Applying Neutralisation Theory to Better Understand Ransomware Offenders

Document Type

Conference Proceeding

Source of Publication

2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

Publication Date

7-7-2023

Abstract

The work presented in this paper investigates the crime of ransomware from the perspective of neutralisation theory. In particular, this research-in-progress paper aims to explore the feasibility of using neutralisation theory to better understand one of the key stakeholders in ransomware operations: the offenders. Individuals (including offenders) may employ techniques of neutralisation in order to justify their rule-breaking acts, and to diminish both the perceived consequences of their acts and the feeling of guilt. The focus of this work is on highly organised ransomware groups that not only conduct cyber attacks but also operate Ransomware-as-a-Service (RaaS) businesses. Secondary data was used in this research, including media interviews with alleged ransomware offenders. Data analysis is currently ongoing, but preliminary results show that ransomware offenders mainly use six neutralisation techniques to minimise the perceived impact and/or guilty feeling of their actions. These six neutralisation techniques are (1) denial of victim, (2) denial of injury, (3) claim of benefits, (4) claim of entitlement, (5) defence of necessity, and (6) claim of relative acceptability. The findings from this work can shed some light on the ransomware offending pathways, which in turn can be utilised to devise more effective countermeasures for combatting ransomware crime.

ISBN

979-8-3503-2720-5

Publisher

IEEE

Volume

00

First Page

177

Last Page

182

Disciplines

Computer Sciences | Social and Behavioral Sciences

Keywords

Data analysis, Media, Ransomware, Stakeholders, Interviews, Injuries, Cyberattack

Indexed in Scopus

no

Open Access

yes

Open Access Type

Green: A manuscript of this publication is openly available in a repository

Link to Full Text

Share

COinS