Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence

Ziya Genç, Gabriele Lenzini

Abstract

Previous research has shown that developers rely on public platforms and repositories to produce functional but insecure code. We looked into the matter for ransomware, enquiring whether also ransomware engineers re-use the work of others and produce insecure code. By methodically reverse-engineering 128 malware executables, we have found that, out of 21 ransomware samples, 9 contain copy-paste code from public resources. Thanks to this finding, we managed to retrieve the decryption keys with which to nullify the ransomware attacks. From this fact, we recall critical cases of code disclosure in the recent history of ransomware and, arguing that ransomware are components in cyber-weapons, reflect on the dual-use nature of this research. We further discuss benefits and limits of using cyber-intelligence and counter-intelligence strategies that could be used against this threat.

Download


Paper Citation


in Harvard Style

Genç Z. and Lenzini G. (2020). Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence.In Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-399-5, pages 585-592. DOI: 10.5220/0009000505850592


in Bibtex Style

@conference{icissp20,
author={Ziya Genç and Gabriele Lenzini},
title={Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2020},
pages={585-592},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009000505850592},
isbn={978-989-758-399-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence
SN - 978-989-758-399-5
AU - Genç Z.
AU - Lenzini G.
PY - 2020
SP - 585
EP - 592
DO - 10.5220/0009000505850592