Reducing Ransomware Crime: Analysis of Victims’ Payment Decisions

Document Type

Article

Source of Publication

Computers and Security

Publication Date

8-1-2022

Abstract

In this paper, the decision-making processes of victims during ransomware attacks were analysed. Forty-one ransomware attacks using qualitative data collected from organisations and police officers from cybercrime units in the UK were examined. The hypothesis tested in this paper is that victims carefully analyse the situation before deciding whether to pay a ransom. This research confirms that victims often weigh the costs and benefits of interventions before making final decisions, and that their decisions are based on a range of reasons. As ransomware attacks become more prevalent globally, the findings should be highly relevant to those developing guidance and policies to prevent or minimise ransom payments.

ISSN

0167-4048

Publisher

Elsevier BV

Volume

119

Disciplines

Computer Sciences

Keywords

Cybercrime, Decision processes, Organisations, Ransom payments, Ransomware attacks

Scopus ID

85131122001

Indexed in Scopus

yes

Open Access

no

Share

COinS