{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,26]],"date-time":"2025-07-26T08:46:31Z","timestamp":1753519591020,"version":"3.40.3"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031604324"},{"type":"electronic","value":"9783031604331"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-60433-1_17","type":"book-chapter","created":{"date-parts":[[2024,5,30]],"date-time":"2024-05-30T05:03:34Z","timestamp":1717045414000},"page":"289-320","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Scared? Prepared? Toward a\u00a0Ransomware Incident Response Scenario"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3830-7000","authenticated-orcid":false,"given":"Maximilian","family":"Greiner","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0003-8585-7862","authenticated-orcid":false,"given":"Judith","family":"Strussenberg","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0008-2879-8989","authenticated-orcid":false,"given":"Andreas","family":"Seiler","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8517-2655","authenticated-orcid":false,"given":"Stefan","family":"Hofbauer","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0000-0715-1221","authenticated-orcid":false,"given":"Michael","family":"Schuster","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0006-3212-5061","authenticated-orcid":false,"given":"Damian","family":"Stano","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2606-3988","authenticated-orcid":false,"given":"G\u00fcnter","family":"Fahrnberger","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4446-9081","authenticated-orcid":false,"given":"Stefan","family":"Schauer","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4286-3184","authenticated-orcid":false,"given":"Ulrike","family":"Lechner","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,5,31]]},"reference":[{"key":"17_CR1","unstructured":"Maersk Reinstalled 45,000 PCs and 4,000 Servers to Recover From NotPetya Attack. https:\/\/www.bleepingcomputer.com\/news\/security\/maersk%2Dreinstalled%2D45%2D000%2Dpcs%2Dand%2D4%2D000%2Dservers%2Dto%2Drecover%2Dfrom%2Dnotpetya%2Dattack\/,urldate=2018-01-25,author=Bleepingcomputer,month=jan,year=2018"},{"key":"17_CR2","unstructured":"Beaumont, K.: LockBit ransomware group assemble strike team to breach banks, law firms and governments, November 2023. https:\/\/www.databreaches.net\/lockbit%2Dransomware%2Dgroup%2Dassemble%2Dstrike%2Dteam%2Dto%2Dbreach%2Dbanks%2Dlaw%2Dfirms%2Dand%2Dgovernments\/"},{"key":"17_CR3","unstructured":"Bleepingcomputer: Computer giant Acer hit by \\$50 million ransomware attack, March 2021. https:\/\/www.bleepingcomputer.com\/news\/security\/computer-giant-acer-hit-by-50-million-ransomware-attack\/"},{"key":"17_CR4","unstructured":"Born, G.: Vertraulicher Forensik-Bericht offenbart viele Vers\u00e4umnisse, January 2024. https:\/\/www.golem.de\/news\/ransomwarebefall%2Dbei%2Dsuedwestfalen%2Dit%2Dvertraulicher%2Dforensik%2Dbericht%2Doffenbart%2Dviele%2Dversaeumnisse%2D2401%2D181636%2Ehtml"},{"key":"17_CR5","series-title":"Advanced Sciences and Technologies for Security Applications","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1007\/978-3-031-33627-0_11","volume-title":"AI, Blockchain and Self-Sovereign Identity in Higher Education","author":"U Butt","year":"2023","unstructured":"Butt, U., Dauda, Y., Shaheer, B.: ransomware attack on the educational sector. In: Jahankhani, H., Jamal, A., Brown, G., Sainidis, E., Fong, R., Butt, U.J. (eds.) AI, Blockchain and Self-Sovereign Identity in Higher Education. Advanced Sciences and Technologies for Security Applications, pp. 279\u2013313. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-33627-0_11"},{"key":"17_CR6","unstructured":"Chapmann, R.: Ransomware Cases Increased Greatly in 2023\u2014SANS, January 2024. https:\/\/www.sans.org\/blog\/ransomware-cases-increased-greatly-in-2023\/"},{"key":"17_CR7","unstructured":"CISA: Understanding Ransomware Threat Actors: LockBit, January 2023. https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa23-165a"},{"key":"17_CR8","unstructured":"Crowdstrike: 2023 Global Threat Report (2023). https:\/\/www.crowdstrike.de\/ressourcen\/reports\/global-threat-report-executive-summary-2023\/"},{"issue":"4","key":"17_CR9","doi-asserted-by":"publisher","first-page":"532","DOI":"10.2307\/258557","volume":"14","author":"KM Eisenhardt","year":"1989","unstructured":"Eisenhardt, K.M.: Building theories from case study research. Acad. Manag. Rev. 14(4), 532\u2013550 (1989)","journal-title":"Acad. Manag. Rev."},{"key":"17_CR10","unstructured":"Federal Office of Civil Protection and Disaster Assistance: How to prepare for disasters (2023). https:\/\/www.bbk.bund.de\/EN\/Home\/home_node.html. Accessed 19 Feb 2024"},{"key":"17_CR11","unstructured":"Federal Office of Information Security: Ransomware \u2013 Facts and defensive strategies (2022). https:\/\/www.bsi.bund.de\/EN\/Themen\/Unternehmen-und-Organisationen\/Cyber-Sicherheitslage\/Analysen-und-Prognosen\/Ransomware-Angriffe\/ransomware-angriffe_node.html. Accessed 19 Feb 2024"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Fettke, P., Loos, P.: Reference Modeling for Business Systems Analysis. IGI Global, Hershey (2006)","DOI":"10.4018\/978-1-59904-054-7"},{"key":"17_CR13","unstructured":"Forbes: Acer Faced With Ransom Up To \\$100 Million After Hackers Breach Network, March 2021. https:\/\/www.forbes.com\/sites\/leemathews\/2021\/03\/21\/acer-faced-with-ransom-up-to-100-million-after-hackers-breach-network\/"},{"key":"17_CR14","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-61","volume-title":"NIST Computer Security Incident Handling Guide","author":"T Grance","year":"2004","unstructured":"Grance, T., Kent, K., Kim, B.: NIST Computer Security Incident Handling Guide. Special Publication (NIST SP), Gaithersburg, MD, USA (2004)"},{"key":"17_CR15","unstructured":"Heum\u00fcller, E.: \u00dcBIT: Referenzmodell zur Anlage ziel-und auswertungsorientierter, szenarbasierter \u00dcbungen. Edition Dr. Stein, WiKu Verlag (2016)"},{"issue":"2","key":"17_CR16","first-page":"4","volume":"19","author":"AR Hevner","year":"2007","unstructured":"Hevner, A.R.: A three cycle view of design science research. Scand. J. Inf. Syst. 19(2), 4 (2007)","journal-title":"Scand. J. Inf. Syst."},{"key":"17_CR17","unstructured":"Horchert, J.: Maersk\u2014Schaden durch Hackerangriff, January 2017. https:\/\/www.containerbasis.de\/blog\/branche\/maersk-hackerangriff\/"},{"key":"17_CR18","unstructured":"Incibe: Quanta Computer, victim of REvil ransomware threatening Apple, April 2021. https:\/\/www.incibe.es\/en\/incibe-cert\/publications\/cybersecurity-highlights\/quanta-computer-victim-revil-ransomware-threatening-apple"},{"key":"17_CR19","unstructured":"f\u00fcr Sicherheit in\u00a0der Informationstechnik, B.: Die Lage der IT-Sicherheit in Deutschland 2021, October 2021. https:\/\/www.bsi.bund.de\/SharedDocs\/Downloads\/DE\/BSI\/Publikationen\/Lageberichte\/Lagebericht2021.html"},{"key":"17_CR20","unstructured":"f\u00fcr Sicherheit in\u00a0der Informationstechnik, B.: Die Lage der IT-Sicherheit in Deutschland 2023, November 2023. https:\/\/www.bsi.bund.de\/SharedDocs\/Downloads\/DE\/BSI\/Publikationen\/Lageberichte\/Lagebericht2023.html"},{"key":"17_CR21","unstructured":"Kral, P.: Incident Handler\u2019s Handbook, February 2024. https:\/\/www.sans.org\/white-papers\/33901\/"},{"key":"17_CR22","doi-asserted-by":"crossref","unstructured":"Lechner, U., D\u00e4nnart, S., Rieb, A., Rudel, S.: Case Kritis-Fallstudien zur IT-Sicherheit in Kritischen Infrastrukturen. Logos Verlag Berlin (2018)","DOI":"10.30819\/4727"},{"key":"17_CR23","unstructured":"MITRE: MITRE ATT &CK, February 2024. https:\/\/attack.mitre.org\/"},{"key":"17_CR24","unstructured":"Mutzbauer, J.: Wir waren uns einig, dass wir das L\u00f6segeld auf keinen Fall zahlen, September 2023. https:\/\/www.csoonline.com\/de\/a\/wir-waren-uns-einig-dass-wir-das-loesegeld-auf-keinen-fall-zahlen,3674197"},{"key":"17_CR25","unstructured":"North Atlantic Treaty Organization: NATO\u2019s flagship cyber exercise concludes in Estonia (2023). https:\/\/www.nato.int\/cps\/en\/natohq\/news_220993.htm?selectedLocale=en. Accessed 19 Feb 2024"},{"issue":"5","key":"17_CR26","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1049\/iet-net.2017.0207","volume":"7","author":"P O\u2019Kane","year":"2018","unstructured":"O\u2019Kane, P., Sezer, S., Carlin, D.: Evolution of ransomware. IET Netw. 7(5), 321\u2013327 (2018)","journal-title":"IET Netw."},{"key":"17_CR27","unstructured":"Rege, A., Bleiman, R.: Ransomware attacks against critical infrastructure. In: Proceedings of 20th European Conference on Cyber Warfare Security, p.\u00a0324 (2020)"},{"key":"17_CR28","unstructured":"Sangfor: Sangfor Ransomware Protection | Learn from Quanta Computer & Apple Attacked by REvil Ransomware, April 2021. https:\/\/www.sangfor.com\/blog\/cybersecurity\/sangfor%2Dransomware%2Dprotection%2Dlearn%2Dquanta%2Dcomputer%2Dapple%2Dattacked%2Drevil\/"},{"key":"17_CR29","doi-asserted-by":"crossref","unstructured":"Seiler, A., Lechner, U.: Operation Raven - Design of a Cyber Security Incident Response Game. In preparation (2024)","DOI":"10.1007\/978-3-031-60433-1_19"},{"key":"17_CR30","doi-asserted-by":"crossref","unstructured":"Seiler, A., Lechner, U.: Operation Raven\u2014Towards a Cyber Security Incident Response Game. Poster at GameFin 2024 (2024, to appear)","DOI":"10.1007\/978-3-031-60433-1_19"},{"key":"17_CR31","unstructured":"Spiegel: Moller-Maersk: Hackerangriff kostet Reederei Hunderte Millionen, August 2017. https:\/\/www.spiegel.de\/netzwelt\/netzpolitik\/moller%2Dm%2Drsk%2Dcyberangriff%2Dkostet%2Dreederei%2Dhunderte%2Dmillionen%2Da%2D1163111%2Ehtml"},{"key":"17_CR32","unstructured":"Strauss, A., Corbin, J.: Basics of qualitative research techniques (1998)"},{"key":"17_CR33","doi-asserted-by":"crossref","unstructured":"Thakur, K., Ali, M.L., Jiang, N., Qiu, M.: Impact of cyber-attacks on critical infrastructure. In: 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS), pp. 183\u2013186. IEEE (2016)","DOI":"10.1109\/BigDataSecurity-HPSC-IDS.2016.22"},{"key":"17_CR34","unstructured":"unit42, P.A.: Ransomware and extortion report 2023 (2023). https:\/\/start.paloaltonetworks.com\/2023-unit42-ransomware-extortion-report"},{"key":"17_CR35","unstructured":"Wermelskirchen, F.: S\u00fcdwestfalen-IT: Forensik-Bericht zu Ransomware-Angriff, January 2024. https:\/\/forumwk.de\/2024\/01\/25\/suedwestfalen%2Dit%2Dforensik%2Dbericht%2Dmit%2Derkenntnissen%2Dzu%2Dransomware%2Dangriff\/"},{"key":"17_CR36","doi-asserted-by":"publisher","DOI":"10.3139\/9783446422193","volume-title":"Dauerhafter Erfolg mit Business Software: 10 Jahre Fallstudien nach der eXperience Methodik","author":"R W\u00f6lfe","year":"2009","unstructured":"W\u00f6lfe, R., Schubert, P.: Dauerhafter Erfolg mit Business Software: 10 Jahre Fallstudien nach der eXperience Methodik. Carl Hanser Verlag, Germany (2009)"},{"key":"17_CR37","doi-asserted-by":"crossref","unstructured":"Yuryna\u00a0Connolly, L., Wall, D.S., Lang, M., Oddson, B.: An empirical study of ransomware attacks on organizations: an assessment of severity and salient factors affecting vulnerability. J. Cybersecur. 6(1), tyaa023 (2020)","DOI":"10.1093\/cybsec\/tyaa023"},{"key":"17_CR38","doi-asserted-by":"publisher","unstructured":"Zhao, T., Gasiba, T., Lechner, U., Pinto-Albuquerque, M.: Thriving in the era of hybrid work: raising cybersecurity awareness using serious games in industry trainings. J. Syst. Softw. 210, 111946 (2024). https:\/\/doi.org\/10.1016\/j.jss.2023.111946, https:\/\/www.sciencedirect.com\/science\/article\/pii\/S0164121223003412","DOI":"10.1016\/j.jss.2023.111946"}],"container-title":["Communications in Computer and Information Science","Innovations for Community Services"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-60433-1_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,20]],"date-time":"2024-11-20T18:04:50Z","timestamp":1732125890000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-60433-1_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031604324","9783031604331"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-60433-1_17","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"31 May 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"I4CS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Innovations for Community Services","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Mastricht","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Netherlands","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 June 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 June 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"i4cs2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.eah-jena.de\/i4cs-conference\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}