Show simple item record

dc.contributor.authorConnolly, Lena Y.
dc.contributor.authorWall, D.S.
dc.date.accessioned2020-06-16T16:33:19Z
dc.date.accessioned2020-07-13T10:42:49Z
dc.date.available2020-06-16T16:33:19Z
dc.date.available2020-07-13T10:42:49Z
dc.date.issued2019-11
dc.identifier.citationConnolly LY and Wall DS (2019) The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures. Computers & Security. 87: 101568.en_US
dc.identifier.urihttp://hdl.handle.net/10454/17916
dc.descriptionYesen_US
dc.description.abstractYear in and year out the increasing adaptivity of offenders has maintained ransomware's position as a major cybersecurity threat. The cybersecurity industry has responded with a similar degree of adaptiveness, but has focussed more upon technical (science) than ‘non-technical’ (social science) factors. This article explores empirically how organisations and investigators have reacted to the shift in the ransomware landscape from scareware and locker attacks to the almost exclusive use of crypto-ransomware. We outline how, for various reasons, victims and investigators struggle to respond effectively to this form of threat. By drawing upon in-depth interviews with victims and law enforcement officers involved in twenty-six crypto-ransomware attacks between 2014 and 2018 and using an inductive content analysis method, we develop a data-driven taxonomy of crypto-ransomware countermeasures. The findings of the research indicate that responses to crypto-ransomware are made more complex by the nuanced relationship between the technical (malware which encrypts) and the human (social engineering which still instigates most infections) aspects of an attack. As a consequence, there is no simple technological ‘silver bullet’ that will wipe out the crypto-ransomware threat. Rather, a multi-layered approach is needed which consists of socio-technical measures, zealous front-line managers and active support from senior management.en_US
dc.description.sponsorshipThis work was supported by the Engineering and Physical Sciences Research Council and is part of the EMPHASIS (EconoMical, PsycHologicAl and Societal Impact of RanSomware) project [EP/P011721/1].en_US
dc.language.isoenen_US
dc.publisherElsevier
dc.rights©2019 Published by Elsevier Ltd. This is an open access article under the CC BY license. (http://creativecommons.org/licenses/by/4.0/ )en_US
dc.subjectCrypto-ransomwareen_US
dc.subjectMalwareen_US
dc.subjectSocial engineeringen_US
dc.subjectSecurity countermeasuresen_US
dc.subjectManagement supporten_US
dc.subjectOrganisational settingsen_US
dc.subjectCybercrimeen_US
dc.titleThe rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasuresen_US
dc.status.refereedYesen_US
dc.date.Accepted2019-07-10
dc.date.application2019-07-10
dc.typeArticleen_US
dc.type.versionPublished versionen_US
dc.identifier.doihttps://doi.org/10.1016/j.cose.2019.101568
dc.date.updated2020-06-16T15:33:20Z
refterms.dateFOA2020-07-13T11:09:08Z


Item file(s)

Thumbnail
Name:
Connolly_Computers_&_Security.pdf
Size:
2.079Mb
Format:
PDF

This item appears in the following Collection(s)

Show simple item record