The Evolving Menace of Ransomware: A Comparative Analysis of Pre-pandemic and Mid-pandemic Attacks

Document Type

Article

Source of Publication

Digital Threats Research and Practice

Publication Date

8-23-2022

Abstract

Drawing upon direct interviews and secondary sources, this paper presents a qualitative comparative analysis of thirty-nine ransomware attacks, twenty-six of which occurred shortly before the outbreak of the COVID-19 pandemic and thirteen of which took place during the pandemic. The research objective was to gain an understanding of how ransomware attacks changed tactics across this period. Using inductive content analysis, a number of key themes emerged, namely: (1) ransomware attackers have adopted more sinister tactics and now commit multiple crimes to maximise their return, (2) the expanded attack surface caused by employees working from home has greatly aggravated the risk of malicious intrusion, (3) the preferred attack vectors have changed, with phishing and VPN exploits now to the fore, (4) failure to adapt common business processes from off-line to on-line interaction has created vulnerabilities, (5) the ongoing laissez-faire attitude towards cybersecurity and lack of preparedness continues to be a substantial problem, and (6) ransomware attacks now pose potentially severe consequences for individuals, whose personal data has become a central part of the game. Recommendations are proposed to address these issues.

ISSN

2576-5337

Publisher

Association for Computing Machinery (ACM)

Disciplines

Computer Sciences

Keywords

Ransomware, Pandemic, COVID-19, Data exfiltration, Security policies

Indexed in Scopus

no

Open Access

yes

Open Access Type

Gold: This publication is openly available in an open access journal/series

Share

COinS