Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
Average rating
Cast your vote
You can rate an item by clicking the amount of stars they wish to award to this item.
When enough users have cast their vote on this item, the average rating will also be shown.
Star rating
Your vote was cast
Thank you for your feedback
Thank you for your feedback
Issue Date
2022-01-01
Metadata
Show full item recordJournal
Smart Innovation, Systems and TechnologiesDOI
10.1007/978-981-16-3637-0_26Additional Links
https://link.springer.com/chapter/10.1007/978-981-16-3637-0_26Abstract
Crypto-ransomware are malicious programs that encrypt the data of an infected machine, making it a hostage until the owner of the device decides to pay the fee to recover their information. This has become a complex cybersecurity problem causing more and more economic damage. Crypto-ransomware has rendered cybersecurity models not adequate since they do not establish specific guidelines for the design of countermeasures. This paper proposes a method for the design of countermeasures related to crypto-ransomware attacks based on the NIST 800–53 revision 4 standard and the Information Security Maturity Model published by ISACA in the COBIT Focus magazine. The model consists of five phases: identify vulnerabilities, assess vulnerabilities, propose countermeasures, implement countermeasures, and evaluate countermeasures. This allows an organization to measure its current cybersecurity state, know cybersecurity measures oriented to crypto-ransomware and its prioritization through criticality indexes in a simple, adaptive and easy to implement way. A case study in a Peruvian company shows the simplicity and ease of use of the method, which allows the design of countermeasures with which the level of cybersecurity can be improved by 55.6%.Type
info:eu-repo/semantics/articleRights
info:eu-repo/semantics/embargoedAccessLanguage
engDescription
El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado.ISSN
21903018EISSN
21903026ae974a485f413a2113503eed53cd6c53
10.1007/978-981-16-3637-0_26
Scopus Count
Collections