Title | A Multi-Layered Defense Approach to Safeguard Against Ransomware |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Pagán, Alexander, Elleithy, Khaled |
Conference Name | 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC) |
Date Published | jan |
Keywords | Antimalware, antivirus, composability, Computer crime, Conferences, cyber security, DNS, email security, layered defense, Malware, Medical services, Metrics, pubcrawl, ransomware, Resiliency, security, Tools, Training, Web Filtering |
Abstract | There has been a significant rise in ransomware attacks over the last few years. Cyber attackers have made use of tried and true ransomware viruses to target the government, health care, and educational institutions. Ransomware variants can be purchased on the dark web by amateurs giving them the same attack tools used by professional cyber attackers without experience or skill. Traditional antivirus and antimalware products have improved, but they alone fall short when it comes to catching and stopping ransomware attacks. Employee training has become one of the most important aspects of being prepared for attempted cyberattacks. However, training alone only goes so far; human error is still the main entry point for malware and ransomware infections. In this paper, we propose a multi-layered defense approach to safeguard against ransomware. We have come to the startling realization that it is not a matter of "if" your organization will be hit with ransomware, but "when" your organization will be hit with ransomware. If an organization is not adequately prepared for an attack or how to respond to an attack, the effects can be costly and devastating. Our approach proposes having innovative antimalware software on the local machines, properly configured firewalls, active DNS/Web filtering, email security, backups, and staff training. With the implementation of this layered defense, the attempt can be caught and stopped at multiple points in the event of an attempted ransomware attack. If the attack were successful, the layered defense provides the option for recovery of affected data without paying a ransom. |
DOI | 10.1109/CCWC51732.2021.9375988 |
Citation Key | pagan_multi-layered_2021 |