Ransomware is a particular type of malware, and a new crime of extortion committed online. Malicious software gets installed through a phishing email or a drive-by download on a website. When it runs, it performs an action such as the encryption of the user's files, and asks a ransom for this action to be undone. The victim is coerced into paying through psychological manipulations which sometimes masquerade as advice. Due to the subtle ways that the technological aspects of the crime blend with - and are exploited through - various human dimensions, it has profound economic, psychological and societal impacts upon its victims, which makes its eradication all the more complicated. Law Enforcement Agencies have estimated that losses to criminals using ransomware are many millions of pounds, but the true costs may never be known because victims have shown to be particularly reluctant to report.
This project sets out to answer the following questions: Why is ransomware so effective as a crime and why are so many people falling victim to it?Who is carrying out ransomware attacks?
How can police agencies be assisted?
What interventions are required to mitigate the impacts of ransomware?
In order to do so, the project gathers data from Law Enforcement Agencies (which have agreed to closely collaborate with the project), through surveys of the general public and SMEs, and through interviews with stakeholders. The data will be analysed using script analysis, behavioural analysis, and other profiling techniques, leading to narratives regarding the criminals, the victims, and the typical ransomware scenario. Economical and behavioural models of ransomware will then be constructed and used to improve ransomware mitigation and advice, as well as support for law enforcement.