A SURVEY OF THE CURRENT AND EMERGING RANSOMWARE THREAT LANDSCAPE

Abstract

Ransomware attacks have become more prevalent, sophisticated, and organized. Ransomware is a catch-all term associated with revenue-generating malicious software that encrypts and/or immobilizes the target system or data until payment is rendered. The ransom is typically paid via anonymous means so as to obscure the payee. A summary of the history and evolution of ransomware attacks and practices is presented as a means to understand the current landscape and anticipate future trends. Current ransomware practices are highlighted relating to the commercialization of tools and processes, structure and nature of attacks, and shifted focus to operations and industrial internet-enabled tools and infrastructure. Emerging trends in ransomware development, delivery and targeting are explored.

Disclosure statement

No potential conflict of interest was reported by the author(s).

Additional information

Notes on contributors

James L. “Jamey” Worrell

James L. “Jamey” Worrell is a Professor of Accounting at the University of Alabama at Birmingham where he primarily teaches internal auditing, IT auditing, and accounting information systems. Prior to pursuing his doctorate, he was the IT Internal Audit Manager for a F500 financial services firm and worked as an Information Technology Auditor and Information Security Consultant for PricewaterhouseCoopersLLP. He obtained his Ph.D. at Florida State University, and holds several professional certifications (CPA, CISA, CIA). His current research interests include the intersection of auditing and information systems, and he has published in Journal of the Association for Information Systems, International Journal of Accounting Information Systems, Issues in Accounting Education, Information Systems Frontiers, and Information Technology & People, as well as other peer-reviewed outlets.