Abstract
Drawing upon direct interviews and secondary sources, this article presents a qualitative comparative analysis of 39 ransomware attacks, 26 of which occurred shortly before the outbreak of the COVID-19 pandemic and 13 of which took place during the pandemic. The research objectivewas to gain an understanding of howransomware attacks changed tactics across this period. Using inductive content analysis, a number of key themes emerged, namely (1) ransomware attackers have adopted more sinister tactics and now commit multiple crimes to maximise their return; (2) the expanded attack surface caused by employees working from home has greatly aggravated the risk of malicious intrusion; (3) the preferred attack vectors have changed, with phishing and VPN exploits now to the fore; (4) failure to adapt common business processes from off-line to on-line interaction has created vulnerabilities; (5) the ongoing laissez-faire attitude toward cybersecurity and lack of preparedness continues to be a substantial problem; and (6) ransomware attacks nowpose potentially severe consequences for individuals, whose personal data has become a central part of the game. Recommendations are proposed to address these issues.
| Original language | English |
|---|---|
| Article number | 52 |
| Journal | Digital Threats: Research and Practice |
| Volume | 4 |
| Issue number | 4 |
| DOIs | |
| Publication status | Published - 20 Oct 2023 |
Keywords
- COVID-19
- data exfiltration
- pandemic
- Ransomware
- security policies