New Paper: Assessing Political Motivations Behind Ransomware Attacks | #ransomware | #cybercrime

Traditionally, ransomware attacks have been regarded as apolitical criminal activities. However, there is growing speculation about possible ties between Russia-based ransomware groups and the Kremlin. Our working paper aims to assess political motives behind ransomware attacks based on a newly gathered dataset of ransomware victims. Our findings challenge the notion that attack trends from Russia-based ransomware groups can be solely explained by financial motives.

To construct the dataset, we collected information from 55 dark web leak sites, focusing on victims targeted by “double extortion” attacks. These attacks involve threatening to publish stolen data even after the victim has paid the ransom. The dataset comprises 4,194 victims from 55 ransomware groups, spanning the period from May 1, 2019, to April 30, 2022.

Source link


National Cyber Security