Design and Implementation of a Script for Ransomware Detection and Mitigation in Small and Medium-Sized Enterprises
摘要
Ransomware poses an increasing threat to small and medium-sized enterprises (SMEs), many of which lack the financial and technical resources to deploy advanced cybersecurity solutions. This paper presents the design, implementation, and validation of a Python-based script aimed at early detection and mitigation of ransomware through a multi-layered approach combining honeypot folders, hash verification, and automated responses such as malicious process termination and network disconnection. The proposal was evaluated against five well-known ransomware variants—CTB-Locker, TeslaCrypt, WannaCry, Cerber, and Crysis—within a controlled environment. Results indicate an overall effectiveness of 80%, with no false positives. The manuscript follows a structured methodology (Introduction, State of the Art, Proposal, Evaluation, and Conclusions) and compares the proposed approach with related research, highlighting its novelty as a lightweight, portable, and cost-effective tool that can be adopted by SMEs.