{"title":"Ransomware: To Pay or Not to Pay? The results of what IT professionals recommend","authors":"Stephen Mujeye","doi":"10.1145/3520084.3520096","DOIUrl":null,"url":null,"abstract":"The number of ransomware attacks has been on the rise. Ransomware is a malware attack in which the cybercriminal encrypts a file or a device and then demands a payment from the victim. There are many different variants of ransomware, and they continue to evolve. The number of IoT devices has been increasing over the years. IoT devices also face a considerable challenge from ransomware. In this study, a survey was administered to 27 Information Technology (IT) professionals. They were asked if they would recommend an organization attacked by ransomware to pay the ransom. The data collected from the professionals was analyzed, and the results indicated that only 4% would pay. Furthermore, the number of those who would not pay or were not sure was evenly divided at 48%. Moreover, the results indicate that the decision to pay or not to pay is difficult even for IT professionals with many years of experience in the field. The literature review revealed that the decision whether to pay or not to pay is a business decision. Some factors to consider when choosing to pay or not pay were presented. The use of cybersecurity insurance with ransomware coverage is recommended. Practices that can prevent ransomware attacks were covered and they include educating users, backups, and multi-layer security.","PeriodicalId":444957,"journal":{"name":"Proceedings of the 2022 5th International Conference on Software Engineering and Information Management","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2022 5th International Conference on Software Engineering and Information Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3520084.3520096","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
The number of ransomware attacks has been on the rise. Ransomware is a malware attack in which the cybercriminal encrypts a file or a device and then demands a payment from the victim. There are many different variants of ransomware, and they continue to evolve. The number of IoT devices has been increasing over the years. IoT devices also face a considerable challenge from ransomware. In this study, a survey was administered to 27 Information Technology (IT) professionals. They were asked if they would recommend an organization attacked by ransomware to pay the ransom. The data collected from the professionals was analyzed, and the results indicated that only 4% would pay. Furthermore, the number of those who would not pay or were not sure was evenly divided at 48%. Moreover, the results indicate that the decision to pay or not to pay is difficult even for IT professionals with many years of experience in the field. The literature review revealed that the decision whether to pay or not to pay is a business decision. Some factors to consider when choosing to pay or not pay were presented. The use of cybersecurity insurance with ransomware coverage is recommended. Practices that can prevent ransomware attacks were covered and they include educating users, backups, and multi-layer security.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
