Wannacry, Ransomware, and the Emerging Threat to Corporations

LSN: Spyware (Sub-Topic) Pub Date : 2018-08-24 DOI:10.2139/SSRN.3238293

L. Trautman, Peter C. Ormerod

{"title":"Wannacry, Ransomware, and the Emerging Threat to Corporations","authors":"L. Trautman, Peter C. Ormerod","doi":"10.2139/SSRN.3238293","DOIUrl":null,"url":null,"abstract":"The WannaCry ransomware attack began on May 12, 2017, and is unprecedented in scale—quickly impacting nearly a quarter-million computers in over 150 countries. The WannaCry virus exploits a vulnerability to Microsoft Windows that was originally developed by the U.S. National Security Agency and operates by encrypting a victim’s data and demanding payment of a ransom in exchange for data recovery. Security experts have indicated that a North Korea-linked group of hackers—who have also been implicated in cyberattacks against Sony Pictures in 2014, the Bangladeshi Central Bank in 2016, and Polish banks in February 2017—is behind the attack. \n \nRansomware threatens institutions worldwide, but the risks for businesses are all the starker—potentially catastrophic. This article provides corporate executives with much of what they need to know about the evolving threats of malware and ransomware like Cryptolocker, Kelihos Botnet, Locky, Nymain, Petya, NotPetya, and WannaCry. First, we provide a brief definition and history of ransomware. Second, we look at the history of hospitals as ransomware targets. Third, we offer a description of the WannaCry virus, what is known about its development, method of action, and those who are believed to have deployed it; in this section, we also discuss methods to defend against this particular virus. Fourth, we discuss the Petya and NotPetya attacks. Fifth, is a discussion of municipal ransomware attacks. Sixth, we review the myriad and unique risks that ransomware poses for corporations—including expected refinements of the technique, such as to effect corporate sabotage. Seventh, we discuss the duties and responsibilities of corporate directors and the Ormerod-Trautman data security economic model. Eighth and finally, we review the current cybersecurity legal landscape with a particular focus on corporate best practices and how business executives protect themselves against cybersecurity-related liability. We believe this Article contributes to the sparse existing literature about ransomware and related cyber threats posed to corporate boards and management.","PeriodicalId":169522,"journal":{"name":"LSN: Spyware (Sub-Topic)","volume":"69 9","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"LSN: Spyware (Sub-Topic)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2139/SSRN.3238293","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 19

Abstract

The WannaCry ransomware attack began on May 12, 2017, and is unprecedented in scale—quickly impacting nearly a quarter-million computers in over 150 countries. The WannaCry virus exploits a vulnerability to Microsoft Windows that was originally developed by the U.S. National Security Agency and operates by encrypting a victim’s data and demanding payment of a ransom in exchange for data recovery. Security experts have indicated that a North Korea-linked group of hackers—who have also been implicated in cyberattacks against Sony Pictures in 2014, the Bangladeshi Central Bank in 2016, and Polish banks in February 2017—is behind the attack. Ransomware threatens institutions worldwide, but the risks for businesses are all the starker—potentially catastrophic. This article provides corporate executives with much of what they need to know about the evolving threats of malware and ransomware like Cryptolocker, Kelihos Botnet, Locky, Nymain, Petya, NotPetya, and WannaCry. First, we provide a brief definition and history of ransomware. Second, we look at the history of hospitals as ransomware targets. Third, we offer a description of the WannaCry virus, what is known about its development, method of action, and those who are believed to have deployed it; in this section, we also discuss methods to defend against this particular virus. Fourth, we discuss the Petya and NotPetya attacks. Fifth, is a discussion of municipal ransomware attacks. Sixth, we review the myriad and unique risks that ransomware poses for corporations—including expected refinements of the technique, such as to effect corporate sabotage. Seventh, we discuss the duties and responsibilities of corporate directors and the Ormerod-Trautman data security economic model. Eighth and finally, we review the current cybersecurity legal landscape with a particular focus on corporate best practices and how business executives protect themselves against cybersecurity-related liability. We believe this Article contributes to the sparse existing literature about ransomware and related cyber threats posed to corporate boards and management.

查看原文本刊更多论文

Wannacry，勒索软件，以及对企业的新威胁

“想哭”勒索软件攻击始于2017年5月12日，其规模前所未有，迅速影响了150多个国家的近25万台计算机。“想哭”病毒利用了微软Windows系统的一个漏洞，该漏洞最初是由美国国家安全局(National Security Agency)开发的，它通过加密受害者的数据，并要求支付赎金来换取数据恢复。安全专家表示，一个与朝鲜有关的黑客组织是此次攻击的幕后黑手，该组织还参与了2014年针对索尼影业、2016年针对孟加拉国中央银行和2017年2月针对波兰银行的网络攻击。勒索软件威胁着世界各地的机构，但对企业的风险更为严重——可能是灾难性的。本文为企业高管提供了许多他们需要了解的关于恶意软件和勒索软件(如Cryptolocker, Kelihos Botnet, Locky, Nymain, Petya, NotPetya和WannaCry)不断发展的威胁的信息。首先，我们简要介绍了勒索软件的定义和历史。其次，我们看看医院作为勒索软件目标的历史。第三，我们提供了一个关于WannaCry病毒的描述，关于它的发展，行动方法，以及被认为是谁部署了它;在本节中，我们还将讨论防御这种特定病毒的方法。第四，我们讨论Petya和NotPetya攻击。第五，是对市政勒索软件攻击的讨论。第六，我们回顾了勒索软件给公司带来的无数独特的风险，包括预期的技术改进，比如对公司的破坏。第七，我们讨论了公司董事的义务和责任以及Ormerod-Trautman数据安全经济模型。第八，也是最后，我们回顾了当前的网络安全法律环境，特别关注企业最佳实践以及企业高管如何保护自己免受网络安全相关责任的侵害。我们认为，本文对现有关于勒索软件及对公司董事会和管理层构成的相关网络威胁的文献有所贡献。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

LSN: Spyware (Sub-Topic)

自引率

0.00%

发文量