صندلی اداری

CRYPTO-RANSOMWARE ATTACKS ON LINUX SERVERS: A DATA RECOVERY METHOD

Angel Golev, Rosen Hristev, Magdalena Veselinova, Kristiyan Kolev

Abstract


More frequent and large-scale attacks against Linux servers and theservices provided by them are the forecasts of the analysts. Proof of this is the double-digit increase in attacks against Linux server environments has been registered in thefirst part of 2022. This is of course no accident. Linux server environments are used forcorporate and government networks, web services, and large arrays of databases ownedby organizations that can afford to pay to restore operations and critical data after anattack. Regardless of the size, almost every organization implements cloud technologyin some way in their business. Organizations must to determine which cloud model ismost suitable for them based on the way of working and the data that is stored andprocessed. The research consider the advantages and disadvantages of using two of themain cloud infrastructure models - public and private clouds. The used classificationof the cloud models is according to the ownership and users using the infrastructure.The used crypro-ransomware for the purpose of the research is GonnaCry. An overviewof how this malicious code example works is provided, too. After the infection, twoapproaches have been proposed to recover the data in the server environment - throughthe web interface of the private cloud, as well as created a bash script that can be usedin high load infrastructures.

Full Text: PDF

Refbacks

  • There are currently no refbacks.
گن لاغری

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.