{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,21]],"date-time":"2026-01-21T05:04:49Z","timestamp":1768971889999,"version":"3.49.0"},"publisher-location":"Cham","reference-count":44,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031942624","type":"print"},{"value":"9783031942631","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-94263-1_22","type":"book-chapter","created":{"date-parts":[[2025,6,1]],"date-time":"2025-06-01T19:14:35Z","timestamp":1748805275000},"page":"386-414","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Cybersecurity Awareness Education by Making Ransomware Tangible Securely"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2606-3988","authenticated-orcid":false,"given":"G\u00fcnter","family":"Fahrnberger","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3830-7000","authenticated-orcid":false,"given":"Maximilian","family":"Greiner","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8517-2655","authenticated-orcid":false,"given":"Stefan","family":"Hofbauer","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4286-3184","authenticated-orcid":false,"given":"Ulrike","family":"Lechner","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0008-2879-8989","authenticated-orcid":false,"given":"Andreas","family":"Seiler","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0003-8585-7862","authenticated-orcid":false,"given":"Judith","family":"Strussenberg","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7810-9354","authenticated-orcid":false,"given":"Philipp","family":"Wolf","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,6,2]]},"reference":[{"key":"22_CR1","unstructured":"Alotaibi, F.F.G.: Evaluation and Enhancement of Public Cyber Security Awareness. Ph.D. thesis, University of Plymouth (2019). https:\/\/pearl.plymouth.ac.uk\/secam-theses\/214\/"},{"key":"22_CR2","doi-asserted-by":"publisher","unstructured":"Alotaibi, F.F.G., Furnell, S., Stengel, I., Papadaki, M.: A review of using gaming technology for cyber-security awareness. Int. J. Inf. Secur. Res. (IJISR) 6(2), 660\u2013666 (2016). https:\/\/doi.org\/10.20533\/ijisr.2042.4639.2016.0076","DOI":"10.20533\/ijisr.2042.4639.2016.0076"},{"key":"22_CR3","doi-asserted-by":"publisher","unstructured":"Alotaibi, F.F.G., Furnell, S., Stengel, I., Papadaki, M.: Enhancing cyber security awareness with mobile games. In: 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 129\u2013134. IEEE (2017). https:\/\/doi.org\/10.23919\/ICITST.2017.8356361","DOI":"10.23919\/ICITST.2017.8356361"},{"key":"22_CR4","doi-asserted-by":"publisher","unstructured":"Angafor, G.N., Yevseyeva, I., He, Y.: Game-based learning: a review of tabletop exercises for cybersecurity incident response training. Secur. Priv. 3(6), 1\u201319 (2020). https:\/\/doi.org\/10.1002\/spy2.126","DOI":"10.1002\/spy2.126"},{"key":"22_CR5","doi-asserted-by":"publisher","unstructured":"Angafor, G.N., Yevseyeva, I., Maglaras, L.: MalAware: a tabletop exercise for malware security awareness education and incident response training. Internet Things Cyber-Phys. Syst. 4, 280\u2013292 (2024). https:\/\/doi.org\/10.1016\/j.iotcps.2024.02.003","DOI":"10.1016\/j.iotcps.2024.02.003"},{"key":"22_CR6","unstructured":"Arachchilage, N.A.G.: Security Awareness of Computer Users: A Game Based Learning Approach. Ph.D. thesis, Brunel University, London, United Kingdom (2012). https:\/\/core.ac.uk\/download\/pdf\/13641856.pdf"},{"key":"22_CR7","doi-asserted-by":"publisher","unstructured":"B\u00fchler, M.M., Jelinek, T., N\u00fcbel, K.: Training and preparing tomorrow?s workforce for the fourth industrial revolution. Educ. Sci. 12(11), 1\u201328 (2022). https:\/\/doi.org\/10.3390\/educsci12110782","DOI":"10.3390\/educsci12110782"},{"key":"22_CR8","unstructured":"Butt, U.J.: Developing a Usable Security Approach for User Awareness Against Ransomware. Ph.D. thesis, Brunel University London, London, United Kingdom (2023). https:\/\/bura.brunel.ac.uk\/handle\/2438\/26661"},{"key":"22_CR9","doi-asserted-by":"publisher","unstructured":"Cone, B.D., Irvine, C.E., Thompson, M.F., Nguyen, T.D.: A video game for cyber security training and awareness. Comput. Secur. 26(1), 63\u201372 (2007). https:\/\/doi.org\/10.1016\/j.cose.2006.10.005","DOI":"10.1016\/j.cose.2006.10.005"},{"key":"22_CR10","doi-asserted-by":"publisher","unstructured":"Denning, T., Lerner, A., Shostack, A., Kohno, T.: Control-Alt-Hack: the design and evaluation of a card game for computer security awareness and education. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 915\u2013928. CCS \u201913, Association for Computing Machinery, New York, NY, USA (2013). https:\/\/doi.org\/10.1145\/2508859.2516753","DOI":"10.1145\/2508859.2516753"},{"key":"22_CR11","doi-asserted-by":"publisher","unstructured":"Europol: Internet Organised Crime Threat Assessment (IOCTA) 2024. Europol (2024). https:\/\/doi.org\/10.2813\/442713","DOI":"10.2813\/442713"},{"key":"22_CR12","unstructured":"Forero, C.A.M.: Tabletop Exercise For Cybersecurity Educational Training; Theoretical Grounding And Development. Master\u2019s thesis, University of Tartu (2016). https:\/\/core.ac.uk\/download\/pdf\/83597547.pdf"},{"key":"22_CR13","doi-asserted-by":"publisher","unstructured":"Francia\u00a0III, G., Thornton, D., Trifas, M., Bowden, T.: Gamification of information security awareness training. In: Akhgar, B., Arabnia, H.R. (eds.) Emerging Trends in ICT Security, pp. 85\u201397. Morgan Kaufmann, Boston, MA, USA (2013). https:\/\/doi.org\/10.1016\/B978-0-12-411474-6.00005-0","DOI":"10.1016\/B978-0-12-411474-6.00005-0"},{"key":"22_CR14","doi-asserted-by":"publisher","unstructured":"Friedl, S., Reittinger, T., Pernul, G.: From play to profession: a serious game to raise awareness on digital forensics. In: Ferrara, A.L., Krishnan, R. (eds.) Data and Applications Security and Privacy XXXVIII. DBSec 2024. LNCS, vol. 14901, pp. 269\u2013289. Springer, Cham (2024). https:\/\/doi.org\/10.1007\/978-3-031-65172-4_17","DOI":"10.1007\/978-3-031-65172-4_17"},{"key":"22_CR15","doi-asserted-by":"publisher","unstructured":"Fung, C.C., Khera, V., Depickere, A., Tantatsanawong, P., Boonbrahm, P.: Raising information security awareness in digital ecosystem with games \u2013 a pilot study in Thailand. In: 2008 2nd IEEE International Conference on Digital Ecosystems and Technologies, pp. 375\u2013380. IEEE (2008). https:\/\/doi.org\/10.1109\/DEST.2008.4635145","DOI":"10.1109\/DEST.2008.4635145"},{"key":"22_CR16","doi-asserted-by":"publisher","unstructured":"Gardiner, J., Cova, M., Nagaraja, S.: Command & control: understanding, denying and detecting \u2013 a review of malware C2 techniques, detection and defences, pp. 1\u201338. arXiv (2015). https:\/\/doi.org\/10.48550\/arXiv.1408.1136","DOI":"10.48550\/arXiv.1408.1136"},{"key":"22_CR17","doi-asserted-by":"publisher","unstructured":"Greiner, M., et al.: Scared? Prepared? Toward a ransomware incident response scenario. In: Phillipson, F., Eichler, G., Erfurth, C., Fahrnberger, G. (eds.) Innovations for Community Services. I4CS 2024. CCIS, vol. 2109, pp. 289\u2013320. Springer, Cham (2024). https:\/\/doi.org\/10.1007\/978-3-031-60433-1_17","DOI":"10.1007\/978-3-031-60433-1_17"},{"key":"22_CR18","doi-asserted-by":"publisher","unstructured":"Gutfleisch, M., Sch\u00f6ps, M., Sayin, S., Wende, F., Sasse, M.A.: Putting security on the table: the digitalisation of security tabletop games and its challenging aftertaste. In: ICSE-SEET \u201922: Proceedings of the ACM\/IEEE 44th International Conference on Software Engineering: Software Engineering Education and Training, pp. 217\u2013222. ICSE-SEET \u201922, Association for Computing Machinery, New York, NY, USA (2022). https:\/\/doi.org\/10.1145\/3510456.3514139","DOI":"10.1145\/3510456.3514139"},{"key":"22_CR19","doi-asserted-by":"publisher","unstructured":"Hafner, L., Wutz, F., P\u00f6hn, D., Hommel, W.: TASEP: a collaborative social engineering tabletop role-playing game to prevent successful social engineering attacks. In: Proceedings of the 18th International Conference on Availability, Reliability and Security, pp. 1\u201310. ARES \u201923, Association for Computing Machinery, New York, NY, USA (2023). https:\/\/doi.org\/10.1145\/3600160.3605005","DOI":"10.1145\/3600160.3605005"},{"key":"22_CR20","doi-asserted-by":"publisher","unstructured":"Hart, S., Margheri, A., Paci, F., Sassone, V.: Riskio: a serious game for cyber security awareness and education. Comput. Secur. 95, 1\u201316 (2020). https:\/\/doi.org\/10.1016\/j.cose.2020.101827","DOI":"10.1016\/j.cose.2020.101827"},{"key":"22_CR21","doi-asserted-by":"publisher","unstructured":"Hevner, A., Chatterjee, S.: Design science research in information systems. In: Design Research in Information Systems: Theory and Practice, vol.\u00a022, pp. 9\u201322. Springer US, Boston, MA, USA (2010). https:\/\/doi.org\/10.1007\/978-1-4419-5653-8_2","DOI":"10.1007\/978-1-4419-5653-8_2"},{"key":"22_CR22","unstructured":"Hoachlander, G.: Toward a New Framework of Industry Programs for Vocational Education: Emerging Trends in Curriculum and Instruction. Technical report, Institute of Education Sciences (1998). https:\/\/eric.ed.gov\/?id=ED443969"},{"key":"22_CR23","unstructured":"Hofmeier, M.: Operation Digital Butterfly: Ein Serious-Game-basierter Ansatz zur Identifikation und Analyse von Intentionalen Bedrohungen durch Innent\u00e4ter und Innent\u00e4terinnen (Malicious Insider Threats). Ph.D. thesis, University of the Bundeswehr Munich (2024). https:\/\/athene-forschung.unibw.de\/148672"},{"key":"22_CR24","doi-asserted-by":"publisher","unstructured":"Kalenti, M., Biro, P.: ECSM 2023 campaign report ? Be smarter than a hacker. Technical report (2024). https:\/\/doi.org\/10.2824\/005990","DOI":"10.2824\/005990"},{"key":"22_CR25","unstructured":"Kaloroumakis, P.E., Smith, M.J.: Toward a Knowledge Graph of Cybersecurity Countermeasures. Technical report, Massachusetts Institute of Technology Research and Engineering (MITRE) Corporation (2021). https:\/\/d3fend.mitre.org\/resources\/D3FEND.pdf"},{"key":"22_CR26","doi-asserted-by":"publisher","unstructured":"Karagiannis, S., Papaioannou, T., Magkos, E., Tsohou, A.: Game-based information security\/privacy education and awareness: Theory and Practice. In: Themistocleous, M., Papadaki, M., Kamal, M.M. (eds.) Information Systems, LNCS, pp. 509\u2013525. Springer, Cham, Switzerland (2020). https:\/\/doi.org\/10.1007\/978-3-030-63396-7_34","DOI":"10.1007\/978-3-030-63396-7_34"},{"key":"22_CR27","doi-asserted-by":"publisher","unstructured":"Kjorveziroski, V., Mishev, A., Filiposka, S.: Cybersecurity training platforms assessment. In: Dimitrova, V., Dimitrovski, I. (eds.) ICT Innovations 2020. Machine Learning and Applications, LNCS, pp. 174\u2013188. Springer, Cham, Switzerland (2020). https:\/\/doi.org\/10.1007\/978-3-030-62098-1_15","DOI":"10.1007\/978-3-030-62098-1_15"},{"key":"22_CR28","doi-asserted-by":"publisher","unstructured":"Labuschagne, W.A., Burke, I., Veerasamy, N., Eloff, M.M.: Design of cyber security awareness game utilizing a social media framework. In: 2011 Information Security for South Africa, pp. 1\u20139. IEEE (2011). https:\/\/doi.org\/10.1109\/ISSA.2011.6027538","DOI":"10.1109\/ISSA.2011.6027538"},{"key":"22_CR29","doi-asserted-by":"publisher","unstructured":"Lechner, U., D\u00e4nnart, S., Rieb, A., Rudel, S.: Case Kritis \u2013 Fallstudien zur IT-Sicherheit in Kritischen Infrastrukturen. Logos Verlag Berlin (2018). https:\/\/doi.org\/10.30819\/4727","DOI":"10.30819\/4727"},{"key":"22_CR30","unstructured":"Lechner, U., Strussenberg, J., Hofbauer, S., Seiler, A., Greiner, M.: Monitor Resilienz angesichts von Ransomware: Einblicke in die Praxis. Technical report, University of the Bundeswehr Munich (2024). https:\/\/www.unibw.de\/wirtschaftsinformatik\/monitor-contain"},{"key":"22_CR31","doi-asserted-by":"publisher","unstructured":"Mello-Stark, S., VanValkenburg, M.A., Hao, E.: Thinking outside the box: using escape room games to increase interest in cyber security. In: Daimi, K., Francia\u00a0III, G. (eds.) Innovations in Cybersecurity Education, LNCS, pp. 39\u201353. Springer, Cham, Switzerland (2020). https:\/\/doi.org\/10.1007\/978-3-030-50244-7_3","DOI":"10.1007\/978-3-030-50244-7_3"},{"key":"22_CR32","unstructured":"Mettouris, C., Maratou, V., Vuc\u010dkovi\u0107, D., Papadopoulos, G.A., Xenos, M.: Information security awareness through a virtual world: an end-user requirements analysis. In: Zdravkovi\u0107, M., Trajanovi\u0107, M., Konjovi\u0107, Z. (eds.) ICIST 2015 \u2013 5th International Conference on Information Society and Technology, pp. 301\u2013306. Society for Information Systems and Computer Networks (2015). https:\/\/www.eventiotic.com\/eventiotic\/library\/paper\/135"},{"key":"22_CR33","doi-asserted-by":"publisher","unstructured":"Ngambeki, I.B., Rogers, M., Bates, S.J., Piper, M.C.: Curricular improvement through course mapping: an application of the NICE framework. In: 2021 ASEE Virtual Annual Conference Content Access, pp. 1\u201322. ASEE Conferences (2021). https:\/\/doi.org\/10.18260\/1-2-36889","DOI":"10.18260\/1-2-36889"},{"key":"22_CR34","unstructured":"Onduto, B.: Gamification of Cyber Security Awareness \u2013 A Systematic Literature Review. Master\u2019s thesis, University of Turku (2021). https:\/\/www.utupub.fi\/bitstream\/handle\/10024\/152929\/Onduto_Barack_Thesis_Final.pdf"},{"key":"22_CR35","doi-asserted-by":"publisher","unstructured":"Rieb, A., Lechner, U.: Towards a cybersecurity game: operation digital chameleon. In: Havarneanu, G., Setola, R., Nassopoulos, H., Wolthusen, S. (eds.) Critical Information Infrastructures Security, pp. 283\u2013295. LNCS, Springer, Cham, Switzerland (2016). https:\/\/doi.org\/10.1007\/978-3-319-71368-7_24","DOI":"10.1007\/978-3-319-71368-7_24"},{"key":"22_CR36","doi-asserted-by":"publisher","unstructured":"Seiler, A., Lechner, U., Strussenberg, J., Hofbauer, S.: Operation raven. In: Phillipson, F., Eichler, G., Erfurth, C., Fahrnberger, G. (eds.) Innovations for Community Services. I4CS 2024. CCIS, vol. 2109, pp. 337\u2013347. Springer Nature Switzerland, Cham, Switzerland (2024). https:\/\/doi.org\/10.1007\/978-3-031-60433-1_19","DOI":"10.1007\/978-3-031-60433-1_19"},{"key":"22_CR37","doi-asserted-by":"crossref","unstructured":"Siponen, M., Vance, A.: Neutralization: new insights into the problem of employee information systems security policy violations. MIS Q. 34(3), 487\u2013502 (2010). http:\/\/doi.org\/10.2307\/25750688","DOI":"10.2307\/25750688"},{"key":"22_CR38","doi-asserted-by":"publisher","unstructured":"Stewart, G., Rosemann, M.: Industry-oriented design of ERP-related curriculum \u2013 an Australian initiative. Bus. Process Manag. J. 7(3), 234\u2013242 (2001). https:\/\/doi.org\/10.1108\/14637150110392719","DOI":"10.1108\/14637150110392719"},{"key":"22_CR39","unstructured":"Strom, B.E., et al.: Finding cyber threats with ATT &CK\u2122-based analytics. Technical report, Massachusetts Institute of Technology Research and Engineering (MITRE) Corporation (2017). https:\/\/apps.dtic.mil\/sti\/trecms\/pdf\/AD1107945.pdf"},{"key":"22_CR40","doi-asserted-by":"publisher","unstructured":"Sykes, G.M., Matza, D.: Techniques of neutralization: a theory of delinquency. Am. Sociol. Rev. 22(6), 664\u2013670 (1957). https:\/\/doi.org\/10.2307\/2089195","DOI":"10.2307\/2089195"},{"key":"22_CR41","unstructured":"Thubron, R.: Ransomware criminals use children\u2019s phone numbers to coerce payments from parents (2024). https:\/\/www.techspot.com\/news\/102905-ransomware-criminals-use-children-phone-numbers-coerce-payments.html"},{"key":"22_CR42","doi-asserted-by":"publisher","unstructured":"Yadav, T., Rao, A.M.: Technical aspects of cyber kill chain. In: Abawajy, J., Mukherjea, S., Thampi, S., Ruiz-Mart\u00ednez, A. (eds.) Security in Computing and Communications. SSCC 2015. CCIS, vol. 536, pp. 438\u2013452. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-22915-7_40","DOI":"10.1007\/978-3-319-22915-7_40"},{"key":"22_CR43","doi-asserted-by":"publisher","unstructured":"Yar, M.A., Goh, H.G., Adnan, K., Gan, M.L., Ponnusamy, V.: Bridging cybersecurity education and industry demands: mapping and prioritizing curriculum guidelines. In: 2024 International Conference on Future Technologies for Smart Society (ICFTSS), pp. 188\u2013193. IEEE (2024). https:\/\/doi.org\/10.1109\/ICFTSS61109.2024.10690269","DOI":"10.1109\/ICFTSS61109.2024.10690269"},{"key":"22_CR44","doi-asserted-by":"publisher","unstructured":"Zhao, T., Gasiba, T., Lechner, U., Pinto-Albuquerque, M.: Raising awareness about cloud security in industry through a board game. Information 12(11), 1\u201314 (2021). https:\/\/doi.org\/10.3390\/info12110482","DOI":"10.3390\/info12110482"}],"container-title":["Communications in Computer and Information Science","Innovations for Community Services"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-94263-1_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,1]],"date-time":"2025-06-01T19:14:41Z","timestamp":1748805281000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-94263-1_22"}},"subtitle":["The Beginning"],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031942624","9783031942631"],"references-count":44,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-94263-1_22","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"value":"1865-0929","type":"print"},{"value":"1865-0937","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"2 June 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"I4CS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Innovations for Community Services","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Munich","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 June 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 June 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"i4cs2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.i4cs-conference.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}