Hackers and the Strategy of Using Ransomware

TERM PROJECT
Student Name
Instructors Name
Course Title
Date of Submission
1 The problem
Hacking
Hackers employ the strategy of ransomware. Users' data is held hostage until a ransom is paid, which is usually rather expensive. In addition to email, these assaults can be launched by visiting an infected website, clicking on an online ad that contains malicious code, or by hackers exploiting network flaws to get access (Mohurle & Patil, 2017). Ransomware may gain access to a computer through a variety of methods. Sending spam attachments disguised as legitimate files is one of the most prevalent methods of delivering malware. To gain control of a computer, they must be downloaded and opened, and if they contain social engineering tools, the user is likely to give them administrator access. NotPetya, a more aggressive kind of ransomware, exploits security weaknesses to infect systems without the need to trick victims. Most malware encrypts the user's files once it has taken over the virus or malware, but there are several other possible actions. As far as ransomware goes, the Infosec Institute offers a wonderful, in-depth explanation of how different types of ransomware work. Most importantly, the files can only be decrypted using a mathematical key that only the attacker can access. If the victim sends the hacker bitcoins in an untraceable way, they can get their files back.
What evidence supports the idea that the problem exists?
A phishing assault is the means via which the issue is felt. As was previously indicated, most ransomware assaults occur in the form of email attachments (eSecurityPlanet, 2022). A comprehensive email filtering and monitoring system is needed in this instance, which flags questionable communications and provides managers with information about why the email was detected (Mohurle & Patil, 2017). A.zip or.exe file attachment, for instance, should warn the system administrator because it is almost certainly dangerous.
Is the problem urgent, underserved, unworkable, and/or unavoidable?
The threat of ransomware must be addressed immediately by the company to avoid things getting more complex. Robust monitoring apps, frequent file backups, anti-malware software, and user training can effectively mitigate the procedure (Mohurle & Patil, 2017). Even though there is no such thing as total protection from cyberattacks, an organization may significantly lower its vulnerability.
Is the problem conspicuous and/or critical?
Businesses are still at risk from ransomware, which has not gone away. Organized email phishing assaults on workers are still employed to gain access to the business network, as is the search for weaknesses in unreachable systems (Mohurle & Patil, 2017). Having a well-thought-out contingency plan can significantly lessen the impact and harm of a cyber attack.
2 The customer
Who is the target customer?
Ransomware attackers choose their victims based on a variety of factors. Because of their smaller security teams and more dispersed user bases, startup enterprises are more likely to be targeted by attackers because it is simpler to infiltrate their defenses. On the other hand, some corporations are attractive targets because they appear to be more willing to pay a ransom. Governmental organizations and healthcare facilities, for example, frequently want fast access to their information (Jardine et al., n.d). Many law firms and other organizations that deal with highly confidential information may be willing and able to pay to keep the news of a compromise under wraps.
What are their needs and wants?
* Record-keeping and auditing
* Transacting and carrying out material activities are recorded.
* The ability to properly access all documents
* The organization needs antivirus software that is set to robotically update and perform customary scans so that they function proficiently.
What is the market size?
Between 2021 and 2026, the global market for wannacry protection is expected to grow at a CAGR of 15%. Ransomware Protection's market share grew dramatically due to COVID-19, which increased the world's dependence on laptops and PCs. A significant increase in the worldwide ransomware protection market is expected in the next few years due to the recent rise in demand for ransomware protection services. With the debut of cryptocurrencies like Bitcoin and Etherium, there has been a rise in the need for ransomware security solutions owing to their untraceable nature. Technology has also influenced the market since ransomware security solutions for mobile devices have emerged in addition to PCs (Jardine et al., n.d). The fact that so many businesses are moving to the cloud has opened the door for hackers to take advantage of any holes. Distributed denial-of-service (DDoS) assaults are launched until the ransom is paid, at which point the data is either permanently destroyed or restored. Cathay Pacific Airways gained unauthorized access to 8.4 million passengers' personal information in October 2018 through a cyber breach (Jardine et al., n.d). Cyberattacks and breaches have become more common, but social media trolls are still targeting employees. According to Verizon's 2018 Data Breach Index Report, financial spoofing and hacking accounted for 90% of social events. For 95% of all breaches examined (98 percent of such cases), email remained the primary entry point. Staff cyber security education is essential since nearly three times as many companies have been breached due to social assaults rather than genuine problems. As a result, the corporation is now looking into ransomware protection solutions, which has helped drive up demand for those solutions in the market.
3 The Value Proposition
Customer experience gains
Payment demands have risen to tens of millions of dollars due to the increasing complexity of ransomware. There is a slew of factors at play. Startup organizations and workers connecting from insecure home networks are two examples of simple threats, while the ever-expanding connection brought on by digitalization is more complicated. Aside from the safety it provides, having a wanton security program offers several advantages.
System Security
New types of ransomware are constantly evolving and improving their capabilities. Most likely, they may not be able to identify new ransomware strains if they are using specific ransomware cleanup tools. Since the newer ransomware strains change their behavior, standard anti-ransomware tools cannot keep up with them. As a result, it is not easy to identify. However, the newest ransomware software, such as Comodo Advanced Endpoint Protection, will protect customers from any issues (Karantzas & Patsakis, n.d). Detection of ransomware is guaranteed by this software's usage of behavior-based detection.
Integrated Backup Software
It is possible to schedule and plan your backups using some ransomware software with a built-in backup function. To ensure the data in their backup is accurate, one can use this method. The best approach to combating ransomware is to have a backup. When doing a backup, always keep two copies of the backup. One is stored in remote cloud storage, and the other is a local network backup.
Customer dissatisfaction
Even a single day of being unable to access their data due to malware might negatively influence your company's income. The problem is that most people who get ransomware are forced to stay offline for weeks or even months, which means that the financial consequences can be terrible for them. If untrained how to use it may impose hardship during the transfer of files during system integration
4 The Minimum Viable Product
Who are the competitors and their customers?
* The competitors for the organization are:
* BitDefender Antivirus Plus; its customers are Broadcom Inc
* Acronis Ransomware Protection; its customers are institutions
* Malware bytes Anti-Ransomware; its customers are small businesses
What are our minimum viable features?
The only sure way to ensure their vital information is not lost is to keep a backup in a secure cloud location. Personal papers, business records, and other vital data must be backed up in two places that are not physically connected to the company's computer. Not only do they examine files that could be kept in unexpected locations like savegame files, but also the program ensures that all of the files of every user are backed up.
The program's primary purpose is to provide the intended audience service. However, it will not be a market-ready product with all the bells and whistles. As a result of the Ransomware security tool, the firm may gather feedback from customers and adjust its effect to meet market demands. Compared to other companies, the company's MVP will not cost as much to build as the ultimate launch product. In addition, a simple operating product can readily attract early investors. Investors search for these additional considerations before deciding to invest in the goods.
Are our features valuable and rare?
Yes:
* Wants and needs can be categorized as two unique sets of attributes.
* MVP software development relies on the features in the "need" category.
* Features in the "desire" category will be added one by one until the final product is complete.
What is the prototype?
We will be using wireframes to represent the user's journey throughout this project. Is annotation sufficient to show how a user might rationally move from page to page through the material on a website or app? Depending on the design, these user flow wireframes may illustrate a single or a series of user flows in a slideshow. There are three stages to the suggested mechanism's overarching philosophy. The first step, shown in the diagram below, is to confirm user identification (Lebedenko, 2019). The method asks for the user's password, validated, and then used to store and process files as indicated by the storage functionality. The file extensions are examined, and if they are valid, storage permission is granted. If this is the case, the user must first confirm before the data may be stored (Lebedenko, 2019). The file's access method is described in the final stage. The status of the requested file is first checked. In order to gain access to a locked file, the user must provide password credentials; otherwise, the file is instantly locked when access is complete.
1028700261620
Fig 1.1 Prototype example
Link: https://docs.oracle.com/cd/E22345_01/doc.111/e22309/userflows.htm
5 The Price
What are the competitors’ pricing strategies and prices?
When there are only two competing parties, the notion of competitive pricing is best understood. For example, we are both working on anti-ransomware software in our case. When competing against another company, BitDefender Antivirus Plus promotes its software to stand out for quality and features to compete with the other brand's pricing structure (Deshpande, 2018). Because they aim to expand their market share, the corporation has turned to aggressive pricing tactics. When production costs are high, they must set their prices almost on par with their competition. Consequently, they must play around and modify the packaging, promotion, and delivery pricing according to the increasing production costs. BitDefender Antivirus Plus must use competitive pricing to keep customers from switching to a rival because of its cheap costs since over 92% of organizations compare prices while purchasing online. Companies rely heavily on competition data and benchmarking technologies (Deshpande, 2018). People who use these simple price-tracking tools can quickly and profitably change their prices in response to changes in the market, giving them a significant advantage over their competitors. Their prices are $23/month, $28/month and
What is our pricing strategy and prices?
We aim to incorporate incremental cost pricing; pricing a product based on threshold costs is known as "incremental cost pricing." The market price is not decided by the total cost of production but rather by the variable cost. The cost of producing extra units from the same setup, i.e., fixed costs, stays the same, and the selling price of the product created is primarily reliant on the variable costs (Deshpande, 2018). For example, a company that previously sold eight-loaf bread packs introduces a new 15-lb. product. Since there are no variable costs such as rent or machinery costs, these costs will not change. Variable costs are affected by variations in the overall cost. To account for the additional oil and power required to run the machinery and the increased material and packaging costs. The price for the product will be $14.00 per yearly subscripti...