Sage Journals: Discover world-class research

Abstract

Since 2020, SARS-COV-2 (COVID-19) has forced organizations to pivot towards digital transformation. Yet, the same period has seen a dramatic rise in hacking and ransomware attacks, especially from internationally malicious actors attempting to simultaneously disrupt and profit. Although a knee-jerk reaction has been the adoption of new-fangled technologies as the only way to prevent, detect, and mitigate attacks, this case study highlights how imperative it is for organizations to proactively review and re-engineer their process inefficiencies and human errors as a systematic counter-strategy. Using fictitious characters reflecting real-world hacking processes and outfits, this case projects the need for a new cybersecurity order, where cybersecure process reengineering and human training deserve greater attention than simply investing in newer cybersecurity technologies.

Keywords

teaching case security information system ethics hacking ransomware vulnerabilities process factors human factors

Get full access to this article

View all access options for this article.

References

Baker

(2022). Ransomware as a Service (RaaS) Explained. Crowdstrike, February 7, url: https://www.crowdstrike.com/cybersecurity-101/ransomware/ransomware-as-a-service-raas/

Collier

(2021). Beef Supplier JBS Paid Ransomware Hackers $11 Million. NBC News. June 9, url: https://www.nbcnews.com/tech/security/meat-supplier-jbs-paid-ransomware-hackers-11-million-n1270271

Datta

Walker

Amarilli

(2020). Digital transformation: Learning from Italy’s public administration. Journal of Information Technology Teaching Cases 10(2): 54–71.

Datta

(2021a). The promise and challenges of the fourth industrial revolution (4IR). Journal of Information Technology Teaching Cases, March. doi: 10.1177/20438869211056938

Datta

(2021b). Hannibal at the gates: cyberwarfare & the solarwinds sunburst hack. Journal of Information Technology Teaching Cases, December. DOI: 10.1177/2043886921993126

Datta

(2021c). Cyberruse at the cybergates: technology, people and processes. ISACA Journal 6(4): 51–58.

Datta

Nwankpa

(2021). Digital transformation and pandemic crisis continuity planning during SARS-COV-2. Journal of Information Technology Teaching Cases 11(2): 81–89.

Datta

Whitmore

Nwankpa

(2021). A perfect storm: psychological and AI (technological) antecedents to information bias anchoring (IBA) in social media news. ACM Journal: Digital Threats: Research and Practice. Print.

Diffee

Datta

(2018). Cybersecurity: the three-headed Janus. Journal of Information Technology Teaching Cases (Journal of Information Technology Sister Journal), 8(1), 161–171. DOI: 10.1057/s41266-018-0037-7

10.

Financial Times (2021). The rise of crypto laundries: how criminals cash out of bitcoin. https://www.ft.com/content/4169ea4b-d6d7-4a2e-bc91-480550c2f539

11.

Lerman

De Vynck

(2021). Hackers Demand $70 Million to Unlock Businesses Hit by Sprawling Ransomware Attack. Washington, DC: The Washington Post, July 5, url: https://www.washingtonpost.com/technology/2021/07/05/kayesa-ransomware-70-million-fbi/

12.

Manikanta

(2021). Ransomware Attack on CompuCom Costs Over $20 Million in Restoration Expenses. TechDator, March 28, url: https://techdator.net/compucom-ransomware-attack/

13.

Matthews

(2021). Acer Faced With Ransom Up To $100 Million After Hackers Breach Network. Forbes, March 21, url: https://www.forbes.com/sites/leemathews/2021/03/21/acer-faced-with-ransom-up-to-100-million-after-hackers-breach-network/?sh=50368ca6750f

14.

New York Times (2021). Companies Linked to Russian Ransomware Hide in Plain Sighturl, December 6th, url: https://www.nytimes.com/2021/12/06/world/europe/ransomware-russia-bitcoin.html.

15.

Osborne

(2021). Researchers Track Down Five Affiliates of DarkSide Ransomware Service. ZDNet, May 12. url: https://www.zdnet.com/article/researchers-track-down-five-affiliates-of-darkside-ransomware-service/

16.

Paganini

(2021). Managed Services provider CompuCom by Darkside ransomware. Security Affairs, March 5. url: https://securityaffairs.co/wordpress/115300/malware/compucom-darkside-ransomware.html

17.

Reuters (2021). Ransomware attacks soar, hackers set to become more aggressive - Canada spy agency, December 6th: https://www.reuters.com/technology/ransomware-attacks-soarhackers-set-become-more-aggressive-canada-spy-agency-2021-12-06/

18.

Schwartz

(2015). Russian Cybercrime Rule No. 1: Don't Hack Russians. Bank Info Security, September 14th: https://www.bankinfosecurity.com/blogs/russian-cybercrime-rule-no-1-dont-hack-russians-p-1934

19.

Turton

Mehrotra

(2021). Hackers Breached Colonial Pipeline Using Compromised Password. Forbes, June 4, url: https://www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password

20.

UNCTAD (2021). Cybercrime Legistaltion Worldwide. https://unctad.org/page/cybercrime-legislation-worldwide

From disruption to ransomware: Lessons From hackers

Abstract

Keywords

Get full access to this article

References