Thwarting Architectural Imbalance? Considering Dynamic Distributed Secure Storage Against Ransomware

In this paper, the authors focus on ransomware, which is a type of digital crime that is essentially theft of information followed by demanding a ransom from the victim to regain access. They recommend a paradigm change, akin to the ARPANET project, with regards to a broadly deployed network storage system. The intent is to find a solution which addresses: 1) the financial incentive for ransomware attacks and 2) the difficulty of securing a system from an ever-evolving social/technical attack matrix. In addition, the authors take into account the restraint that any solution must be cost-effective.

en flag
nl flag
et flag
fi flag
fr flag
de flag
he flag
ja flag
lv flag
pl flag
pt flag
ru flag
es flag

Content Assessment: Thwarting Architectural Imbalance? Considering Dynamic Distributed Secure Storage Against Ransomware

Information - 90%
Insight - 95%
Relevance - 90%
Objectivity - 90%
Authority - 95%

92%

Excellent

A short percentage-based assessment of the qualitative benefit of the published paper on dynamic distributed secure storage to thwart ransomware.

Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.


Research Report*

Dynamic Distributed Secure Storage Against Ransomware

Citation: J. Castiglione and D. Pavlovic, “Dynamic Distributed Secure Storage Against Ransomware,” in IEEE Transactions on Computational Social Systems, vol. 7, no. 6, pp. 1469-1475, Dec. 2020, doi: 10.1109/TCSS.2019.2924650.

Abstract

In just a few years, ransomware evolved into one of the most pernicious threats on the web. From hijacking private disks, the cybercriminals moved to disabling hospital networks, while the cyberwarriors launched destructive cyberwar exercises masquerading as ransomware. To match the variety of attacks, there is also a variety of promising proposals for the mitigation of the ransomware problem by disrupting the attack cycle at various points. None of them seems to be eliminating the vulnerability of static nodes in dynamic networks. We put forward the idea that ransomware is a symptom of a broader problem of architectural imbalance in social computation, while the processes are dynamic and nonlocal, the storage is static and local. We study and discuss some paths toward dynamic, nonlocal, and secure storage. Furthermore, we provide a toy method for locally encrypting the data that can provide a balance of high security and encryption speed.

Introduction: Why is There Ransomware?

In the recent years, ransomware has emerged as a significant threat across all levels of use, from individuals, hospitals, and banks, to government institutions and organizations. It continues to spread, since ultimately it is profitable. The passive storage architecture enables malicious executables to hijack the locally stored data. Until recently, the stolen data was siphoned away and monetized on the black market. Ransomware enabled criminals to profit from hacking into systems where the data could not be sold to other criminals. They realized the data had value to the owners.

Why is hijacking local storage and ransoming it to the owner much easier than attempting to ransom the communication links? The answer to this question is full of intrigue and goes back to the design of the Internet. The origin story of the Internet is motivated by the cold war. The United States of America and the Union of Soviet Socialist Republics were in an arms race. They were designing nuclear command and control systems to insure if one side launched nuclear ballistic missiles then the other would respond in kind. The main concern was designing a communications network that was resilient to nuclear attack so that it may delay the launch of a retaliation strike in case of any erroneous warnings. P. Baran of RAND Corporation studied the problem and, in multiple reports, started architecting a new system where the switching nodes stored minimal information. The work at RAND in the 1960s made a paradigm change in the communications systems so that a large message would be broken up into smaller ones of a fixed size and be passed along until it reached its destination.

As mentioned above, the Internet was born of social and political challenges. It answered the requirement of a robust communications infrastructure that could survive an all-out nuclear war. A consequence of designing such a robust communications network is that criminals now have access and are able to reach beyond their backyard. We argue that ransomware and denial of access to data present us with the next challenge. It is imperative to design a resilient and secure storage system that can survive local attacks and the degradation of service.

In this paper, we focus on ransomware, which is a type of digital crime that is essentially theft of information followed by demanding a ransom from the victim to regain access. We recommend a paradigm change, akin to the ARPANET project, with regards to a broadly deployed network storage system. The intent is to find a solution which addresses: 1) the financial incentive for ransomware attacks and 2) the difficulty of securing a system from an ever-evolving social/technical attack matrix. In addition, we take into account the restraint that any solution must be cost-effective.

Thus, we submit that the architecture with: 1) local, single-copy storage of valuable confidential data and 2) local control of program executions, often irreversible, is indefensible. Either 1) needs to be relaxed, so that the confidentiality requirement can be satisfied by nonlocal, cloud storage. Otherwise, 2) needs to be relaxed, and the executions of potentially harmful payloads should be removed from the user’s hands.

The confluence of problems (1) and (2) is due to legacy and commercial interests. Changing the architecture is much easier and cheaper than defending it. Resolving problem (2) by restricting what the users can execute has been introduced effectively and resourcefully when this was needed for digital rights management (DRM) and for the software IP protections, as well as when such restrictions provided a foundation for the market of approved apps. Resolving problem (1) by assuring the confidentiality of nonlocal (cloud) storage is an interesting challenge which requires reconciling technical investments into the solution and the rational confidentiality requirements.

Read from the original source.


Complete Report: Dynamic Distributed Secure Storage Against Ransomware (PDF) – Mouseover to Scroll

Dynamic Distributed Secure Storage Against Ransomware

Read the original report.

*Shared with permission under Creative Commons – Attribution 4.0 International (CC BY 4.0) – license.


Additional Reading

Source: ComplexDiscovery

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

ComplexDiscovery is an online publication that highlights cyber, data and legal discovery insight and intelligence ranging from original research to aggregated news for use by business, information technology, and legal professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data and legal discovery organizations. Registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world, ComplexDiscovery OÜ operates virtually worldwide to deliver marketing consulting and services.

U.S. Department of Treasury Takes Actions to Counter Ransomware

According to Treasury Secretary Janet L. Yellen, “Ransomware and cyber-attacks are...

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE): September 2021 Cyber Events Report

The twelfth installment in the cyber events series published by the...

[Legal Education Webcast] Breaches, Responses, and Challenges: Cybersecurity Essentials That Every Lawyer Should Know

Every large corporation and organization today face the significant threat of...

Classifying Ransomware? A Ransomware Classification Framework Based on File-Deletion and File-Encryption Attack Structures

This paper evaluates attack methodologies of a ransomware attack: the underlying...

Mitratech Acquires Alyne

According to Mike Williams, CEO of Mitratech, "The combination of Alyne...

Magnet Forensics Acquires DME Forensics

According to the announcement, under the terms of the agreement, Magnet...

Consilio to Acquire Legal Consulting and eDiscovery Business Units of Special Counsel from Adecco

According to Laurie Chamberlin, Head of Professional Recruitment and Solutions North...

Nuix Acquires Natural Language Processing Company

According to Nuix CEO Rod Vawdrey, “Topos will strengthen Nuix’s product...

A New Era in eDiscovery? Framing Market Growth Through the Lens of Six Eras

There are many excellent resources for considering chronological and historiographical approaches...

An eDiscovery Market Size Mashup: 2020-2025 Worldwide Software and Services Overview

While the Compound Annual Growth Rate (CAGR) for worldwide eDiscovery software...

Resetting the Baseline? eDiscovery Market Size Adjustments for 2020

An unanticipated pandemeconomic-driven retraction in eDiscovery spending during 2020 has resulted...

Home or Away? New eDiscovery Collection Market Sizing and Pricing Considerations

One of the key home (onsite) or away (remote) decisions that...

Five Great Reads on Cyber, Data, and Legal Discovery for September 2021

From countering ransomware to predictive coding and packaged services, the September...

Five Great Reads on Cyber, Data, and Legal Discovery for August 2021

From the interplay of digital forensics in eDiscovery to collecting online...

Five Great Reads on Cyber, Data, and Legal Discovery for July 2021

From considerations for cyber insurance and malware to eDiscovery business confidence...

Five Great Reads on eDiscovery for June 2021

From remediating cyberattacks to eDiscovery pricing, the June 2021 edition of...

More Keepers? Predictive Coding Technologies and Protocols Survey – Fall 2021 Results

From the most prevalent predictive coding platforms to the least commonly...

Glowing Expectations? Eighteen Observations on eDiscovery Business Confidence in the Summer of 2021

In the summer of 2021, 63.3% of survey respondents felt that...

Issues Impacting eDiscovery Business Performance: A Summer 2021 Overview

In the summer of 2021, 24.4% of respondents viewed increasing types...

Looking Up? eDiscovery Operational Metrics in the Summer of 2021

In the summer of 2021, 80 eDiscovery Business Confidence Survey participants...