Ransomware Attack: Rescue-checklist Cyber Security Awareness Program
Source: By:Mohammed Daffalla Elradi, Mohamed Hashim Mohamed, Mohammed Elradi Ali
DOI: https://doi.org/10.30564/aia.v3i1.3162
Abstract: Ransomware attacks have been spreading broadly in the last few years, where attackers deny users’ access to their systems and encrypt their files until they pay a ransom, usually in Bitcoin. Of course, that is the worst thing that can happen; especially for organizations having sensitive information. In this paper we proposed a cyber security awareness program intended to provide end-users with a rescue checklist in case of being attacked with a ransomware as well as preventing the attack and ways to recover from it. The program aimed at providing cyber security knowledge to 15 employees in a Sudanese trading and investment company. According to their cyber behaviour before the program, the participants showed a low level cyber security awareness that with 72% they are likely of being attacked by a ransomware from a phishing email, which is well known for spreading ransomware attacks. The results revealed that the cyber security awareness program greatly diminished the probability of being attacked by a ransomware with an average of 28%. This study can be used as a real-life ransomware attack rescue plan. References:[1]Adhikari, D. 2016. Exploring the differences between social and behavioral science. Behavioral Develop-ment Bulletin, 21(2), 128-135. [2]Wayne Patterson, Cynthia E. Winston-Proctor - Be-havioral Cybersecurity_ Applications of Personality Psychology and Computer Science (2019, Taylor & Francis_CRC). [3]Cuthbertson A. (2017): “Ransomware attacks rise 250 percent in 2017, Hitting U.S. Hardest,” News-week, September 28, 2017. www.newsweek.com/ransomware-attacks-rise-250-2017-us-wanna-cry-614034. [4]C. Everett, “Ransomware: To pay or not to pay?", Comp. Fraud & Secur., vol. 2016, no. 4, pp. 8{12, 2016.DOI: https://doi.org/10.1016/S1361-3723(16)30036-7. [5]Young, H., van Vliet, T., van de Ven, J., Jol, S., Broekman, C.: Understanding human factors in cyber security as a dynamic system. In: International Con-ference on Applied Human Factors and Ergonomics, pp. 244-254. Springer, Cham (2018). [6]Gavin Watson, Andrew Mason and Richard Ackroyd (Auth.) - Social Engineering Penetration Testing. Ex-ecuting Social Engineering Pen Tests, Assessments and Defense (2014, Syngress). [7]Connolly LY, Lang M, Gathegi J, et al. Organization-al culture, procedural countermeasures and employee security behaviour: a qualitative study. Inf Comp Se-cur 2017;25:118-36. [8]Hull G, John H, Arief B. Ransomware deployment methods and analysis: views from a predictive model and human responses. Crime Science 2019;8:2-22. [9]Internet Security Threat Report Volume 22 https://s1.q4cdn.com/585930769/files/doc_downloads/life-lock/ISTR22_Main-FINAL-APR24.pdf. [10]C. Everett, \Ransomware: To pay or not to pay?", Comp. Fraud & Secur., vol. 2016, no. 4, pp. 8{12, 2016.DOI: https://doi.org/ [11]10.1016/S1361-3723(16)30036-7. [12]“What you need to know about the WannaCry ran-somware", Symantec, Threat Intelligence, Oct. 2017, [Online]. Available: https://www.symantec.com/blogs/threat-intelligence/wannacryransomware-at-tack. [13]Wisniewska, M., Wisniewski, Z.: The relationship between knowledge security and the propagation of innovation. Adv. Intell. Syst. Comput. 783, 176-184 (2019). [14]Hull G, John H, Arief B. Ransomware deployment methods and analysis: views from a predictive model and human responses. Crime Science 2019;8:2-22. [15]Brewer R. Ransomware attack: detection, prevention and cure. Network Secur 2016;2016:5-9. [16]Mohammed Daffalla Elradi, Altigani Abd alraheem Altigani,Osman Idriss Abaker. Cyber Security Awareness among Students and Faculty Members in a Sudanese College. Electrical Science &Engineer-ing,Volume 02, Issue 02, October 2020.DOI: https://doi.org/10.30564/aia.v3i1.3162
