Trends and challenges in research into the human aspects of ransomware: a systematic mapping study

被引:1
作者
Murray, Garret [1 ]
Falkeling, Malin [1 ]
Gao, Shang [1 ]
机构
[1] Orebro Univ, Dept Informat, Orebro, Sweden
关键词
Human aspects; Ransomware; Systematic mapping; Trends; Challenges; Information security; INFORMATION SECURITY AWARENESS; PROTECTION MOTIVATION; PLANNED BEHAVIOR; POLICY COMPLIANCE; CULTURE; IMPACT;
D O I
10.1108/ICS-12-2022-0195
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
PurposeThe purpose of this paper is to provide an overview of the trends and challenges relating to research into the human aspects of ransomware. Design/methodology/approachA systematic mapping study was carried out to investigate the trends in studies into the human aspects of ransomware, identify challenges encountered by researchers and propose directions for future research. For each of the identified papers from this study, the authors mapped the year of publication, the type of paper, research strategy and data generation method, types of participants included, theories incorporated and lastly, the authors mapped the challenges encountered by the researchers. FindingsFifty-nine papers published between 2006 and 2022 are included in the study. The findings indicate that literature on the human aspects of ransomware was scarce prior to 2016. The most-used participant groups in this area are students and cybersecurity professionals, and most studies rely on a survey strategy using the questionnaire to collect data. In addition, many papers did not use theories for their research, but from those that did, game theory was used most often. Furthermore, the most reported challenge is that being hit with ransomware is a sensitive topic, which results in individuals and organisations being reluctant to share their experiences. Research limitations/implicationsThis mapping study reveals that the body of literature in the area of human aspects of ransomware has increased over the past couple of years. The findings highlight that being transparent about ransomware attacks, when possible, can help others. Moreover, senior management plays an important role in shaping the information security culture of an organisation, whether to have a culture of transparency or of secrecy. Originality/valueThis study is the first of its kind of systematic mapping studies contributing to the body of knowledge on the human aspects of ransomware.
引用
收藏
页码:161 / 195
页数:35
相关论文
共 124 条
[1]   An overview of social engineering malware: Trends, tactics, and implications [J].
Abraham, Sherly ;
Chengalur-Smith, InduShobha .
TECHNOLOGY IN SOCIETY, 2010, 32 (03) :183-196
[2]  
Abu-amara Fadi, 2021, International Journal of Information Technology, P2371, DOI [10.1007/s41870-021-00760-5, 10.1007/s41870-021-00760-5]
[3]  
Agamben Giorgio., 2005, STATE EXCEPTION, DOI 10.7208/chicago/9780226009261.001.0001
[4]  
Agarwal C., 2017, P 10 INT C THEOR PRA, P178, DOI [10.1145/3047273.3047303, DOI 10.1145/3047273.3047303]
[5]   Comprehensive Survey on Petya Ransomware Attack [J].
Aidan, Jagmeet Singh ;
Verma, Harsh Kumar ;
Awasthi, Lalit Kumar .
2017 INTERNATIONAL CONFERENCE ON NEXT GENERATION COMPUTING AND INFORMATION SYSTEMS (ICNGCIS), 2017, :122-125
[6]  
Ali A., 2016, Issues in Information Systems, V17, P58
[7]  
Andronio Nicolo, 2015, Research in Attacks, Intrusions and Defenses. 18th International Symposium, RAID 2015. Proceedings: LNCS 9404, P382, DOI 10.1007/978-3-319-26362-5_18
[8]  
[Anonymous], 2016, IT Now, V58, P32, DOI [10.1093/itnow/bww103, 10.1093/itnow/bww103]
[9]  
[Anonymous], 2021, Wave VI Regional Report: July 2020-April 2021, DOI [10.2824/324797, DOI 10.2824/324797]
[10]   Using Eyetracker to Find Ways to Mitigate Ransomware [J].
Arief, Budi ;
Periam, Andy ;
Cetin, Orcun ;
Hernandez-Castro, Julio .
ICISSP: PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY, 2020, :448-456