Skip to main content
SpringerLink
Log in

Ransomware: A Threat to Cyber Smart Cities

  • Chapter
  • First Online:
Cybersecurity for Smart Cities

Abstract

A staggering 550,000 ransomware attacks were recorded daily during the year of 2020 netting cybercriminals an immense amount of capital estimated to be over 1.5 trillion dollars. Owing their success to aging infrastructure and lack of defensive funding, malicious groups have been employing ransomware to entirely shut down critical infrastructure including medical equipment, gas, and oil pipelines, communication systems in the fields of healthcare, the military, and key spheres of industry around the world. All these incidents are posing a threat to smart city infrastructures. This also presents a large challenge for organizations when determining how to protect themselves from these popular and devastating attacks. Fortunately, the increase in ransomware attacks has caused a resurgence in cybersecurity, specifically, ransomware mitigation strategies and software which are designed to detect and prevent ransomware attacks before they can cause damage. In this chapter we will address the techniques and tools used to create and deploy ransomware, the historical effects of ransomware in large scale, global events, and the most effective techniques organizations can adopt to mitigate and prevent ransomware attacks. Through continual understanding of the nature of ransomware, we aim to educate end-users and organizations alike about the capabilities of ransomware as well as the protection strategies available in an effort to support the evolving and relentless fight against ransomware.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.mwrcybersec.com/.

References

  1. FBI (2016) Internet crime complaint center (ic3): ransomware victims urged to report infections to federal law enforcement, Sep 2016

    Google Scholar 

  2. Committee on Homeland Security US House of Representatives (2021) Cyber threats in the pipeline: using lessons from the colonial ransomware attack to defend critical infrastructure: house committee on homeland security, Jun 2021

    Google Scholar 

  3. Palo Alto Networks (2022) The growing ransomware threat: 4 trends and insights, Mar 2022

    Google Scholar 

  4. Trend Labs (2016) The next tier, Dec 2016

    Google Scholar 

  5. Salvi MHU, Kerkar MRV (2016) Ransomware: a cyber extortion. Asian J Converg Technol (AJCT). ISSN-2350-1146, 2

    Google Scholar 

  6. Hadnagy C (2010) Social engineering: the art of human hacking. Wiley (2010)

    Google Scholar 

  7. Trautman LJ, Ormerod PC (2018) Wannacry, ransomware, and the emerging threat to corporations. Tenn L Rev 86:503

    Google Scholar 

  8. Akbanov M, Vassilakis VG, Logothetis MD (2019) Wannacry ransomware: analysis of infection, persistence, recovery prevention and propagation mechanisms. J Telecommun Inf Technol

    Google Scholar 

  9. Goodell JW, Corbet S (2022) Commodity market exposure to energy-firm distress: evidence from the colonial pipeline ransomware attack. Financ Res Lett 103329

    Google Scholar 

  10. Hayes K (2021) Ransomware: a growing geopolitical threat. Netw Secur 2021(8):11–13

    Article  Google Scholar 

  11. Ransomware Task Force (2021) Combating ransomware. Intel Security Group

    Google Scholar 

  12. Wilner A, Jeffery A, Lalor J, Matthews K, Robinson K, Rosolska A, Yorgoro C (2019) On the social science of ransomware: technology, security, and society. Comp. Strateg 38(4):347–370

    Article  Google Scholar 

  13. Bhuyan SS, Kabir UY, Escareno JM, Ector K, Palakodeti S, Wyant D, Kumar S, Levy M, Kedia S, Dasgupta D et al (2020) Transforming healthcare cybersecurity from reactive to proactive: current status and future recommendations. J Med Syst 44(5):1–9

    Google Scholar 

  14. Swasey K (2020) Insufficient healthcare cybersecurity invites ransomware attacks and sale of phi on the dark web. Center Anticip Intell Stud Res Rep

    Google Scholar 

  15. Sheffield JN ( 2020) The first word: the hipaa response to malware events, including ransomware attacks. Benefits Q 36(3):44–7

    Google Scholar 

  16. Liska A (2019) Early findings: review of state and local government ransomware attacks. Rec Future 10

    Google Scholar 

  17. Reeder JR, Hall CT (2021) Cybersecurity’s pearl harbor moment: lessons learned from the colonial pipeline ransomware attack. Government Contractor Cybersecurity, Washington, DC, USA

    Google Scholar 

  18. Fischer EA (2013) Federal laws relating to cybersecurity: overview and discussion of proposed revisions. Library of Congress Washington DC Congressional Research Service

    Google Scholar 

  19. Department of Homeland Security (2021) Responding to ransomware: exploring policy solutions to a cybersecurity crisis: house committee on homeland security, May 2021

    Google Scholar 

  20. Ransomware guide

    Google Scholar 

  21. Skertic J (2021) Cybersecurity legislation and ransomware attacks in the United States, 2015–2019. PhD thesis, Old Dominion University

    Google Scholar 

  22. Snoke TD, Shimeall TJ (2020) An updated framework of defenses against ransomware. Technical report, Carnegie-Mellon Univ Pittsburgh, PA

    Google Scholar 

  23. Slay J, Miller M (2007) Lessons learned from the maroochy water breach. In: International conference on critical infrastructure protection. Springer, pp 73–82

    Google Scholar 

  24. Ibarra J, Butt UJ, Do A, Jahankhani H, Jamal A (2019) Ransomware impact to SCADA systems and its scope to critical infrastructure. In: 2019 IEEE 12th international conference on global security, safety and sustainability (ICGS3). IEEE, pp 1–12

    Google Scholar 

  25. Santa D (2018) Cyber and physical security, best practices, and industry and government engagement. Fed Energy Regul Comm. https://www.ingaa.org/File.aspx?id=36642&v=62328155

  26. Fanning K (2015) Minimizing the cost of malware. J Corp Account Finance 26(3):7–14

    Google Scholar 

  27. Tariq N (2018) Impact of cyberattacks on financial institutions. J Int Bank Commer 23(2):1–11

    Google Scholar 

  28. Nifakos S, Chandramouli K, Nikolaou CK, Papachristou P, Koch S, Panaousis E, Bonacina S (2021) Influence of human factors on cyber security within healthcare organisations: a systematic review. Sensors 21(15):5119

    Google Scholar 

  29. Tervoort T, De Oliveira MT, Pieters W, Van Gelder P, Olabarriaga SD, Marquering H (2020) Solutions for mitigating cybersecurity risks caused by legacy software in medical devices: a scoping review. IEEE Access 8:84352–84361 (2020)

    Google Scholar 

  30. Yadav A, Raisurana S, Lalitha P (2017) Information security in healthcare organizations using low-interaction honeypot intrusion detection system. Int J Secur Appl 11(9):95–107

    Google Scholar 

  31. Han JW, Hoe OJ, Wing JS, Brohi SN (2017) A conceptual security approach with awareness strategy and implementation policy to eliminate ransomware. In: Proceedings of the 2017 international conference on computer science and artificial intelligence, pp 222–226

    Google Scholar 

  32. Mamedova N, Urintsov A, Staroverova O, Ivanov E, Galahov D (2019) Social engineering in the context of ensuring information security. In: SHS web of conferences, vol 69. EDP Sciences, p 00073

    Google Scholar 

  33. Nieuwenhuizen D (2017) A behavioural-based approach to ransomware detection. Whitepaper, MWR Labs Whitepaper

    Google Scholar 

  34. Richardson R, North MM (2017) Ransomware: evolution, mitigation and prevention. Int Manag Rev 13(1):10

    Google Scholar 

  35. Eshghi S, Khouzani MHR, Sarkar S, Venkatesh SS (2014) Optimal patching in clustered malware epidemics. IEEE/ACM Trans Netw 24(1):283–298

    Google Scholar 

  36. MacDermott Á, Kendrick P, Idowu I, Ashall M, Shi Q (2019) Securing things in the healthcare internet of things. In: 2019 global IoT summit (GIoTS). IEEE, pp 1–6

    Google Scholar 

  37. Robert Richardson and CSI Director (2008) CSI computer crime and security survey. Comput Secur Inst 1:1–30

    Google Scholar 

  38. Spence N, Bhardwaj MBBSN, Paul DP III (2018) Ransomware in healthcare facilities: a harbinger of the future? Perspectives in Health Information Management, pp 1–22

    Google Scholar 

  39. Zetter K (2016) 4 ways to protect against the very real threat of ransomware, May 2016

    Google Scholar 

  40. Laudon KC, Laudon JP (2004) Management information systems: managing the digital firm. Pearson Educación

    Google Scholar 

  41. Ateya IL, Shibwabo BK, Mugoh L (2015) Continuous data protection architecture as a strategy for reduced data recovery time

    Google Scholar 

  42. Evans C (2014) Backup vs replication, snapshots, CDP and data protection strategy. ComputerWeekly, Juni

    Google Scholar 

  43. Rahman NHA, Glisson WB, Yang Y, Choo K-KR (2016) Forensic-by-design framework for cyber-physical cloud systems. IEEE Cloud Comput 3(1):50–59

    Google Scholar 

  44. Thomas J, Galligher G (2018) Improving backup system evaluations in information security risk assessments to combat ransomware. Comput Inf Sci 11(1)

    Google Scholar 

  45. Huang J, Xu J, Xing X, Liu P, Qureshi MK (2017) Flashguard: leveraging intrinsic flash properties to defend against encryption ransomware. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pp 2231–2244

    Google Scholar 

  46. Kessler SR, Pindek S, Kleinman G, Andel SA, Spector PE (2020) Information security climate and the assessment of information security risk among healthcare employees. Health Inf J 26(1):461–473

    Google Scholar 

  47. Elradi MD, Mohamed MH, Ali ME (2021) Ransomware attack: rescue-checklist cyber security awareness program. Artif Intell Adv 3(1)

    Google Scholar 

  48. Young H, van Vliet T, van de Ven J, Jol S, Broekman C (2017) Understanding human factors in cyber security as a dynamic system. In: International conference on applied human factors and ergonomics. Springer, pp 244–254

    Google Scholar 

  49. Hull G, John H, Arief B (2019) Ransomware deployment methods and analysis: views from a predictive model and human responses. Crime Sci 8(1):1–22

    Article  Google Scholar 

  50. Veseli I (2011) Measuring the effectiveness of information security awareness program. Master’s thesis

    Google Scholar 

  51. Thomas J (2018) Individual cyber security: Empowering employees to resist spear phishing to prevent identity theft and ransomware attacks. Thomas JE (2018) Individual cyber security: empowering employees to resist spear phishing to prevent identity theft and ransomware attacks. Int J Bus Manag 12(3):1–23

    Google Scholar 

  52. Uandykova M, Lisin A, Stepanova D, Baitenova L, Mutaliyeva L, Yüksel S, Dincer H (2020) The social and legislative principles of counteracting ransomware crime. Entrep Sustain Issues

    Google Scholar 

  53. Priestman W, Anstis T, Sebire IG, Sridharan S, Sebire NJ (2019) Phishing in healthcare organisations: threats, mitigation and approaches. BMJ Health Care Inf 26(1)

    Google Scholar 

  54. Sun W, Sekar R, Liang Z, Venkatakrishnan VN (2008) Expanding malware defense by securing software installations. In: International conference on detection of intrusions and malware, and vulnerability assessment. Springer, pp 164–185

    Google Scholar 

  55. Sabbouh M, Higginson J, Semy S, Gagne D (2007) Web mashup scripting language. In: Proceedings of the 16th international conference on world wide web, pp 1305–1306

    Google Scholar 

  56. Chang J, Venkatasubramanian KK, West AG, Lee I (2013) Analyzing and defending against web-based malware. ACM Comput Surv (CSUR) 45(4):1–35

    Google Scholar 

  57. Adel Hamdan Mohammad (2020) Ransomware evolution, growth and recommendation for detection. Mod Appl Sci 14(3):68

    Article  Google Scholar 

  58. Ren A, Liang C, Hyug I, Broh S, Jhanjhi NZ (2020) A three-level ransomware detection and prevention mechanism. EAI Endorsed Trans Energy Web 7(26)

    Google Scholar 

  59. Frenz C, Diaz C (2018) Anti ransomware guide—owasp, Mar 2018

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Wisconsin Green Bay, Green Bay, USA

    Cole Lamers, Eric Spoerl, Garrit Levey & Nazim Choudhury

  2. School of Science, Edith Cowan University, Joondalup, Australia

    Mohiuddin Ahmed

Authors
  1. Cole Lamers
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Eric Spoerl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Garrit Levey
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nazim Choudhury
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mohiuddin Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nazim Choudhury .

Editor information

Editors and Affiliations

  1. School of Science, Edith Cowan University, Joondalup, WA, Australia

    Mohiuddin Ahmed

  2. School of Science, Edith Cowan University, Joondalup, WA, Australia

    Paul Haskell-Dowland

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Lamers, C., Spoerl, E., Levey, G., Choudhury, N., Ahmed, M. (2023). Ransomware: A Threat to Cyber Smart Cities. In: Ahmed, M., Haskell-Dowland, P. (eds) Cybersecurity for Smart Cities. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-031-24946-4_13

Download citation

Publish with us

Policies and ethics

Search

Navigation