University of Twente Student Theses

Login

Addressing the Ransomware threat: TTP-based defensive recommendations and a strategy for achieving resilience

Lorini, Giulia (2022) Addressing the Ransomware threat: TTP-based defensive recommendations and a strategy for achieving resilience.

Full text not available from this repository.

Full Text Status:Access to this publication is restricted
Abstract:Ransomware has evolved from being a simple encryptor to an advanced hands-on-keyboard operation orchestrated by organized cyber criminal groups. In the past few years, ransomware has become one of the biggest threats to businesses worldwide, and its targeted nature means that no one is safe. Attackers are constantly updating their tactics, techniques, and procedures to match the improvement in defensive measures adopted by organizations. For this reason, standard cyber defenses are no longer enough: organizations need to stay up to date with attackers' trends and respond by implementing specific controls to counteract them. The purpose of this master thesis is to give an overview of the current state of ransomware, by proposing a model of the attack chain and identifying possible defenses at each stage. I achieve this by tapping into the experience of Deloitte subject matter experts for each defensive area, through a round of interviews. The study then addresses measures to minimize the impact of a successful attack. To this end, this master thesis describes Deloitte's strategy for ransomware resilience and proposes a method for identifying the "Critical Path of Recovery" based on principles of operations research, to help organizations identify the optimal order in which to recover their IT infrastructure elements in a scenario of complete loss of IT. To conclude, the study delves into the future challenges that we can expect from ransomware. By doing so, the aim is to enable organizations to stay ahead of the game and prepare to face new attack vectors before they become a threat.
Item Type:Essay (Master)
Clients:
Deloitte, Zürich, Switzerland
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:https://purl.utwente.nl/essays/92432
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page