{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:28:30Z","timestamp":1782865710469,"version":"3.54.5"},"reference-count":52,"publisher":"Oxford University Press (OUP)","issue":"1","license":[{"start":{"date-parts":[[2020,12,24]],"date-time":"2020-12-24T00:00:00Z","timestamp":1608768000000},"content-version":"vor","delay-in-days":358,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"publisher","award":["EP\/P011721\/1"],"award-info":[{"award-number":["EP\/P011721\/1"]}],"id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,1,1]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>This study looks at the experiences of organizations that have fallen victim to ransomware attacks. Using quantitative and qualitative data of 55 ransomware cases drawn from 50 organizations in the UK and North America, we assessed the severity of the crypto-ransomware attacks experienced and looked at various factors to test if they had an influence on the degree of severity. An organization\u2019s size was found to have no effect on the degree of severity of the attack, but the sector was found to be relevant, with private sector organizations feeling the pain much more severely than those in the public sector. Moreover, an organization\u2019s security posture influences the degree of severity of a ransomware attack. We did not find that the attack target (i.e. human or machine) or the crypto-ransomware propagation class had any significant bearing on the severity of the outcome, but attacks that were purposefully directed at specific victims wreaked more damage than opportunistic ones.<\/jats:p>","DOI":"10.1093\/cybsec\/tyaa023","type":"journal-article","created":{"date-parts":[[2020,12,24]],"date-time":"2020-12-24T17:31:07Z","timestamp":1608831067000},"source":"Crossref","is-referenced-by-count":48,"title":["An empirical study of ransomware attacks on organizations: an assessment of severity and salient factors affecting vulnerability"],"prefix":"10.1093","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7110-9594","authenticated-orcid":false,"given":"Lena","family":"Yuryna Connolly","sequence":"first","affiliation":[{"name":"Department of Computer Science, University of Bradford, Bradford, BD7 1DP"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"David S","family":"Wall","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Bradford, Bradford, BD7 1DP"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7961-2285","authenticated-orcid":false,"given":"Michael","family":"Lang","sequence":"additional","affiliation":[{"name":"School of Business and Economics, National University of Ireland Galway, Galway, Ireland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Bruce","family":"Oddson","sequence":"additional","affiliation":[{"name":"School of Human Kinetics, Laurentian University, Sudbury, ON P3E 2C6, Canada"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"286","published-online":{"date-parts":[[2020,12,28]]},"reference":[{"key":"2020122805494197400_tyaa023-B1","year":"2020"},{"key":"2020122805494197400_tyaa023-B2","author":"Sophos","year":"2020"},{"key":"2020122805494197400_tyaa023-B3","author":"FBI","year":"2020"},{"key":"2020122805494197400_tyaa023-B4","author":"UK Government","year":"2020"},{"key":"2020122805494197400_tyaa023-B5","author":"Simoiu","year":"2019"},{"key":"2020122805494197400_tyaa023-B6","doi-asserted-by":"crossref","first-page":"118","DOI":"10.1108\/ICS-03-2017-0013","article-title":"Organisational culture, procedural countermeasures, and employee security behaviour: a qualitative study","volume":"25","author":"Connolly","year":"2017","journal-title":"Inf Comp Secur"},{"key":"2020122805494197400_tyaa023-B7","first-page":"10","article-title":"Ransomware: evolution, mitigation and prevention","volume":"13","author":"Richardson","year":"2017","journal-title":"Int Manage Rev"},{"key":"2020122805494197400_tyaa023-B8","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.cose.2019.101568","article-title":"The rise of crypto-ransomware in a changing cybercrime landscape: taxonomising countermeasures","volume":"87","author":"Connolly","year":"2019","journal-title":"Comput Secur"},{"key":"2020122805494197400_tyaa023-B9","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1080\/01639625.2013.822209","article-title":"An assessment of the current state of cybercrime scholarship","volume":"35","author":"Holt","year":"2014","journal-title":"Deviant Behav"},{"key":"2020122805494197400_tyaa023-B10","first-page":"1","author":"Rege","year":"2016"},{"key":"2020122805494197400_tyaa023-B11","author":"Connolly","year":"2020"},{"key":"2020122805494197400_tyaa023-B12","doi-asserted-by":"crossref","first-page":"230","DOI":"10.1007\/s12103-018-9457-3","article-title":"Using labelling theory as a guide to examine the patterns, characteristics, and sanctions given to cybercrimes","volume":"44","author":"Payne","year":"2019","journal-title":"Am J Crim Justice"},{"key":"2020122805494197400_tyaa023-B13","doi-asserted-by":"crossref","first-page":"191","DOI":"10.1146\/annurev-criminol-032317-092057","article-title":"Cyber-dependent crimes: an interdisciplinary review","volume":"2","author":"Maimon","year":"2019","journal-title":"Annu Rev Criminol"},{"key":"2020122805494197400_tyaa023-B14","first-page":"4701","author":"Atapour-Abarghouei","year":"2019"},{"key":"2020122805494197400_tyaa023-B15","first-page":"253","article-title":"Ransomware against police: diagnosis of risk factors via application of cyber-routing activities theory","volume":"4","author":"Choi","year":"2016","journal-title":"Int J Forensic Sci Pathol"},{"key":"2020122805494197400_tyaa023-B16","doi-asserted-by":"crossref","first-page":"389","DOI":"10.1016\/j.jss.2018.06.072","article-title":"Impact of trauma hospital ransomware attack on surgical residency training","volume":"232","author":"Zhao","year":"2018","journal-title":"J Surg Res"},{"key":"2020122805494197400_tyaa023-B17","first-page":"1061","author":"Zhang-Kennedy","year":"2018"},{"key":"2020122805494197400_tyaa023-B18","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1186\/s40163-019-0097-9","article-title":"Ransomware deployment methods and analysis: views from a predictive model and human responses","volume":"8","author":"Hull","year":"2019","journal-title":"Crime Science"},{"key":"2020122805494197400_tyaa023-B19","first-page":"90","author":"Shinde","year":"2016"},{"key":"2020122805494197400_tyaa023-B20","first-page":"307","volume-title":"Proceedings of the European Conference on Innovation and Entrepreneurship","author":"Ioanid","year":"2017"},{"key":"2020122805494197400_tyaa023-B21","first-page":"656","volume-title":"Proceedings of the European Conference on Cyber Warfare and Security","author":"Byrne","year":"2017"},{"key":"2020122805494197400_tyaa023-B22","first-page":"156","article-title":"Cyber security talks: a content analysis of online discussions on ransomware","volume":"1","author":"Riglietti","year":"2017","journal-title":"Cyber Secur"},{"key":"2020122805494197400_tyaa023-B23","first-page":"35","article-title":"Understanding cyber victimization: digital architectures and the disinhibition effect","volume":"9","author":"Agustina","year":"2015","journal-title":"Int J Cyber Criminol"},{"key":"2020122805494197400_tyaa023-B24","first-page":"773","article-title":"Cybercrime victimization: an examination of Individual and situational level factors","volume":"5","author":"Ngo","year":"2011","journal-title":"Int J Cyber Criminol"},{"key":"2020122805494197400_tyaa023-B25","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1016\/S1361-3723(15)30093-2","article-title":"The challenge of measuring cyber-dependent crimes","volume":"2015","author":"Furnell","year":"2015","journal-title":"Comput Fraud Secur"},{"key":"2020122805494197400_tyaa023-B26","author":"Business Continuity Institute","year":"2018"},{"key":"2020122805494197400_tyaa023-B27","year":"2019"},{"key":"2020122805494197400_tyaa023-B28","doi-asserted-by":"crossref","first-page":"144","DOI":"10.1016\/j.cose.2018.01.001","article-title":"Ransomware threat success factors, taxonomy, and countermeasures: a survey and research directions","volume":"74","author":"Al-Rimy","year":"2018","journal-title":"Comput Secur"},{"key":"2020122805494197400_tyaa023-B29","first-page":"14","article-title":"Securing small and medium-size businesses","volume":"2016","author":"Mansfield-Devine","year":"2016","journal-title":"Network Secur"},{"key":"2020122805494197400_tyaa023-B30","doi-asserted-by":"crossref","first-page":"10","DOI":"10.1016\/S1361-3723(16)30062-8","article-title":"How smaller businesses struggle with security advice","volume":"2016","author":"Renaud","year":"2016","journal-title":"Comput Fraud Secur"},{"key":"2020122805494197400_tyaa023-B31","author":"Browne","year":"2015"},{"key":"2020122805494197400_tyaa023-B32","author":"Smith","year":"2017"},{"key":"2020122805494197400_tyaa023-B33","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1016\/S1361-3723(15)30017-8","article-title":"The SME security challenge","volume":"2015","author":"Kurpjuhn","year":"2015","journal-title":"Comput Fraud Sec"},{"key":"2020122805494197400_tyaa023-B34","doi-asserted-by":"crossref","first-page":"84","DOI":"10.1089\/cyber.2016.0727","article-title":"Cyber-dependent crime victimization: the same risk for everyone?","volume":"21","author":"Bergmann","year":"2018","journal-title":"Cyberpsychol Behav Soc Network"},{"key":"2020122805494197400_tyaa023-B35","author":"Parkinson","year":"2017"},{"key":"2020122805494197400_tyaa023-B36","author":"NIST","year":"2012"},{"key":"2020122805494197400_tyaa023-B37","doi-asserted-by":"crossref","first-page":"306","DOI":"10.1080\/10580530.2019.1651113","article-title":"Information security behavior: a cross-cultural comparison of employees in Ireland and United States","volume":"36","author":"Connolly","year":"2019","journal-title":"Inf Syst Manage"},{"key":"2020122805494197400_tyaa023-B38","first-page":"79","volume-title":"Advances in Information Systems Development Methods, Tools and Management. Lecture Notes in Information Systems and Organisation","author":"Connolly","year":"2018"},{"key":"2020122805494197400_tyaa023-B39","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1016\/S1353-4858(16)30086-1","article-title":"Ransomware attacks: detection, prevention and cure","volume":"2016","author":"Brewer","year":"2016","journal-title":"Network Secur"},{"key":"2020122805494197400_tyaa023-B40","author":"Connolly","year":"2019"},{"key":"2020122805494197400_tyaa023-B41","author":"Williams","year":"2018"},{"key":"2020122805494197400_tyaa023-B42","author":"Browne","year":"2015"},{"key":"2020122805494197400_tyaa023-B43","volume-title":"Designing and Conducting Mixed Methods Research","author":"Creswell","year":"2011","edition":"2nd edn"},{"key":"2020122805494197400_tyaa023-B44","doi-asserted-by":"crossref","first-page":"532","DOI":"10.5465\/amr.1989.4308385","article-title":"Building theories from case study research","volume":"14","author":"Eisenhardt","year":"1989","journal-title":"Acad Manage Rev"},{"key":"2020122805494197400_tyaa023-B45","doi-asserted-by":"crossref","first-page":"21","DOI":"10.22237\/jmasm\/1177992180","article-title":"Ordinal versions of coefficients alpha and theta for Likert rating scales","volume":"6","author":"Zumbo","year":"2007","journal-title":"J Mod Appl Stat Meth"},{"key":"2020122805494197400_tyaa023-B46","author":"Eurostat","year":"2020"},{"key":"2020122805494197400_tyaa023-B47","volume-title":"Proceedings of WACCO 2019: 1st Workshop on Attackers and Cyber-Crime Operations","author":"Porcedda","year":"2019"},{"key":"2020122805494197400_tyaa023-B48","author":"48. UK Government","year":"2014"},{"key":"2020122805494197400_tyaa023-B49","author":"UK National Cyber Security Centre: Certificate Search"},{"key":"2020122805494197400_tyaa023-B50","year":"2020"},{"key":"2020122805494197400_tyaa023-B51","first-page":"111","author":"Chapman","year":"2018"},{"key":"2020122805494197400_tyaa023-B52","year":"2019"}],"container-title":["Journal of Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/academic.oup.com\/cybersecurity\/article-pdf\/6\/1\/tyaa023\/35198032\/tyaa023.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"http:\/\/academic.oup.com\/cybersecurity\/article-pdf\/6\/1\/tyaa023\/35198032\/tyaa023.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,12,28]],"date-time":"2020-12-28T10:50:49Z","timestamp":1609152649000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article\/doi\/10.1093\/cybsec\/tyaa023\/6047253"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,1,1]]},"references-count":52,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,1,1]]}},"URL":"https:\/\/doi.org\/10.1093\/cybsec\/tyaa023","relation":{},"ISSN":["2057-2085","2057-2093"],"issn-type":[{"value":"2057-2085","type":"print"},{"value":"2057-2093","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2020]]},"published":{"date-parts":[[2020,1,1]]},"article-number":"tyaa023"}}