Ransomware attacks have become complex due to the ability of networked-systems constantly used as attack-vectors for propagating the ransomware payload to victims. The threat is socially engineered, making it difficult for victims to protect their data. Confidential information resources and assets are lost and rarely recovered in an attack resulting in financial losses amounting to millions of dollars. Ongoing research is exploring avenues to solve this problem including cybersecurity awareness and training from a singularised perspective, not pluralistic, to educate users of the consequences of their actions. The purpose of this study is to gain perceptions of several industries to develop insights on how to protect organisations from becoming victims of socially engineered ransomware attacks. Using a qualitative approach, critical themes on behavioural susceptibility to socially engineered ransomware were obtained, as well as the demand for applying behavioural theories and technical controls to develop effective training and education initiatives for resisting these attacks.
TopIntroduction
Ransomware attack is a cyber-epidemic affecting businesses and governments, and the effects of a ransomware attack has devastating consequences. A recent report claims that some organisations experience ransomware attacks on a weekly and monthly basis disrupting their business activities (Crowdstrike, 2019; Telstra, 2019). These ransomware attacks result in the loss of data and costing billions of dollars annually (Mansfield-Devine, 2016). Numerous resources have been developed to address the loss and consistency of ransomware attacks; however, the attacks remain persistent (Hull et al., 2019).
Cybersecurity is a growing concern and global issue. Reports of ransomware attacks feature prominent institutions, organisations, and government departments such as Maersk, United States government- several states and county, United Kingdom- NHS WannaCry, and Victoria health service in Australia (ABC News, 2019; National Audit, 2017; ZDNet, 2019). Ransomware figures reported between 2020 and 2022 show 23% increase in attacks on manufacturing companies and a 146% increase in Linux ransomware code affecting cloud environment (IBM, 2022). These attacks have become so prevalent with infrastructure such as Ransomware as a Service (RaaS) making it easy for would-be attackers to deploy ransomware payloads (O’Kane et al., 2018).
Ransomware attacks have been increasing at an alarming rate (Reshmi, 2021; Richardson & North, 2017). The attacks have tremendous effects on victims because a ransomware payload encrypts files and data, locks the device (such as computers or mobile phones), prevents the user from accessing it, and in extreme cases, makes computer systems unusable (Tailor & Patel, 2017). The United Kingdom's National Health Service (NHS) was hit with a ransomware infecting over 300,000 computer systems across 150 countries, showing that a ransomware could propagate widely over a short period of time (Akbanov et al., 2019).
Behavioural information security research has examined the behaviour of employees to understand how to increase security compliance and awareness(Anderson & Agarwal, 2010; Bulgurcu et al., 2010; Herath & Rao, 2009; Ifinedo, 2012; McGill & Thompson, 2017). One significant challenge in protecting employees against ransomware attacks is the lack of information regarding psychological factors that influence an employees' decision-making process, especially when attacks are socially engineered. With the use of social engineering techniques, attackers manipulate, instill intimidation, and extort money from the victim (Humayun et al., 2021; Kalaimannan et al., 2017). Cyber security analysts and professionals harden computer systems and networks, creating complex security processes they must depend on to ensure employees are protected. Humans are the first line of the cybersecurity defense system (Furnell et al., 2018). However, there is a dearth of empirical research that focuses on human-related ransomware solutions or frameworks for socially engineered ransomware prevention and mitigation.
The problem addressed in this research is socially engineered ransomware. These attack types and patterns are one of the significant challenges that individuals, businesses, and government departments encounter (Maurushat et al., 2019). Social engineering has provided an easy point of access for attackers to psychologically manipulate their victims to install destructive ransomware payloads (Al-rimy et al., 2018), leading to extortion, loss of sensitive data, and stored backups (FBI, 2018; IC3, 2020). As technology continues to dominate the lives of people; it is, therefore, imperative to understand how to empower individuals to protect themselves and mitigate against socially engineered ransomware attacks.