Modern Ransomware: Evolution, Methodology, Attack Model, Prevention and
Mitigation using Multi-Tiered Approach
Abstract
Ransomware is a menace to the vibrant digital ecosystem. The
exponential growth in ransomware attacks, its detrimental impacts, and
the ever-changing methods adopted by threat actor groups demands a
focused understanding of the evolution of ransomware. This would help
the organizations devise novel defensive frameworks and security
controls against the modern ransomware. In this work, the impacts and
evolution of ransomware through different phases up to its current form
are detailed. Further, based on the study and analysis of the most
prevalent modern ransomware variants, their most used tactics,
techniques and procedures (TTPs) are identified as per the MITRE ATT&CK
model. This acts as a platform to propose a generic attack model for
‘modern ransomware’. Building on the existing MITRE mitigation,
D3FEND-based approaches and considering the resource and budget
constraints of organizations, a simplified three-tier defensive model
that is cost-effective and implementable is put forward. Thus, this work
aims to open avenues for understanding the TTPs, and attack methodology
of ‘modern ransomware’, thereby developing feasible and implementable
defensive security controls.
, 
