Skip to main content

Ransomware Attacks and Scenarios: Cost Factors and Loss of Reputation

  • Chapter
  • First Online:
Guide to Cybersecurity in Digital Transformation

Part of the book series: Advances in Information Security ((ADIS,volume 103 ))

Abstract

Cyberattacks and thus cybersecurity risks have accelerated over the past years. Cyberattacks are based on threat event attack types, as described in Chap. 2. Besides other threat event attack types, ransomware is probably the No. 1 challenge of threat event attacks that industrial, public, and private organizations are facing. Ransomware is a type of malware that typically locks the data on a targeted computer system or user’s files by encryption. This cyberattack demands a payment (ransom) before the ransomed data is decrypted and access returned to the targeted user, but ransomware comes in many forms. In this regard, ransomware is a type of malware used by cybercriminals for financial gain. Typically, a ransom note is installed on a targeted computer system at the same time the data/files are encrypted. They not include information on the ransom demands, meaning the amount of ransom a deadline for payment, and instructions how to reach and pay the ransom providing details on the cryptocurrency wallet or other wiring information to complete the transaction. In this context, ransomware is a two-step-extortion: Step 1 is to encrypt and extract the data/information; Step 2 is to negotiate the ransom. However, over the past years, ransomware has emerged to Ransomware-as-a-Service (RaaS), because ransomware has proven to be an effective approach for cybercriminals to hit it big, in terms of both payouts and notoriety. One of the cases was the 2020 Solar Winds supply chain attack. Cybercriminals targeted Solar Winds by deploying malicious code into its Orion IT monitoring and management software platform used by thousands of industrial organizations and government agencies worldwide, which creates a backdoor through which cybercriminals access and impersonate users and accounts of the targeted organizations’ systems. The SolarWinds supply chain attack was a major cybercriminal event because not a single company was attacked by a breach-in, but it triggered a much larger supply chain incident that affected thousands of organizations, including the US government. In this cyberattack, the cybercriminals used tools used for many years, developed, and adjusted them with new attack pattern, and cybercriminals hit it big in terms of payout and notoriety. Such ransomware attacks led to an evolution capitalizing on a growing number of cybercriminals who want to get in. These successful cybercriminals started as cybercriminal entrepreneurs offering RaaS, which makes carrying out ransomware much easier by other cybercriminals, lowering the barrier to entry, and expanding the reach of ransomware. In this, cybercriminal business model gains the RaaS entrepreneur a percentage of the ransom paid to the new cybercriminal or a group of cybercriminals using RaaS in a license model, who attack organizations for a ransom. Against this background, Chap. 6 introduces Sect. 6.1 in ransomware attacks and the ransomware landscape, whereas Sect. 6.2 focuses on ransomware attacks and scenarios in Sect. 6.2.1 and ransomware attacks on OT systems in Sect. 6.2.2. Section 6.3 refers to Cost Factors of Ransomware Attacks (CFoRA) and introduces a useful design of the approaches in Recovery Point Objective (RPO) and Recovery Time Objective (RTO) in the Sects. 6.3.1, 6.3.2, and 6.3.3. The focus in Sect. 6.4 is on Loss of Reputation (LoR) and preventing it. Section 6.5 contains comprehensive questions of the topics ransomware, Cost Factors of Ransomware Attacks and Loss of Reputation through ransomware attacks. Finally, “References” refers to the used references for further reading.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 89.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Warikoo, A.: Proposed Methodology for Cyber Criminal Profiling. In: Information Security Journal: A Global Perspective, Vol. 23, No. 4–6, pp. 172–178, 2014

    Google Scholar 

  2. Billois, G., Lahoud, M.: Cybercrime – Ransomware: Number One Cyber Threat. In: Whitepaper Institute Montaigne, 2021. https://www.institutmontaigne.org/en/analysis/cybercrime-ransomware-number-one-cyber-threat (Accessed 12.2022)

  3. State of Ransomware: Invest now or pay later. CRA Business Intelligence Study, 2022. https://resources.menlosecurity.com/reports/state-of-ransomware-invest-now-or-pay-later (Accessed 12.2022)

  4. Ransomware. Imperva Whitepaper, 2022. https://www.imperva.com/learn/application-security/ransomware/A (Accessed 12.2022)

  5. Challita, A.: The Four Most Popular Methods Hackers use to Spread Ransoware. Whitepaper ITProPortal, 2022. https://www.itproportal.com/features/the-four-most-popular-methods-hackers-use-to-spread-ransomware/ (Accessed 12.2022)

  6. Arntz, P.: Threat Spotlight: CrySis, aka Dharma ransomware, causes a Crisis for businesses. Malwarebytes Lab Whitepaper, 2019. https://www.malwarebytes.com/blog/news/2019/05/threat-spotlight-crysis-aka-dharma-ransomware-causing-a-crisis-for-businesses (Accessed 12.2022)

  7. Beltov, M.: LowLevel04 Ransomware Virus – Removal Steps and Protection Updates. 2016. https://bestsecuritysearch.com/lowlevel04-ransomware-virus-removal-steps-protection-updates/ (Accessed 12.2022)

  8. Malware Analysis Report: Nemucod Ransomware. Center for Internet Security Whitepaper. 2022. https://www.cisecurity.org/insights/blog/malware-analysis-report-nemucod-ransomware (Accessed 12.2022)

  9. Threat Landscape Dashboard RIG Exploit Kit. https://www.mcafee.com/enterprise/en-us/threat-center/threat-landscape-dashboard/exploit-kits-details.rig-exploit-kit.html (Accessed 12.2022)

  10. The State of Ransomware 2022 – Sophos News. https://news.sophos.com/en-us/2022/04/27/the-state-of-the-ransomware-2022/ (Accessed 12.2022)

  11. Unit 42 Ransomware Threat Report 2022. https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/2022-unit42-ransomware-threat-report-final.pdf (Accessed 12.2022)

  12. Why Ransomware Attacks on OT Systems are Growing. Cylo Team Blog, 2022. https://cyolo.io/blog/ot/why-ransomware-attacks-on-ot-systems-are-growing/ (Accessed 12.2022)

  13. https://www.cisa.gov/publication/ransomware-awareness-campaign-fact-sheet (Accessed 12.2022)

  14. Shmuely, H.: How to increase the Security of OT Systems with Zero Trust. Cyolo Blog, 2022. https://www.cyolo.io/blog/ot/how-to-icrease-the-security-of-ot-systems-with-zero-trust/ (Accessed 12.2022)

  15. Buchanan, S., Proctor, P., Hayes, B.: Measure the Cost of Cybersecurity Protection. Gartner Report ID G00764671, 2022

    Google Scholar 

  16. Dukin, J., Stellwag, D.: Cost Factors of a Ransomware Attack –A Description of the possible Threat of a Ransomware Attack on IT and OT systems with reference to the possible Costs with Consideration of reasonable RTO and RPO. Student Project t the Course IoT and IIoT at TU Clausthal, Germany, 2022

    Google Scholar 

  17. Grimes, R.A.: Ransomware Protection Playbook. John Wiley & Sons Inc., 2021

    Google Scholar 

  18. Sjouwerman, S.: Seven Factors Analyzing Ransomware’s Cost to Business. In: Forbes Technology Council Post, July 29, 2021. https://www.forbes.com/sites/forbestechcouncil/2021/07/29/seven-factors-analyzing-ransomwares-cost-to-business/?sh=65dc91a92e98 (Accessed 12-2022)

  19. Möller, D.P.F.: Cybersecurity in Digital Transformation: Scope and Application. Springer Nature 2020

    Google Scholar 

  20. Luber, S., Schmitz, P.: Security Insider – Definition Disaster Recovery. In: Vogel Communications Group, 2020. https://www.security-insider.de/was-ist-disaster-recovery-a-732206/ (Accessed 12.2022)

  21. Ransomware Recovery. Zerto Whitepaper, 2022. https://www.zerto.com/resources/essential-guides/ransomware-recovery-guide/#5 (Accessed 12.2022)

  22. Ransomware Readiness Checklist. In: Zero Whitepaper, 2022. https://www.zerto.com/wp-content/uploads/2022/02/Ransomware_Iceberg-Infographic_Checklist-1.pdf (Accessed 12.2022)

  23. Litone, M.: Mission-critical Network Planning. Artech House Publ. 2003

    Google Scholar 

  24. Marget, A.: RPO and RTO: What are they and How to Calculate Them. In: Unitrends Whitepaper 2022. https://www.unitrends.com/blog/rpo-rto (Accessed 12.2022)

  25. https://www.druva.com/glossary/what-is-a-recovery-point-objective-definition-and-related-faqs/ (Accessed 12.2022)

  26. A Salamanca, F., Jimenez, J.: Implementing Automated Replication for Cost Effective Disaster Recovery. 2011. https://dsimg.ubmus.net/envelope/157842/313522/1332863421_3_21_Implementing_automated_replication_for_cost_effective_disaster_recovery (Accessed 12.2022)

  27. What is a Recovery Point Object and How to Calculate one. In: Indee Editorial Team, 2022. https://www.indeed.com/career-advice/career-development/recovery-point-objective (Accessed 12.2022)

  28. https://www.f5.com/services/resources/glossary/recovery-time-objective-rto (Accessed 12.2022)

  29. Kerner, S.M.: Recovery Time Objective: In: techtarget Notes, 2022. https://www.techtarget.com/whatis/definition/recovery-time-objective-RTO (Accessed 12.2022)

  30. https://www.gremlin.com/community/tutorials/testing-disaster-recovery-with-chaos-engineering/ (Accessed 12.2022)

  31. Kirvan, P., Sliwa, C.: What is Business Impact Analysis?. Techtarget Whitepaper, 2022. https://www.techtargete.com/searchstorage/definition/business-impact-analysis (Accessed 12.2022)

  32. Global Risk Management Survey. Aon PLC, 2019

    Google Scholar 

  33. Taylor, T.: How Reputational Damage from a Data Breach affects Consumer Perception. Securelink, 2022. https://www.securelink.com/blog/reputation-risks-how-cyberattacks-affect-consumer-perception/ (Accessed 12.2022)

  34. Secure your Mission-Critical Systems and fill Security Gaps in Access Management. https://www.securelink.com/why-choose-securelink/ (Accessed 12.2022)

  35. Taylor, T.: What is Access Governance. SecureLink, 2021. https://www.securelink.com/blog/what-is-access-governance/ (Accessed 12.2022)

  36. Taylor, T.: What is Access Control. SecureLink, 2021. https://www.securelink.com/blog/what-is-access-control/ (Accessed 12.2022)

  37. Taylor, T.: What is Access Monitoring. https://securelink.com/what-is-access-monitoring/ (Accessed 12.2022)

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Möller, D.P.F. (2023). Ransomware Attacks and Scenarios: Cost Factors and Loss of Reputation. In: Guide to Cybersecurity in Digital Transformation. Advances in Information Security, vol 103 . Springer, Cham. https://doi.org/10.1007/978-3-031-26845-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-26845-8_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-26844-1

  • Online ISBN: 978-3-031-26845-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics