{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,11]],"date-time":"2026-05-11T10:16:04Z","timestamp":1778494564407,"version":"3.51.4"},"reference-count":68,"publisher":"IEEE","license":[{"start":{"date-parts":[[2022,11,30]],"date-time":"2022-11-30T00:00:00Z","timestamp":1669766400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,11,30]],"date-time":"2022-11-30T00:00:00Z","timestamp":1669766400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,11,30]]},"DOI":"10.1109\/ecrime57793.2022.10142138","type":"proceedings-article","created":{"date-parts":[[2023,6,7]],"date-time":"2023-06-07T02:33:43Z","timestamp":1686105223000},"page":"1-13","source":"Crossref","is-referenced-by-count":15,"title":["Ransomware: How attacker\u2019s effort, victim characteristics and context influence ransom requested, payment and financial loss"],"prefix":"10.1109","author":[{"given":"Tom","family":"Meurs","sequence":"first","affiliation":[{"name":"University of Twente,IEBIS,Enschede,Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marianne","family":"Junger","sequence":"additional","affiliation":[{"name":"University of Twente,IEBIS,Enschede,Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Erik","family":"Tews","sequence":"additional","affiliation":[{"name":"University of Twente,EEMCS,Enschede,Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Abhishta","family":"Abhishta","sequence":"additional","affiliation":[{"name":"University of Twente,IEBIS,Enschede,Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref13","article-title":"Behind the curtains of the ransomware economy - the victims and the Cybercriminals","year":"2022","journal-title":"Check Point Research"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1214\/aos\/996986505"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.13052\/jcsm2245-1439.1013"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2017.15"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.18637\/jss.v045.i03"},{"key":"ref59","first-page":"253","article-title":"Ransomware against police: diagnosis of risk factors via application of cyber-routing activities theory","volume":"4","author":"choi","year":"2016","journal-title":"International Journal of Forensic Science and Pathology"},{"key":"ref14","article-title":"An investigation of individual willingness to pay ransomware","author":"cartwright","year":"2022","journal-title":"Journal of Financial Crime"},{"key":"ref58","author":"faraway","year":"2016","journal-title":"Extending the Linear Model with R Generalized Linear Mixed Effects and Nonparametric Regression Models"},{"key":"ref53","author":"arghire","year":"2022","journal-title":"QNAP Appliances Targeted in New DeadBolt eCh0raix Ransomware Campaigns — SecurityWeek Com"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1080\/01639625.2015.1012409"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.3390\/g10020026"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.52"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1098\/rsos.190023"},{"key":"ref54","article-title":"Bias decreases in proportion to the number of annotators","volume":"139","author":"artstein","year":"0","journal-title":"Proceedings of FG-MoL 2005 The 10th conference on Formal Grammar and The 9th Meeting on"},{"key":"ref17","article-title":"Comparison of imputation methods for mixed data missing at random","author":"heidt","year":"2019"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1186\/s12874-016-0281-5"},{"key":"ref19","first-page":"105","article-title":"Log-transformation and its implications for data analysis","volume":"26","author":"changyong","year":"2014","journal-title":"Shanghai Archives of Psychiatry"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1080\/00223891.2018.1530680"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1007\/BF01561001"},{"key":"ref50","article-title":"A Procedure for Stepwise Regression Analysis","author":"v\u00e4liaho","year":"2022","journal-title":"A Procedure for Stepwise Regression Analysis De Gruyter"},{"key":"ref46","first-page":"4","article-title":"Systematically Understanding the Cyber Attack Business: A Survey","volume":"51","author":"huang","year":"2018","journal-title":"ACM Comput Surv"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00047"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3149053"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2021.116198"},{"key":"ref42","first-page":"80","article-title":"Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Leading Issues in Information Warfare & Security Research","volume":"1","author":"hutchins","year":"2011"},{"key":"ref41","article-title":"We Wait, Because We Know You. Inside the Ransomware Negotiation Economics","author":"haymore","year":"2021","journal-title":"Threat Intelligence Fox-IT and European Research Threat Intelligence NCCgroup"},{"key":"ref44","author":"stringhini","year":"2019","journal-title":"Adversarial Behaviours Knowledge Area Vol Cyber Security Body of Knowledge"},{"key":"ref43","article-title":"The Ransomware Dilemma","author":"leo","year":"2022","journal-title":"Mit Sloan Management Review MIT Sloan Management Review"},{"key":"ref49","first-page":"331","article-title":"Multiple-Extortion Ransomware: The Case for Active Cyber Threat Intelligence","author":"payne","year":"0","journal-title":"ECCWS 2021 20th European Conference on Cyber Warfare and Security"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.26735\/JVUJ3498"},{"key":"ref7","article-title":"A Tale of Two Markets: Investigating the Ransomware Payments Economy","author":"oosthoek","year":"2022"},{"key":"ref9","first-page":"1","article-title":"A large-scale empirical analysis of ransomware activities in bitcoin","volume":"16","author":"wang","year":"2021","journal-title":"ACM Transactions on the Web (TWEB)"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102490"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-39498-0_12"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1016\/j.eij.2020.05.003"},{"key":"ref5","article-title":"A survey on ransomware: Evolution, taxonomy, and defense solutions","author":"oz","year":"2021","journal-title":"ACM Computing Surveys (CSUR)"},{"key":"ref40","article-title":"Ransom Mafia. Analysis of the World’s First Ransomware Cartel","volume":"1","author":"dimaggio","year":"2021","journal-title":"Analyst"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101762"},{"key":"ref34","first-page":"10","article-title":"Opportunity makes the thief","volume":"98","author":"felson","year":"1998","journal-title":"Police Research Series pap 98"},{"key":"ref37","year":"2022","journal-title":"Check Point Research"},{"key":"ref36","author":"borrion","year":"2020","journal-title":"Your money or your business Decision-making processes in ransomware attacks"},{"key":"ref31","article-title":"Backing Your Backup","author":"hilt","year":"2022","journal-title":"Trends in Microbiology"},{"key":"ref30","article-title":"Analyzing ransomware negotiations with CONTI: An in-depth analysis","year":"2022"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-86017-1_7"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.2307\/1139262"},{"key":"ref2","first-page":"155","article-title":"I was told to buy a software or lose my computer. I ignored it","author":"simoiu","year":"0","journal-title":"A study of ransomware In Fifteenth symposium on usable privacy and security (SOUPS 2019)"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1093\/cybsec\/tyaa023"},{"key":"ref39","author":"connolly","year":"2021","journal-title":"The Evolving Threat of Ransomware From Extortion to Blackmail"},{"key":"ref38","first-page":"865","article-title":"Cyber Kill Chain-Based Taxonomy of Advanced Persistent Threat Actors: Analogy of Tactics, Techniques, and Procedures","volume":"15","author":"bahrami","year":"2019","journal-title":"Journal of Information Processing Systems"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2020.100233"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1057\/cpcs.2015.17"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4842-4255-1"},{"key":"ref67","author":"langlois","year":"2020","journal-title":"2020 Data Breach Investigations Report"},{"key":"ref26","first-page":"151","article-title":"The procedural analysis of offending and its relevance for situational prevention","volume":"3","author":"cornish","year":"1994","journal-title":"Crime prevention studies"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/CRC50527.2021.9392529"},{"key":"ref20","year":"2021","journal-title":"Internet Organised Crime Threat Assessment (IOCTA) 2021"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1002\/cbm.1992.2.1.25"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1177\/1477370818773610"},{"key":"ref22","first-page":"53","article-title":"Pay or Not Pay? A Game-Theoretical Analysis of Ransomware Interactions Considering a Defender’s Deception Architecture","author":"baksi","year":"0","journal-title":"52nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S)"},{"key":"ref66","year":"2022","journal-title":"Ransomware Publicly Reported Incidents are only the tip of the iceberg"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(20)30118-5"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.4324\/9781315134482-3"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSA.2017.8073398"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1093\/bjc\/azu106"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1186\/s40163-020-00119-4"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102760"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1108\/PIJPSM-07-2019-0115"},{"key":"ref61","author":"ndichu","year":"2021","journal-title":"Kaspersky over half of ransomware victims paid off attackers in 2020 Kaspersky"}],"event":{"name":"2022 APWG Symposium on Electronic Crime Research (eCrime)","location":"Boston, MA, USA","start":{"date-parts":[[2022,11,30]]},"end":{"date-parts":[[2022,12,2]]}},"container-title":["2022 APWG Symposium on Electronic Crime Research (eCrime)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10141986\/10142077\/10142138.pdf?arnumber=10142138","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,26]],"date-time":"2023-06-26T17:57:24Z","timestamp":1687802244000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10142138\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,11,30]]},"references-count":68,"URL":"https:\/\/doi.org\/10.1109\/ecrime57793.2022.10142138","relation":{},"subject":[],"published":{"date-parts":[[2022,11,30]]}}}