Volenti non fit injuria: Ransomware and its Victims

TL;DR

This paper analyzes ransomware variants and their victims to understand targeting patterns and explore prevention and mitigation strategies for this growing cybersecurity threat.

Contribution

It provides insights into ransomware variants, victim profiles, and discusses potential measures to prevent or reduce the impact of ransomware attacks.

Findings

Ransomware targets a wide range of victims including individuals and organizations.

Victims often pay ransoms due to critical data loss or system lockout.

Understanding victim profiles can inform better defense strategies.

Abstract

With the recent growth in the number of malicious activities on the internet, cybersecurity research has seen a boost in the past few years. However, as certain variants of malware can provide highly lucrative opportunities for bad actors, significant resources are dedicated to innovations and improvements by vast criminal organisations. Among these forms of malware, ransomware has experienced a significant recent rise as it offers the perpetrators great financial incentive. Ransomware variants operate by removing system access from the user by either locking the system or encrypting some or all of the data, and subsequently demanding payment or ransom in exchange for returning system access or providing a decryption key to the victim. Due to the ubiquity of sensitive data in many aspects of modern life, many victims of such attacks, be they an individual home user or operators of a business, are forced to pay the ransom to regain access to their data, which in many cases does not happen as renormalisation of system operations is never guaranteed. As the problem of ransomware does not seem to be subsiding, it is very important to investigate the underlying forces driving and facilitating such attacks in order to create preventative measures. As such, in this paper, we discuss and provide further insight into variants of ransomware and their victims in order to understand how and why they have been targeted and what can be done to prevent or mitigate the effects of such attacks.