The Ransomware Threat - Essay Example

The problem encountered was the inability to access crucial files by investigators in the police department. The reason the files could not be obtained is that the computers were infected with ransomware. The ransomware blocks access to necessary files or the computer itself. Crypto-ransomware achieves this by encrypting all the files on the computers hard drive and winlocker blocks access to the computer by disabling the bootup function or creation of a pop-up window on the screen that cannot be removed. The effect of this is that the files can be permanently lost if the ransomware is not removed in time. To keep the files, the department may have to pay the ransom in the case where they were not prepared and do not have any back up for the files.

The hacker is organized and sophisticated, unlike the average hackers. The hacker develops and customizes the ransomware himself/herself, unlike the average hackers who obtain their malware from the dark web. All these require skill and resources. Hence these are seasoned hackers who are often a part of an organized crime group. The fact that they are mostly a part of a coordinated cybercrime group is essential when tackling them.

Protection against the ransomware threat should focus on limiting the damage caused by a successful attack. It is challenging to prevent a ransomware attack due to the sophisticated methods used by the criminals which are almost impossible to avoid, and antivirus programs are incapable of detecting the ransomware. Back up important files regularly and ensure the back-up also has a back-up. Although difficult, it is possible to prevent the attack. The operating systems, browser plugins, and software programs should be fully up-to-date. All machines should be set to automatically update when the vendor releases security patches or new software versions. Ensure all computers are protected by an aggressive malware detection program. A modern firewall should be used to protect the network. Also, inbound emails should be controlled by whitelisting.

In case a computer is infected with ransomware, the first step is to turn off all the affected computers and the networks they are using. A cyber-security advisor should then be called. In some cases, it is possible to remove the ransomware. Security vendors have developed solutions to some strains such as TeslaCrypt, CryptoLocker, and CoinVault. In the event this does not work, then consider paying the ransom although it may not guarantee the removal of the ransomware or that re-infection will not happen. With paying the ransom, at least there is the chance that the ransomware will be removed and the files recovered.

The types of cybercrimes involved were hacking and virus dissemination. The offender identified fits the characteristics of this types of cybercrimes. The offense committed can be described as hacking. The reason is that the offender did access the departments computer system without their permission with an ill motive of extorting money which is characteristic of hacking, hence the offender is guilty of piracy. The offender is also guilty of virus dissemination. The offender introduced the ransomware, which is a type of malware into the computer system. The malware was introduced through an email or attachment, via a rogue website or through an infected software. The ransomware is then spread among computer systems and causes damage to files in the computers drive temporarily or permanently. All these are characteristic of virus dissemination cybercrimes.