Darius Moldovan, Simona Riurean
Bit Sentinel, București, Romania; University of Petroșani, Petroșani, Romania
Cite: Moldovan D., Riurean S. Cyber-Security Attacks, Prevention and Malware Detection Application. J. Digit. Sci. 4(2), 3 – 23 (2022). https://doi.org/10.33847/2686-8296.4.2_1
Abstract. The internet has become more or less, for most of us a dangerous place to live, work and relax when no proper measures are taken, and the response to incidents is not very clear and well implemented, both for organizations and individuals. This paper makes a short overview of current types and incidents of cyber-attacks, as well as the current state of threats, and the grade of awareness worldwide. Some methods to prevent cyber-attacks, malware analysis, and threat hunting, are presented, too. The paper also contains an application developed with a series of APIs that link the application to open-source tools and activate them, hence analyzing the content of the possible malicious files.
Keywords: malware, ransomware, social engineering, phishing, crypto-jacking.
References
1. European Union Agency for Cybersecurity, ENISA Threat Landscape NOVEMBER 2022, ISBN: 978-92-9204-588-3, DOI: 10.2824/764318.
2. Ilker Kara, Murat Aydos., The rise of ransomware: Forensic analysis for windows-based ransomware attacks, Expert Systems with Applications, Volume 190, 2022, ISSN 0957-4174, https://doi.org/10.1016/j.eswa.2021.116198.
3. Jakobsson, M.; Myers, S. Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft; Wiley: Hoboken, NJ, USA, 2006. 3. Rekouche, K. Early Phishing. arXiv 2011, arXiv:1106.4692
4. Alabdan, R. (2020). Phishing Attacks Survey: Types, Vectors, and Technical Approaches. Future Internet, 12(10), 168. doi:10.3390/fi12100168
5. Bonguet, A., & Bellaiche, M. (2017). A Survey of Denial-of-Service and Distributed Denial of Service Attacks and Defenses in Cloud Computing. Future Internet, 9(3), 43. doi:10.3390/fi9030043
6. V. D. M. Rios, P. R. M. Inácio, D. Magoni and M. M. Freire, “Detection and Mitigation of Low-Rate Denial-of-Service Attacks: A Survey,” in IEEE Access, vol. 10, pp. 76648-76668, 2022, doi: 10.1109/ACCESS.2022.3191430.
7. Askarov, A., Hansen, R. R., & Rafnsson, W. (Eds.). (2019). Secure IT Systems. Lecture Notes in Computer Science. doi:10.1007/978-3-030-35055-0
8. W. Shahid et al., “Detecting and Mitigating the Dissemination of Fake News: Challenges and Future Research Opportunities,” in IEEE Transactions on Computational Social Systems, doi: 10.1109/TCSS.2022.3177359
9. Maria Kotolov (4 Feb 2021) Supply chain attacks show why you should be wary of third-party providers, https://www.csoonline.com/,
10. [Online] https://learn.microsoft.com/
11. [Online] https://learn.microsoft.com/en-us/microsoft-365/security/intelligence/supply-chain-malware?view=o365-worldwide,
12. Urciuoli, L., Cyber-Resilience: A Strategic Approach for Supply Chain Management, Technology Innovation Management Review; Ottawa Vol. 5, Iss. 4, (Apr 2015): 13-18.
13. [Online] https://portswigger.net/daily-swig/supply-chain-attacks
14. [Online] https://www.cynet.com/attack-techniques-hands-on/sunburst-backdoor-c2-communication-protocol/
15. Orange Business Internet Security Report 5th edition, 2022, https://newsroom.orange.ro/orange-business-services-lanseaza-raportul-business-internet-security-2022/
16. [Online] https://us.norton.com/blog/id-theft
17.https://now.symassets.com/content/dam/norton/campaign/NortonReport/2021/2021_NortonLifeLock_Cyber_Safety_Insights_Report_Global_Results.pdf
18. [Online] https://uk.norton.com/products/identity-advisor-plus.
19. [Online] https://www.prnewswire.com/news-releases/norton-launches-robust-identity-monitoring-in-the-uk-to-help-consumers-resolve-their-identity-theft-issues-301502907.html
20. [Online] https://www.orange.ro/docs/business/pdf/Business-Internet-Security-Report-5th-edition-2022.pdf
21. [Online] https://www.nsa.gov/Press-Room/Cybersecurity-Advisories-Guidance/
22. [Online] https://www.enisa.europa.eu/publications/enisa-threat-landscape-2022
23. [Online] https://www.hhs.gov/hipaa/for-professionals/security/guidance/cybersecurity/ransomware-fact-sheet/index.html
24. Perlroth, Nicole (May 13, 2021). “Colonial Pipeline paid 75 Bitcoin, or roughly $5 million, to hackers”. The New York Times. Retrieved May 13, 2021.
25. Helmore, E. (May 10, 2021). “FBI confirms DarkSide hacking group behind US pipeline shutdown”. The Guardian. Archived from the original on May 12, 2021. Retrieved May 10, 2021
26. Walsh, Joe. “Ransomware Attack Shuts Down Massive East Coast Gasoline Pipeline”. Forbes. Retrieved February 6, 2022.
27. [Online] https://www.theverge.com/2022/1/20/22892958/crypto-com-exchange-hack-bitcoin-ethereum-security
28. [Online] https://veruscorp.com/mfa-fatigue-leads-to-breach-of-ubers-corporate-systems/
29. [Online] https://informationsecuritybuzz.com/38-9m-health-records-stolen-from-bangkok-hospital/
30. [Online] https://www.orange.ro/docs/business/pdf/Business-Internet-Security-Report-5th-edition-2022.pdf
31. European Union Agency for Cybersecurity, ENISA Threat Landscape NOVEMBER 2022, ISBN: 978-92-9204-588-3, DOI: 10.2824/764318
32. [Online] https://www.securityweek.com
33. https://therecord.media/cyberattack-brings-down-vodafone-portugal-mobile-voice-and-tv-services/
34. [Online] https://www.theguardian.com/news/2022/feb/20/
35. [Online] https://techmonitor.ai/technology/cybersecurity/lapsus-big-tech-samsung-nvidia
36. [Online] https://www.connexionfrance.com/article/French-news/French-health-insurance-data-leak-what-to-do-if-you-are-affected
37. [Online] https://www.infosecurity-magazine.com/news/finland-government-sites-offline/
38. [Online] https://www.spiceworks.com/it-security/data-security/news/data-of-millions-of-vpn-users-leaked/
39. [Online] https://www.itgovernance.eu/blog/en/cyber-attacks-and-data-breaches-in-review-may-2022
40. Hardman C., Important Update on Email Vendor Security Incident, https://opensea.io/blog/articles/important-update-on-email-vendor-security-incident
41. Glover C., Pegasus Airline breach sees 6.5TB of data left in unsecured AWS bucket, https://techmonitor.ai/technology/cybersecurity/pegasus-airline-data-breach-aws-bucket
42. Smith L., Wason R., Zaidi S., Lockbit, Hive, and BlackCat attack automotive supplier in triple ransomware attack, https://news.sophos.com/en-us/2022/08/10/lockbit-hive-and-blackcat-attack-automotive-supplier-in-triple-ransomware-attack/
43. Page C., Costa Rica’s public health system hit by Hive ransomware following Conti attacks, https://techcrunch.com/2022/06/01/costa-ricas-public-health-system-hit-by-hive-ransomware-following-conti-attacks
44. Abrahams, L., Twitter confirms zero-day used to expose data of 5.4 million accounts, https://www.bleepingcomputer.com/news/security/twitter-confirms-zero-day-used-to-expose-data-of-54-million-accounts/
45. Hope, A. Data Breach on Virtual Pet Website Neopets Affected 69 million Users and Leaked Source Code, https://www.cpomagazine.com/cyber-security/data-breach-on-virtual-pet-website-neopets-affected-69-million-users-and-leaked-source-code/
46. Baptista, E. Hacker offers to sell data of 48.5 million users of Shanghai’s COVID app, https://www.reuters.com/world/china/hacker-offers-sell-data-485-mln-users-shanghais-covid-app-2022-08-12/
47. [Online] https://dnsc.ro/citeste/comunicat-site-uri-ro-afectate-de-un-atact-de-tip-ddos
48. S. Riurean, M. Leba and L. Crivoi, “Enhanced Security Level for Sensitive Medical Data Transmitted through Visible Light,” 2021 International Symposium on Networks, Computers and Communications (ISNCC), 2021, pp. 1-6, doi: 10.1109/ISNCC52172.2021.9615732
49. Riurean, S. A study on the VLC security at the physical layer for two indoor scenarios, MATEC Web of Conferences; Les Ulis, Vol. 342, (2021). DOI:10.1051/matecconf/202134205009
50. Riurean Simona, Robert Alexandru Dobre, Alina-Elena Marcu, Security and propagation issues and challenges in VLC and OCC systems, Proceedings Volume 11718, Advanced Topics in Optoelectronics, Microelectronics and Nanotechnologies X; 117182B (2020) https://doi.org/10.1117/12.2572029
51. [Online] https://www.cshub.com/
52. Hausken, K. Cyber resilience in firms, organizations and societies. Internet Things 2020, 11, 100204, doi: 10.1016/j.iot.2020.100204
53. [Online] [https://www.enisa.europa.eu/publications/enisa-threat-landscape-2022
54. [Online] https://www.sentinelone.com/cybersecurity-101/cyber-kill-chain/
55. [Online] https://abnormalsecurity.com/glossary/indicators-of-compromise
56. https://www.sans.org/media/score/504-incident-response-cycle.pdf
57. https://playbooks.flexibleir.com/incident-response-phases-best-practices/
58. [Online] https://www.techtarget.com/searchsecurity/answer/Email-authentication-How-SPF-DKIM-and-DMARC-work-together
59. [Online] https://www.higherlogic.com/blog/spf-dkim-dmarc-email-authentication/
60. [Online] https://www.clamav.net/
61. [Online] https://github.com/ComodoSecurity/openedr
62. [Online] https://vms.drweb.com/online/?lng=en
63. [Online] https://dto.to/group/11539
64. [Online] https://support.kaspersky.com/KES4Linux/11/en-US/177138.htm
65. [Online] https://www.mcafee.com/en-us/antivirus/mcafee-security-scan-plus.html
66. [Online] https://www.sophos.com/en-us/free-tools/virus-removal-tool
67. [Online] https://www.microsoft.com
68. [Online] https://www.lockheedmartin.com/
Published online 28.12.2022