has similar background on network security as you. You should refer to techniques and concepts covered in the unit, and give sufficient technical detail to demonstrate you understand ransomware.
At least five (5) references should be included and follow the Harvard (author-date) style. References may be a mix of websites, textbooks and conference/journal articles.
1 mark will be given for each of the seven (7) topics/issues ((a) to (g)) if they are satisfactorily explained.
1 mark will be given if the report is well presented, including: well formatted, few spelling/grammar mistakes.
1 mark will be given if the references are sufficient and appropriate. Inclusion of inappropriate/irrelevant references will result in 0 marks.
Up to 6 marks may be deducted if the report is difficult to read (e.g. due to grammar), includes information irrelevant to the question, and/or includes material (pictures, quotes) taken from other sources.