Read-Me.Org
Open Access Publisher and Free Library
01-crime.jpg

CRIME

Violent-Non-Violent-Cyber-Global-Organized-Environmental-Policing-Crime Prevention-Victimization

Posts tagged Ransomware
From Ransomware to Ransom War The Evolution of a Solitary Experiment into Organized Crime 

By Max Smeets

This report is based on chapter one of Max Smeets’ book titled “Ransom War: How Cyber Crime Became a Threat to National Security,” forthcoming with Oxford University Press and Hurst Publishers. Historically, discussions on cyber conflict have primarily centered on the involvement of state-sponsored or affiliated groups. Yet, the growing prominence of criminal actors – specifically, ransomware groups – now demands a shift in attention. Ransomware, a type of malicious activity where hackers lock access to files or systems until a ransom is paid, increasingly threatens both citizen safety and global stability. In 2022, the majority of the U.K’s government's crisis management “Cobra” meetings were convened in response to ransomware incidents rather than other national security emergencies. According to Sami Khoury, the head of the Canadian Center for Cyber Security, the threat from nation-states remains significant but cybercrime, of which ransomware is the most disruptive form, is “the number one cyber threat activity affecting Canadians.” The Swiss National Cybersecurity Centre warns that ransomware could pose an “existential threat” to businesses and government agencies. This report discusses significant milestones in the development of ransomware, and what turned them into a significant threat to human and national security. It starts with the adoption of better encryption techniques by criminals, enabling them to effectively hold data for ransom. The use of botnets subsequently expanded their operational reach, while there was also a shift away from prepaid card systems in favor of crypto currencies such as Bitcoin, which provided anonymity and ease of transaction. Following these developments, the emergence of Ransomware as a Service (RaaS) allowed for a better division of tasks within the cybercriminal community, making it easier for newcomers to participate. Tactics evolved further to include double extortion, where attackers threaten to publish stolen data unless a ransom is paid. The final shift saw the professionalization of ransomware groups. It also increased their intent and capability to target major organizations, maximizing their ransom potential. I refer to the ransomware groups at the forefront of this troubling trend in the criminal ecosystem as ransom war groups. 

Zürich: Center for Security Studies (CSS), ETH Zürich 2024. 18p.

Violence and OppressionGuest UserRansomware, Ransom War, Organized Crime
‘Your Data is Stolen and Encrypted’: The Ransomware Victim Experience

By Pia Hüsch, Gareth Mott and Jamie MacColl, with Jason R C Nurse, James Sullivan, Sarah Turner and Nandita Pattnaik

More individuals and organisations in the UK and globally are becoming victims of ransomware. However, little is known about their experiences. This paper sheds light on the victim experience and identifies several key factors that typically shape such experiences. These factors are context-specific and can either improve or worsen the victim experience. They include the following: • Timing of an incident, which may happen after a victim has increased their cyber security measures or at an already stressful time for an organisation, such as the beginning of a school year. • Level of preparation in the form of strong cyber security measures and contingency plans explicitly tailored to respond to a cyber incident. • Human factors, such as the workplace environment and pre-existing dynamics which are often reinforced during an incident. Good levels of unity can bring staff together during a moment of crisis, but a lack of leadership or a blame culture are likely to aggravate the harm experienced during the incident. • Engagement with third-party service providers, such as those providing technical incident response or legal services, can alleviate the negative aspects of the victim experience by providing critical legal, technical or other help. However, they may aggravate the harm by providing poor services or losing valuable time in responding to the incident. • A successful communications campaign is highly context and victim specific. It must include external and internal communications with staff members not part of the immediate response to ensure a good workplace culture. For support, many victims turn to public sector institutions such as law enforcement. Expectations for technical support and expertise from law enforcement are generally low, but victims feel especially unsupported where phone calls are not returned and there is no engagement or feedback loop. The National Cyber Security Centre enjoys a better reputation. However, there is widespread uncertainty about its role and the thresholds that must be met for it to provide support. This poses a reputational risk. Understanding how ransomware attacks are personally felt by victims and what factors aggravate or alleviaBy te the harm they experience is key for policyma  

London: Royal United Services Institute for Defence and Security Studies RUSI, 2024. 70p. 

Social ScienceGuest UserVictims, Cyber, Ransomware