loading page

Modern Ransomware: Evolution, Methodology, Attack Model, Prevention and Mitigation using Multi-Tiered Approach
  • +3
  • Arpit Raj,
  • Vedant Narayan,
  • Vivek Muskan,
  • Abhilash Sani,
  • Pankaj Sharma,
  • Sarma SS
Arpit Raj
Indian Computer Emergency Response Team

Corresponding Author:arpit.raj@meity.gov.in

Author Profile
Vedant Narayan
Indian Computer Emergency Response Team
Author Profile
Vivek Muskan
Indian Computer Emergency Response Team
Author Profile
Abhilash Sani
Indian Computer Emergency Response Team
Author Profile
Pankaj Sharma
Indian Computer Emergency Response Team
Author Profile
Sarma SS
Indian Computer Emergency Response Team
Author Profile

Abstract

Ransomware is a menace to the vibrant digital ecosystem. The exponential growth in ransomware attacks, its detrimental impacts, and the ever-changing methods adopted by threat actor groups demands a focused understanding of the evolution of ransomware. This would help the organizations devise novel defensive frameworks and security controls against the modern ransomware. In this work, the impacts and evolution of ransomware through different phases up to its current form are detailed. Further, based on the study and analysis of the most prevalent modern ransomware variants, their most used tactics, techniques and procedures (TTPs) are identified as per the MITRE ATT&CK model. This acts as a platform to propose a generic attack model for ‘modern ransomware’. Building on the existing MITRE mitigation, D3FEND-based approaches and considering the resource and budget constraints of organizations, a simplified three-tier defensive model that is cost-effective and implementable is put forward. Thus, this work aims to open avenues for understanding the TTPs, and attack methodology of ‘modern ransomware’, thereby developing feasible and implementable defensive security controls.
21 Mar 2023Submitted to Security and Privacy
21 Mar 2023Submission Checks Completed
21 Mar 2023Assigned to Editor
21 Mar 2023Review(s) Completed, Editorial Evaluation Pending
23 Jun 2023Reviewer(s) Assigned
31 Aug 2023Editorial Decision: Revise Major
30 Oct 20231st Revision Received
30 Oct 2023Submission Checks Completed
30 Oct 2023Assigned to Editor
30 Oct 2023Review(s) Completed, Editorial Evaluation Pending
31 Mar 2024Editorial Decision: Revise Minor
27 Apr 2024Submission Checks Completed
27 Apr 2024Assigned to Editor
15 May 2024Review(s) Completed, Editorial Evaluation Pending
16 May 2024Editorial Decision: Revise Minor
20 May 2024Submission Checks Completed
20 May 2024Assigned to Editor
20 Jun 2024Published in SECURITY AND PRIVACY. http://doi.org/10.1002/spy2.436