Ransomware is escalating and is the single issue consistently dominating the security headlines. The resilience of our IT systems and the trust we require from our users demands that this plague be stopped. So far, we seem to be losing more battles than we win.
To counter the ransomware threat, we need to go beyond understanding what ransomware is and seek an understanding of why ransomware is. There is a commonly held misperception that cyber technology is the dominant factor in cybercrime. It’s not. Crime is the dominant factor in cybercrime. If we want to understand the cybercrime problem, we need to recognize that factors like innovation in crime business models, monetization and markets by criminals have a significant impact, not just technology. And to understand cyber extortion (Cy-X) as a crime it is useful, indeed even necessary, to leverage the insights offered to us through the well-established discipline of criminology. This offers a perspective on the problem not often considered by security practitioners.