The Evolving Menace of Ransomware: A Comparative Analysis of Pre-pandemic and Mid-pandemic Attacks
Document Type
Article
Source of Publication
Digital Threats Research and Practice
Publication Date
8-23-2022
Abstract
Drawing upon direct interviews and secondary sources, this paper presents a qualitative comparative analysis of thirty-nine ransomware attacks, twenty-six of which occurred shortly before the outbreak of the COVID-19 pandemic and thirteen of which took place during the pandemic. The research objective was to gain an understanding of how ransomware attacks changed tactics across this period. Using inductive content analysis, a number of key themes emerged, namely: (1) ransomware attackers have adopted more sinister tactics and now commit multiple crimes to maximise their return, (2) the expanded attack surface caused by employees working from home has greatly aggravated the risk of malicious intrusion, (3) the preferred attack vectors have changed, with phishing and VPN exploits now to the fore, (4) failure to adapt common business processes from off-line to on-line interaction has created vulnerabilities, (5) the ongoing laissez-faire attitude towards cybersecurity and lack of preparedness continues to be a substantial problem, and (6) ransomware attacks now pose potentially severe consequences for individuals, whose personal data has become a central part of the game. Recommendations are proposed to address these issues.
DOI Link
ISSN
Publisher
Association for Computing Machinery (ACM)
Disciplines
Computer Sciences
Keywords
Ransomware, Pandemic, COVID-19, Data exfiltration, Security policies
Recommended Citation
Lang, Michael; Connolly, Lena Yuryna; Taylor, Paul; and Corner, Phillip J., "The Evolving Menace of Ransomware: A Comparative Analysis of Pre-pandemic and Mid-pandemic Attacks" (2022). All Works. 5313.
https://zuscholars.zu.ac.ae/works/5313
Indexed in Scopus
no
Open Access
yes
Open Access Type
Gold: This publication is openly available in an open access journal/series