Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/148181
|Ciberataques: análisis de Ransomware y métodos de protección
|Romero Rubiano, John Edisson
García Valdés, Ángela María
|The TFM describes the Ransomware problem in actual society, every time the attacks are more recurrent and sophisticated and affects multiple sectors such as health, government and banking. Established a investigative methodology to analyze this type of malware, for this reason the investigation of the state of the art for Ransomware begins, its history, detailing the stages of an attack, characteristics such as encryption speed. Then an analysis of the impact of this type of malware and reflection on paying for this type of extortion. How do these campaigns work, what is their business model and how do they legalize money. We proceed to review the known attack vectors, the tactics and tools used by the adversaries. Some recommendations of expert security entities (ENISA), and an analysis of the applicable legislation for these cases. Next, a simulation of the LockBit attack in Sandbox, starting with a static and dynamic analysis, as well as taking evidence of the processes and mechanisms used by this malware. Finally, the results are reflected in a map describing the attack and a matrix with MITRE ATT&CK tactics that allow Lockbit's mode of operation to be described, some recommendations are presented at the business level that help prevent and mitigate the impact of attacks this type of malware.
|Appears in Collections:
|Trabajos finales de carrera, trabajos de investigación, etc.
Files in This Item:
|Memoria del TFM