The Evolving Threat Landscape: How Cyber Threat Intelligence Empowers Proactive Defenses against WannaCry Ransomware

Jumoke Eluwa; Patrick Omorovan; Dipo Adewumi; Oluwafunmilayo Ogbeide

doi:10.32628/CSEIT243648

Authors

Jumoke Eluwa School of Science, Engineering and Environment, the University of Salford, Manchester, UK Author
Patrick Omorovan School of Science, Engineering and Environment, the University of Salford, Manchester, UK. Author
Dipo Adewumi School of Computing, Engineering and Digital Technologies, Teesside University, Middleborough, UK Author
Oluwafunmilayo Ogbeide School of Science, Engineering and Environment, the University of Salford, Manchester, UK Author

DOI:

https://doi.org/10.32628/CSEIT243648

Keywords:

Cyber Threat Intelligence, Threat Landscape, Ransomware

Abstract

Cyber threat intelligence (CTI) is a rapidly growing field that plays an essential role in ensuring the security of online systems. CTI refers to the intelligence that is gathered, analyzed, and disseminated to help organizations understand and respond to cyber threats. This information can be used to identify vulnerabilities, detect potential attacks, and develop strategies to mitigate risks. The field of CTI is constantly evolving, as cyber threats become more sophisticated and complex. Legacy security measures like firewalls and anti-virus software are no longer enough to protect organizations from the many threats they face. CTI provides a proactive approach to cybersecurity, by enabling organizations to anticipate and prepare for threats before they occur. CTI relies on the collection and analysis of data from multiple sources, such as open-source intelligence (OSINT), dark web forums, social media, and other threat intelligence streams. The data is analyzed using a wide range of tools and techniques, including machine learning and artificial intelligence, to identify patterns and trends that may indicate a potential threat. One of the key benefits of CTI is its ability to help organizations understand the tactics, techniques, and procedures of attackers. By analyzing the behaviors, strategies, tactics, and actions of threat actors, organizations can develop a more comprehensive understanding of the threats they face and can better prepare for potential attacks.

Downloads

Download data is not yet available.

References

Rudman, L., & Irwin, B., (2016). Dridex: Analysis of the Traffic and Automatic Generation of IOCs. Information Security for South Africa. 77-84. https://doi.org/10.1109/ISSa.2016.7802932. DOI: https://doi.org/10.1109/ISSA.2016.7802932

O'Brien, N., Martin, G., Graß, E., Durkin, M., Darzi, A., & Ghafur, S. (2020). Safeguarding our healthcare systems: A global framework for cybersecurity.

Micro, T. (2017). Ransomware. Retrieved from https://goo.gl/nZaoAa.

Fimin, M. (2017). Are employees’ part of the ransomware problem? Computer Fraud & Security. https://doi.org/10.1016/S1361-3723. 17. 30072-6. DOI: https://doi.org/10.1016/S1361-3723(17)30072-6

Symantec (2017). What you need to know about the WannaCry ransomware. Threat Intelligence.

Akbanov, M., Vassilakis, V., Moscholios, I., & Logothetics, M. (2018). Static and Dynamic Analysis of WannaCry Ransomware. 12th IEEE – IET Intern. Symposium on Communication Systems, Networks and Digital Signal Processing.

Widup, Suzanne, W., Alex, P., David, H., Gabriel, B., & Philippe, L. (2021). Verizon Data Breach Investigations Report. DOI: https://doi.org/10.1016/S1361-3723(21)00061-0

Rouse, M. (2019). Malware (malicious software). In Search Security. Retrieved September 5, 2021, from https://searchsecurity.techtarget.com/definition/malware

Duell, M. (2017, October 27). UK security minister blames North Korea for NHS ransomware hack. Mail Online. http://www.dailymail.co.uk/~/article-5023013/index.html?ito=link_share_article-image-share#i- 5761bfc009ed36a2

Kaspersky. (2017, May 16). WannaCry Ransomware: Everything You Need To Know. Kaspersky. https://www.kaspersky.com/blog/wannacry-ransomware/16144/

BBC News. (2017, May 15). What is WannaCry ransomware and how does it work? BBC News. https://www.bbc.com/news/technology-39901382

National Audit Office (2018). Investigation: WannaCry cyber-attack and the NHS. https://www.nao.org.uk/wp-content/uploads/2017/10/Investigation-WannaCry-cyber-attack-and-the-NHS.pdf

Department of Health and Social Care. (2017). Lessons learned review of the WannaCry Ransomware Cyber Attack. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/636297/lessons_learned_review_of_wannacry_ransomware_attack.pdf

Sahrom, M., Rahayu, S., Aswami, A., & Robiah, Y. (2018). An Enhancement of Cyber Threat Intelligence Framework. Journal of Advanced Research in Dynamical and Control Systems. 10. 96-104.

Cyber Threat Intelligence in Government: A Guide for Decision Makers & Analysts. (2019).https://hodigital.blog.gov.uk/wp-content/uploads/sites/161/2020/03/Cyber-Threat- Intelligence-A-Guide-For-Decision-Makers-and-Analysts-v2.0.pdf

Gibbs, S. (2017, May 17). Shadow Brokers threaten to unleash more hacking tools. The Guardian. https://www.theguardian.com/technology/2017/may/17/hackers-shadow-brokers-threatens-issue- more-leaks-hacking-tools-ransomware#:~:text=They%20said%20they%20were%20%E2%80%9Ctaking

Dargahi, T., Dehghantanha, A., Bahrami, P.N. et al. A Cyber-Kill-Chain based taxonomy of crypto-ransomware features. J Comput Virol Hack Tech 15, 277–305 (2019). https://doi.org/10.1007/s11416-019-00338-7 DOI: https://doi.org/10.1007/s11416-019-00338-7

Biswas, S., Roy, S., & Ghosh, S. K. (2021). The economics of ransomware attacks: A systematic review. Journal of Business Research, 130, 703-718.

Munoz, D., Wang, W., Kulkarni, V., & Jain, A. (2021). Reinforcement learning for ransomware response. Journal of Information Security and Applications, 63, 102752.

Khan, U. A., Khan, M. U., Saeed, H., & Alqarni, A. (2021). Ransomware detection and prevention through deep learning: A review. IEEE Access, 9, 73717-73734