‘There was a bit of PTSD every time I walked through the office door’: Ransomware harms and the factors that influence the victim organization’s experience

IF 2.9 Q1 SOCIAL SCIENCES, INTERDISCIPLINARY Journal of Cybersecurity Pub Date : 2024-07-30 DOI:10.1093/cybsec/tyae013
Gareth Mott, Sarah Turner, Jason R C Nurse, Nandita Pattnaik, Jamie MacColl, Pia Huesch, James Sullivan
{"title":"‘There was a bit of PTSD every time I walked through the office door’: Ransomware harms and the factors that influence the victim organization’s experience","authors":"Gareth Mott, Sarah Turner, Jason R C Nurse, Nandita Pattnaik, Jamie MacColl, Pia Huesch, James Sullivan","doi":"10.1093/cybsec/tyae013","DOIUrl":null,"url":null,"abstract":"Ransomware is a pernicious contemporary cyber threat for organizations, with ransomware operators intentionally leveraging a range of harms against their victims in order to solicit increasingly significant ransom payments. This article advances current research by engaging in a topical analysis into the depth and breadth of harms experienced by victim organizations and their members of staff. We, therefore, enhance the understanding of the negative experiences from ransomware attacks, particularly looking beyond the financial impact which dominates current narratives. Having conducted an interview or workshop with 83 professionals including ransomware victims, incident responders, ransom negotiators, law enforcement, and government, we identify a wide array of severe harms. For organizations, the risk of business interruption and/or data exposure presents potentially highly impactful financial and reputational harm(s). The victim organization’s staff can also experience a range of under-reported harms, which include physiological and physical harms that may be acute. We also identify factors that can either alleviate or aggravate the experiencing of harms at the organizational and employee level; including ransomware preparedness, leadership culture, and crisis communication. Given the scale and scope of the identified harms, the paper provides significant new empirical evidence to emphasize ransomware’s positioning as a whole-of-organization crisis phenomenon, as opposed to an ‘IT problem’. We argue that the wider discourse surrounding ransomware harms and impacts should be reflective of the nature of the real-term experience(s) of victims. This, in turn, could help guide efforts to alleviate ransomware harms, through improved organizational ransomware preparedness and tailored post-ransomware mitigation.","PeriodicalId":44310,"journal":{"name":"Journal of Cybersecurity","volume":"145 1","pages":""},"PeriodicalIF":2.9000,"publicationDate":"2024-07-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cybersecurity","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.1093/cybsec/tyae013","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"SOCIAL SCIENCES, INTERDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

Abstract

Ransomware is a pernicious contemporary cyber threat for organizations, with ransomware operators intentionally leveraging a range of harms against their victims in order to solicit increasingly significant ransom payments. This article advances current research by engaging in a topical analysis into the depth and breadth of harms experienced by victim organizations and their members of staff. We, therefore, enhance the understanding of the negative experiences from ransomware attacks, particularly looking beyond the financial impact which dominates current narratives. Having conducted an interview or workshop with 83 professionals including ransomware victims, incident responders, ransom negotiators, law enforcement, and government, we identify a wide array of severe harms. For organizations, the risk of business interruption and/or data exposure presents potentially highly impactful financial and reputational harm(s). The victim organization’s staff can also experience a range of under-reported harms, which include physiological and physical harms that may be acute. We also identify factors that can either alleviate or aggravate the experiencing of harms at the organizational and employee level; including ransomware preparedness, leadership culture, and crisis communication. Given the scale and scope of the identified harms, the paper provides significant new empirical evidence to emphasize ransomware’s positioning as a whole-of-organization crisis phenomenon, as opposed to an ‘IT problem’. We argue that the wider discourse surrounding ransomware harms and impacts should be reflective of the nature of the real-term experience(s) of victims. This, in turn, could help guide efforts to alleviate ransomware harms, through improved organizational ransomware preparedness and tailored post-ransomware mitigation.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
每次走进办公室的门,我都有点创伤后应激障碍":勒索软件的危害和影响受害组织经历的因素
勒索软件是当代组织面临的一种有害的网络威胁,勒索软件的操作者有意利用一系列对受害者的伤害来索取越来越多的赎金。本文通过对受害组织及其员工所经历的伤害的深度和广度进行专题分析,推进了当前的研究。因此,我们加深了对勒索软件攻击带来的负面体验的理解,尤其是超越了目前主要叙述的财务影响。在与包括勒索软件受害者、事件响应者、赎金谈判者、执法部门和政府在内的 83 位专业人士进行访谈或举办研讨会后,我们发现了一系列严重的危害。对组织而言,业务中断和/或数据暴露的风险可能会造成严重的财务和声誉损害。受害组织的员工也可能经历一系列未被充分报告的伤害,其中包括可能很严重的生理和身体伤害。我们还确定了可减轻或加重组织和员工层面伤害的因素,包括勒索软件的准备工作、领导文化和危机沟通。鉴于所发现的危害的规模和范围,本文提供了重要的新经验证据,强调了勒索软件作为整个组织危机现象的定位,而非 "IT 问题"。我们认为,围绕勒索软件危害和影响的更广泛讨论应反映受害者实际经历的性质。反过来,这也有助于通过改善组织对勒索软件的准备工作和量身定制的勒索软件后缓解措施来指导减轻勒索软件危害的工作。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Journal of Cybersecurity
Journal of Cybersecurity SOCIAL SCIENCES, INTERDISCIPLINARY-
CiteScore
6.20
自引率
2.60%
发文量
0
审稿时长
18 weeks
期刊介绍: Journal of Cybersecurity provides a hub around which the interdisciplinary cybersecurity community can form. The journal is committed to providing quality empirical research, as well as scholarship, that is grounded in real-world implications and solutions. Journal of Cybersecurity solicits articles adhering to the following, broadly constructed and interpreted, aspects of cybersecurity: anthropological and cultural studies; computer science and security; security and crime science; cryptography and associated topics; security economics; human factors and psychology; legal aspects of information security; political and policy perspectives; strategy and international relations; and privacy.
期刊最新文献
Narrow windows of opportunity: the limited utility of cyber operations in war ‘There was a bit of PTSD every time I walked through the office door’: Ransomware harms and the factors that influence the victim organization’s experience It is not only about having good attitudes: factor exploration of the attitudes toward security recommendations Interdependent security games in the Stackelberg style: how first-mover advantage impacts free riding and security (under-)investment ‘The trivial tickets build the trust’: a co-design approach to understanding security support interactions in a large university
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1