The aftermath of a crypto-ransomware attack at a large academic institution
Title | The aftermath of a crypto-ransomware attack at a large academic institution |
---|---|
Author | |
Keywords | |
Abstract | In 2016, a large North American university was subject to a significant crypto-ransomware attack and did not pay the ransom. We conducted a survey with 150 respondents and interviews with 30 affected students, staff, and faculty in the immediate aftermath to understand their experiences during the attack and the recovery process. We provide analysis of the technological, productivity, and personal and social impact of ransomware attacks, including previously unaccounted secondary costs. We suggest strategies for comprehensive cyber-response plans that include human factors, and highlight the importance of communication. We conclude with a Ransomware Process for Organizations diagram summarizing the additional contributing factors beyond those relevant to individual infections. |
Year of Conference |
2018
|
Conference Name |
USENIX Security Symposium
|
Publisher |
USENIX Security
|
URL |
https://www.usenix.org/conference/usenixsecurity18/presentation/zhang-kennedy
|
Related files | usenix2018-aftermath_ransomware.pdf |
Download citation |