Technical and behavioural training and awareness solutions for mitigating ransomware attacks

Abubakar Bello, Alana Maurushat

Research output: Contribution to conferencePaperpeer-review

16 Citations (Scopus)

Abstract

Over the years, there has been a significant increase in cyber security risks and vulnerabilities with one of the most severe threat being ransomware attacks. Ransomware, a variant of malware, encrypts files, data, and often locks computer systems, and retains the decryption key until victims pay a ransom. Current method of ransomware mitigation is the analysis and classification of the ransomware and its variants to propose solution for detection and prevention. This mitigation approach omits technology users as part of the solution especially given their role in falling prey to ransomware by means of social engineering attack vectors. The purpose of this qualitative study was to highlight current and emerging ransomware vectors, and to identify cyber security awareness and education solutions that can be applied to mitigate socially engineered ransomware attacks. A semi-structured interview with executives and managers from several financial, technology, construction, transportation, education, and health industries revealed the lack of current awareness and training approaches to mitigate against socially engineered ransomware attacks. This study recommends some specific cybersecurity training and awareness approaches to consider in order to enable technology users resist and mitigate against ransomware attacks.
Original languageEnglish
Pages164-176
Number of pages13
DOIs
Publication statusPublished - 15 Jul 2020
Event9th Computer Science On-line Conference, CSOC 2020 - Online, Zlín, Czech Republic
Duration: 15 Jul 202015 Jul 2020
Conference number: 9

Conference

Conference9th Computer Science On-line Conference, CSOC 2020
Abbreviated titleCSOC 2020
Country/TerritoryCzech Republic
CityZlín
Period15/07/2015/07/20

Keywords

  • Cybersecurity
  • Malware
  • Mitigation
  • Ransomware
  • Social engineering
  • Cryptography
  • Engineering education
  • Intelligent systems
  • Network security
  • Personnel training
  • Attack vector
  • Cyber security
  • Health industry
  • Qualitative study
  • Semi structured interviews

Fingerprint

Dive into the research topics of 'Technical and behavioural training and awareness solutions for mitigating ransomware attacks'. Together they form a unique fingerprint.

Cite this