Connolly, Lena; Borrion, Hervé; Arief, Budi; Kaddoura, Sanna; (2023) Applying Neutralisation Theory to Better Understand Ransomware Offenders. In: Proceedings of the 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). (pp. pp. 177-182). IEEE: Delft, Netherlands.

Preview

Text WACCO2023-AAM.pdf - Accepted Version Download (392kB) | Preview

Abstract

The work presented in this paper investigates the crime of ransomware from the perspective of neutralisation theory. In particular, this research-in-progress paper aims to explore the feasibility of using neutralisation theory to better understand one of the key stakeholders in ransomware operations: the offenders. Individuals (including offenders) may employ techniques of neutralisation in order to justify their rule-breaking acts, and to diminish both the perceived consequences of their acts and the feeling of guilt. The focus of this work is on highly organised ransomware groups that not only conduct cyber attacks but also operate Ransomware-as-a-Service (RaaS) businesses. Secondary data was used in this research, including media interviews with alleged ransomware offenders. Data analysis is currently ongoing, but preliminary results show that ransomware offenders mainly use six neutralisation techniques to minimise the perceived impact and/or guilty feeling of their actions. These six neutralisation techniques are (1) denial of victim, (2) denial of injury, (3) claim of benefits, (4) claim of entitlement, (5) defence of necessity, and (6) claim of relative acceptability. The findings from this work can shed some light on the ransomware offending pathways, which in turn can be utilised to devise more effective countermeasures for combatting ransomware crime.

Download activity - last month

Export as XMLJSONCSV

Download activity - last 12 months

Export as CSVXMLJSON

Downloads by country - last 12 months

Export as CSVJSONXML

Archive Staff Only

View Item