Skip to main content
Kent Academic Repository

“There was a bit of PTSD every time I walked through the office door”: Ransomware harms and the factors that influence the victim organisation’s experience

Mott, Gareth, Turner, Sarah, Nurse, Jason R. C., Pattnaik, Nandita, MacColl, Jamie, Huesch, Pia, Sullivan, James (2024) “There was a bit of PTSD every time I walked through the office door”: Ransomware harms and the factors that influence the victim organisation’s experience. Journal of Cybersecurity, 10 (1). Article Number tyae013. ISSN 2057-2085. E-ISSN 2057-2093. (doi:10.1093/cybsec/tyae013) (KAR id:106485)

Abstract

Ransomware is a pernicious contemporary cyber threat for organisations, with ransomware operators intentionally leveraging a range of harms against their victims in order to solicit increasingly significant ransom payments. This article advances current research by engaging in a topical analysis into the depth and breadth of harms experienced by victim organisations and their members of staff. We therefore enhance the understanding of the negative experiences from ransomware attacks, particularly looking beyond the financial impact which dominates current narratives. Having conducted an interview or workshop with 83 professionals including ransomware victims, incident responders, ransom negotiators, law enforcement and government, we identify a wide array of severe harms. For organisations, the risk of business interruption and/or data exposure presents potentially highly impactful financial and reputational harm(s). The victim organisation’s staff can also experience a range of under-reported harms, which include physiological and physical harms that may be acute. We also identify factors that can either alleviate or aggravate the experiencing of harms at organisational and employee level; including ransomware preparedness, leadership culture and crisis communication. Given the scale and scope of the identified harms, the paper provides significant new empirical evidence to emphasise ransomware’s positioning as a whole-of-organisation crisis phenomenon, as opposed to an ‘IT problem’. We argue that the wider discourse surrounding ransomware harms and impacts should be reflective of the nature of the real-term experience(s) of victims. This, in turn, could help guide efforts to alleviate ransomware harms, through improved organisational ransomware preparedness and tailored post-ransomware mitigation.

Item Type: Article
DOI/Identification number: 10.1093/cybsec/tyae013
Additional information: For the purpose of open access, the author has applied a CC BY public copyright licence to any Author Accepted Manuscript version arising from this submission.
Uncontrolled keywords: cyber security; ransomware; harms; victim experience; malware; human aspects; psychological harm; financial harm; cyberpsychology; cybercrime
Subjects: B Philosophy. Psychology. Religion > BF Psychology
H Social Sciences > H Social Sciences (General)
H Social Sciences > HF Commerce
Q Science > QA Mathematics (inc Computing science) > QA 75 Electronic computers. Computer science
Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
T Technology > T Technology (General)
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
University-wide institutes > Institute of Cyber Security for Society
Funders: Engineering and Physical Sciences Research Council (https://ror.org/0439y7842)
Depositing User: Jason Nurse
Date Deposited: 03 Jul 2024 13:20 UTC
Last Modified: 05 Nov 2024 13:12 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/106485 (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.