Analyzing the Effect of Ransomware Attacks on Different Industries

Abstract

Ransomware is currently the fastest growing malware attack compromising pertinent data from businesses that leads to loss of sales and trust from future customers. In this paper we provide an analysis of ransomware attacks to determine correlation factors that will help users/business organizations allocate resources efficiently. Our results of analysis have identified four important correlation factors for ransomware attacks. First one is the time of year that a ransomware attack is most likely to occur based on the past years’ history. We have observed that the months from June to September where important data collection during tax season takes place is the most vulnerable time for ransomware attack. Second is the location where the attacks occur. We have found that the areas that deal with public data and require public announcement of attacks are more vulnerable. Third is the amount of ransom payments requested. This factor is used to determine the cost of data that is not backed up. The payment request offers which are as low as $100 and as high as $35,000 are solely dependent on what the attacker believes is most likely to be paid. Percentage of attacks on industry has shown three highest targeted areas: medical, business, and education. Lastly, the amount of people affected is used to show the amount of information that can be leaked. This provides the greatest return on attack for hackers. Since 2016 around 128,904 individuals from medical industry have reported to be the victim of ransomware attacks. In this paper we have also discussed proactive recommendation measures to counter ransomware attacks and provided an analytical study to demonstrate a positive Return On Investment (ROI) along with ransomware mitigation methods.