Skip to main content
SpringerLink
Log in

Preventing and Mitigating Ransomware

A Systematic Literature Review

  • Conference paper
  • First Online:
Information Security (ISSA 2018)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 973))

Included in the following conference series:

Abstract

There has been significant growth in ransomware attacks over the past few years. Many organizations have been affected by a variety of ransomware attacks, leading to a large amount of data becoming inaccessible. In a typical ransomware attack malicious software encrypts electronic data while extorting money from an unexpecting victim. In order to decrypt and restore data, the attacker requests user to pay the ransom amount, typically through crypto-currency such as Bitcoin. There are various ways how ransomware infiltrate a computer, including phishing emails, drive-by downloads or vulnerable websites containing executable files of the malware. Being a new emerging type of attack, limited consolidated information is known by users. Therefore, this paper sets out to perform a systematic literature review to determine what has been published during the previous 3 years in leading academic journals regarding the prevention and mitigation of ransomware. Two hundred and sixty one (261) journal articles dealt with ransomware from four perspectives: prevention and mitigation methods, detection methods, case studies and attack methods. Out of the 261 journal articles, 35 journal articles that resort under the prevention and mitigation category were further analyzed. The papers were coded and a consolidated list of 13 guidelines was constructed. Interestingly, and somewhat concerning, these prevention and mitigation guidelines cover basic cyber-security practices to prevent and mitigate against any kind of cyber-attack, not specifically ransomware. This raises questions regarding the research agenda, but the repetition of established guidelines also raises questions on the effectiveness of security education, training and awareness interventions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Al-Rimy, B.A.S., Maarof, M.A., Mohd Shaid, S.Z.: Ransomware threat success factors, taxonomy, and countermeasures: a survey and research directions. Comput. Secur. 74, 144–166 (2018). https://doi.org/10.1016/j.cose.2018.01.001

    Article  Google Scholar 

  2. Ali, A.: Ransomware: a research and a personal case study of dealing with this nasty Malware. J. Issues Inform. Sci. Inf. Technol. 14, 87–99 (2017). http://www.informingscience.org/Publications/3707

    Article  Google Scholar 

  3. Allen, J.: Surviving ransomware. Am. J. Fam. Law 31(2), 65–68 (2017)

    Google Scholar 

  4. van Alstin, C.M.: Ransomware: it’s as scary as it sounds. Health Manag. Technol. 37(4), 26–27 (2016)

    Google Scholar 

  5. Brewer, R.: Ransomware attacks: detection, prevention and cure. Netw. Secur. 2016(9), 5–9 (2016). https://doi.org/10.1016/S1353-4858(16)30086-1

    Article  Google Scholar 

  6. Brody, M.L.: Protecting yourself from ransomware and should you become a victim, here’s how to recover. Podiatry Manag. 36(6), 39–40 (2017)

    Google Scholar 

  7. Cabaj, K., Mazurczyk, W.: Using software-defined networking for ransomware mitigation: the case of CryptoWall. IEEE Netw. 30(6), 14–20 (2016). https://doi.org/10.1109/MNET.2016.1600110NM

    Article  Google Scholar 

  8. Chen, J., et al.: Uncovering the face of Android ransomware: characterization and real-time detection. IEEE Trans. Inf. Forensics Secur. 13(5), 1289–1300 (2018). https://doi.org/10.1109/TIFS.2017.2787905. http://ieeexplore.ieee.org

    Article  Google Scholar 

  9. Cimitile, A., Mercaldo, F., Nardone, V., Santone, A., Visaggio, C.A.: Talos: no more ransomware victims with formal methods. Int. J. Inf. Secur. (2017). https://doi.org/10.1007/s10207-017-0398-5

    Article  Google Scholar 

  10. Erridge, T.: Ransomware: threat and response. Netw. Secur. 2016(10), 17–19 (2016). https://doi.org/10.1016/S1353-4858(16)30097-6

    Article  Google Scholar 

  11. Goldsborough, R.: Protecting yourself from ransomware. Teacher Librarian 43(4), 70–71 (2016)

    Google Scholar 

  12. Goldsborough, R.: The increasing threat of ransomware. Teacher Librarian 45(1), 61 (2017)

    Google Scholar 

  13. Gómez-Hernández, J.A., Álvarez-González, L., García-Teodoro, P.: R-Locker: thwarting ransomware action through a honeyfile-based approach. Comput. Secur. 73, 389–398 (2018). https://doi.org/10.1016/j.cose.2017.11.019

    Article  Google Scholar 

  14. Gordon, S.: Ransomware menace grows as new threats emerge. Netw. Secur. 2016(8), 1–2 (2016). https://doi.org/10.1016/S1353-4858(16)30072-1

    Article  Google Scholar 

  15. Green, A.: Ransomware and the GDPR. Netw. Secur. 2017(3), 18–19 (2017). https://doi.org/10.1016/S1353-4858(17)30030-2

    Article  Google Scholar 

  16. Jones, J., Shashidhar, N.: Ransomware analysis and defense WannaCry and the Win32 environment. Int. J. Inf. Secur. Sci. 6(4), 57–69 (2017)

    Google Scholar 

  17. Lee, J.K., Moon, S.Y., Park, J.H.: CloudRPS: a cloud analysisbased enhancedransomware prevention system. J. Supercomput. 2017(73), 3065–3084 (2017). https://doi.org/10.1007/s11227-016-1825-5

    Article  Google Scholar 

  18. Lee, S.y.: Guarding against ransomware. Internal Auditor 74(4), 13 (2017)

    Google Scholar 

  19. Luo, X., Liao, Q.: Awareness education as the key to ransomware prevention. 16(4), 195–202 (2007). https://doi.org/10.1080/10658980701576412

    Article  Google Scholar 

  20. Mansfield-Devine, S.: Hospitals become major target for ransomware. Netw. Secur. 2016(4), 1–2 (2016). https://doi.org/10.1016/S1353-4858(16)30031-9

    Article  Google Scholar 

  21. Monika, Zavarsky, P., Lindskog, D.: Experimental analysis of ransomware on windows and android platforms: evolution and characterization. In: Shakshuki, E. (ed.) The 2nd International Workshop on Future Information Security, Privacy & Forensics for Complex Systems, pp. 465–472. Procedia Computer Science, Edmonton (2016). https://doi.org/10.1016/j.procs.2016.08.072

    Article  Google Scholar 

  22. Pope, J.: Ransomware: minimizing the risks. Innov. Clin. Neurosci. 13(11–12), 37–40 (2016)

    Google Scholar 

  23. Richardson, R., North, M.: Ransomware: evolution, mitigation and prevention. Int. Manag. Rev. 13(1), 10–21 (2017)

    Google Scholar 

  24. Scaife, N., Traynor, P., Butler, K.: Making sense of the ransomware mess (and planning a sensible path forward). IEEE Potentials 36(6), 28–31 (2017). https://doi.org/10.1109/MPOT.2017.2737201

    Article  Google Scholar 

  25. Sheffield, J.: Pirates of the PHI: identifying and responding to a ransomware attack according to HIPAA best practices. Benefits Law J. 30(4), 36–54 (2017)

    Google Scholar 

  26. Solander, A.C., Forman, A.S., Glasser, N.M.: Ransomware-give me back my files! Empl. Relat. Law J. 42(2), 53–55 (2016)

    Google Scholar 

  27. von Solms, R., von Solms, S.H.: Information security governance: a model based on the direct-control cycle. Comput. Secur. 25(6), 408–412 (2006). https://doi.org/10.1016/j.cose.2006.07.005

    Article  Google Scholar 

  28. Srinivasan, C.R.: Hobby hackers to billion-dollar industry: the evolution of ransomware. Comput. Fraud Secur. 2017(11), 7–9 (2017). https://doi.org/10.1016/S1361-3723(17)30081-7

    Article  Google Scholar 

  29. Webster, J., Watson, R.T.: Analyzing the past to prepare for the future: writing a literature review. MIS Q. 26(2), xiii–xxiii (2002). http://www.misq.org/misreview/announce.html

  30. Yaqoob, I., Ahmed, E., ur Rehman, M.H., Ahmed, A.I.A., Al-Garadi, M.A., Imran, M., Guizani, M.: The rise of ransomware and emerging security challenges in the Internet of Things. Comput. Netw. 129(Part 2), 444–458 (2017). https://doi.org/10.1016/j.comnet.2017.09.003

    Article  Google Scholar 

  31. Yun, J., Hur, J., Shin, Y., Koo, D.: CLDSafe: an efficient file backup system in cloud storage against ransomware. IEICE Trans. Inf. Syst. 100(9), 2228–2231 (2017). https://doi.org/10.1587/transinf.2017EDL8052

    Article  Google Scholar 

  32. Zimba, A., Wang, Z., Chen, H.: Multi-stage crypto ransomware attacks: a new emerging cyber threat to critical infrastructure and industrial control systems. ICT Express 4(1), 14–18 (2018). https://doi.org/10.1016/j.icte.2017.12.007

    Article  Google Scholar 

Download references

Acknowledgements

This work is based upon research partially supported by the National Research Foundation, and partially through a CSIR-DST Inter-Programme Bursary. Any opinion, findings and conclusions or recommendations expressed in this material are those of the author(s) and not of the respective funders.

Author information

Authors and Affiliations

  1. Center for Research in Information and Cyber Security, Nelson Mandela University, Port Elizabeth, South Africa

    Zandile Manjezi & Reinhardt A. Botha

Authors
  1. Zandile Manjezi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Reinhardt A. Botha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zandile Manjezi .

Editor information

Editors and Affiliations

  1. University of Pretoria, Pretoria, Gauteng, South Africa

    Hein Venter

  2. University of South Africa, Florida, Gauteng, South Africa

    Marianne Loock

  3. University of Johannesburg, Auckland Park, Gauteng, South Africa

    Marijke Coetzee

  4. University of South Africa, Pretoria, Gauteng, South Africa

    Mariki Eloff

  5. University of Pretoria, Pretoria, Gauteng, South Africa

    Jan Eloff

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Manjezi, Z., Botha, R.A. (2019). Preventing and Mitigating Ransomware. In: Venter, H., Loock, M., Coetzee, M., Eloff, M., Eloff, J. (eds) Information Security. ISSA 2018. Communications in Computer and Information Science, vol 973. Springer, Cham. https://doi.org/10.1007/978-3-030-11407-7_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-11407-7_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-11406-0

  • Online ISBN: 978-3-030-11407-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation