Research of Ransomware Threats to the Security of Scientific and Technological Information
In the new environment in which the country promotes the development of data security industry,scientific and technological intel-ligence has to face the threat of ransomware in its process of digital transformation.This paper analyzes the causes of ransomware attacking sci-entific and technological information from an angle of its administrators.To understand the encryption process,using the theories and technolo-gies of both data security and network security,this paper analyzes 28 597 log data and 121 539 encrypted files which were generated by the ransomware Mallox during its intrusion and brings up methods to avoid Mallox:self-inspection could assess the risk of a server being infected by Mallox through its services and network security strategies.It's suggested to pay attention to the number of ID 4625 logs,and the logs of safety devices in daily monitoring.Administrators can enhance the security of scientific and technological intelligence information by storing backup data in other places,deploying EDR services,and using VPN.
data securityransomwarescientific and technological informationinformation securityremote backup
国家科技期刊平台
NSTL
万方数据
