Ransomware, manifesting as Crypto or Locker, poses a significant threat to fundamental computer systems and infrastructures with the primary goal of extracting financial gain from victims through ransom demands for decryption keys. This paper delves into the evolving landscape of ransomware, a persistent and advancing form of malicious software. Besides, this paper explores the development, patterns, and methods of ransomware attacks, scrutinizing their impact on organizations over time. In addition, this study examines the root causes of ransomware's organizational impact and evaluates its evolving scales. The investigation also addresses proactive measures organizations can adopt, aligning with the cybersecurity standards, to enhance preparedness and awareness. Additionally, the study provides recommendations and preventive measures to mitigate the challenges posed by ransomware attacks.
Abulela, M. A., & Harwell, M. (2020). Data Analysis: Strengthening Inferences in Quantitative Education Studies conducted by novice researchers. Educational Sciences: Theory & Practice, 20(1), 59–78. https://doi.org/10.12738/jestp.2020.1.005
Adamov, A., & Carlsson, A. (2017). The state of ransomware. trends and mitigation techniques. 2017 IEEE East-West Design & Test Symposium (EWDTS). https://doi.org/10.1109/ewdts.2017.8110056
Ahmed, M. R. (2019). Ransomware: The evolution of a cybercrime. International Journal of Psychosocial Rehabilitation, 23(4), 1228–1237. https://doi.org/10.37200/ijpr/v23i4/pr190449
Ali, A. (2017). Ransomware: A research and a personal case study of dealing with this nasty malware. InSITE Conference. https://doi.org/10.28945/3661
Alqahtani, A., & Sheldon, F. T. (2022). A survey of Crypto Ransomware Attack Detection Methodologies: An evolving outlook. Sensors, 22(5), 1837. https://doi.org/10.3390/s22051837
Alshaikh, H., Ramadan, N., & Ahmed, H. (2020). Ransomware prevention and mitigation techniques. International Journal of Computer Applications, 177(40), 31–39. https://doi.org/10.5120/ijca2020919899
Aslan, P. O. (2022). Ransomware detection in cyber security domain. Bitlis Eren Üniversitesi Fen Bilimleri Dergisi, 11(2), 509–519. https://doi.org/10.17798/bitlisfen.1038966
Bamrara, A. (2018). Identifying and analyzing the latent cyber threats in developing economies. Cyber Security and Threats, 1044–1059. https://doi.org/10.4018/978-1-5225-5634-3.ch051
Chowdhury, N. (2019). Bitcoin: World’s first cryptocurrency. Inside Blockchain, Bitcoin, and Cryptocurrencies, 61–89. https://doi.org/10.1201/9780429325533-4
Faghihi, F., & Zulkernine, M. (2021). RansomCare: Data-centric detection and mitigation against smartphone crypto-ransomware. Computer Networks, 191, 108011. https://doi.org/10.1016/j.comnet.2021.108011
Hassan, N. A. (2019). Enterprise defense strategies against ransomware attacks. Ransomware Revealed, 115–154. https://doi.org/10.1007/978-1-4842-4255-1_5
Hassan, N. A. (2019). Ransomware distribution methods. Ransomware Revealed, 29–46. https://doi.org/10.1007/978-1-4842-4255-1_2
Hassan, N. A. (2019). Ransomware families. Ransomware Revealed, 47–68. https://doi.org/10.1007/978-1-4842-4255-1_3
Hassan, N. A. (2019). Responding to ransomware attacks. Ransomware Revealed, 203–212. https://doi.org/10.1007/978-1-4842-4255-1_9
Holt, T. J., & Bossler, A. M. (2017). Cybercrime in progress: Theory and prevention of technology-enabled offenses. Routledge, Taylor & Francis Group.
Hull, G., John, H., & Arief, B. (2019). Ransomware deployment methods and analysis: Views from a predictive model and human responses. Crime Science, 8(1). https://doi.org/10.1186/s40163-019-0097-9
Jenkinson, A. (2022). CNA ransomware attack and Cyber Insurance. Ransomware and Cybercrime, 29–37. https://doi.org/10.1201/9781003278214-5
Kapoor, A., Gupta, A., Gupta, R., Tanwar, S., Sharma, G., & Davidson, I. E. (2021). Ransomware detection, avoidance, and mitigation scheme: A review and Future Directions. Sustainability, 14(1), 8. https://doi.org/10.3390/su14010008
Kaur, G., Dhir, R., & Singh, M. (2017). Anatomy of ransomware malware: Detection, analysis and reporting. International Journal of Security and Networks, 12(3), 188. https://doi.org/10.1504/ijsn.2017.084399
Kiru, M. U., & Jantan, A. (2020). Ransomware evolution: Solving ransomware attack challenges. The Evolution of Business in the Cyber Age, 193–229. https://doi.org/10.1201/9780429276484-9
Kothari, C. R., & Garg, G. (2019). Research methodology: Methods and techniques. New Age International (P) Limited, Publishers.
Koutsokostas, V., & Patsakis, C. (2021). Python and malware: Developing stealth and evasive malware without obfuscation. Proceedings of the 18th International Conference on Security and Cryptography. https://doi.org/10.5220/0010541501250136
Kumar, S., Madhavan, L., Nagappan, M., & Sikdar, B. (2016). Malware in pirated software: Case study of malware encounters in personal computers. 2016 11th International Conference on Availability, Reliability and Security (ARES). https://doi.org/10.1109/ares.2016.101
Kurpjuhn, T. (2015). The SME Security Challenge. Computer Fraud & Security, 2015(3), 5–7. https://doi.org/10.1016/s1361-3723(15)30017-8
Lind, D. A., Marchal, W. G., & Wathen, S. A. (2021). Statistical techniques in business and Economics. McGraw-Hill Education.
Maurya, A. K., Kumar, N., Agrawal, A., & Khan, R. A. (2018). Ransomware evolution, target and safety measures. International Journal of Computer Sciences and Engineering, 6(1), 80–85. https://doi.org/10.26438/ijcse/v6i1.8085
Mohammad, A. H. (2020). Ransomware evolution, growth and recommendation for detection. Modern Applied Science, 14(3), 68. https://doi.org/10.5539/mas.v14n3p68
Muslim, A. K., Mohd Dzulkifli, D. Z., Nadhim, M. H., & Haizal Abdellah, R. (2019). A Study of Ransomware Attacks: Evolution and Prevention. JOURNAL OF SOCIAL TRANSFORMATION AND REGIONAL DEVELOPMENT, 1(1), 18–25.
Nyikes, Z., & Sz?cs, E. (2019). Prevention of ransomware attacks by increasing security awareness. M?szaki Tudományos Közlemények, 11(1), 149–152. https://doi.org/10.33894/mtk-2019.11.33
O'Kane, P., Sezer, S., & Carlin, D. (2018). Evolution of ransomware. IET Networks, 7(5), 321–327. https://doi.org/10.1049/iet-net.2017.0207
Ozer, M., Varlioglu, S., Gonen, B., & Bastug, M. (2019). A prevention and a traction system for ransomware attacks. 2019 International Conference on Computational Science and Computational Intelligence (CSCI). https://doi.org/10.1109/csci49370.2019.00032
Pascariu, C., & Barbu, I.-D. (2019). Ransomware honeypot: Honeypot solution designed to detect a ransomware infection identify the ransomware family. 2019 11th International Conference on Electronics, Computers and Artificial Intelligence (ECAI). https://doi.org/10.1109/ecai46879.2019.9042158
Richardson, R., & North, M. (2017). Ransomware: Evolution, Mitigation and Prevention. Management & Entrepreneurship Department Information Systems Department, 13(1), 10–21.
Rubin, H. J., & Rubin, I. S. (2005). Qualitative interviewing: The Art of Hearing Data. SAGE.
Security awareness on ransomware threats detection and their protection techniques. (2021). International Journal of Advanced Trends in Computer Science and Engineering, 10(2), 975–983. https://doi.org/10.30534/ijatcse/2021/701022021
Sen, S. K., & Chourey, N. (2020). A Study of Ransomware Detection and Prevention at Organizations, 07(07), 4686–4691.
Shalaginov, A., Dyrkolbotn, G. O., & Alazab, M. (2020). Review of the malware categorization in the era of changing cybethreats landscape: Common approaches, challenges and future needs. Malware Analysis Using Artificial Intelligence and Deep Learning, 71–96. https://doi.org/10.1007/978-3-030-62582-5_3
Shinde, R., Van der Veeken, P., Van Schooten, S., & van den Berg, J. (2016). Ransomware: Studying transfer and mitigation. 2016 International Conference on Computing, Analytics and Security Trends (CAST). https://doi.org/10.1109/cast.2016.7914946
Shukla, M., Mondal, S., & Lodha, S. (2016). Poster. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. https://doi.org/10.1145/2976749.2989051
Slevitch, L. (2011). Qualitative and quantitative methodologies compared: Ontological and epistemological perspectives. Journal of Quality Assurance in Hospitality & Tourism, 12(1), 73–81. https://doi.org/10.1080/1528008x.2011.541810
Swami, S. L., Punia, P. M., & Swami, M. N. (2021). Ransomware detection system and analysis using latest tool. International Journal of Advanced Research in Science, Communication and Technology, 600–608. https://doi.org/10.48175/ijarsct-1683
Teichmann, F. M., & Wittmann, C. (2022). When is a law firm liable for a data breach? an exploration into the legal liability of ransomware and Cybersecurity. Journal of Financial Crime. https://doi.org/10.1108/jfc-04-2022-0093
Teymourlouei, H., & Harris, V. E. (2021). Detecting ransomware automated based on network behavior by using Machine Learning. 2021 International Conference on Computational Science and Computational Intelligence (CSCI). https://doi.org/10.1109/csci54926.2021.00186
Thakur, S., Chaudhari, S., & Joshi, B. (2022). Ransomware: Threats, identification and prevention. Cyber Security and Digital Forensics, 361–387. https://doi.org/10.1002/9781119795667.ch16
Tonidandel, S., Braddy, P. W., & Fleenor, J. W. (2012). Relative importance of managerial skills for predicting effectiveness. Journal of Managerial Psychology, 27(6), 636–655. https://doi.org/10.1108/02683941211252464
Turner, A. B., McCombie, S., & Uhlmann, A. J. (2020). Discerning payment patterns in bitcoin from ransomware attacks. Journal of Money Laundering Control, 23(3), 545–589. https://doi.org/10.1108/jmlc-02-2020-0012
Taherdoost, H. (2016). Validity and reliability of the research instrument; how to test the validation of a questionnaire/survey in a Research. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3205040
Yadav, S. (2022). A survey on ransomware malware and ransomware detection techniques. International Journal for Research in Applied Science and Engineering Technology, 10(1), 243–248. https://doi.org/10.22214/ijraset.2022.39787
Yilmaz, Y., Cetin, O., Grigore, C., Arief, B., & Hernandez-Castro, J. (2022). Personality types and ransomware victimisation. Digital Threats: Research and Practice. https://doi.org/10.1145/3568994
Connolly, Y. A., & Borrion, H. (2022). Reducing ransomware crime: Analysis of Victims’ payment decisions. Computers & Security, 119, 102760. https://doi.org/10.1016/j.cose.2022.102760
Connolly, Y. L., Wall, D. S., Lang, M., & Oddson, B. (2020). An empirical study of ransomware attacks on organizations: An assessment of severity and salient factors affecting vulnerability. Journal of Cybersecurity, 6(1). https://doi.org/10.1093/cybsec/tyaa023
Zakaria, W. Z., Abdollah, M. F., Mohd, O., & Ariffin, A. F. (2017). The rise of Ransomware. Proceedings of the 2017 International Conference on Software and e-Business - ICSEB 2017. https://doi.org/10.1145/3178212.3178224
