INTL446 American Military Ransomware Attacks Proposal Paper Assignment 3. Cyber Issue Paper Your final assignment is where you will weave the first two e

INTL446 American Military Ransomware Attacks Proposal Paper Assignment 3. Cyber Issue Paper

Your final assignment is where you will weave the first two elements (the Cyber White Paper and Cyber Research Proposal) together, and incorporate your research analysis, to create a coherent issue paper that is 13-15 pages in length.

See attached documents.

While it is inappropriate (not to mention a violation of university policy) to cut-and-paste from past assignments in old courses into new ones, this research project is evolutionary and builds itself up from a research proposal to a completed product. For this reason, in this class it is permissible to paste the information (as appropriate and as it makes sense) from the first two assignments assigned in this course into your final assignment.

Format. Your research paper should include a title page, body, and reference page. Your paper should have a 1-inch border on all four sides, use Times New Roman-12 point font, be double spaced, and not have an extra space in-between paragraphs. (You may need to turn this off in MS word by going to “paragraph” and clicking “Don’t add space between paragraphs of the same style). Since this is an INTL course you need to use the Turabian parenthetical citation style with a references page.
You are encouraged to refer to Belcher, Wendy Laura. 2009. “Editing Your Sentences” In Writing Your Journal Article in 12 Weeks. A Guide to Academic Publishing Success. Sage. This resource has an excellent step-by-step process for enhancing your writing.
Your research paper should include the following sections:
Introduction.
This section should be written last and should pull from some of the elements of your research proposal. You will need to clearly provide an overview of the topic you are writing about, a concise synopsis of the issues, state your research question, and discuss why the situation is important to investigate. Writing the introduction last is helpful in ensuring that you’ve incorporated any changes that may have taken place over the course of your research. This section should be 1 page in length.
Literature Review.
Your literature review section is a synthesis of the sources that you identified in your second assignment in addition to other sources that you have identified to support your research. This section should be 3-4 pages in length.
Methodology.
2
This section will pull from, and expand upon, your research design section within your first assignment. Methodology sections are another standard element in research papers as they provide the reader with a clear understanding for how the research was carried out. In this section you should discuss your case study methodology and explain the validity of your approach. In your explanation be sure you explain how you chose the case to investigate, your data collection method, your data analysis (i.e. the questions you asked to help guide your research and thus answer your primary research question), and any potential data limitations and biases that pertain to this specific project. In your discussion of the studies limitations you should keep in mind that it is always best to end on a positive note, so be sure you discuss your plan to mitigate the limitations and biases, if any. This section should be 1-2 pages in length.
Analysis and Findings.
This section and the conclusion discussed below are essentially the two newest components of your research project. Your analysis and findings section should provide a narrative of your research and the analytical arguments that you will make as a result of your findings. In this section you will discuss the different information processing errors that occurred within your chosen situation and explain how they lead to or are leading to errors in analysis and/or decision-making. Within this section you should provide the evidence that proves or disproves your research hypothesis. This section should be 5-6 pages in length.
Conclusion.
This section will contain the concluding analytical arguments based on what the research has revealed. Here you will discuss some of the techniques and strategies that can be used to help mitigate the information processing errors and/or decision-making errors that occurred during the situation under investigation.
Like any conclusion, it should provide a synopsis of the project, the strategy, the results, and what the research adds to our body of knowledge. Within your conclusion you should also offer suggestions for avenues of future research for other scholars as all knowledge is evolutionary. This section should be 1-2 pages in length.
References.
This section will contain all of the references that you have cited within your paper. They should be listed in Turabian References format and arranged alphabetically. Entitle this section as “References”, each source notation should be single spaced with one space between each source.
At this level your references should fall within the 18-25 sources range and be made up primarily of peer-reviewed content. ADDRESSING RISING CASES OF RANSOMWARE ATTACKS
Olubode, Taiwo
INTL647 Cyber Intelligence
June 9, 2019
Cyber White Paper.
2
RANSOMWARE ATTACKS
Introduction
Ransomware is a type of malicious software that has the ability to prevent a user from
using certain software or files until they pay a ransom for access. This form of cybercrime is
more advanced and is seeing less skilled cybercriminals being replaced by more technically
advanced criminals.1 This is leading to a chain reaction effect where attacks collaborate to
execute a domino effect. The attack has a final goal that is triggered by the initial attack which is
often difficult to stop. These attacks are also facilitated by the increase in malicious Android
applications on mobile phones. These applications offer a quick avenue for cybercriminals to
install the attacks and have an execution mechanisms.
There have been several attacks that have been of great consequence. In 2017, there was
the WannaCry ransomware attack. The WannaCry attack utilized a hole in the Microsoft
software to spread through the network. This attack led to over 250,000 new detections within a
few days.2 There was a patch that was introduced by Microsoft to solve the issue but those who
had not updated were caught in the attack. This is an example of how advanced attackers are
getting and the level of intelligence that they have in their hands. The financial effects of the
attack are estimated to have cost about $3 million in value of breached data alone3
Research Question
1
Sangani Priyanka, “Targeted ransomware attacks surge in 2018: Report” The Economic Times. Retrieved
from https://economictimes.indiatimes.com/tech/internet/targeted-ransomware-attacks-surge-in-2018report/articleshow/66709042.cms?from=mdr.
2
Fruhlinger Josh, “The 6 biggest ransomware attacks of the last 5 years” Retrieved from
https://www.csoonline.com/article/3212260/the-5-biggest-ransomware-attacks-of-the-last-5-years.html
3
Singal Nidhi, “Aftermath of WannaCry” Retrieved from
https://www.businesstoday.in/magazine/technology/wannacryransomwarecomputershackersattackransomwarebitcoinscryptocurrencyvirtualcurrencymonero/story/258734.html
3
Ransomware is a prominent threat to digital security in the modern day. Ransomware is
leading in cybercrime where criminals hijack and encrypt user data and ask for compensation in
return to restoration of normalcy. A prime example of this is the WannaCry attack. The attackers
in this case made away with lots of money in the form of ransom. The payments were made in
the form of bitcoin4 which made the funds had to trace. This wide scale vulnerability of data
safety especially in the digital age creates a huge problem for society. The industry has also
grown to be a $1 billion-a-year crime industry.5 However, there is a need to look at the industry
in an in-depth manner to find the accurate value of the attacks. As such, the research question of
the paper is, what is the personal, technological, production, and social impact of ransomware
attacks.
Importance of the Issue
Notably, the issue of cybersecurity has gained lots of attention in the present-day
especially in regards to the attacks and exploitation that is accompanied with it. The risks of
ransomware are on the rise especially with the increase in unauthorized access to cyber systems.
There is a primary concern that is associated with the extent of damage that cybersecurity
incidences is associated with in terms of the effects on human welfare. There attacks hinder lots
of activities that are important to human beings especially when they are directed at facilities
such as healthcare services. As long as the trends in the nature and frequency of attacks indicate
increased complexity, then an effort to control the issue is of much importance. There are some
4
Kate O’Flaherty, “How To Survive A Ransomware Attack — And Not Get Hit Again,”
Forbes, August 17, 2018, https://www.forbes.com/sites/kateoflahertyuk/2018/08/17/how-tosurvive-aransomware-attack-and-not-get-hit-again/#4661d18c6cd3
5
Popoola, Segun & John, Samuel. (2017). RANSOMWARE: Most Recent Threat to Computer Network
Security. 10.13140/RG.2.2.31592.67841.
4
strategies that can be applied to control the issue. The use of redemption6, for instance, has seen
users being given the option of terminating suspicious processes. These processes have shown to
increase usability which affects the human consequences of a ransomware attack.
Some of the things that we can learn from the study include the strategies that can be
used for a collective cyber-response to the issue. This strategy includes first the identification of
the threats in the organization.7 There is also going to be a realization of the dramatic prevalence
of ransomware in modern times and its causes8. Additionally, there is going to be an
identification of trends9 which can help reveal the vulnerabilities of an organization to a
ransomware attack based on human, technological, and productivity aspects. The study will also
help us understand how information processing errors, such as when people tend to stick to their
previous beliefs or status quo affects the risk of an organization to an attack10.
Theoretical Framework
The consistency theory states that people seek to understand and make decisions based on
simple and coherent ways. People always seek to make decisions based on coherent attitudes,
thoughts, beliefs, values, behaviors, and feelings. Any inconsistency in these factors leads to
people being in a state of tension which will reduce tension. Another theory of decision-making
is balance theory. The theory states that people often look at their relations in the form of a triad
that has to have a form of balance. The states have to be balanced to produce motivation. Using
these two theories as our basis, we shall be able to investigate some of the failures that may have
6
Kharraz Amin & Kirda Engin, “Redemption: Real-time Protection AgainstRansomware at End-Hosts”
International Symposium on Research in Attacks, Intrusions, and Defenses(2017), Springer, pp. 98–119.
7
O’Brien, Dick. Ransomware 2017. Internet Security Threat Report.
8
Richardson Ronny, North, Max. Ransomware: Evolution, mitigation, and prevention.International
Management Review 13,1 (2017), 10 – 21
9
Kevin Savage, Peter Coogan. The evolution of ransomware. Tech. rep., Symantec Corporation Security
Response,2015
10
Sibt-ul-Hasnain Kazmi. Managing Common Financial Risks. Enterprise Risk Management, 2016
5
taken place when dealing with ransomware. For instance, we shall look at how the imbalance
causes tension. This tension creates a necessity which opens a window for innovation. This
innovative thinking leads to people developing solutions and other problem-solving mechanisms
to deal with the issue of ransomware.
Research Design
The research paper utilizes a case study type of research. A case study is an in-depth
study that enables one to narrow down onto a specific research problem. The problem has to
have testable attributes. Moreover, the research design is appropriate as it enables the testing of
various decision-making theories such as balance theory. There is also little that is known on the
extra areas of social, technological, and productivity and how they are affected by a ransomware
attack. This approach is good for enabling us to understand the complex issue that is presented
by limiting the number of conditions and their relationships.
The case study type of research also allows for one to apply several research methodologies
depending on the source of the research. This also allows for a wide variety of sources to be
utilized within a research paper. Through the case study, there is also the possibility of adding
more information to what is already known in previous research. From a social science
perspective, the case study research design enables the researcher to examine modern life
experiences by providing a framework for the application of theories and concepts. This is made
possible by creating the possibility of providing detailed descriptions of rare cases.
The research will utilize secondary sources. To ensure that the data is accurate, the analysis will
look at various aspects. To begin with, the author will be analyzed to find out if they are a
scholar in the field. There is also looking at the journal and source to determine if it was
6
developed by a recognized publisher. There is also the analysis of the purpose of the text,
searching for any bias from the writer, the extent of the bibliography, and the primary sources
that are used by the author. The quality of primary and secondary sources that are used by an
author can give the quality of data and look at the extent and use of citations for supporting
various purposes. Information that is retrieved from the internet will be evaluated based on the
legitimacy of the website, the authors, and the date of publication. Publications that are more
than ten years old may not be highly relevant to modern day scenarios.
7
References
Kevin Savage, Peter Coogan. The evolution of ransomware. Tech. rep., Symantec Corporation
Security Response,2015.
Kharraz Amin & Kirda Engin, “Redemption: Real-time Protection AgainstRansomware at EndHosts” International Symposium on Research in Attacks, Intrusions, and Defenses(2017),
Springer, pp. 98–119.
Popoola, Segun & John, Samuel. (2017). Ransomware: Most Recent Threat to Computer
Network Security. 10.13140/RG.2.2.31592.67841
O’Brien, Dick. Ransomware 2017. Internet Security Threat Report.
Richardson Ronny, North, Max. Ransomware: Evolution, mitigation, and
prevention.International Management Review 13,1 (2017), 10 – 21.
Sibt-ul-Hasnain Kazmi. Managing Common Financial Risks. Enterprise Risk Management,
2016
Fruhlinger Josh, “The 6 biggest ransomware attacks of the last 5 years” Retrieved from
https://www.csoonline.com/article/3212260/the-5-biggest-ransomware-attacks-of-the-last-5years.html
8
Kate O’Flaherty, “How To Survive A Ransomware Attack — And Not Get Hit Again,” Forbes,
August 17, 2018, https://www.forbes.com/sites/kateoflahertyuk/2018/08/17/howtosurvive-a-ransomware-attack-and-not-get-hit-again/#4661d18c6cd3
Sangani Priyanka, “Targeted ransomware attacks surge in 2018: Report” The Economic Times.
Retrieved from https://economictimes.indiatimes.com/tech/internet/targeted-ransomwareattacks-surge-in-2018-report/articleshow/66709042.cms?from=mdr.
Singal Nidhi, “Aftermath of WannaCry” Retrieved from
https://www.businesstoday.in/magazine/technology/wannacryransomwarecomputershackersattackransomwarebitcoinscryptocurrencyvirtualcurrencymonero/story/258734.html.
Fruhlinger Josh, “The 6 biggest ransomware attacks of the last 5 years” Retrieved from
https://www.csoonline.com/article/3212260/the-5-biggest-ransomware-attacks-of-thelast-5-years.html.
Kate O’Flaherty, “How To Survive A Ransomware Attack — And Not Get Hit Again,” Forbes,
August 17, 2018, https://www.forbes.com/sites/kateoflahertyuk/2018/08/17/howtosurvive-a-ransomware-attack-and-not-get-hit-again/#4661d18c6cd3.
Kevin Savage, Peter Coogan. The evolution of ransomware. Tech. rep., Symantec Corporation
Security Response,2015.
9
Kharraz Amin & Kirda Engin, “Redemption: Real-time Protection Against Ransomware at EndHosts” International Symposium on Research in Attacks, Intrusions, and Defenses(2017),
Springer, pp. 98–119.
O’Brien, Dick. Ransomware 2017. Internet Security Threat Report.
Popoola, Segun & John, Samuel. (2017). RANSOMWARE: Most Recent Threat to Computer
Network Security. 10.13140/RG.2.2.31592.67841.
Richardson Ronny, North, Max. Ransomware: Evolution, mitigation, and
prevention.International Management Review 13,1 (2017), 10 – 21.
Sangani Priyanka, “Targeted ransomware attacks surge in 2018: Report” The Economic Times.
Retrieved from https://economictimes.indiatimes.com/tech/internet/targeted-ransomwareattacks-surge-in-2018-report/articleshow/66709042.cms?from=mdr.
Sibt-ul-Hasnain Kazmi. Managing Common Financial Risks. Enterprise Risk Management,
2016.
Singal Nidhi, “Aftermath of WannaCry” Retrieved from
https://www.businesstoday.in/magazine/technology/wannacryransomwarecomputershackersattackransomwarebitcoinscryptocurrencyvirtualcurrencymonero/story/258734.html.
ADDRESSING RISING CASES OF RANSOMWARE ATTACKS
Olubode, Taiwo
INTL647 Cyber Intelligence
May 20, 2019
Cyber White Paper.
Cyber systems are increasingly becoming a primary resource for successful engagement
in business activities. In particular, organizations and individuals have increasingly become
dependent on the internet of things as a means of integrating different factors of communication.
Improvements in the technology available and consequent development of various device
applications has led to innovation in means of gathering user data for various cyber systems,
leading to some individuals engaging in activities that significantly compromise the integrity of
the systems. In particular, ransomware forms one of the most significant threats to cyber security
in contemporary society, with the exploitation of user data leading to hackers using the
information to make changes on users’ hardware, and seek compensation to restore the devices
to functionality.
Ransomware primarily involves the use of a computer software to force users that
hackers have gained information about to provide a fee for the restoration of the device to
complete functionality. Most recent as 2017, the WannaCry attack made headlines following the
use of a cruptoworm to encrypt data on Microsoft Windows devices, and proceeded to demand
payment for systems restoration to functionality.1 The attack on a system as large as Microsoft,
in addition to the ease of access to the payments demanded, which was to be in the form of
bitcoin, exposed the vulnerability of society to ransomware. Such issues necessitate a significant
research on how best to deal with similar attacks, and in effect control the extent to which
technology makes users vulnerable.
1. Kate O’Flaherty, “How To Survive A Ransomware Attack — And Not Get Hit Again,”
Forbes, August 17, 2018, https://www.forbes.com/sites/kateoflahertyuk/2018/08/17/how-tosurvive-a-ransomware-attack-and-not-get-hit-again/#4661d18c6cd3
Notably, cyber security has been a subject of significant discussion in contemporary
society, but much of the attention given to the issue relates to cyber-attacks and exploitation.
However, reports on recent cases of unauthorized access to cyber systems reveal that the risks of
ransomware are ever increasing.2 The primary challenge associated with this form of cyber
insecurity is the damage caused to society through the activities that the attacks end up hindering,
some of which are critical to human welfare.3 Society does not have to suffer a catastrophic case
to pay much more attention to the problem. As long as the trends in the nature and frequency of
attacks indicate increased complexity, then an effort to control the issue is of much importance.
However, society can only institute control measures based on an understanding of the potential
implications of investing in some of the suggestions made by individuals with an exceptional
knowledge of cyber systems security.
One of the most common solutions to most issues in the workplace has often been
training employees, and such would also be helpful in helping mitigate cases of ransomware
attacks. In particular, phishing is one of the primary means used in which attackers gather
information that they end up using to conduct their attack. It includes sending a link to the target
system within a particular network, with the hope that the user would then open the link, thereby
giving the source of the said ransomware access to the computer systems, and by extension, the
network to which it is connected. Ultimately, the employee would have ended up giving an
2. Yaqoob, Ibrar, Ejaz Ahmed, Muhammad Habib ur Rehman, Abdelmuttlib Ibrahim
Abdalla Ahmed, Mohammed Ali Al-garadi, Muhammad Imran, and Mohsen Guizani, “The rise
of Ransomware and Emerging Security Challenges in the Internet of Things,” Computer
Networks 129 (2017) 445.
3 O’Flanherty, How to Survive a Ransomware Attack, 2018
opportunity to the attackers, unconscious of the implications of his or her actions to the
network’s integrity.
One of the primary advantages of this approach lies in the normalcy of its application.
Notably, if an organization decided to train its employees on ransomware and phishing concept,
the training process would be relatively similar to those which workers have experienced in the
past. Therefore, it would be relatively easy to implement a training program in response to the
issue. However, this solution is only applicable to organizational settings, but the attacks are not
limited to such environments. Just as organizations, individual cyber users can be vulnerable to
ransomware attacks, which necessitates measures to be developed as a possible solution and be
inclusive of individuals not working within organizational contexts. Although various software
developers could provide some insight on the best use of the platforms and in effect protect them
from potential phishing vulnerabilities, this solution may not be as effective for individual use.
Alternatively, constant updates to the security system used by particular user to protect
the IoT could be a solution, effectively addressing the chances of a ransomware attack. Constant
efforts to determine the ability of the security framework to counter the existing threats could be
a solution, if only one is capable enough of making the necessary updates to security software. In
any case, different firms make extensive investment in research and development of potential
security software, which in turn increase the ability of the organizations and individuals to
remain safe, knowing that they have an application in place to provide an alert in the event of
any suspicious activity in their system. On the other hand, making an effort to constantly review
the devices connected to a particular user’s cloud would be integral to understanding the
potential for attacks and taking the necessary measures to prevent such an outcome.
Notably, the efforts to maintain the integrity of the cyber system present an advantage to
the user, by ensuring that one has absolute control of the security of his or her devices.
Additionally, individuals as well as organizations could easily implement this measure, using
security products from some of the renowned security services providers available in the market.
Investment in ensuring that the cyber space is secure enough, and prevention of ransomware
attacks or other forms of cyber space challenges increases their appeal to the market, ultimately
influencing the quality of their security products. The only disadvantage with these systems lies
in the cost of investment in the systems, which in turn implies that they may not be as cheap to
procure, particularly where the ultimate impact of the security framework is highly guaranteed.
In conclusion, developing and implementing solutions to mitigate cyber security issues is
paramount to future success in the cyber environment. Ransomware attacks currently indicate an
upward trajectory, including an increase in the costs incurred by organizations and individuals
who fall victims to the attacks. Notably, improved technology through factors that include
blockchain currencies such as bitcoin adds on the challenges in recovering finances lost through
ransomware, due to difficulties tracing the money once disbursed. Based on the two solutions
here and analyzed, constant updates to the security system and management of features within is
one of the most effective solutions, with a high chance of deterring cases of attacks in the future
for both individuals and organizations.
References
Kate O’Flaherty. “How To Survive A Ran…
Purchase answer to see full
attachment