Agile Development: How the Agile Methodology is Used to Develop New Features; The Impact of the WannaCry Ransomware Attack on Healthcare

Menghrajani, Kabir, School of Engineering and Applied Science, University of Virginia
Graham, Daniel, EN-Comp Science Dept, University of Virginia
Baritaud, Catherine, EN-Engineering and Society, University of Virginia

People have been finding ways to exploit the Internet ever since its rise to prominence in the latter half of the twentieth century, and cyber attacks are becoming more advanced and intricate than ever before. Security researchers and white hat hackers struggle to keep pace with malicious actors, so this research aims to clarify the current state of malware. This technical research aims to identify the state of machine learning in malware detection and determine which methods of machine learning are most effective in malware detection. In addition to the technical aspects of cybersecurity, it is important for cybersecurity professionals to be aware of the impact of the field on society. The STS topic analyzes an instance of a catastrophic cyber attack, and proposes a solution to prevent similar attacks from occurring again. The STS research project is loosely coupled with the technical paper as both works focus on malware. The technical paper highlights new research in malware detection and prevention, whereas the STS paper examines the disastrous consequences of malware that goes undetected.
Several malware detection techniques have been developed over the years, and the technical paper aims to identify the most promising methods to focus resources on in future research. By using different types of machine learning, such as deep neural networks, in virus scanners, security researchers can parse millions of data points and identify patterns that could indicate potential malware. It is important to explore new malware detection techniques so that more effective methods of preventing malware can be developed.
Current research suggests that deep learning malware detection models could outperform simpler machine learning malware detection models that have been commonly used until now. However, researchers are still working on optimizing these models so they can achieve the highest possible success rates. Additionally, recent research shows that the use of sample duplication in machine-learning-based malware detection algorithms could yield higher rates of detection.
Many hospitals, both in the UK as well as other countries, are insufficiently prepared for cyberattacks such as the WannaCry ransomware attack. Due to the way responsibilities were so unclearly divided, it is very difficult to identify a single organization or entity who is responsible. Instead, the event can be viewed as a failure of the system. The STS paper creates a clear plan to better prepare hospitals to defend the sensitive data they manage and handle. To do this, the STS paper provides an analysis of the WannaCry ransomware attack using Actor Network Theory as outlined by Banks. The clarity provided by this model further leads into another Actor Network model that reflects a world where a proposed solution is implemented to minimize the chance of such a cyber attack occurring again.
One way to address the issue would be to increase funding for hospital cybersecurity teams. By forming comprehensive cybersecurity teams at hospitals, there is a new entity formed that is responsible for protecting hospital computers and networks. With the implementation of a cybersecurity team, the responsibilities of maintaining secure systems would unmistakably be assigned to the cybersecurity team. The newly formed team will be responsible for imposing additional security measures besides the standard software updates as well, including but not limited to firewalls, two-factor authentication for employees, and encryption techniques to protect sensitive information.
The field of cybersecurity is rapidly growing along with our reliance on computers and the internet. It is important to continue improving our ability to protect our data and networks from malicious actors. By exploring the technical aspects of malware detection methods and analyzing the social impact of cyber attacks, this paper aims to clarify the state of the cyberspace.

BS (Bachelor of Science)
Actor Network Theory, Cybersecurity, Malware, WannaCry

School of Engineering and Applied Science
Bachelor of Science in Computer Science
Technical Advisor: Daniel Graham
STS Advisor: Catherine Baritaud

All rights reserved (no additional license for public reuse)
Issued Date: