An analysis of lockergoga ransomware
2019 (English)In: 2019 IEEE East-West Design and Test Symposium, EWDTS 2019, Institute of Electrical and Electronics Engineers Inc. , 2019Conference paper, Published paper (Refereed)
Abstract [en]
This paper contains an analysis of the LockerGoga ransomware that was used in the range of targeted cyberattacks in the first half of 2019 against Norsk Hydra-A world top 5 aluminum manufacturer, as well as the US chemical enterprises Hexion, and Momentive-Those companies are only the tip of the iceberg that reported the attack to the public. The ransomware was executed by attackers from inside a corporate network to encrypt the data on enterprise servers and, thus, taking down the information control systems. The intruders asked for a ransom to release a master key and decryption tool that can be used to decrypt the affected files. The purpose of the analysis is to find out tactics and techniques used by the LockerGoga ransomware during the cryptolocker attack as well as an encryption model to answer the question if the encrypted files can be decrypted with or without paying a ransom. The scientific novelty of the paper lies in an analysis methodology that is based on various reverse engineering techniques such as multi-process debugging and using open source code of a cryptographic library to find out a ransomware encryption model. © 2019 IEEE.
Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc. , 2019.
Keywords [en]
cryptography, cryptolocker, encryption, LockerGoga, Malware, Malware Analysis, Ransomware, Reverse Engineering, targeted attack, Aluminum alloys, Chemical analysis, Chemical attack, Locks (fasteners), Open source software, Open systems, Sea ice, Chemical enterprise, Corporate networks, Information control systems, Reverse engineering techniques
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:bth-19011DOI: 10.1109/EWDTS.2019.8884472Scopus ID: 2-s2.0-85075277685ISBN: 9781728110035 (print)OAI: oai:DiVA.org:bth-19011DiVA, id: diva2:1377978
Conference
2019 IEEE East-West Design and Test Symposium, EWDTS, Batumi; Georgia, 13 September 2019 through 16 September
2019-12-132019-12-132019-12-13Bibliographically approved