软件导刊2024,Vol.23Issue(6):121-127,7.DOI:10.11907/rjdk.231553
勒索软件对科技信息安全的影响研究
Research of Ransomware Threats to the Security of Scientific and Technological Information
摘要
Abstract
In the new environment in which the country promotes the development of data security industry,scientific and technological intel-ligence has to face the threat of ransomware in its process of digital transformation.This paper analyzes the causes of ransomware attacking sci-entific and technological information from an angle of its administrators.To understand the encryption process,using the theories and technolo-gies of both data security and network security,this paper analyzes 28 597 log data and 121 539 encrypted files which were generated by the ransomware Mallox during its intrusion and brings up methods to avoid Mallox:self-inspection could assess the risk of a server being infected by Mallox through its services and network security strategies.It's suggested to pay attention to the number of ID 4625 logs,and the logs of safety devices in daily monitoring.Administrators can enhance the security of scientific and technological intelligence information by storing backup data in other places,deploying EDR services,and using VPN.关键词
数据安全/勒索软件/科技信息/信息安全/异地备份Key words
data security/ransomware/scientific and technological information/information security/remote backup分类
信息技术与安全科学引用本文复制引用
丁梅,柳丹,彭洋..勒索软件对科技信息安全的影响研究[J].软件导刊,2024,23(6):121-127,7.基金项目
湖北省软科学研究计划项目(2023EDA006) (2023EDA006)
