A Technical Analysis of Modern Ransomware Operations and Defense Mechanisms Cover Image

A Technical Analysis of Modern Ransomware Operations and Defense Mechanisms
A Technical Analysis of Modern Ransomware Operations and Defense Mechanisms

Author(s): Naim Baftiu, Enes Sofiu, Tatjana Pachemska, Ana Atanasova
Subject(s): ICT Information and Communications Technologies
Published by: UIKTEN - Association for Information Communication Technology Education and Science
Keywords: ransomware; crypto-ransomware; incident response; backup resilience; zero trust

Summary/Abstract: Ransomware has evolved into one of the most disruptive cybersecurity threats, affecting critical infrastructure, healthcare, and enterprise environments worldwide. This paper presents a structured technical analysis of modern ransomware operations, focusing on attack lifecycle, propagation mechanisms, encryption design, and defensive controls. Through comparative analysis of WannaCry and NotPetya, the study identifies systemic weaknesses in patch management, identity security, and backup resilience. The paper contributes a consolidated framework aligning technical findings with established standards such as NIST CSF and ENISA guidance. Results demonstrate that layered defence, including proactive vulnerability management, privileged access control, network segmentation, and verified recovery capabilities, significantly reduces organisational risk and improves operational resilience.

  • Issue Year: 9/2026
  • Issue No: 1
  • Page Range: 67-74
  • Page Count: 8
  • Language: English
Toggle Accessibility Mode