Ransomware Remedial Through Virtualization

Abstract

Ransomware is a growing threat to the global population. There are many attacks such attacks since 2012, notable ones namely WannaCry and Petya. These attacks had costed millions, maybe even billions of dollars in economic losses. Ransomware employs a method known as cryptoviral extortion, a three-step protocol that aims to take the user’s data hostage and demand a ransom for it. There are existing defensive countermeasures against these ransomwares such as Paybreak; a decryptor for files, ShieldFS; a filesystem to detect malware based on adaptive models that is constantly being updated and SSD-insider; a mechanism that uses the NAND flash delayed deletion feature to recover files. Studies have also shown that awareness is important in defending against ransomware attacks, and end-user habits may increase the likelihood of being at risk. Therefore, to address the issue where defence mechanisms are not addressing, the awareness aspect, we have proposed a solution to address both the technical aspect of defence and the socio-cultural aspect. Our solution aims to educate the user to improve and supplement our defence. The end-user plays an active role rather than a passive stance in the other solutions listed above. In the worst-case scenario, the end-user should be able to deal with the scenario appropriately by not giving in to the demands of the attacker via our solution