Investigating the impact of ransomware splash screens

Yılmaz, Yağız and Çetin, Orçun and Arief, Budi and Hernandez-Castro, Julio (2021) Investigating the impact of ransomware splash screens. Journal of Information Security and Applications, 61 . ISSN 2214-2134 (Print) 2214-2126 (Online)

Full text not available from this repository. (Request a copy)


Ransomware is a type of malicious software that locks out its victim from accessing functionality or data on their device, typically by encrypting files. To regain access, victims would typically need to make a ransom payment. Victims get notified that their device has been infected through a ransom note (splash screen) displayed on their device. Ransomware splash screens can be presented in many ways; the most common ones are via a text file or a graphical user interface (GUI). Splash screens may also include additional features, such as a countdown timer, as part of the ransomware operator's ploy to encourage their victims to pay. The main aim of this study was to gain valuable insights into how ransomware splash screens might affect victims’ responses. Moreover, the study also investigated whether exposure to different splash screens would encourage participants to adopt good security behaviours. A controlled experiment was conducted by randomly assigning 538 participants into one of the three ransomware infection scenarios based on the splash screen type (Text-based, GUI or GUI + Timer). After watching a demonstration of a ransomware scenario, each participant was asked to complete a survey regarding their post-infection behaviour and their cybersecurity habits. The study concluded that ransomware's user interface elements do not have a notable effect on how victims would react, in terms of their willingness to pay or their reporting rates. Additionally, even though 60% of the participants would like to report a ransomware incident, they were not sure how to do this. This illustrates a lack of public awareness about cybercrime reporting. Lack of trust was the main reason why participants did not want to click on links offering cybersecurity advice after the exposure. This shows that more effective methods for encouraging cybersecurity behaviour are still needed.
Item Type: Article
Uncontrolled Keywords: Behavioural experiment; Cybersecurity; Ransom notes; Ransomware; Splash screens; User interface
Divisions: Faculty of Engineering and Natural Sciences
Depositing User: Orçun Çetin
Date Deposited: 30 Aug 2022 12:47
Last Modified: 30 Aug 2022 12:47

Actions (login required)

View Item
View Item