A Technical Analysis of Modern Ransomware Operations and Defense Mechanisms
A Technical Analysis of Modern Ransomware Operations and Defense Mechanisms
Author(s): Naim Baftiu, Enes Sofiu, Tatjana Pachemska, Ana AtanasovaSubject(s): ICT Information and Communications Technologies
Published by: UIKTEN - Association for Information Communication Technology Education and Science
Keywords: ransomware; crypto-ransomware; incident response; backup resilience; zero trust
Summary/Abstract: Ransomware has evolved into one of the most disruptive cybersecurity threats, affecting critical infrastructure, healthcare, and enterprise environments worldwide. This paper presents a structured technical analysis of modern ransomware operations, focusing on attack lifecycle, propagation mechanisms, encryption design, and defensive controls. Through comparative analysis of WannaCry and NotPetya, the study identifies systemic weaknesses in patch management, identity security, and backup resilience. The paper contributes a consolidated framework aligning technical findings with established standards such as NIST CSF and ENISA guidance. Results demonstrate that layered defence, including proactive vulnerability management, privileged access control, network segmentation, and verified recovery capabilities, significantly reduces organisational risk and improves operational resilience.
Journal: SAR Journal - Science and Research
- Issue Year: 9/2026
- Issue No: 1
- Page Range: 67-74
- Page Count: 8
- Language: English
