Similarity Analysis of Ransomware Attacks Based on ATT&amp;CK Matrix

Song, Zheyu; Tian, Yonghong; Zhang, Junjin

doi:10.1109/access.2023.3322427

Cited by 2 publications

(1 citation statement)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Ransomware attacks succeed due to a confluence of factors including the accessibility of conducting attacks globally supported by the affordability of basic computing resources and digital currency transactions; insufficient cybersecurity education within organizations leaving personnel vulnerable to phishing and other cyber threats; weaknesses in email filtering and inadequate training, enabling the rapid spread of ransomware within organizational networks; cybercriminals operating from jurisdictions with limited international legal oversight; unregulated cryptocurrency payments providing anonymity to attackers; the willingness of some organizations to pay ransoms discreetly; a low prosecution rate for cybercrime, creating a favorable risk-reward ratio for criminals; the emergence of ransomware-as-a-service (RaaS), simplifying attacks for individuals without technical expertise; and large deficiencies in patching vendor-supplied software, emphasizing the crucial need for proactive cybersecurity measures [19].…”

Section: Identifying the Contributors To A Ransomware Attackmentioning

confidence: 99%

The Ransomware Epidemic: Recent Cybersecurity Incidents Demystified

Temara

2024

AJARR

View full text Add to dashboard Cite

The pervasive threat of ransomware poses a significant risk to businesses across various scales as cybercriminals continue to exploit vulnerabilities causing severe disruptions and demanding substantial ransom payments. This review conducts a comprehensive literature review delving into recent ransomware attacks to analyze key aspects, including the targeted organizations, attack vectors, threat actors, propagation mechanisms, and the resulting business impact. The study goes beyond a surface examination by exploring the evolving nature of ransomware attacks, encompassing different types, attack vectors, and emerging tactics, such as double extortion, where cybercriminals not only encrypt data but also exfiltrate and threaten to release it publicly unless a ransom is paid. High-profile incidents, including those involving SickKids Hospital, Royal Mail, Dish Network, Five Guys, and ION are scrutinized to glean insights into the intricacies of these attacks. The review also evaluates the effectiveness of existing ransomware defenses and proposes potential strategies for organizations to counteract, identify, and manage ransomware incidents. The findings underscore the critical need for organizations to comprehend the evolving ransomware landscape and implement robust cybersecurity measures to protect both internal and external stakeholders. As ransomware continues to evolve in complexity, this study provides valuable insights emphasizing the importance of proactive defenses to mitigate the risks posed by this growing threat.

show abstract

Section: Identifying the Contributors To A Ransomware Attackmentioning

confidence: 99%