Please use this identifier to cite or link to this item:
Title: Ciberataques: análisis de Ransomware y métodos de protección
Author: Romero Rubiano, John Edisson
Garcia-Font, Victor  
García Valdés, Ángela María
Abstract: The TFM describes the Ransomware problem in actual society, every time the attacks are more recurrent and sophisticated and affects multiple sectors such as health, government and banking. Established a investigative methodology to analyze this type of malware, for this reason the investigation of the state of the art for Ransomware begins, its history, detailing the stages of an attack, characteristics such as encryption speed. Then an analysis of the impact of this type of malware and reflection on paying for this type of extortion. How do these campaigns work, what is their business model and how do they legalize money. We proceed to review the known attack vectors, the tactics and tools used by the adversaries. Some recommendations of expert security entities (ENISA), and an analysis of the applicable legislation for these cases. Next, a simulation of the LockBit attack in Sandbox, starting with a static and dynamic analysis, as well as taking evidence of the processes and mechanisms used by this malware. Finally, the results are reflected in a map describing the attack and a matrix with MITRE ATT&CK tactics that allow Lockbit's mode of operation to be described, some recommendations are presented at the business level that help prevent and mitigate the impact of attacks this type of malware.
Keywords: Ransomware
Type: info:eu-repo/semantics/masterThesis
Issue Date: Jun-2023
Publication license:
Appears in Collections:Trabajos finales de carrera, trabajos de investigación, etc.

Files in This Item:
File Description SizeFormat 
jromerorubTFM0623memoria.pdfMemoria del TFM2,04 MBAdobe PDFThumbnail
View statistics

This item is licensed under aCreative Commons License Creative Commons