A systematic literature review on ransomware detection by evidence-based software engineering method

Yıl 2024, Cilt: 2 Sayı: 2, 64 - 77, 30.12.2024

Engin Kuzu , Hakan Kekül , Halil Arslan

Öz

Ransomware attacks, which aim to take ransom by encrypting the files they infect with unbreakable passwords, have become an increasing threat in recent years. Decrypting encrypted files without data loss is nearly impossible without the encryption key. This often obliges ransomware victims to pay the amount of the ransom demanded. The purpose of our study is to present a systematic literature review of ransomware detection research. The method we base on while performing a systematic literature review is the Evidence-Based Software engineering approach. This approach is based on the Evidence-Based Medicine method, which has been successfully applied in many fields. Six steps of Evidence-Based Software Engineering have been implemented in sequence. For this purpose, 114 scientific articles, which fall within the scope of our research questions, were researched from the studies conducted between 2017 and 2022 on ransomware detection. According to our quality evaluation rules, 49 articles meeting our quality criteria were analyzed. The answers to our research questions, which we determined through the analyzed articles, are presented in detail.

Anahtar Kelimeler

Evidence-Based Software Engineering, EBSE, Malware, Ransomware Detection, Ransomware Analysis

Kanıta Dayalı Yazılım Mühendisliği Yöntemiyle Fidye Yazılımı Tespitine İlişkin Sistematik Bir Literatür İncelemesi

Öz

Bulaştıkları dosyaları kırılamaz şifrelerle şifreleyerek fidye almayı amaçlayan fidye yazılımı saldırıları, son yıllarda giderek artan bir tehdit haline geldi. Şifrelenmiş dosyaların şifresini veri kaybı olmadan çözmek, şifreleme anahtarı olmadan neredeyse imkansızdır. Bu genellikle fidye yazılımı kurbanlarının talep edilen fidye miktarını ödemesini zorunlu kılar. Çalışmamızın amacı fidye yazılımı tespit araştırmalarına ilişkin sistematik bir literatür taraması sunmaktır. Sistematik bir literatür taraması yaparken esas aldığımız yöntem Kanıta Dayalı Yazılım mühendisliği yaklaşımıdır. Bu yaklaşımın temeli birçok alanda başarıyla uygulanan Kanıta Dayalı Tıp yöntemine dayanmaktadır. Kanıta Dayalı Yazılım Mühendisliğinin altı adımı sırasıyla uygulanmıştır. Bu amaçla 2017-2022 yılları arasında fidye yazılım tespiti konusunda yapılan çalışmalardan araştırma sorularımız kapsamına giren 114 bilimsel makale araştırıldı. Kalite değerlendirme kurallarımıza göre kalite kriterlerimizi karşılayan 49 makale analiz edildi. İncelenen makaleler üzerinden belirlediğimiz araştırma sorularımızın cevapları detaylı olarak sunulmaktadır.

Anahtar Kelimeler

Kanıta Dayalı Yazılım Mühendisliği, EBSE, Fidye Yazılımı Tespiti, Fidye Yazılımı Analizi, Zararlı Yazılım

Kaynakça

• 1]D. L. Sackett, W. M. C. Rosenberg, J. A. M. Gray, R. B. Haynes, and W. S. Richardson, “Evidence based medicine: what it is and what it isn’t. 1996.,” Clinical orthopaedics and related research, vol. 455, no. 7023. British Medical Journal Publishing Group, pp. 3–5, 2007. doi: 10.1136/bmj.312.7023.71.
• [2]O. A. Uysal, “Kanıta dayalı Tıp (KdT),” Tıp Fakültesi KlinikleriDergisi, vol. 2, no. 3. Istanbul Aydin University,atk@aydin.edu.tr, pp. 83–89, 2019.
• [3]B. A. Kitchenham, T. Dybå, and M. Jørgensen, “Evidence-based software engineering,” in Proceedings - InternationalConference on Software Engineering, 2004, pp. 273–281.doi: 10.1109/icse.2004.1317449.
• [4]S. Saxena and H. K. Soni, “Strategies for ransomware removal and prevention,” in Proceedings of the 4th IEEE InternationalConference on Advances in Electrical and Electronics,Information, Communication and Bio-Informatics, AEEICB2018, 2018, pp. 1–4. doi: 10.1109/AEEICB.2018.8480941.
• [5]A. Gazet, “Comparative analysis of various ransomwarevirii,” Journal in Computer Virology, vol. 6, no. 1, pp. 77–90,2010, doi: 10.1007/s11416-008-0092-2.
• [6]S. ÇELİK and B. ÇELİKTAŞ, “Güncel Siber Güvenlik Tehditleri: Fidye Yazılımlar,” CyberPolitik Journal, vol. 3, no. 5, pp. 105–132, 2018.
• [7]D. F. Netto, K. M. Shony, and E. R. Lalson, “An IntegratedApproach for Detecting Ransomware Using Static andDynamic Analysis,” in 2018 International CET Conference onControl, Communication, and Computing, IC4 2018, 2018,pp. 410–414. doi: 10.1109/CETIC4.2018.8531017.
• [8]T. Dumitras, “When Malware Changed Its Mind: How" SplitPersonalities" Affect Malware Analysis and Detection,” 2023.
• [9]I. Kara and M. Aydos, “Static and Dynamic Analysis of ThirdGeneration Cerber Ransomware,” in International Congresson Big Data, Deep Learning and Fighting Cyber Terrorism,IBIGDELFT 2018 - Proceedings, 2019, pp. 12–17. doi:10.1109/IBIGDELFT.2018.8625353.
• [10]J. S. Aidan, Zeenia, and U. Garg, “Advanced PetyaRansomware and Mitigation Strategies,” in ICSCCC 2018 - 1st International Conference on Secure Cyber Computing andCommunications, 2018, pp. 23–28. doi: 10.1109/ICSCCC .2018.8703323.
• [11] E. Berrueta, D. Morato, E. Magana, and M. Izal, “A Survey on Detection Techniques for Cryptographic Ransomware,” IEEEAccess, vol. 7, pp. 144925–144944, 2019, doi:10.1109/ACCESS.2019.2945839.
• [12]A. Fagioli, “Zero-day recovery: the key to mitigating theransomware threat,” Computer Fraud and Security, vol.2019, no. 1, pp. 6–9, 2019, doi: 10.1016/S1361-3723(19)30006-5.
• [13]H. Ö. Baktır, B. Çelik, and S. Işık, “REMnux Linux Dağıtımınınİncelenmesi ve Örnek bir Kötücül Yazılım Analiz Uygulaması.Review of REMnux Linux Distro and a Sample MalwareAnalysis - PDF Free Download”.
• [14]M. Akbanov, V. G. Vassilakis, and M. D. Logothetis,“Ransomware detection and mitigation using software-defined networking: The case of WannaCry,” Computers and Electrical Engineering, vol. 76, pp. 111–121, 2019, doi:10.1016/j.compeleceng.2019.03.012.
• [15] S. R. Davies, R. Macfarlane, and W. J. Buchanan, “Evaluation of live forensic techniques in ransomware attack mitigation,” Forensic Science International: Digital Investigation, vol. 33,p.300979, 2020, doi: 10.1016/j.fsidi.2020.300979.
• [16]S. H. Kok, A. Abdullah, and N. Z. Jhanjhi, “Early detection ofcrypto-ransomware using pre-encryption detectionalgorithm,” Journal of King Saud University - Computer andInformation Sciences, vol. 34, no. 5, pp. 1984–1999, 2022,doi: 10.1016/j.jksuci.2020.06.012.
• [17]M. Humayun, N. Z. Jhanjhi, A. Alsayat, and V. Ponnusamy,“Internet of things and ransomware: Evolution, mitigation andprevention,” Egyptian Informatics Journal, vol. 22, no. 1, pp. 105–117, Mar. 2021, doi: 10.1016/J.EIJ.2020.05.003.
• [18]A. Arabo, R. Dijoux, T. Poulain, and G. Chevalier, “Detectingransomware using process behavior analysis,” Procedia ComputSci, vol. 168, pp. 289–296, 2020, doi:10.1016/j.procs.2020.02.249.
• [19] A. Patel and J. Tailor, “A malicious activity monitoring mechanism to detect and prevent ransomware,” Computer Fraud andSecurity, vol. 2020, no. 1, pp. 14–19, 2020, doi: 10.1016/S1361-3723(20)30009-9.
• [20] D. Berry, W. T.-I. T. on Software, and undefined 2003, “Comments on" Formal methods application: an empirical tale of softwaredevelopment",” ieeexplore.ieee.org.
• [21]M. Jorgensen, … T. D.-11th I. I., and undefined 2005, “Teachingevidence-based software engineering to university students,”ieeexplore.ieee.org.
• [22]T. Dybå, B. A. Kitchenham, and M. Jorgensen, “Evidence-based software engineering for practitioners,” IEEE Softw, vol. 22, no. 1, pp. 58–65, Jan. 2005, doi: 10.1109/MS.2005.6.
• [23]M. V Zelkowitz, D. Binkley, D. R. Wallace, and D. W. Binkley,“Experimental validation of new software technology,” WorldScientific, pp. 229–263, Mar. 2003, doi:10.1142/9789812795588_0006.
• [24]K. Cabaj, M. Gregorczyk, and W. Mazurczyk, “Software-defined networking-based crypto ransomware detection using HTTPtraffic characteristics,” Computers and Electrical Engineering, vol. 66, pp. 353–368, 2018, doi: 10.1016/j.compeleceng.2017.10.012.
• [25]G. Cusack, O. Michel, and E. Keller, “Machine learning-based detection of ransomware using SDN,” in SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network FunctionVirtualization, Co-located with CODASPY 2018, 2018, pp. 1–6. doi: 10.1145/3180465.3180467.
• [26]Y. L. Wan, J. C. Chang, R. J. Chen, and S. J. Wang, “Feature-Selection-Based Ransomware Detection with Machine Learningof Data Analysis,” 2018 3rd International Conference onComputer and Communication Systems, ICCCS 2018, pp. 392–396, 2018, doi: 10.1109/CCOMS.2018. 8463300.
• [27] A. O. Almashhadani, M. Kaiiali, S. Sezer, and P. O’Kane, “A Multi-Classifier Network-Based Crypto Ransomware Detection System: A Case Study of Locky Ransomware,” IEEE Access, vol. 7, pp.47053–47067, 2019, doi: 10.1109/ACCESS.2019.2907485.
• [28]L. F. Maimó, A. H. Celdrán, Á. L. Perales Gómez, F. J. GarcíaClemente, J. Weimer, and I. Lee, “Intelligent and dynamicransomware spread detection and mitigation in integrated clinical environments,” Sensors (Switzerland), vol. 19, no. 5, 2019, doi:10.3390/s19051114.
• [29]T. M. Liu, D. Y. Kao, and Y. Y. Chen, “Loocipher ransomwaredetection using lightweight packet characteristics,” ProcediaComput Sci, vol. 176, pp. 1677–1683, 2020, doi:10.1016/j.procs.2020.09.192.
• [30]A. El-Kosairy and M. A. Azer, “Intrusion and ransomwaredetection system,” ieeexplore.ieee.org, pp. 1–7, 2018, doi:10.1109/cais.2018.8471688.
• [31] S. Sheen, K. A. Asmitha, and S. Venkatesan, “R-Sentry: Deception based ransomware detection using file access patterns,”Computers and Electrical Engineering, vol. 103, p. 108346, 2022, doi: 10.1016/j.compeleceng.2022.108346.
• [32]P. Sharma, S. Kapoor, and R. Sharma, “Ransomware detection,prevention and protection in IoT devices using ML techniquesbased on dynamic analysis approach,” International Journal ofSystem Assurance Engineering and Management, 2022, doi:10.1007/s13198-022-01793-0.
• [33]S. H. Kok, A. Azween, and N. Z. Jhanjhi, “Evaluation metric forcrypto-ransomware detection using machine learning,” Journal of Information Security and Applications, vol. 55, p. 102646, 2020,doi: 10.1016/j.jisa.2020.102646.
• [34] M. Medhat, S. Gaber, and N. Abdelbaki, “A new static-based framework for ransomware detection,” in Proceedings - IEEE 16th International Conference on Dependable, Autonomic and SecureComputing, IEEE 16th International Conference on PervasiveIntelligence and Computing, IEEE 4th International Conference onBig Data Intelligence and Computing and IEEE 3, 2018, pp. 710–715. doi: 10.1109/DASC/PiCom/DataCom/CyberSciTec.2018. 00124.
• [35]B. M. Khammas, “Ransomware Detection using Random ForestTechnique,” ICT Express, vol. 6, no. 4, pp. 325–331, 2020, doi:10.1016/j.icte.2020.11.001.
• [36] Z. Abdullah, F. W. Muhadi, M. M. Saudi, I. R. A. Hamid, and C. F. M.Foozy, “Android Ransomware Detection Based on DynamicObtained Features,” Advances in Intelligent Systems andComputing, vol. 978 AISC, pp. 121–129, 2020, doi: 10.1007/978-3-030-36056-6_12.
• [37]H. Zuhair, A. Selamat, and O. Krejcar, “A multi-tier streaminganalytics model of 0-day ransomware detection using machinelearning,” Applied Sciences (Switzerland), vol. 10, no. 9, 2020, doi: 10.3390/app10093210.
• [38] F. Mercaldo, “A framework for supporting ransomware detection and prevention based on hybrid analysis,” Journal of ComputerVirology and Hacking Techniques, vol. 17, no. 3, pp. 221–227, Sep. 2021, doi: 10.1007/S11416-021-00388-W.
• [39]P. Mohan Anand, P. V. Sai Charan, and S. K. Shukla, “AComprehensive API Call Analysis for Detecting Windows-Based Ransomware,” in Proceedings of the 2022 IEEE InternationalConference on Cyber Security and Resilience, CSR 2022, 2022, pp. 337–344. doi: 10.1109/CSR54599. 2022.9850320.
• [40] S. Maniath, A. Ashok, P. Poornachandran, V. G. Sujadevi, A. U. P. Sankar, and S. Jan, “Deep learning LSTM based ransomwaredetection,” 2017 Recent Developments in Control, Automationand Power Engineering, RDCAPE 2017, pp. 442–446, 2018, doi:10.1109/RDCAPE.2017.8358312.
• [41]N. Harikrishnan and K. Soman, “Detecting Ransomwareusing GURLS,” Proceedings of 2018 2nd InternationalConference on Advances in Electronics, Computers andCommunications, ICAECC 2018, 2018, doi: 10.1109/ICAECC.2018.8479444.
• [42]S. Sheen and A. Yadav, “Ransomware detection by miningAPI call usage,” in 2018 International Conference onAdvances in Computing, Communications and Informatics,ICACCI 2018, 2018, pp. 983–987. doi: 10.1109/ICACCI.2018.8554938.
• [43] L. Chen, C.-Y. Yang, A. Paul, and R. Sahita, “Towards resilientmachine learning for ransomware detection,” Dec. 2018.
• [44]S. SECHEL, “A Comparative Assessment of ObfuscatedRansomware Detection Methods,” Informatica Economica,vol. 23, no. 2/2019, pp. 45–62, 2019, doi:10.12948/issn14531305/23.2.2019.05.
• [45]M. Hirano and R. Kobayashi, “Machine Learning BasedRansomware Detection Using Storage Access PatternsObtained from Live-forensic Hypervisor,” 2019 6thInternational Conference on Internet of Things: Systems,Management and Security, IOTSMS 2019, 2019, doi:10.1109/IOTSMS48152.2019.8939214.
• [46]M. AL-Hawawreh and E. Sitnikova, “Industrial internet ofthings based ransomware detection using stackedvariational neural network,” ACM International ConferenceProceeding Series, pp. 126–130, Aug. 2019, doi:10.1145/3361758.3361763.
• [47] A. Alsabeh, H. Safa, E. Bou-Harb, and J. Crichigno, “Exploiting Ransomware Paranoia for Execution Prevention,” in IEEEInternational Conference on Communications, 2020, pp. 1–6.doi: 10.1109/ICC40277.2020.9149005.
• [48] J. Hwang, J. Kim, S. Lee, and K. Kim, “Two-Stage Ransomware Detection Using Dynamic Analysis and Machine LearningTechniques,” Wirel Pers Commun, vol. 112, no. 4, pp. 2597–2609, 2020, doi: 10.1007/s11277-020-07166-9.
• [49]Y. A. Ahmed, B. Koçer, and B. A. S. Al-Rimy, “AutomatedAnalysis Approach for the Detection of High SurvivableRansomware,” KSII Transactions on Internet and Information Systems, vol. 14, no. 5, pp. 2236–2257, 2020, doi:10.3837/tiis.2020.05.021.
• [50] M. Izham Jaya and M. F. A. Razak, “Dynamic Ransomware Detection for Windows Platform Using Machine Learning Classifiers,”International Journal on Informatics Visualization, vol. 6, no. 2, pp. 469–474, 2022, doi: 10.30630/joiv.6.2-2.1093.
• [51] F. Khan, C. Ncube, L. K. Ramasamy, S. Kadry, and Y. Nam, “A Digital DNA Sequencing Engine for Ransomware Detection Using Machine Learning,” IEEE Access, vol. 8, pp. 119710–119719, 2020, doi:10.1109/ACCESS.2020.3003785.
• [52]F. Manavi and A. Hamzeh, “A New Method for RansomwareDetection Based on PE Header Using Convolutional NeuralNetworks,” Proceedings of 17th International ISC Conference onInformation Security and Cryptology, ISCISC 2020, pp. 82–87, 2020, doi: 10.1109/ISCISC51277.2020. 9261903.
• [53] F. Manavi and A. Hamzeh, “A novel approach for ransomwaredetection based on PE header using graph embedding,” Journal of Computer Virology and Hacking Techniques, vol. 18, no. 4, pp. 285–296, 2022, doi: 10.1007/s11416-021-00414-x.
• [54] A. Bahrani and A. J. Bidgly, “Ransomware detection using process mining and classification algorithms,” Proceedings of 16thInternational ISC Conference on Information Security andCryptology, ISCISC 2019, pp. 73–77, 2019, doi:10.1109/ISCISC48546.2019.8985149.
• [55] R. Bold, H. Al-Khateeb, and N. Ersotelos, “Reducing False Negatives in Ransomware Detection: A Critical Evaluation of Machine Learning Algorithms,” Applied Sciences (Switzerland), vol. 12, no. 24, 2022,doi: 10.3390/app12241 2941.
• [56]R. Vinayakumar, K. P. Soman, K. K. S. Velan, and S. Ganorkar,“Evaluating shallow and deep networks for ransomware detection and classification,” in 2017 International Conference on Advances in Computing, Communications and Informatics, ICACCI 2017, 2017,pp. 259–265. doi: 10.1109/ICACCI.2017.8125850.
• [57] A. Karimi and M. H. Moattar, “Android ransomwaredetection using reduced opcode sequence and imagesimilarity,” 2017 7th International Conference on Computerand Knowledge Engineering, ICCKE 2017, vol. 2017-Janua,pp. 229–234, 2017, doi: 10.1109/ICCKE.2017.8167881.
• [58]J. A. H. Silva and M. Hernandez-Alvarez, “Large scaleransomware detection by cognitive security,” 2017 IEEE 2ndEcuador Technical Chapters Meeting, ETCM 2017, vol. 2017-Janua, pp. 1–4, 2018, doi: 10.1109/ETCM.2017.8247484.
• [59]F. Noorbehbahani, F. Rasouli, and M. Saberi, “Analysis ofmachine learning techniques for ransomware detection,”Proceedings of 16th International ISC Conference onInformation Security and Cryptology, ISCISC 2019, pp. 128–133, Aug. 2019, doi: 10.1109/ISCISC48546.2019.8985139.
• [60]S. Poudyal, D. Dasgupta, Z. Akhtar, and K. Gupta, “A multi-level ransomware detection framework using naturallanguage processing and machine learning,” in 14thInternational Conference on Malicious and UnwantedSoftware” MALCON, 2019.
• [61]K. Lee, S. Y. Lee, and K. Yim, “Machine Learning Based FileEntropy Analysis for Ransomware Detection in BackupSystems,” IEEE Access, vol. 7, pp. 110205–110215, 2019, doi:10.1109/ACCESS.2019.2931136.
• [62]Y. L. Dion and S. N. Brohi, “An experimental study toevaluate the performance of machine learning algorithms inransomware detection,” Journal of Engineering Science andTechnology, vol. 15, no. 2, pp. 967–981, 2020.
• [63]E. Ketzaki, P. Toupas, K. M. Giannoutakis, A. Drosou, and D.Tzovaras, “A Behaviour based Ransomware Detection usingNeural Network Models,” 2020 10th InternationalConference on Advanced Computer InformationTechnologies, ACIT 2020 - Proceedings, pp. 747–750, 2020,doi: 10.1109/ACIT49673.2020.9208974.
• [64]D. Smith, S. Khorsandroo, and K. Roy, “Machine LearningAlgorithms and Frameworks in Ransomware Detection,”IEEE Access, vol. 10, pp. 117597–117610, 2022, doi:10.1109/ACCESS.2022.3218779.
• [65]R. Agrawal, J. W. Stokes, K. Selvaraj, and M. Marinescu,“Attention in Recurrent Neural Networks for RansomwareDetection,” in ICASSP, IEEE International Conference onAcoustics, Speech and Signal Processing - Proceedings, 2019, pp. 3222–3226. doi: 10.1109/ICASSP.2019.8682899.
• [66]M. Al-Hawawreh and E. Sitnikova, “Leveraging DeepLearning Models for Ransomware Detection in the Industrial Internet of Things Environment,” 2019 MilitaryCommunications and Information Systems Conference,MilCIS 2019 - Proceedings, 2019, doi: 10.1109/MilCIS.2019.8930732.
• [67] H. Kim, J. Park, H. Kwon, K. Jang, and H. Seo, “Convolutionalneural network-based cryptography ransomware detectionfor low-end embedded processors,” Mathematics, vol. 9, no.7, Apr. 2021, doi: 10.3390/math9070705.
• [68] U. Zahoora, A. Khan, M. Rajarajan, S. H. Khan, M. Asam, and T.Jamal, “Ransomware detection using deep learning basedunsupervised feature extraction and a cost sensitive ParetoEnsemble classifier,” Sci Rep, vol. 12, no. 1, p. 15647, 2022,doi: 10.1038/s41598-022-19443-7.
• [69]“WannaCry Fidye Yazılımı Hakkında Bilmeniz Gereken HerŞey.” Accessed: Apr. 14, 2023. [Online]. Available: https://www. kaspersky.com.tr/resource-center/threats/ransomware-wannacry
• [70]“GitHub - ytisf/theZoo: A repository of LIVE malwares foryour own joy and pleasure. theZoo is a project created tomake the possibility of malware analysis open and availableto the public.” Accessed: Apr. 14, 2023. [Online]. Available:https://github.com/ytisf/theZoo
• [71]B. A. S. Al-rimy, M. A. Maarof, and S. Z. M. Shaid, “Crypto-ransomware early detection model using novel incrementalbagging with enhanced semi-random subspace selection,”Future Generation Computer Systems, vol. 101, pp. 476–491, Dec. 2019, doi: 10.1016/j.future.2019.06.005.
• [72]“VirusTotal - Home.” Accessed: Apr. 14, 2023. [Online].Available: https://www.virustotal.com/gui/home/upload
• [73]“The TON_IoT Datasets | UNSW Research.” Accessed: Apr.14, 2023. [Online]. Available: https://research.unsw.edu.au/ projects/toniot-datasets
• [74]“PSJoshi (Pradyumna Joshi) · GitHub.” Accessed: Apr. 14,2023. [Online]. Available: https://github.com/PSJoshi
• [75]“Android Malware 2017 | Datasets | Research | CanadianInstitute for Cybersecurity | UNB.” Accessed: Apr. 14, 2023.[Online]. Available: https://www.unb.ca/cic/datasets/andmal2017.html
• [76]“VirüsShare.com.” Accessed: Apr. 14, 2023. [Online].Available: https://virusshare.com/
• [77]“2022 Data Breach Investigations Report | Verizon.”Accessed: Apr. 19, 2023. [Online]. Available:https://www.verizon.com/business/resources/reports/dbir/
• [78]“Ransomware is here to stay and other cybersecuritypredictions for 2022.” Accessed: Mar. 10, 2023. [Online].Available: https://quointelligence.eu/2022/01/ransomware-and-other-cybersecurity-predictions-for-2022/
• [79]P. Sharma, S. Kapoor, and R. Sharma, “Ransomwaredetection, prevention and protection in IoT devices using ML techniques based on dynamic analysis approach,”International Journal of System Assurance Engineering andManagement, vol. 14, no. 1, pp. 287–296, 2023, doi:10.1007/s13198-022-01793-0.
• [80] “WannaCry Ransomware Attack (What Happened & How toProtect Yourself).” Accessed: Apr. 17, 2023. [Online].Available: https://www.webopedia.com/definitions/wannacry /
• [81]“The Biggest Cybersecurity Disasters of 2017 So Far |WIRED.” Accessed: Apr. 17, 2023. [Online]. Available:https://www.wired. com/story/2017-biggest-hacks-so-far/
• [82]“Symantec Internet Security Threat Report.” Accessed: Apr.17, 2023. [Online]. Available: https://www.crn.com/tag/Symantec% 20Internet%20Security%20Threat%20Report
• [83]“Defending Against Ransomware | Deloitte US.” Accessed:Mar. 14, 2023. [Online]. Available: https://www2.deloitte.com/us/en/pages /risk /articles/defending-against-ransomware.html