Classifying Ransomware? A Ransomware Classification Framework Based on File-Deletion and File-Encryption Attack Structures

This paper evaluates attack methodologies of a ransomware attack: the underlying file deletion and file-encryption attack structures. In the former, the authors uncover the data recovery-prevention techniques and in the latter, they uncover the associated cryptographic attack models. The deeper comprehension of potential flaws and inadequacies exhibited in these attack structures form the basis of the overall objective of this paper. The deeper comprehension also enables the provision of enough technical information to guide decisions by victims before making hasty decisions to pay a ransom which might result into not only financial loss but loss of access to the attacked files if decryption is not possible by the attacker.

Thwarting Architectural Imbalance? Considering Dynamic Distributed Secure Storage Against Ransomware

In this paper, the authors focus on ransomware, which is a type of digital crime that is essentially theft of information followed by demanding a ransom from the victim to regain access. They recommend a paradigm change, akin to the ARPANET project, with regards to a broadly deployed network storage system. The intent is to find a solution which addresses: 1) the financial incentive for ransomware attacks and 2) the difficulty of securing a system from an ever-evolving social/technical attack matrix. In addition, the authors take into account the restraint that any solution must be cost-effective.

Considering Ransomware Risk Management? A Cybersecurity Framework Profile from NIST

Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. In some instances, attackers may also steal an organization’s information and demand an additional payment in return for not disclosing the information to authorities, competitors, or the public. This Ransomware Profile identifies the Cybersecurity Framework Version 1.1 security objectives that support preventing, responding to, and recovering from ransomware events.

Whats Up with WhatsApp? Data Protection Commission of Ireland Announces Decision

According to an announcement from the Data Protection Commission of Ireland (DPC), on 28 July 2021, the European Data Protection Board (EDPB) adopted a binding decision and this decision was notified to the DPC. This decision contained a clear instruction that required the DPC to reassess and increase its proposed fine on the basis of a number of factors contained in the EDPB’s decision and following this reassessment the DPC has imposed a fine of €225 million on WhatsApp.

Considering Generative Adversarial Networks? A Cyber Intelligence Perspective

Generative adversarial networks (GANs) are a deep-learning model first described by Ian Goodfellow in 2014. GANs use two neural networks – one that creates content and one that analyses it – in a pseudo-game-like adversarial process. According to Goodfellow’s counterfeiter analogy, the generative model can be thought of as analogous to a team of counterfeiters, trying to produce fake currency and use it without detection, while the discriminative model is analogous to the police, trying to detect counterfeit currency. Competition in this game drives both teams to improve their methods until the counterfeits are indistinguishable from the genuine articles.

Considering Attribution of Cyber Operations: A Tallinn Paper

According to this new Tallinn Paper from the NATO Cooperative Cyber Defence Centre of Excellence, public attribution of state-sponsored offensive cyber operations is complex and has political, technical and legal aspects. States can use attribution as a vehicle to advance their political goals, but there is often a risk involved in making a public attribution. Any response from the attacked party, such as attribution or a hack-back, must be carefully considered before being undertaken due to the political implications that such a response would cause.

Coordinated Defense? New Joint Cyber Defense Collaborative from CISA

According to CISA Director Jen Easterly, “The JCDC presents an exciting and important opportunity for this agency and our partners – the creation of a unique planning capability to be proactive vice reactive in our collective approach to dealing with the most serious cyber threats to our nation. The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions. With these extraordinarily capable partners, our initial focus will be on efforts to combat ransomware and developing a planning framework to coordinate incidents affecting cloud service providers.”

[Legal Education Webcast] Breaches, Responses, and Challenges: Cybersecurity Essentials That Every Lawyer Should Know

Every large corporation and organization today face the significant threat of...

Classifying Ransomware? A Ransomware Classification Framework Based on File-Deletion and File-Encryption Attack Structures

This paper evaluates attack methodologies of a ransomware attack: the underlying...

Thwarting Architectural Imbalance? Considering Dynamic Distributed Secure Storage Against Ransomware

In this paper, the authors focus on ransomware, which is a...

Considering Ransomware Risk Management? A Cybersecurity Framework Profile from NIST

Ransomware is a type of malicious attack where attackers encrypt an...

Magnet Forensics Acquires DME Forensics

According to the announcement, under the terms of the agreement, Magnet...

Consilio to Acquire Legal Consulting and eDiscovery Business Units of Special Counsel from Adecco

According to Laurie Chamberlin, Head of Professional Recruitment and Solutions North...

Nuix Acquires Natural Language Processing Company

According to Nuix CEO Rod Vawdrey, “Topos will strengthen Nuix’s product...

UnitedLex Acquires BlackStone Discovery

According to John P. Kelly, CEO and founder of BlackStone Discovery,...

A New Era in eDiscovery? Framing Market Growth Through the Lens of Six Eras

There are many excellent resources for considering chronological and historiographical approaches...

An eDiscovery Market Size Mashup: 2020-2025 Worldwide Software and Services Overview

While the Compound Annual Growth Rate (CAGR) for worldwide eDiscovery software...

Resetting the Baseline? eDiscovery Market Size Adjustments for 2020

An unanticipated pandemeconomic-driven retraction in eDiscovery spending during 2020 has resulted...

Home or Away? New eDiscovery Collection Market Sizing and Pricing Considerations

One of the key home (onsite) or away (remote) decisions that...

Five Great Reads on Cyber, Data, and Legal Discovery for August 2021

From the interplay of digital forensics in eDiscovery to collecting online...

Five Great Reads on Cyber, Data, and Legal Discovery for July 2021

From considerations for cyber insurance and malware to eDiscovery business confidence...

Five Great Reads on eDiscovery for June 2021

From remediating cyberattacks to eDiscovery pricing, the June 2021 edition of...

Five Great Reads on eDiscovery for May 2021

From cyber discovery and data breaches to business of law and...

More Keepers? Predictive Coding Technologies and Protocols Survey – Fall 2021 Results

From the most prevalent predictive coding platforms to the least commonly...

Glowing Expectations? Eighteen Observations on eDiscovery Business Confidence in the Summer of 2021

In the summer of 2021, 63.3% of survey respondents felt that...

Issues Impacting eDiscovery Business Performance: A Summer 2021 Overview

In the summer of 2021, 24.4% of respondents viewed increasing types...

Looking Up? eDiscovery Operational Metrics in the Summer of 2021

In the summer of 2021, 80 eDiscovery Business Confidence Survey participants...