Show simple item record

dc.contributor.authorConnolly, Lena Y.
dc.contributor.authorWall, D.S.
dc.date.accessioned2020-06-16T16:33:19Z
dc.date.accessioned2020-07-13T10:42:49Z
dc.date.available2020-06-16T16:33:19Z
dc.date.available2020-07-13T10:42:49Z
dc.date.issued2019-11
dc.identifier.citationConnolly LY and Wall DS (2019) The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures. Computers & Security. 87: 101568.
dc.identifier.urihttp://hdl.handle.net/10454/17916
dc.descriptionYes
dc.description.abstractYear in and year out the increasing adaptivity of offenders has maintained ransomware's position as a major cybersecurity threat. The cybersecurity industry has responded with a similar degree of adaptiveness, but has focussed more upon technical (science) than ‘non-technical’ (social science) factors. This article explores empirically how organisations and investigators have reacted to the shift in the ransomware landscape from scareware and locker attacks to the almost exclusive use of crypto-ransomware. We outline how, for various reasons, victims and investigators struggle to respond effectively to this form of threat. By drawing upon in-depth interviews with victims and law enforcement officers involved in twenty-six crypto-ransomware attacks between 2014 and 2018 and using an inductive content analysis method, we develop a data-driven taxonomy of crypto-ransomware countermeasures. The findings of the research indicate that responses to crypto-ransomware are made more complex by the nuanced relationship between the technical (malware which encrypts) and the human (social engineering which still instigates most infections) aspects of an attack. As a consequence, there is no simple technological ‘silver bullet’ that will wipe out the crypto-ransomware threat. Rather, a multi-layered approach is needed which consists of socio-technical measures, zealous front-line managers and active support from senior management.
dc.description.sponsorshipThis work was supported by the Engineering and Physical Sciences Research Council and is part of the EMPHASIS (EconoMical, PsycHologicAl and Societal Impact of RanSomware) project [EP/P011721/1].
dc.language.isoenen
dc.publisherElsevier
dc.rights©2019 Published by Elsevier Ltd. This is an open access article under the CC BY license. (http://creativecommons.org/licenses/by/4.0/ )
dc.subjectCrypto-ransomware
dc.subjectMalware
dc.subjectSocial engineering
dc.subjectSecurity countermeasures
dc.subjectManagement support
dc.subjectOrganisational settings
dc.subjectCybercrime
dc.titleThe rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures
dc.status.refereedYes
dc.date.application2019-07-10
dc.typeArticle
dc.type.versionPublished version
dc.identifier.doihttps://doi.org/10.1016/j.cose.2019.101568
dc.rights.licenseCC-BY
dc.date.updated2020-06-16T15:33:20Z
refterms.dateFOA2020-07-13T11:09:08Z
dc.openaccess.statusopenAccess
dc.date.accepted2019-07-10


Item file(s)

Thumbnail
Name:
Connolly_Computers_&_Security.pdf
Size:
2.079Mb
Format:
PDF

This item appears in the following Collection(s)

Show simple item record