New report advises how ransomware victims can be better supported

A new report, produced jointly by Kent and the Royal United Services Institute (RUSI), aims to shed light on the experience of victims of ransomware and identify several key factors that typically shape these experiences.

The paper has been authored by Kent’s Dr Jason Nurse, Dr Sarah Turner and Dr Nandita Pattnaik and members of RUSI’s Cyber Research group – Dr Pia Hüsch, Dr Gareth Mott, Jamie MacColl and James Sullivan.

Drawing on interviews with ransomware victims and expert stakeholders, the report details the factors which can either improve or worsen the victim experience. Recommendations to support (potential) victims include:

• (Potential) victims must continue to improve cyber-specific incident preparation and general cyber hygiene measures, including those who do not think they will become a victim of a ransomware attack.
• (Potential) victims who are preparing for and responding to a ransomware incident must recognise the importance of mitigating the psychological impact of ransomware attacks.
• Victims should try to turn their experience into a lesson learned for others and, where possible, communicate with other victims or potential victims in their ecosystem. This can help with personal closure and to raise awareness.
• Victims should realise the importance of reaching the right balance of discretion and transparency within their external and internal communications.
• Public policy on ransomware must centre on measures that mitigate victims’ harm. This includes acknowledging and mitigating the psychological impact on victims.

Dr Jason Nurse, Reader in Cyber Security at Kent’s School of Computing and member of the University’s Institute of Cyber Security for Society, said: ‘It’s no surprise that ransomware attacks are psychologically damaging for victims, but how they are supported prior and following an attack can make a big difference to this. Through our research we have heard first-hand what can improve or worsen the victim experience and we hope our recommendations inform future public policy on ransomware.’

RUSI’s Cyber Research Fellow, Dr Pia Hüsch, said: ‘Ransomware attacks continue to turn large numbers of organisations and individuals into victims of cybercrime. Our new paper offers novel insights into what shapes the experience of victims going through a ransomware incident, including what factors make their experience better or worse and what policy measures can help reduce their harm. As the challenge and prevalence of ransomware attacks grow, it’s essential that the next UK government makes supporting the victims of attacks a priority in the development of its cybercrime and cyber resilience strategy.’

The full report titled ‘‘Your Data is Stolen and Encrypted’: The Ransomware Victim Experience’ is available on the RUSI website.