2:49
4 ry Assignment Details
CJE6695 RVC 1248
Reminde
Add due date reminder notifications about this +
assignment on this device.
Submission Types
File Upload
Description
Instructions
Offender pathways (2-3 Pages)
You must apply one theory covered in this course
under ‘offender pathways’ (see Hutchings & Clayton
(2016) for examples), and explain how it accounts, o
fails to account, for the involvement of the offende
s
presented in Essay 1. You will need to describe the key
features of the selected theory, co
ectly defining and
interpreting the theoretical concepts. You should
elate it to relevant academic literature for the
selected theory.
Submit Assignment
Pr...us I
© BH FP OO ©
Dashboard Calendar To Do Notifications Inbox
CJE6695 RVC 1248
Case Study on WannaCry Ransomware Attack
Submitted by:
Shadell Howard
6447509
Florida International University
Instructor:
Dr. Mike Evans
Date of Submission:
September 08, 2024
Introduction
In May 2017, a large-scale ransomware attack that is known as WannaCry has affected
thousands of computer systems across the globe. This attack has impacted different industries
including healthcare, transportation and government institutions that shows severe
consequences of cybercrime. WannaCry exploited vulnerabilities in older versions of
Microsoft Windows operating system. This has encrypted files of users and demanded
Bitcoin payments in exchange for release. This case study will describe about WannaCry
attack along with effects and legal outcomes.
Case Description
The WannaCry ransomware attack started on May 12, 2017 and within few days and it had
infected 200,000 computers. The most affected sectors were National Health Service in
United Kingdom. Hospitals and clinics had to cancel surgeries and appointments due to
locked systems. Another victim included companies like Telefónica in Spain and FedEx in
United States. WannaCry spread by exploiting vulnerability in Windows operating system
that is the flaw in Server Message Block protocol. The vulnerability called EternalBlue was
discovered and exploited by National Security Agency in United States. The ransomware
encrypted data on affected computers and displayed message demanding ransom of $300 in
Bitcoin (Algarni, XXXXXXXXXXThe amount would double if the payment was not made in three
days. After seven days, files will be deleted. Some victims paid ransom and $140,000 worth
of Bitcoin was collected by attackers. The attack was halted when security researcher
discovered the kill switch embedded in malware. In December 2017, the U.S. government
accused North Korean government-backed hacking group Lazarus of orchestrating for the
attack. It was marked as one of the first instances where nation state was accused for using
ansomware as tool of cyberwarfare.
XXXXXXXXXX
XXXXXXXXXX
All paragraphs should be indented.
Academic Literature on Ransomware
WannaCry includes
oader trend of ransomware attacks that has increased frequency and
complexity. Ransomware includes malicious software that encrypts files on computer of
victim. The system becomes inaccessible till ransom is paid. The ransomware attacks have
evolved from small scale operations to massive global campaigns affecting individuals and
large organizations. WannaCry represents as the most important cases of ransomware because
of sheer scale and involvement of a nation state. Theoretical frameworks like Routine
Activity Theory can be applied to understand growing case of ransomware. RAT suggests
that crime occurs when motivated offender selects a suitable target and it is caused because of
lack of capable guardianship converge (Christensen & Liebetrau, XXXXXXXXXXIn case of
WannaCry, vulnerable systems, motivated attackers and lack of timely software patches has
esulted in attack. Many victims had failed to update the operating systems and apply
important security patch released by Microsoft. The failure to patch vulnerable systems has
created an opportunity for cybercriminals to exploit flaw. The important aspect of
ansomware attacks like WannaCry is anonymity that are provided by cryptocu
encies like
Bitcoin. Cryptocu
encies are hard to trace financial flows of ransomware payments that
encourages cybercriminals to adopt these forms of payment. Bitcoin transactions are recorded
on public ledger and identities of users remain hidden. This makes it challenging for law
enforcement to track attackers.
Legal and Ethical Considerations
The WannaCry attack has raised legal and ethical issues related to responsibility by different
stakeholders in preventing cybercrime. The vulnerability discovered by NSA do not disclose
to Microsoft till it was leaked and had created debates about ethics of governments in
handling cybersecurity vulnerabilities (Ghafur et al XXXXXXXXXXCritics had argued that failure of
NSA to disclose vulnerability had put global systems at risk and this has contributed to
success of WannaCry attack. In the legal perspective, the cross-border nature of WannaCry
complicates jurisdiction and law enforcement. North Korea was identified as perpetrator that
includes individuals that are accountable. This has remained as challenge because of lack of
international cooperation and nature of nation state sponsored cybercrime. The involvement
of nation states in cybercrime has led to increased demand for development of international
legal frameworks. This will help in addressing unique challenges that are created by
cyberattacks.
Conclusion
It is concluded that, WannaCry ransomware attack has served as the reminder of
vulnerabilities in global cyberinfrastructure. This has negative effects on cybercrime that can
have public and private sectors. It has highlighted importance of software updates,
international cooperation in fighting cybercrime and ethical considerations su
ounding
disclosure of cybersecurity vulnerabilities by governments. WannaCry has illustrated multiple
elements that are important for cybercrime. It is described by Routine Activity Theory and
ole of cryptocu
encies in conducting ransomware attacks. Cybercrime are evolving and
attacks like WannaCry had relevant in shaping cybersecurity policies and practices across the
globe. It is important to develop better cybersecurity for ensuring safety of data.
References
Algarni, S XXXXXXXXXXCybersecurity attacks: Analysis of “wannacry” attack and proposing
methods for reducing or preventing such attacks in future. In ICT Systems and
Sustainability: Proceedings of ICT4SD 2020, Volume 1 (pp XXXXXXXXXXSpringer
Singapore.
Christensen, K. K., & Liebetrau, T XXXXXXXXXXA new role for ‘the public’? Exploring cyber
security controversies in the case of WannaCry. Intelligence and National
Security, 34(3), XXXXXXXXXX.
Ghafur, S., Kristensen, S., Honeyford, K., Martin, G., Darzi, A., & Aylin, P XXXXXXXXXXA
etrospective impact analysis of the WannaCry cyberattack on the NHS. NPJ digital
medicine, 2(1), 98.