Specificity of Ransomware Investigation

Analytical Study in Light of the European Cybercrime Programmed 2022

Authors

  • Mohamed Said BOUFLIH Applied Legal Studies Laboratory, University of Constantine 1, Algeria
  • Abdeldjabar CHAIBI Contracts And Business law Laboratory, University of Constantine 1, Algeria

Keywords:

Ransomware attacks, Crypto currencies, Cyberspace, Cyber attackers, European Cybercrime Office

Abstract

This research article deals with the topic of ransomware attacks that have recorded a significant increase during the COVID-19 pandemic due to the large technology and digital services companies allowing their employees to work from home using their personal computers and enabling them to use passwords to access internal networks to complete the tasks assigned to them, where the negligence of some employees enabled hackers and intruders to use malicious software to penetrate networks and access companies' data and successfully encrypt them and then demand a ransom later.

This study allows for a close look at the most important details of launching ransomware attacks, and the methods used to collect criminal money, then addressing the European Union's guidelines for law enforcement agencies (judges, investigators) in investigating and investigating ransomware attacks to identify the attackers and ensure their prosecution, by presenting a guide in late 2022.

Downloads

Download data is not yet available.

References

[1]. Schmitt, M. N. (2013), Tallinn Manual on International Law Applicable to Cyber Warfare, NATO CCD COE, translated by Al-Moussawi, A. M. K. (2017), supervised by Al-Taie, H. A., pp.1-215.

[2]. Simone, A. (2017), The Strange History of Ransomware, The World, pp.1-8, Visited: 15/09/2024, https://theworld.org/stories/17/05/2017/ransomware-0.

[3]. Kok, S.H., Azween, A., Jhanjhi, N.Z., Supramaniam, M. (2019), Ransomware Threat and Detection Techniques: A Review, IJCSNS International Journal of Computer Science and Network Security, 19(2), pp.136-142.

[4]. Richardson, R., North, M. M. (2017), Ransomware-Evolution Mitigation and Prevention, Kennesaw State University Digital Commons, pp.1-15, Visited: 16/09/2024, https://digitalcommons.kennesaw.edu/facpubs.

[5]. Microsoft Security (2023), What is Ransomware? Learn More About Malware, Visited: 15/09/2024, https://www.microsoft.com/ar/security/business/security-101/what-is-ransomware#Ransomwaredefined.

[6]. Thomas, J.E., Galligher, R.P., Thomas, M.L., Galligher, G.C. (2019), Enterprise Cybersecurity: Investigating and Detecting Ransomware Infections Using Digital Forensic Techniques, Canadian Center of Science and Education, pp.73-82.

[7]. Hashlafi, H. (2023), Cyber Psychology as a Diagnostic Tool for Cybercrime: Hacking Hospital Data as a Model for Study, Algerian Journal of Human Security, July 2023, pp.251-26

[8]. Kharraz, A. (2020), Techniques and Solutions for Addressing Ransomware Attacks [Doctoral dissertation], College of Computer and Information Science, Northeastern University, pp.61-85.

[9]. Abdauiji, F., Botarfi, O., Bayousif, M. (2022), Utilizing Cyber Threat Hunting Techniques to Find Ransomware Attacks: A Survey of the State of the Art, IEEE Access, pp.5-20.

[10]. KnowBe4 (2023), Reveton Ransomware Analysis, Visited: 11/10/2024, https://www.knowbe4.com/reveton-worm.

[11]. Richardson, R., North, M. M. (2017), Ransomware-Evolution Mitigation and Prevention, Kennesaw State University Digital Commons, pp.10-15.

[12]. Cisco Systems (2021), Protection Against Ransomware: The Zero Trust Security Model for the Modern Workforce, pp.3-8, Visited: 13/10/2024, https://www.cisco.com/c/dam/global/ar_ae/products/collateral/security/protect-against-ransomware.pdf.

[13]. Thomas, J.E., Galligher, R.P., Thomas, M.L., Galligher, G.C. (2019), Enterprise Cybersecurity: Investigating and Detecting Ransomware Infections, Canadian Center of Science and Education, pp.74-82.

[14]. Cisco Systems (2021), Protection Against Ransomware, op. cit., pp.3.

[15]. Ben Jeddou, B.A., Darar, A. (2022), The Economic Effects of Electronic Crime, Journal of Contemporary Economic Research, 5(1), pp.570, Visited: 12/10/2024 (Written in Arabic).

[16]. Newman, L. H. (2021), Ransomware's Dangerous New Trick Is Double-Encrypting Your Data, WIRED, Visited: 15/12/2024, https://www.wired.com/story/ransomware-double-encryption/

[17]. Council of Europe (2023), Ransomware Risk Assessment Framework, Visited: 13/11/2024, https://www.coe.int/en/web/ransomware/risks-and-challenges.

[18]. Council of Europe (2023), Risks and Challenges - Ransomware, Visited: 15/11/2024, https://www.coe.int/en/web/ransomware/risks-and-challenges

[19]. Cisco Systems (2021), Protection Against Ransomware, op. cit., pp.4.

[20]. Cisco Systems (2021), Protection Against Ransomware, op. cit., pp.4.

[21]. Kaspersky (2023), Threat Intelligence Portal, Visited: 15/09/2024, https://threats.kaspersky.com/en/threat/

[22]. Oumdour, R. (2021), The Privacy of Investigation in the Face of Cybercrimes [Doctoral dissertation], Mohamed Bachir El Ibrahimi University, Faculty of Law and Political Science, pp.129.

[23]. Council of Europe (2001), Budapest Convention on Cybercrime, CETS No.185, Articles 2-12, Visited: 17/10/2024, https://www.coe.int/en/web/cybercrime/the-budapest-convention.

[24]. Council of Europe (2022), Guide to Conducting Criminal Investigations into Ransomware Attacks, C-PROC Bucharest, IPROCEEDS-2 Project, Visited: 12/11/2024, https://www.coe.int/en/web/octopus/training.

[25]. Council of Europe (2023), Training Materials and Templates, Octopus Project, Visited: 22/11/2024, https://www.coe.int/en/web/octopus/training.

[26]. Council of Europe (2023), Cybercrime Legislation and Policies Wiki, Visited: 21/11/2024, https://www.coe.int/en/web/octopus/home.

[27]. Cybercrime Convention Committee (2022), Guidance Note No. 12 on T-CY Aspects of Ransomware, Council of Europe, Visited: 15/12/2024, https://www.coe.int/en/web/cybercrime/-/ransomware-new-guidance-note-by-the-t-cy.

[28]. Cybercrime Convention Committee (2022), T-CY Guidance Note #12, op. cit.

[29]. Council of Europe (2001), Budapest Convention on Cybercrime, op. cit.

[30]. Oumdour, R. (2021), op. cit., pp.119.

[30]. Oumdour, R. (2021), op. cit., pp.119.

[32]. Council of Europe (2022), Guide to Conducting Criminal Investigations into Ransomware Attacks, op. cit., pp.18.

[33]. Nani, L. (2018), Protecting the Digital Economy between Criminal Policy and Digital Citizenship, Electronic Economy Journal, Istanbul Institute for Economic Studies and International Cooperation, 1(1), pp.125.

[34]. No More Ransom Project (2023), Ransomware Q&A Portal, Visited: 05/11/2024, https://www.nomoreransom.org/ar/ransomware-qa.html.

[35]. Council of Europe (2022), Guide to Conducting Criminal Investigations into Ransomware Attacks, op. cit., pp.21.

[36]. Binance (2023), Cryptocurrency Exchange Platform, Visited: 15/10/2024, https://www.binance.com/ar/price.

[37]. GraphSense (2023), Crypto Asset Analytics Platform, Visited: 22/09/2024, https://graphsense.info.

[38]. CipherTrace (2023), Cryptocurrency Intelligence Platform, Visited: 01/11/2024, https://ciphertrace.com.

[39]. Bitcoin Who's Who (2023), Bitcoin Address Lookup Service, Visited: 18/10/2024, https://www.bitcoinwhoswho.com.

[40]. LocalBitcoins (2023), Peer-to-Peer Trading Platform [Archived], Visited: 22/10/2024, https://localbitcoins.com.

[41]. Regula Forensics (2023), ID Verification Platform, Visited: 14/09/2024, https://regulaforensics.com/ar/id-verification.

[42]. Council of Europe (2022), Guide to Conducting Criminal Investigations into Ransomware Attacks, op. cit., pp.27.

[43]. Maltego Technologies (2023), Cyber Investigation Platform, Visited: 23/11/2024, https://www.maltego.com.

[44]. Pipl (2023), Identity Trust Platform, Visited: 14/10/2024, https://pipl.com.

[45]. DeHashed (2023), Security Intelligence Platform, Visited: 10/11/2024, https://dehashed.com.

[46]. SpiderFoot (2023), Attack Surface Protection Platform, Visited: 03/12/2024, https://www.spiderfoot.net.

[47]. IntelX (2023), Intelligence Platform, Visited: 23/11/2024, https://intelx.io.

[48]. OSINT Framework (2023), Open Source Intelligence Tools, Visited: 23/11/2024, https://osintframework.com.

[49]. Council of Europe (2022), Second Additional Protocol to the Convention on Cybercrime, CETS No.224, Strasbourg.

[50]. Boukhalfa, H. (2019), Criminal Liability of Internet Service Providers, Dar Houma Publishing, Algeria, pp.120.

[51]. Binance (2023), Cryptocurrency Exchange and Market Data Platform, Visited: 22/11/2024, https://www.binance.com/ar/price.

[52]. Europol (2023), SIRIUS Platform, Visited: 21/11/2024, https://epe.europol.europa.eu/group/sirius.

[53]. Council of Europe (2001), Budapest Convention on Cybercrime, op. cit.

[53]. Council of Europe (2001), Budapest Convention on Cybercrime, op. cit.

[55]. Council of Europe (2022), Second Additional Protocol to the Convention on Cybercrime, op. cit.

Downloads

Published

2025-06-30

Issue

Vol. 36 No. 2 (2025)

Section

English articles

License

Copyright (c) 2025 Journal of Human Sciences

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

How to Cite

BOUFLIH, M. S., & CHAIBI, A. (2025). Specificity of Ransomware Investigation: Analytical Study in Light of the European Cybercrime Programmed 2022. Journal of Human Sciences , 36(2), 223-238. http://conferences.umc.edu.dz/h/article/view/4334