Linda Moise

THE IMPORTANCE OF WIRESHARK

Linda Moise​ 1
Mentor: Professor Michael Hennick U​MBC

Drilling into the causes of problems and sources of vulnerabilities in computing networks is as much a science as an art. It not only requires skilled IT practitioners but just as important the right tools for the craft. This is because of the sheer volume, pervasiveness and diversity of cyber activity and data use in today’s organizations and in daily life. ​It is in this vane that Wireshark is a game-changing network packet (data) analysis tool. This tool can help the attackers uncover information about hosts that are not always visible with other reconnaissance tools using ping methods such an NMAP. Forensics investigators may also use its stored information or analytical reports to understand, the modus operandi of attackers and timeframes. In addition to being open source and free, key strengths of Wireshark include ease of use with many platforms and physical interfaces. As an open source tool, Wireshark’s code is fully accessed for other users to build on, which the use of add-on plugins that further advance how it is used. Wireshark can be used in many ways by different users like network engineer, security professional or system administrator.

Linda Moise 1, 2 Donald Mudduawulira, 3 Pranshu Raghav Mentor: Professor Christina Smyre-Deloatch UMBC

There are a wide range of cyber crimes negatively impacting the lives of people and enterprises today and this research aims at explaining why everyone needs to take Ransomware attacks as a serious threat. The recent prevalent proliferation of sophisticated Ransomware cyber crime has not only kept the IT security managers up at night but also affected the lives of the general population. As IT security firms get better at preventing Ransomware attacks through the use of intrusion detection systems and other security controls, the cyber criminals launching these attacks are also getting better at not only bypassing these controls but also exploiting the innocent unsuspecting employees.

The Cyber Criminals are intent on making the most profit by launching these attacks which involve denying users and enterprises access to their information until the demanded ransom is paid in the untraceable cryptocurrency known as Bitcoin. The objective of this paper is to create more awareness about Ransomware by explaining what it is, how these attacks are launched and the global damages/costs caused by these attacks.
Before 2016, not so many people and enterprises outside the Information Technology field took Ransomware to be a serious threat which is not the case currently. The reported and unreported cases of these attacks are on the rise and they pose a serious threat to not only the financial but also other aspects of the enterprises and people’s’ lives. With the global Ransomware damages (past and future) in mind, both enterprises and individuals need to take this threat more serious and put the necessary security controls in place to mitigate and prevent Ransomware and other cyber crimes.