Ransomware Evolution (勒索病毒的演變)

Ahmed, Mohiuddin

  • 出版商: CRC
  • 出版日期: 2024-12-23
  • 售價: $4,820
  • 貴賓價: 9.5$4,579
  • 語言: 英文
  • 頁數: 234
  • 裝訂: Hardcover - also called cloth, retail trade, or trade
  • ISBN: 1032742712
  • ISBN-13: 9781032742717
  • 尚未上市,無法訂購

相關主題

商品描述

Ransomware is a type of malicious software that prevents victims from accessing their computers and the information they have stored. Typically, victims are required to pay a ransom, usually using cryptocurrency such as Bitcoin, to regain access. Ransomware attacks pose a significant threat to national security, and there has been a substantial increase in such attacks in the post-Covid era. In response to these threats, large enterprises have begun implementing better cybersecurity practices, such as deploying data loss prevention mechanisms and improving backup strategies. However, cybercriminals have developed a hybrid variant called Ransomware 2.0. In this variation, sensitive data is stolen before being encrypted, allowing cybercriminals to publicly release the information if the ransom is not paid. Cybercriminals also take advantage of cryptocurrency's anonymity and untraceability.

Ransomware 3.0 is an emerging threat in which cybercriminals target critical infrastructures and tamper with the data stored on computing devices. Unlike in traditional ransomware attacks, cybercriminals are more interested in the actual data on the victims' devices, particularly from critical enterprises such as government, healthcare, education, defense, and utility providers. State-based cyber actors are more interested in disrupting critical infrastructures rather than seeking financial benefits via cryptocurrency. Additionally, these sophisticated cyber actors are also interested in obtaining trade secrets and gathering confidential information. It is worth noting that the misinformation caused by ransomware attacks can severely impact critical infrastructures and can serve as a primary weapon in information warfare in today's age. In recent events, Russia's invasion of Ukraine led to several countries retaliating against Russia. A ransomware group threatened cyber-attacks on the critical infrastructure of these countries. Experts warned that this could be the most widespread ransomware gang globally and is linked to a trend of Russian hackers supporting the Kremlin's ideology.

Ensuring cyber safety from ransomware attacks has become a national security priority for many nations across the world. The evolving variants of ransomware attacks present a wider and more challenging threat landscape, highlighting the need for collaborative work throughout the entire cyber ecosystem value chain. In response to this evolving threat, a book addressing the challenges associated with ransomware is very timely. This book aims to provide a comprehensive overview of the evolution, trends, techniques, impact on critical infrastructures and national security, countermeasures, and open research directions in this area. It will serve as a valuable source of knowledge on the topic.

商品描述(中文翻譯)

勒索病毒是一種惡意軟體,會阻止受害者訪問他們的電腦及儲存的資訊。通常,受害者需要支付贖金,通常使用比特幣等加密貨幣,才能重新獲得訪問權限。勒索病毒攻擊對國家安全構成重大威脅,並且在後疫情時代,此類攻擊有了顯著增加。為了應對這些威脅,大型企業已開始實施更好的網路安全措施,例如部署資料遺失防護機制和改善備份策略。然而,網路犯罪分子已開發出一種混合變體,稱為 Ransomware 2.0。在這種變體中,敏感資料在被加密之前就已被竊取,這使得網路犯罪分子可以在未支付贖金的情況下公開釋放這些資訊。網路犯罪分子還利用加密貨幣的匿名性和不可追蹤性。

Ransomware 3.0 是一種新興威脅,網路犯罪分子針對關鍵基礎設施並篡改儲存在計算設備上的資料。與傳統的勒索病毒攻擊不同,網路犯罪分子對受害者設備上的實際資料更感興趣,特別是來自政府、醫療、教育、國防和公用事業等關鍵企業的資料。國家級的網路行為者更關心破壞關鍵基礎設施,而不是通過加密貨幣尋求財務利益。此外,這些複雜的網路行為者也對獲取商業機密和收集機密資訊感興趣。值得注意的是,勒索病毒攻擊所造成的錯誤資訊可能會對關鍵基礎設施造成嚴重影響,並且在當今時代可以作為資訊戰的主要武器。在最近的事件中,俄羅斯入侵烏克蘭導致幾個國家對俄羅斯進行報復。一個勒索病毒團體威脅對這些國家的關鍵基礎設施發動網路攻擊。專家警告這可能是全球最廣泛的勒索病毒團伙,並與俄羅斯黑客支持克里姆林宮意識形態的趨勢有關。

確保網路安全免受勒索病毒攻擊已成為全球許多國家的國家安全優先事項。演變中的勒索病毒攻擊變體呈現出更廣泛且更具挑戰性的威脅環境,突顯了在整個網路生態系統價值鏈中進行協作工作的必要性。為了應對這一不斷演變的威脅,針對勒索病毒相關挑戰的書籍恰逢其時。本書旨在提供有關演變、趨勢、技術、對關鍵基礎設施和國家安全的影響、對策以及該領域開放研究方向的綜合概述。它將成為該主題的寶貴知識來源。

作者簡介

Dr. Mohiuddin Ahmed is dedicated to educating the next generation of cyber leaders and conducting research to disrupt the cybercrime ecosystem. His research focuses on ensuring national security and safeguarding critical infrastructures from cyber terrorists. Dr. Ahmed has edited several books and contributed articles to The Conversation. He has secured several external and internal grants totaling more than $1.7 million and has collaborated with academia and industry. Dr. Ahmed is a regular speaker at international conferences and public organizations and is sought after by the media for his expert opinion. Additionally, he is a Fellow of the Higher Education Academy, UK. He is also a Senior Member of IEEE and was an ACM Distinguished Speaker. He is an Associate Editor for the International Journal of Computers and Applications and Journal of Cyber Security Technology.

作者簡介(中文翻譯)

Dr. Mohiuddin Ahmed 致力於培養下一代的網路領導者並進行研究,以顛覆網路犯罪生態系統。他的研究重點在於確保國家安全並保護關鍵基礎設施免受網路恐怖分子的威脅。Ahmed 博士編輯了幾本書籍,並為 The Conversation 撰寫了多篇文章。他獲得了多項外部和內部的資助,總額超過 170 萬美元,並與學術界和產業界合作。Ahmed 博士是國際會議和公共組織的常規演講者,媒體也經常尋求他的專業意見。此外,他是英國高等教育學院的院士,也是 IEEE 的高級會員,曾擔任 ACM 傑出演講者。他是《國際計算機與應用期刊》和《網路安全技術期刊》的副編輯。