Ransomware and cybersecurity: information under the menace of attacks of data
DOI:
https://doi.org/10.5585/rtj.v9i1.16739Keywords:
Ransomware, Cybercrime, RegulationAbstract
This article aims to address the modality of data hijacking on the internet known as ransomware. Thus, it investigates the possibility of creating sufficient legal regulation to at least mitigate this crime. As its results, it could be found that: i) ransomware represents a major problem, as the data hijacked is currently as valuable as real money, and its use has the power to influence markets, elections and human lives in a very profound way; ii) ransom payments are made mainly by cryptocurrencies, not regulated by States, which complicates the tracking of values up to the criminal, making the punishment almost non-existent; iii) cooperation between companies, citizens and States is necessary to mitigate its occurrence, as this crime does not stick to state territorial borders, being practiced anywhere, with distant victims. Methodology: hypothetical-deductive procedure method, with qualitative approach and bibliographic-documentary research technique.Downloads
References
ABRAMS, Lawrence. DoppelPaymer ransomware sells victims' data on darknet if not paid. Bleeping Computer, [s. l.], 3 fevereiro 2020. Disponível em: https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-sells-victims-data-on-darknet-if-not-paid/. Acesso em: 02 mar 2020.
AKAY, Meltem. Detecting cryptographic ransomware by examining file system activity. 2019. Tese (Mestrado em Engenharia de Cibersegurança) — Graduate School of Natural and Applied Sciences, Seri University, Istanbul, 2019. Disponível em: http://earsiv.sehir.edu.tr:8080/xmlui/handle/11498/56626. Acesso em: 28 mar 2020.
AKHILESH, K. B. Smart Technologies—Scope and Applications. In: AKHILESH, K. B; MÖLLER, Dietmar P. F. (eds.). Smart Technologies. Singapore: Springer, 2020, p. 1-16.
ATAPOUR-ABARGHOUEI, Amir; BONNER, Stephen; MCGOUGH, Andrew Stephen. Volenti non fit injuria: Ransomware and its Victims. arXi.org, p. 1-7, 2019. Disponível em: https://arxiv.org/abs/1911.08364. Acesso em: 28 mar 2020.
BRASIL. Decreto-Lei nº 2.848, de 7 de dezembro de 1940. Código Penal. Disponível em: http://www.planalto.gov.br/ccivil_03/decreto-lei/del2848compilado.htm. Acesso em: 28 mar 2020.
BRASIL. Decreto-Lei nº 3.689, de 3 de outubro de 1941. Código de Processo Penal. Disponível em: http://www.planalto.gov.br/ccivil_03/decreto-lei/del3689.htm. Acesso em: 28 mar 2020.
BRILL, Alan; THOMPSON, Eric. Ransomware: Believe the Risk and Be Ready for It. Corporate Compliance Insights, 2019. Disponível em: https://ssrn.com/abstract=3464842. Acesso em: 28 mar 2020.
CAPEZ, Fernando; PRADO, Stela. Código Penal Comentado. 3 ed. São Paulo: Saraiva, 2012.
CARTWRIGHT, Anna; CARTWRIGHT, Edward. Ransomware and reputation. Games, v. 10, n. 2, p. 26-40, 2019. DOI: https://doi.org/10.3390/g10020026.
CONNOLLY, Lena Y.; WALL, David S. The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures. Computers & Security, v. 87, p. 1-18, 2019. DOI: https://doi.org/10.1016/j.cose.2019.101568.
EICHENSEHR, Kristen. The Law & Politics of Cyberattack Attribution. UCLA Law Review, v. 67, p. 1-63, 2020. Disponível em: https://ssrn.com/abstract=3453804. Acesso em: 28 mar 2020.
FERREIRA, Márcio Ricardo; KAWAKAMI, Cynthia. Ransomware-Kidnapping personal data for ransom and the information as hostage. ADCAIJ: Advances in Distributed Computing and Artificial Intelligence Journal, v. 7, n. 3, p. 5-14, 2018. DOI: http://dx.doi.org/10.14201/ADCAIJ201873514.
GRECO, Rogério. Código Penal Comentado. 11 ed. Niterói: Editora Impetus, 2017.
HASSAN, Nihad A. Endpoint Defense Strategies. In: HASSAN, Nihad A. Ransomware Revealed. Berkeley: Apress, 2019, p. 71-114.
IRWIN, Angela S.M.; DAWSON, Caitlin. Following the cyber money trail: global challenges when investigating ransomware attacks and how regulation can help. Journal of money laundering control, v. 22, n. 1, p. 110-131, 2019. DOI: https://doi.org/10.1108/JMLC-08-2017-0041.
LEENES, Ronald. Regulating New Technologies in Times of Change In: REINS, Leonie (ed.). Regulating new technologies in uncertain times. The Hague: T. M. C. Asser Press, 2019, p. 3-18.
LISKA, Allan; GALLO, Timothy. Ransomware: Defending against digital extortion. Sebastopol: O’Reilly Media, 2016.
LOSAVIO, Michael et al. STEM for Public Safety in Cyber: Training for Local Law Enforcement and Cyber Security. In: IEEE. 2019 IEEE Integrated STEM Education Conference (ISEC). Princeton: IEEE, 2019, p. 215-221.
MAIGIDA, Abdullahi Mohammed et al. Systematic literature review and metadata analysis of ransomware attacks and detection mechanisms. Journal of Reliable Intelligent Environments, v. 5, n. 2, p. 67-89, 2019. DOI: https://doi.org/10.1007/s40860-019-00080-3.
MANJEZI, Zandile; BOTHA, Reinhardt A. Preventing and Mitigating Ransomware. In: VENTER, H.; LOOCK, M.; COETZEE, M.; ELOFF, M.; ELOFF, J. (eds.). Information Security. ISSA 2018. Communications in Computer and Information Science, v. 973. Cham: Springer, 2019, p. 149-162.
NUCCI, Guilherme de Souza. Código de Processo Penal Comentado. 15 ed. Rio de Janeiro: Forense, 2016.
O'KANE, Philip; SEZER, Sakir; CARLIN, Domhnall. Evolution of ransomware. IET Networks, v. 7, n. 5, p. 321-327, 2018. DOI: 10.1049/iet-net.2017.0207.
PAQUET-CLOUSTON, Masarah; HASLHOFER, Bernhard; DUPONT, Benoit. Ransomware payments in the bitcoin ecosystem. Journal of Cybersecurity, v. 5, n. 1, p. 1-11, 2019. DOI: 10.1093/cybsec/tyz003
PRASAD, Ramjee; ROHOKALE, Vandana. Cyber Security: The Lifeline of Information and Communication Technology. Springer, 2020.
REINS, Leonie. Regulating New Technologies in Uncertain Times — Challenges and Opportunities In: REINS, Leonie (ed.). Regulating new technologies in uncertain times. The Hague: T. M. C. Asser Press, 2019, p. 19-29.
SABHARWAL, Simran; SHARMA, Shilpi. Ransomware Attack: India Issues Red Alert. In: MANDAL, Jyotsna Kumar; BHATTACHARYA, Debika (eds.). Emerging Technology in Modelling and Graphics. Singapore: Springer, 2020, p. 471-484.
SCHIRRMACHER, Nina-Birte; ONDRUS, Jan; TER CHIAN FELIX TAN. Towards a Response to Ransomware: Examining Digital Capabilities of the WannaCry Attack. In: Pacific Asia Conference on Information Systems (PACIS) 2018 Proceedings, 2018, p. 210-217. Disponível em: https://aisel.aisnet.org/pacis2018/210. Acesso em: 28 mar 2020.
SIMOIU, Camelia et al. “I was told to buy a software or lose my computer. I ignored it”: A study of ransomware. In: Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019), [s. l.], 2019. Disponível em: https://www.usenix.org/conference/soups2019/presentation/simoiu. Acesso em: 28 mar 2020.
SLAYTON, Thomas B. Ransomware: The Virus Attacking the Healthcare Industry. Journal of Legal Medicine, v. 38, n. 2, p. 287-311, 2018. DOI: https://doi.org/10.1080/01947648.2018.1473186.
THOMAS, Jason; GALLIGHER, Ryan P.; THOMAS, Macalah L., GALLIGHER, Gordon. Enterprise Cybersecurity: Investigating and Detecting Ransomware Infections Using Digital Forensic Techniques. Computer and Information Science, v. 12, n. 3, p. 72-80, 2019. DOI:10.5539/cisv12n3p72.
THOMAS, Jason; GALLIGHER, Gordon. Improving backup system evaluations in information security risk assessments to combat ransomware. Computer and Information Science, v. 11, n. 1, p. 1-11, 2018. Disponível em: https://ssrn.com/abstract=3095629. Acesso em: 28 mar 2020.
WIRTH, Axel; GRIMES, Stephen L. Medical device cybersecurity — At the convergence of CE and IT. In: IADANZA, Ernesto (ed.). Clinical Engineering Handbook. Academic Press, 2020, p. 253-258.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2020 Revista Thesis Juris
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
