Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
An analysis of lockergoga ransomware
NioGuard Security Lab, UKR.
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.
Wrocław University of Science and Technology, POL.
2019 (English)In: 2019 IEEE East-West Design and Test Symposium, EWDTS 2019, Institute of Electrical and Electronics Engineers Inc. , 2019Conference paper, Published paper (Refereed)
Abstract [en]

This paper contains an analysis of the LockerGoga ransomware that was used in the range of targeted cyberattacks in the first half of 2019 against Norsk Hydra-A world top 5 aluminum manufacturer, as well as the US chemical enterprises Hexion, and Momentive-Those companies are only the tip of the iceberg that reported the attack to the public. The ransomware was executed by attackers from inside a corporate network to encrypt the data on enterprise servers and, thus, taking down the information control systems. The intruders asked for a ransom to release a master key and decryption tool that can be used to decrypt the affected files. The purpose of the analysis is to find out tactics and techniques used by the LockerGoga ransomware during the cryptolocker attack as well as an encryption model to answer the question if the encrypted files can be decrypted with or without paying a ransom. The scientific novelty of the paper lies in an analysis methodology that is based on various reverse engineering techniques such as multi-process debugging and using open source code of a cryptographic library to find out a ransomware encryption model. © 2019 IEEE.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc. , 2019.
Keywords [en]
cryptography, cryptolocker, encryption, LockerGoga, Malware, Malware Analysis, Ransomware, Reverse Engineering, targeted attack, Aluminum alloys, Chemical analysis, Chemical attack, Locks (fasteners), Open source software, Open systems, Sea ice, Chemical enterprise, Corporate networks, Information control systems, Reverse engineering techniques
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:bth-19011DOI: 10.1109/EWDTS.2019.8884472Scopus ID: 2-s2.0-85075277685ISBN: 9781728110035 (print)OAI: oai:DiVA.org:bth-19011DiVA, id: diva2:1377978
Conference
2019 IEEE East-West Design and Test Symposium, EWDTS, Batumi; Georgia, 13 September 2019 through 16 September
Available from: 2019-12-13 Created: 2019-12-13 Last updated: 2019-12-13Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Carlsson, Anders

Search in DiVA

By author/editor
Carlsson, Anders
By organisation
Department of Computer Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 22 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf