Ethics, Economics, and Ransomware: How Human Decisions Grow the Threat

John Christian Bambenek, Masooda Bashir

Research output: Chapter in Book/Report/Conference proceedingConference contribution


This paper examines the modern history of ransomware and its evolution to the current form of large-scale ransomware attacks (ones that disrupt entire organizations). Within that timeframe, public reporting, articles, and news media reporting on large-scale ransomware attacks is reviewed to create an empirical analysis of ransom payments, conditions that led to those payments, and if data was ultimately recovered. Three factors were discovered that lead to organization to pay the ransom when recovery is impossible or cost-prohibitive: the rise of cyberinsurance companies that dictate responses that lessen their financial exposure, many victim organizations who have to always operate such as hospitals and emergency services, and the fiduciary duty of business executives to act in the best interest of a company. Lastly, we look at the concept of outlawing ransom payments and relate it the policy of outlawing random payments in kidnapping.

Original languageEnglish (US)
Title of host publicationAdvances in Human Factors in Cybersecurity - AHFE 2020 Virtual Conference on Human Factors in Cybersecurity
EditorsIsabella Corradini, Enrico Nardelli, Tareq Ahram
Number of pages6
ISBN (Print)9783030525804
StatePublished - 2020
EventAHFE Virtual Conference on Human Factors in Cybersecurity, 2020 - San Diego, United States
Duration: Jul 16 2020Jul 20 2020

Publication series

NameAdvances in Intelligent Systems and Computing
Volume1219 AISC
ISSN (Print)2194-5357
ISSN (Electronic)2194-5365


ConferenceAHFE Virtual Conference on Human Factors in Cybersecurity, 2020
Country/TerritoryUnited States
CitySan Diego


  • Cybersecurity
  • Human factors
  • Incident response
  • Ransomware

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Computer Science(all)


Dive into the research topics of 'Ethics, Economics, and Ransomware: How Human Decisions Grow the Threat'. Together they form a unique fingerprint.

Cite this