Syed Naeem Ahmed, Raazi M. K. Syed, Rashid Kamal, Mubashir Khan
{"title":"针对勒索攻击的企业信息安全政策","authors":"Syed Naeem Ahmed, Raazi M. K. Syed, Rashid Kamal, Mubashir Khan","doi":"10.1109/MAJICC56935.2022.9994155","DOIUrl":null,"url":null,"abstract":"The ransomware attacks have created challenges for the entire world today and industries are getting affected from such sophisticated attacks, whether they are healthcare, educational, financials or any other service sectors, they are not safe from these malware attack. In these types of attacks, user data is encrypted or inaccessible to the victim, the hacker then demands money from the victim to give them access to their data after payment is done. This study guides how to mitigate ransomware attacks by adopting corporate information security policies in the organization with timely complete compliance. Ransomware is often designed to spread across networks and target information asset of organization, in healthcare Electronic Medical Record, HIMS, Database Server, File Servers, Application Server, Web Server, Domain Controllers and all associated & connected devices including IOT device, SCADA (Supervisory Control and Data Acquisition), once they are targeted the entire organization operations can be halted and paralyzed. Ransomware frequently changes its techniques to exploit the vulnerability, this research is based on technical & administrative controls, security standards, procedures, guidelines, best practices by following security frameworks i.e. (ISO 27001, HIPPA, and NIST) and the objective is to mitigate the attacks.","PeriodicalId":205027,"journal":{"name":"2022 Mohammad Ali Jinnah University International Conference on Computing (MAJICC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Corporate Information Security Policies Targeting Ransomw are Attack\",\"authors\":\"Syed Naeem Ahmed, Raazi M. K. Syed, Rashid Kamal, Mubashir Khan\",\"doi\":\"10.1109/MAJICC56935.2022.9994155\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The ransomware attacks have created challenges for the entire world today and industries are getting affected from such sophisticated attacks, whether they are healthcare, educational, financials or any other service sectors, they are not safe from these malware attack. In these types of attacks, user data is encrypted or inaccessible to the victim, the hacker then demands money from the victim to give them access to their data after payment is done. This study guides how to mitigate ransomware attacks by adopting corporate information security policies in the organization with timely complete compliance. Ransomware is often designed to spread across networks and target information asset of organization, in healthcare Electronic Medical Record, HIMS, Database Server, File Servers, Application Server, Web Server, Domain Controllers and all associated & connected devices including IOT device, SCADA (Supervisory Control and Data Acquisition), once they are targeted the entire organization operations can be halted and paralyzed. Ransomware frequently changes its techniques to exploit the vulnerability, this research is based on technical & administrative controls, security standards, procedures, guidelines, best practices by following security frameworks i.e. (ISO 27001, HIPPA, and NIST) and the objective is to mitigate the attacks.\",\"PeriodicalId\":205027,\"journal\":{\"name\":\"2022 Mohammad Ali Jinnah University International Conference on Computing (MAJICC)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-10-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 Mohammad Ali Jinnah University International Conference on Computing (MAJICC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MAJICC56935.2022.9994155\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 Mohammad Ali Jinnah University International Conference on Computing (MAJICC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MAJICC56935.2022.9994155","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Corporate Information Security Policies Targeting Ransomw are Attack
The ransomware attacks have created challenges for the entire world today and industries are getting affected from such sophisticated attacks, whether they are healthcare, educational, financials or any other service sectors, they are not safe from these malware attack. In these types of attacks, user data is encrypted or inaccessible to the victim, the hacker then demands money from the victim to give them access to their data after payment is done. This study guides how to mitigate ransomware attacks by adopting corporate information security policies in the organization with timely complete compliance. Ransomware is often designed to spread across networks and target information asset of organization, in healthcare Electronic Medical Record, HIMS, Database Server, File Servers, Application Server, Web Server, Domain Controllers and all associated & connected devices including IOT device, SCADA (Supervisory Control and Data Acquisition), once they are targeted the entire organization operations can be halted and paralyzed. Ransomware frequently changes its techniques to exploit the vulnerability, this research is based on technical & administrative controls, security standards, procedures, guidelines, best practices by following security frameworks i.e. (ISO 27001, HIPPA, and NIST) and the objective is to mitigate the attacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
