The Anatomy of Ransomware Attacks

Sharad Goel, Camelia Simoiu 2017-2018

The Anatomy of Ransomware Attacks

A new class of malware known as ​ransomware has emerged and gained popular among cybercriminals over the last decade. Ransomware works by restricting an individual’s access to their computer (e.g., by encrypting their data), and then demanding payment to restore functionality. The first known case of a ransomware attack occurred almost 10 years ago. This attack has since been professionalized and is thought to now be highly profitable, with some estimates placing the damage at hundreds of millions of dollars per year. Despite the harm ransomware can inflict, relatively little is known about the prevalence, characteristics, and circumstances of such attacks. Which segments of the population are most at risk of a ransomware attack? How do users become infected with ransomware? How much ransom is typically demanded, and what proportion of users pay? The aim of this project is twofold: (1) to estimate the prevalence and characteristics of ransomware attacks; and (2) to identify online behaviors that place individuals at risk of experiencing such attacks. To meet these objectives, we will design a comprehensive survey on ransomware experiences and administer it ​to a representative sample of approximately 1,000 individuals​. Through an existing collaboration with th​ e​ polling company ​YouGov, we will be able to pair survey responses with browsing history data for each participant. Aside from questions detailing the attack, the survey will also include questions about general security habits, the technology used (e.g., operating system, web browser, and plug-ins installed), and a test to estimate levels of web-savviness. We will use machine learning techniques to identify online behaviours that are predictive of ransomware attacks.

Researchers

fsi_bio

Sharad Goel

Assistant Professor of Management Science and Engineering and, by courtesy, of Sociology and of Computer Science
close
fsi_bio

Sharad Goel

Assistant Professor of Management Science and Engineering and, by courtesy, of Sociology and of Computer Science
My primary area of research is computational social science, an emerging discipline at the intersection of computer science, statistics, and the social sciences.
fsi_bio

Camelia Simoiu

Graduate Student
close
fsi_bio

Camelia Simoiu

Graduate Student
My research interests are in developing novel statistical methods to evaluate and design effective public policy in the areas of cyber security and criminal justice.