1. Please describe the advantage/disadvantage on each step (Step 1 to 8) and explain which steps achieve creator’s properties.

Computer Networking: A Top-Down Approach (7th Edition)
7th Edition
ISBN:9780133594140
Author:James Kurose, Keith Ross
Publisher:James Kurose, Keith Ross
Chapter1: Computer Networks And The Internet
Section: Chapter Questions
Problem R1RQ: What is the difference between a host and an end system? List several different types of end...
icon
Related questions
Question

1. Please describe the advantage/disadvantage on each step (Step 1 to 8) and explain which steps achieve
creator’s properties.
2. From a ransomware creator’s point of view, how can the entire process be more efficient and secure ?

Step
1
2
3
4
Cryptolocker
on victim's machine
Ransomware was delivered to victim's
machine by phishing email or exploiting
vulnerabilities. Using the embedded
C&C Server Public Key Spublic in
Cryptolocker, Establish a secure
channel.
Encrypt victim's data files using the
random generated AES-256 key(s)
Encrypt the AES key(s) using Server
public key, Spublic and keep the
encrypted AES key(s) locally
Erase ALL AES key(s) and original files
from victim's machine (including
memory)
C&C Server
RSA-2048 secure channel
Server keeps the Server
private key Sprivate locally
AES-256 Encryption
Advantage / Disadvantage?
?
?
Transcribed Image Text:Step 1 2 3 4 Cryptolocker on victim's machine Ransomware was delivered to victim's machine by phishing email or exploiting vulnerabilities. Using the embedded C&C Server Public Key Spublic in Cryptolocker, Establish a secure channel. Encrypt victim's data files using the random generated AES-256 key(s) Encrypt the AES key(s) using Server public key, Spublic and keep the encrypted AES key(s) locally Erase ALL AES key(s) and original files from victim's machine (including memory) C&C Server RSA-2048 secure channel Server keeps the Server private key Sprivate locally AES-256 Encryption Advantage / Disadvantage? ? ?
Step
5
(O
6
7
8
Cryptolocker
on victim's machine
AES-256 Decryption
If victim pays the ransom:
Send the Encrypted AES key(s) to C&C
server
Decrypt files using the corresponding
AES key(s)
C&C Server
If victim don't pay the ransom:
Destroy the Encrypted AES key(s)
Server decrypts the AES
keys using Sprivate
Send AES key back to
victim's machine
Advantage /
Disadvantage ?
?
?
?
?
Transcribed Image Text:Step 5 (O 6 7 8 Cryptolocker on victim's machine AES-256 Decryption If victim pays the ransom: Send the Encrypted AES key(s) to C&C server Decrypt files using the corresponding AES key(s) C&C Server If victim don't pay the ransom: Destroy the Encrypted AES key(s) Server decrypts the AES keys using Sprivate Send AES key back to victim's machine Advantage / Disadvantage ? ? ? ? ?
Expert Solution
steps

Step by step

Solved in 7 steps

Blurred answer
Recommended textbooks for you
Computer Networking: A Top-Down Approach (7th Edi…
Computer Networking: A Top-Down Approach (7th Edi…
Computer Engineering
ISBN:
9780133594140
Author:
James Kurose, Keith Ross
Publisher:
PEARSON
Computer Organization and Design MIPS Edition, Fi…
Computer Organization and Design MIPS Edition, Fi…
Computer Engineering
ISBN:
9780124077263
Author:
David A. Patterson, John L. Hennessy
Publisher:
Elsevier Science
Network+ Guide to Networks (MindTap Course List)
Network+ Guide to Networks (MindTap Course List)
Computer Engineering
ISBN:
9781337569330
Author:
Jill West, Tamara Dean, Jean Andrews
Publisher:
Cengage Learning
Concepts of Database Management
Concepts of Database Management
Computer Engineering
ISBN:
9781337093422
Author:
Joy L. Starks, Philip J. Pratt, Mary Z. Last
Publisher:
Cengage Learning
Prelude to Programming
Prelude to Programming
Computer Engineering
ISBN:
9780133750423
Author:
VENIT, Stewart
Publisher:
Pearson Education
Sc Business Data Communications and Networking, T…
Sc Business Data Communications and Networking, T…
Computer Engineering
ISBN:
9781119368830
Author:
FITZGERALD
Publisher:
WILEY