Ransomware Attacks on Manufacturing SMEs: Causes and Framework

Verified

Added on 2023/06/07

AI Summary

This project delves into the critical issue of ransomware attacks targeting Small to Medium Enterprises (SMEs) within the manufacturing sector. The research begins with an introduction that establishes the prevalence of ransomware as a significant cyber threat, particularly for SMEs, and outlines the study's aim, objectives, research questions, and rationale. A comprehensive literature review follows, exploring the definition of SMEs, the factors that heighten their vulnerability to ransomware, existing responses to such attacks, and relevant cybersecurity frameworks and policies. The methodology chapter details the research strategy, approach, philosophy, design, data collection methods (surveys and interviews), and data analysis techniques. The subsequent chapters present the data analysis and the conclusions drawn from the research, culminating in recommendations for improving IT security in manufacturing SMEs. The project aims to identify vulnerabilities, analyze attack vectors, and propose a robust security framework to mitigate the risks associated with ransomware, offering practical insights for SMEs to enhance their cybersecurity posture.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

ELEMENT 1 INDIVIDUAL
PROJECT
1

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

TABLE OF CONTENTS
TABLE OF CONTENTS.................................................................................................................2
ABSTRACT.....................................................................................................................................4
TOPIC: RANSOMWARE ATTACKS IN SMES IN THE MANUFACTURING SECTOR:
CAUSES AND FRAMEWORK FOR SECURITY........................................................................5
CHAPTER ONE: INTRODUCTION..............................................................................................5
Background information:.............................................................................................................5
Aim:.............................................................................................................................................6
Objectives:...................................................................................................................................6
Research question:.......................................................................................................................7
Rationale:.....................................................................................................................................7
CHAPTER 2: LITERATURE REVIEW.........................................................................................8
Theme 1: Definition of SME.......................................................................................................8
Theme 2: Factors Placing SMEs at Risk of Ransomware 637....................................................8
Theme 3: Responses to Ransomware Attacks...........................................................................10
Theme 4: Cybersecurity Frameworks and Policies...................................................................12
CHAPTER 3: RESEARCH METHODOLOGIES........................................................................14
Research strategy:......................................................................................................................14
Research approach:....................................................................................................................15
Research philosophy:.................................................................................................................15
Research design:........................................................................................................................16
Data collection:..........................................................................................................................17
Data analysis:.............................................................................................................................18
Reliability and validity:.............................................................................................................18
Ethical consideration:................................................................................................................19
CHAPTER FOUR: DATA ANALYSIS........................................................................................20
CHAPTER 5 CONCLUSION AND RECOMMENDATION......................................................27
2

REFERENCES..............................................................................................................................30
3

ABSTRACT
There is current trend in cyber world named as ransomware cyber-attack, this is on peak
where almost every business organization, user of social media and other user gets impacted due
to ransomware cyber-attack. SME are some of the major victim of ransomware as cyber-attack,
these attacks depend on type of industry and their size, business processing and other factors are
included. Ransomware ask for amount of ransom user need to provide, many manufacturing
units even have to pay higher amount while unlocking their files and information. SME's are
some of the major target of ransomware attack, SME need to include cyber security.
4

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

TOPIC: RANSOMWARE ATTACKS IN SMES IN THE
MANUFACTURING SECTOR: CAUSES AND FRAMEWORK FOR
SECURITY
CHAPTER ONE: INTRODUCTION
Background information:
Ransomware is one of the most trending term in cyber world, this is a type of malware
that deny user to access their own files and document. Ransomware infect device and lock
important information in the system impacting user privacy and security of data, in order to
assess own file and information, user need to pay ransom (amount). This is type of cyber-attack
which have ability to steal important information from device and even infect other connected
device. Ransomware arrive in the system from external area including website, unlisted sites,
unethical downloads, spammed emails, malvertisement and even free anti-virus download of any
application or files (Aslan and Yilmaz, 2021). Ransomware limit user assess over files, this
simply means either pay the ransom amount or lose confidential files, here, user need to have
anti-ransomware software or antivirus allowing user to become safe and secure. Victim of
ransomware may include those users who assess internet on regular basis including business, E-
commerce user, social media user and student. SME (Small-to-Medium Enterprise) are some of
the most common type of victim of ransomware attack, these business unit do not have any extra
safety measure or expensive antivirus stopping the cyber-attack.
Firms who deal in production and manufacturing sector have high chance of getting
cyber-attack including ransomware attack, data and information related to manufacturing process
impacted after the attack of ransomware. Some ransomware is so powerful that even lock the
screen of user and prevent them to access information related to raw material, procurement,
production capacity and manufacturing demand. Ransomware attack reduce flow of supply and
demand as production department unable to assess information, depend on the size of
information, attacks and ransomware amount depend. However, ransomware attack is planned
which means SME with less security gets impacted due to ransomware attack, SME need to have
high tech cyber security allowing firm to ensure safety and security (Bansal and et.al., 2020).
Advance level of ransomware also added different variant of payment method including iTunes
5

and Amazon, some cyber attacker may demand cryptocurrency for the payment of ransom to free
system and device.
There are certain causes of ransomware attack including; opening of unverified emails
and spammed clicks, it is very clear that some cyber-attack arrives from spammed email, these
email do not mainly impact security of system until and unless user click and open these
spammed mail. Backup of system become impossible in the case of ransomware attack, firm
might have to pay the ransom amount to assess back to the system (Conti, Dargahi and
Dehghantanha, 2018). Apart from this, some ransomware attack arrives from click user made on
unlisted sites and link, many times cyber attacker send link to the victim which looks similar to
the system information, after opening of link, ransomware gets activated and block the screen of
user asking them to pay the amount and unlock the system (Vidyarthi and et.al., 2019).
Manufacturing unit consider ransomware as critical attack, they know if production stopped due
to cyber-attack then firm might face certain type of issue, cyber-attack takes away confidential
information from the system which means firm might become unstable and face losses. Small
scale business does not have experience in cyber-attacks, they do not focus on building strong
firewall over the system to keep files safe and secure.
Aim:
The aim of this study is “To understand why SMEs in the manufacturing sector are high
victims of ransomware attacks. Understanding the vulnerabilities and attack vectors would create
a better picture as to mitigate these attacks and create a more secure posture”
Objectives:
The following objectives will help in the overall research aim being achieved:
 Identify a sample of SMEs for my research
 Perform a survey, using interviews, on the employees within the sampled SMEs to
extract the needed information from the participants of the study.
 To identify the different security practices and postures in the sampled SMEs.
 To identify the reasons behind the high rate of successful ransomware attacks through the
interviews.
 To propose a set of best security policies and practices to improve the IT security in
SMEs in the manufacturing sector.
6

Research question:
1. What are the threats of ransomware attacks to SMEs in the manufacturing sector?
2. What are the factors that hinder or promote the security of Manufacturing SMEs against
ransomware attacks?
3. Are SMEs in the manufacturing sector practising a good policy to improve their system?
Rationale:
The reason behind conducting this research is to examine the impact of cyber-attack over
SME, there are certain type of cyber-attack but for betterment and clear view, researcher has
selected trending cyber-attack, 'ransomware'. This is one of the most powerful type of cyber-
attack which block the system of user and ask them to pay ransom, company who consider small
scale dealing are the victim of ransomware cyber-attack (Cusack, Michel and Keller, 2018).
Another reason for conducting this study is to investigate the impact of cyber-attack including
ransomware over manufacturing sector, this may include cause of cyber-attack. Personal interest
of researcher is another reason for selecting this topic, researcher want to explore this specific
topic where learning can be seen, cyber-attack and type of security needed to manage these
attack in the firm.
7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CHAPTER 2: LITERATURE REVIEW
Literature review chapter describe an overview about the key literature that is relevant to
research topic (Liu and et.al 2020). It involves the smooth flow of discussion about what
researcher has done already it assists to develop significance and context of study. Following
literature review also include the arguments of different authors regarding SME who are more
prone to cyber-attacks.
Theme 1: Definition of SME
According to the view of Agrafiotis and et.al (2018) Small to medium enterprise SME is a
convenient form for segmented organisations and other businesses. European union has
considered an SME as legal independent firm with less than 500 workforces, SME’s are not only
limited to any particular industry but they can also involve the small production arrangements,
small processing units. Author further said that SME’s are normal enterprises that have
investment, turnover and employees below the specific threshold, they are mainly categorises on
the basis of composite criteria about annual turnover and investment over machineries and other
requirements. there are major benefits which the numerous SME’s can get as they are much more
close to their consumer; they potentially deliver the best outcome to consumer where they retain
to firm for longer period. Another benefit for them is they can easily make decision for business
and having a short member of team will be efficient to deliver best outcome of any project.
However, author Manesh and Kaabouch, (2019) said that such organisation also has sort of
disadvantages like they possible seen as struggling for raising fund for their business, also some
businesses faces problem in finding the large number of audience and to make them potential
consumers. Additionally, because of poor IT structure they are also prone to cyber-attacks.
Theme 2: Factors Placing SMEs at Risk of Ransomware 637
As per the view of Mousavinejad and et.al (2019) It is found that due to rapid
technological evolution every business is attempting to have IT infrastructure for streamlining
their business functionalities, but it often comes in form of range of challenges like cyber-
attacks, data theft etc. Having use of technology is business is efficient but it is also important to
manage the system consistently and have technicians who can easily detect the problems and to
solve it to reduce chances of any vulnerabilities. Small and medium size businesses are also
adapting such IT system to upgrade their business functions but in return they also faces the
8

serious problem like issue of data theft and other malicious attacks. They are major victim of
cyber security attacks because of poor IT system and have lack of IT security in business lead
them to face vulnerable consequences. They usually lack the cyber security precautions as
compared to large organisation due to lack of money and other aspects. It is found that around 43
percent of all cyber-attacks is seen for Small businesses and the consequences of such breaches
are extremely costly from less efficiency to organisational reputation. However, author
Kavallieratos, Katsikas and Gkioulos, (2018) also said that not because of poor IT structure can
lead to such vulnerabilities but lack of knowledge in employees is also main cause for the cyber-
attacks. In some cases, it is seen that malicious link is appeared on employee’s device without
inspecting it they click on it, with their just one click all information is being sent to the party
who is behind of sending that con link.
Author Shi and et.al (2020) stated that ransomware is most common cyber-attack, it is a
malware attack that is designed to deny the organisational and user access to their system. It is
one of the common attack through which many SME’s are still suffering. In this attack mainly
hackers try to encrypt the data and once they succeed in it they asked for huge amount as ransom
against decryption key, to get the decryption key for encrypting the data user or organisation has
to pay large amount sometimes it can cause death threatening events for them. Some of the
organisation thinks that giving a ransom amount would be better deal to get access to system
again. Now a day’s ransom is becoming a most prominent and visible malware attack. Author
further proposed that recently ransomware attacks have affected the operability of health care
and small SME” s, this attack has literally crippled the services in cities and also lead certain
firm to face unwanted vulnerable consequences. Author Dimitriadis and et.al (2020) stated that
SME’s reason for more prone to ransomware attack because they heavily support BYOD (bring
your own device) system, where personal devices are being used by the employees in the office
premises that lead to such vulnerabilities. On contradict with the above statement author Liu and
et.al (2020) said that BYOD system can be beneficial for the firm it is not only reason for leading
to ransomware attack, as many employees in SME brings their system but they do have software
installed in their system to protect their organisational critical information from being out or
misused.
According to Tahoun and Arafa, (2021) lack of technical awareness is also a factor
leading to ransomware attack, generally SME’s hires less technically aware employees who does
9

not understand the risks of clicking the malicious links. Another reason is that SME generally
stores attractive data like consumer contact and other details, credit card information, intellectual
property information, thus poor handling of this can always create a probability for any type of
cyber-attacks. Author also said that because of limitation in funds SME’s do not prioritise their
budgetary system, they also not do not consider importance of investment on IT systems and
cyber security technologies. because of their lack of interest in cyber security aspects it made the
cyber criminals to easily identify the vulnerabilities which they can easily exploit to get access of
the network or system. However, Kurt, Yılmaz and Wang, (2018) author also said that SME’s
are also attacked through automated attack, where hackers usually utilises the accessible
malware tools to produce the mass attacks with such little investments, such attacks are
automated and hackers do not care about whom they are attacking as long as they get what they
desired for.
Theme 3: Responses to Ransomware Attacks
As per the view of Alhelou, Golshan and Hatziargyriou, (2019) Data backup and recovery
plan can be a better step for protecting critical information. It is important to perform and checks
the regular backups for restricting the impact of information or system loss and also to advance
the recovery process, in such it is important to make sure that essential backups must be isolated
from network for the better protection. By maintaining the operating systems and other software
components up to data and upgraded can also reduce the chances for cyber-attacks. However,
author Sethuraman, Vijayakumar and Walczak, (2020) argues that by maintaining the system is
not enough to prevent any attacks, it is important to utilise the latest patches for upgrading the
systems. As patching will help in decreasing the number of exploitable entrance aspects that are
available to the attacker. Author further explained that patching is one of the important aspects
that works against defending from ransomware attack.
Author Mousavinejad and et.al (2019) investigated that by installing the anti-virus
software utility can also be efficient to defend against malicious activities, for that it is also
necessary to scan and test all the downloaded software from internet before implementing or
using it. By restricting the permission to user will also be workable factor as it will restrict the
employee to not download the unwanted software and other applications, thus by follow up of
least privilege to all system and services can be beneficial as it prevents from malware attacks
10

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

and also prohibits the malware’s ability to spread through overall network. by avoiding
performing or enabling macros from email attachment is also effective, for an instance if user
opens the mail attachment and unknowingly they enable the macros can have embedded the code
which implement malware on system. Author Saad and et.al (2020) argues that what if person do
not know about such things like to not enable macros, in such it is important for the SME’s to
make sure that to teach their employees about such things and to provide them technical
knowledge trainings so that they are well aware of IT terms and avoid enabling macros, it will
ultimately reduce the chances for malicious attacks. Author further proposed that cyber
awareness training is must it plays a crucial role for organisation as well as for oneself, mostly
ransomware is spreading because it involves the phishing emails. Therefore, lack of awareness
towards technical aspects can cause serious troubles for SME business, therefore it is must to
train the workers to identify and reduce the potential ransomware attacks.
Current cyber-attacks generally initiate by targeting the email which does not even
contains the malware said by author Liu and et.al (2018) but generally they are socially
engineered information which motivates the person to click on that particular malicious link,
users’ education and awareness is one of the important defences which a firm can deploy to
avoid any kind of cyber risk. User authentication is one of the most favourable response against
cyber-attacks, in some cases accessing the RDP like services with the stolen user credential is
favourite activity of ransomware attackers. Therefore, to defend such activities it is important to
put strong password and authentication credential that will make harder for attacker to gain
insight of system and to stole the password. As per the view of author Kapoor and et.al (2021)
there are some anti-ransomware systems are also available that can be easily installed on system,
as by using virus scanners and content filters on mail servers can be an effective measure to
prevent ransomware activities. Such programs aim to decrease the spam risk that are generally
associated with malicious attachments which reached to mailbox. However, author Yin and et.al
(2019) said that installation of such system requires a huge amount of investment, thus before
investing on large equipment, it is must to educate the workforce about such attacks and to
conduct trainings session for them to prevent from malicious cyber-attack activities.
11

Theme 4: Cybersecurity Frameworks and Policies
From the view point of Humayun and et.al (2021), it is found that cybersecurity framework
generally a set of standards, suitable guidelines and other practices to manage the risk which
usually arise in digital world. They generally match the security objectives like to avoid any
unauthorised access to system, and manages the system by asking user to enter their username
and password so that if anyone tries to put fake password in system they can easily identified by
cyber security team. Cybersecurity frameworks works in securing the digital asserts, they are
typically designed for providing better security and also assists the security managers to
systematically apply the process in order to mitigate risk no matter how complicated the work
environment is. Author Zimba, Wang and Chen, (2018) said that it is often necessary for the
businesses to efficiently manage their credit card transaction and other details, it is also
mandatory that businesses should comply with audit that is linked with compliance with payment
card industry data security standards (PCIDSS) framework.
As per the view of Ilker and Aydos (2020) there are some cybersecurity frameworks which
can be easily deployed in order to prevent from malicious attacks, control framework is one of
them that helps in creating an important strategy so security team can easily follow, it also
provide the baseline for set of controls and assists in analysing current technical state as well as it
prioritize the control implementation. Other program framework and risk framework are also
there with the program model businesses can easily analyse their security program’s stage as
well as able to develop comprehensive program for security, following framework also helps in
measuring the security and to simplify the process of communication among the security team
and business managers. However, author Lai, Qiu and W, (2019) believes that CIS a critical
security control that creates a defence in better manner about specific best practices to overcome
cyber-attacks. Author further said that CIS is one of the best manner to work against cyber
threats it aligns with the NIST cybersecurity framework that is mainly designed to develop a
common language to manage risk within corporation. Additionally, this framework assists the
businesses to response to critical questions about their cybersecurity programs like which
inventory they are required to protect and what are some possible gaps in their security measure.
According to Trautman and Ormerod, (2018) cybersecurity policies are set of documents which
concerns with organisational statement for intent, principles and certain measures are included
for efficient management of cybersecurity risks. Some of the policies are virus and spyware
12

security policy where it covers the identification, removal and repairmen of side effects of virus
and other security risk by using the signatures. This policy also helps in identifying the
possibilities of the cyber threats and also helps in finding the applications which behaves
suspiciously. However, author Kumar and Ramlie, (2021) argues that above mentioned policy is
limited and somehow it is not efficient at greater level, instead of this firewall policy is also
present that helps in restricting or blocking the unauthorised user access to system, it is one of
the best policy to analyse the attacks by cybercriminals, where it also eliminates the unwanted
sources of network congestion.
13

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CHAPTER 3: RESEARCH METHODOLOGIES
Research methodology are set of techniques which is employed by the analyst in study,
these outlines the procedures and different stages that are carried out by researcher, it involves
the selection of tool that are used for data collection and analysis. Following section covers the
different research methods that are used by analyst in order to arrange this particular study.
Research strategy:
Research strategy defines as systematic approach where it involves the information like
how study is being conducted and arranged so that it should incorporate with solving the
research problem. it falls under the methodologies which refers to certain procedural technique
used for conducting study. It further classified in different aspects that are qualitative,
quantitative and mixed strategy (Askarifar, Rahman and Osman, 2018). Qualitative research
strategy usually involves the data which is free from figures and other numeric data, this process
generally utilises the subjective aspects to collect the data. Most probably this method assists in
generating the better and depth insight into the problem so that new ideas can be generated. On
the other hand, quantitative data which concerns with figurative and numeric data, it conducts
systematic examination of phenomena by collecting quantifiable information and carrying out
computational, statistical operation over data to produce desirable results. Mixed research
strategy that mainly perform with combination of both qualitative and quantitative strategy to
address particular research questions, it integrates the essential stage in research process. For this
research project qualitative strategy is been taken by the analyst because of its numerous
advantages over quantitative and mixed method (Dunkerley and Tumbarello, 2020). It also
concentrates on achieving data as possible from relatively selected sample size, qualitative
method is very responsive and provides flexibility to analyst to successfully arranged the study.
Reason for not selecting quantitative is that any false in numbers can mislead the whole research
process, and for not choosing mixed method because it is way more complex to carried out,
additionally it also requires more specialism in gathering and analysing the data. thus because of
certain reason qualitative study is main focus of analyst to implement this strategy regarding
research issue as why SME’s more prone to cyber-attacks.
14

Research approach:
This research method concerns with appropriate plan and procedure that entails broad
assumption to well-structured methods about data collection, analysis and further
implementation. Typically, approach is based on nature of the study problem that need to be
addressed throughout the research. It is further divided in three aspects that are deductive,
inductive and abductive method (Maigida and et.al 2019). Regarding inductive approach, it
basically concerns with qualitative data where it does not include formation of hypothesis, it
specifically initiates with research questions, study aims and objectives which are required to
accomplished during research process. It encompasses identification of patterns from set of
observations and creation of explanations like theories are found, means it moves from specific
observation to vast generalisation where formation of new theory is found. Whereas deductive
reasoning that involves hypothesis where it begins from general information to specific one, it
also known as top down reasoning (Bae, Lee and Im, 2020). This approach usually explores the
phenomena to test whether theory is valid for such circumstances, in other words deductive
reasoning generally review deductive conclusion from propositions. Abductive approach, in this
study process is devoted to discuss the incomplete observations or surprising facts at the initial
stage of study (Takahashi, 2018). Where surprising facts usually occur when analyst found an
empirical phenomenon which cannot be examine by the existing theories. Following research
project is based on qualitative data that is why inductive reasoning is being deployed in this
project, reason for selecting it over rest option because it helps in predicting what will happen
next in future and to construct the possibilities of what will happen in future. Reason for not
selecting deductive because it completely relies over the initial stage which must need to be
corrected anyhow while reason for not selecting abductive is that it is sometimes incoherent and
even non-existent.
Research philosophy:
It the belief that deals with sources and nature of phenomena, it discusses how data about
certain situation is been collected and analysed to address the identified research problem. it is
linked with assumptions, and study context where it specifically deals with certain way of
developing knowledge. Following process can be done in two ways that are positivism and
interpretivism both have different aspects. regarding interpretivism approach where researcher
plays a significant role in examining or exploring the social world. Such type of research is
15

revolving around the interest of analyst. Construction of interpretivist philosophy depends on
critique of positivism within social sciences, specifically this philosophy discusses the qualitative
aspect over quantitative analysis. In addition to this interpretivism is also linked with
philosophical place of idealism and utilised together with diverse approaches that also involves
social constructivism (Mohammad, 2020). On the other hand, positivism philosophy that is
empiricist theory which states that whole knowledge should be true. It only adheres with factual
knowledge that is achieved from observation, in this type of study, there is limitation in role of
analyst regarding collection and interpretation of the data. while positivism relies on quantifiable
observations which leads to statistical analysis, it is one of the dominant form of study within
business and management disciplines from long term. Regarding this project interpretivism
approach is efficient as responses gathered in this are very near to truth.
Research design:
Research design is arrangement of research methods and key techniques, researcher
consider one of the best research design to conduct an study, depending on type of topic and its
reliability, research design play vital role. Researcher focus on suitable methods, but they need to
have proper framework for conducting such study, focusing on overall design of the study and
bringing suitable methods to collect and analyse the data. There are two types of research design,
descriptive research design and experimental research design (Mohajan, 2018). Descriptive
research design is one of the most common type of research framework allowing researcher to
focus on describing the situation related to topic in details. This type of design focus on
theoretical basis which means, collecting data and analysing it theoretical and understandable
manner, descriptive research design allow research to structure their study and bring betterment
accordingly. Researcher considers this research design to explore more than one variable, they
explore wide range of approaches.
Whereas, experimental research design is another common and most effective form of
design allowing researcher to consider scientific approach, here researcher need to consider two
set of variable. Experimental research design mostly used on quantitative research allowing
researcher to undertake scientific approach, this may include appropriate setting. On the other
hand, Exploratory research design was considered by researcher to investigate topic carefully
and explore conclusive result. Exploratory research design allow researcher to start their analysis
with general idea which means they might reach to an aspect after consider the topic and
16

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

reliability of the data. Researcher considers different methodologies and techniques while
consider exploratory research design. For the completion of this study, researcher has considered
exploratory research design allowing them to focus on several types of methodologies and
techniques, researcher has considered this method to structure their study according to the
research and topic selected.
Data collection:
Data collection is one of the most important element in the research methodology, this
allows researcher to consider one of the best method to collect data. Every research consists
either primary or secondary source of data and information, researcher select best suitable source
according to their topic selected. However, researcher might consider primary data collection
over secondary because primary data is more reliable than secondary source of data and collected
effective information. There are two type of data collection methods, these are: primary data
collection method and secondary data collection method (Pandey and Pandey, 2021). Primary
data collection is one of the most reliable and valid method, this allows researcher to consider
primary source of information including viewpoint of participant, thoughts of employee and
observation of individual and their behaviour directly. Primary data include current information
about the topic, researcher select this method to ensure their study is reliable and valid enough in
terms of data and information.
Whereas, secondary data collection method is another valid method ensuring reliability
and validity of data, researcher consider this method to focus on selecting those data and
information which is provided by other authors and experts. Secondary data collection method
may include viewpoint of author, expert, published source, article, books, journals and online
source of information provide information for the chosen topic. For the completion of this study,
researcher has selected both primary and secondary data collection method because researcher
want to explore this topic briefly and want to clearly provide the best result and findings. Both
primary and secondary data is valid in their own area, researcher has mainly focused on primary
data allowing them to select participant and their viewpoint. This study include information from
primary source and other key data and information from secondary source keeping the reliability
and validity in the study.
17

Data analysis:
Data analysis is process of analysing the data collected in previous methodologies, this is
most important element in the research allowing researcher to analyse the data and find best
result. Researcher considers certain methods and techniques to analyse data and find the best
result, analysing data is one of the most challenging task for the researcher because this may
require them to consider the best methods and techniques. There are two type of data analysis,
these are: thematic data analysis and statistical data analysis (Rinjit, 2020). Thematic data
analysis is process of analysing data under qualitative measure, this may include ways to
describe data and construct them under certain themes. Researcher may select thematic data
analysis to consider viewpoint of participant, they will observe participant and their thematic
feeling and behaviour. Observation is performed with the help of questionnaire where researcher
asks certain type of question and collect viewpoint of these participant.
Whereas, statistical data analysis is process of analysing data under quantitative measure,
researcher consider certain themes and statistical data in their study. Statistical data provide those
details which include facts and figure which means researcher will discover underlying pattern
and current trend of the chosen topic, researcher might consider statistical data when chosen
topic demand current trend and pattern in the process (Mishra and Alok, 2022). For the
completion this study, researcher has considered thematic data analysis allowing them to
consider, qualitative measure, researcher has analysed the data under a pattern and select means
of criteria. Researcher has focused on questionnaire and interview transcript, researcher has
crafted certain pattern under themes and measure of qualitative analysis. Thematic analysis is
most common type but it is most challenging also because researcher might face certain type of
challenges while analysis data and finding best result.
Reliability and validity:
Reliability and validity is most common but important term in the research, every study
need to meet reliability and validity criteria to ensure their research is effective and meeting all
requirement. Reliability and validity is key pillar of every research, if data is not reliable then it
can not be considered by reader or other individual. Reliability is means of measuring the
effectiveness and strength of data and information included in the study, researcher consider
certain measure ensuring high reliability of the study (Cr, 2020). Both reliability and validity is
wide concept, researcher consider certain measure to examine the reliability and validity of the
18

study. For example; if researcher has considered primary data in the study then reliability may
have increased but if they have selected secondary data then validity of data may have increase
in the research. Both reliability and validity is area of ensuring effectiveness and strength of data
included in the research, researcher might have selected the best methods, tools, measurement,
techniques and other element to ensure reliability and validity is maintained in the study.
Measuring reliability in the study allow researcher to consider the best source and data,
reliability simply means the best method used for collecting and interpreting data and finding the
best result for the same, researcher achieve reliability by keeping their work as per the
requirement. Researcher considers reliable methods and source to make their study effective
enough meeting all requirement, in research reliability of study does matter because this allows
researcher to develop confidence in their findings (Krosnick, 2018). Validity of data bring result
to valid conclusion which means researcher need to have valid source to collect information and
data. To measure validity of data, researcher might consider different methods and technique,
every study need to meet requirement of valid study.
Ethical consideration:
Ethics is one of the most important element in the study and research, this allows
researcher to follow every ethical consideration helping them to meet requirement to keep study
effective. Ethical consideration are designed by the researcher to keep study valid, source of data
and ethical resulting allow researcher to improve quality of their study. Ethics help researcher to
maintain fair manners towards data, source and participant, keeping ethical behaviour push
researcher to become stable in the market (Broesch and et.al., 2020). Every study need to meet
ethical criteria, some are key by researcher themselves and some are provided by the tutor or
authority, ethics to maintain fairness of study. There are certain area where researcher can keep
their study ethically best, certain ethical consideration may include, these are:
 Source of data used in the study meet reliability criteria, providing wrong information is
ethical against the study, researcher keep data valid by keeping this ethical measurement
in the process. Researcher consider best source of data, whereas, researcher provide
citation of the author to provide them credit of the content which is one of the ethical
measure.
 Researcher have collected viewpoint of different participant, conducting questionnaire
and interview is challenging process, researcher might need to follow ethical and
19

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

personal aspect of the participant. For the completion of this study, researcher has
provided informed consent to every participant in both questionnaire and interview
process in which researcher has focused on collecting data from these participant
(Rüdiger and Dayter, 2017).
 Researcher has focused on keeping the result reliable and valid which means researcher
has set ethical criteria for interpreting and finding the result, researcher has included
those data and information which is correct and valid, keeping study valid because ethics
of researcher push them to do so, researcher has considered those valid data and
information which keep reader to understand the study and depend on data included in
the study.
CHAPTER FOUR: DATA ANALYSIS
Data analysis is one of the most important part of the study, this allows researcher to analyse
the data and find the best result (Angelov, Gu and Príncipe, 2017). Data analysis involve
interpretation of data collect on previous chapter, researcher has considered this chapter the most
important because whole study depend on analysing the data and finding best result (Souza and
et.al., 2019). For the completion of this study, researcher has considered secondary data analysis
method and process to find key understanding of the chosen topic, there are certain themes which
cover the following aspects in the process, these are;
Cyber-attack is one of the most common term in digital world, this is threat that impact
user’s system and disable them to assess their files (Agrafiotis and et.al., 2018). Cybercriminal
perform cyber-attack to gain ransom (Amount) from user, with the aim to steal confidential data
and information, cyber attackers may use different method to enter or assess personal system of
user. A group or individual use different strategies to launch cyber-attack, these strategies are
mostly related to online connectivity with different website. Attacks from cybercriminal create
several issue for user and may completely destroy data and information, these attacks result in
major loss of individual user. However, government and cyber security organization are advance
enough to regain lost data and information from these attackers, cyber security service allow user
to safeguard their system and ensure security is maintained. Cyber attacking is considered as
criminal activity in the legislative world, individual or group of cyber attacker may face legal
challenges.
20

Cyber-attacks are act of financial gain, attackers demand ransom for each attack and
returning of data and information (Mahmoud, Hamdan and Baroudi, 2019). Depending on type
of industry, cyber-attack can be easy to remove challenging to handle, businesses dealing in
manufacturing process face major challenges after cyber-attack. Manufacturing unit have most
amount of cyber security allows them to secure their production and manufacturing process,
SME (Small-Medium-Enterprise) need cyber security to ensure their process is not impacted.
The flow of information including resource, budget, amount, capabilities and confidential data of
supply and demand remain in danger during cyber-attack, once these data is lost, manufacturing
unit cannot proceed further and may face heavy losses. Small scale firm do not have cyber
security measure to protect and secure their data, they do not have any extra measure to manage
data and security of their system, small scale business unit remain unaware about the impact of
cyber-attack, once their data is lost.
The purpose of cyber-attack is financial gain, attackers only demand ransom against
cyber release of data. Cyber attackers know how to prevent their location disclosure or other
measure to remain out of reach, many cyber experts and government agent try to locate cyber
attackers but fail to trace them because these attackers are experts in IT area and carry vast
knowledge with criminal mind-set (Alhayani and et.al., 2021). Every nation considers cyber-
attack as cybercrime which have different civil procedure, criminal may face legal challenge, jail
and heavy penalties over cyber-attack. Depend on type of cyber-attack, the government decided
punishment, cyber criminals often have sensitive data which impact strategies of government as
well because leak of sensitive data might impact firm performance and firm might face wind up
situation. Each cyber-attack has purpose which focus on financial gain, however, in business
world, cyber-attack is consider as unethical competitive move to impact competitor’s
performance in the market.
Cyber-attack is of different types including phishing attack in which cyber attacker send
trusted mail to user allowing them to open the mail and link provided in the mail. Once user open
these mails and links, cyber attacker gain access to personal system and information of the user,
cyber attacker silently steals information of user without even knowing. User remain unaware
about loss of data until they find it. On the other hand, password attack is another common type
of cyber-attack allow cyber attacker to crack password and assess system of user, password
hackers use certain strategies to examine password set by the user. For example: password
21

hacker might send cyber security mail to user, asking them to log in, once entering the provided
link, cyber attacker or password hacker have access to password set by the user which further
can be used in stealing of information (Yamin and et.al., 2021).
Cyber attackers are targeting manufacturing unit, these attacks are not related to size and
production capacity of the business but these attacks are targeting small scale unit because they
know, these small scale business do not take extra measure to manage and secure their data and
information. Cyber-attack result in loss of intellectual property of manufacturing unit including
confidential data and information, details of business process, details of budget and resource and
personal information of labour and other worker related to the manufacturing process.
Manufacturing unit face loss of millions of dollar after one cyber-attack, information stolen is
much more valuable then final product prepared in the manufacturing unit, however, business
might face critical challenges even after gaining back stolen data. Cyber solution for
manufacturing unit are affordable which means these solutions can protect manufacturing unit
from critical attacks and secure their confidential data and information in the process.
Cyber-attack as ransomware is one of the most common type of cyber-attack which do
not allow user to assess their own files and system until and unless ransom (amount) is paid by
the user. These attacks have major impact over user because user either have to provide ransom
or they will lose their data and information which is highly confidential. However, depending on
the type of cyber-attack, user have to pay set amount to free their account from cyber attackers.
Ransomware is new type of malware attack that impact performance of business unit mainly
manufacturing unit because these business area are highly sensitive and do not have extra
security feature to manage such power attack (Amir, Levi and Livne, 2018). Creating solid cyber
security firewall is one of the basic step taken by manufacturing unit to keep their system safe
and secure, however, firm need to take certain other measure to manage security of their system
and software.
Cyber-attack is one of the most challenging process in the business world, these attack
not only impact performance of firm in the market but this impact their financial stability and
further procedure. Ransomware is most critical type of cyber-attack fall in the category of
malware cyber-attack impacting financial stability of the firm, ransom means amount asked by
the cyber attacker to free the hacked system and data (Mohurle and Patil, 2017). After paying
ransom, there is not surety that user will gain their lost data and information. However,
22

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

ransomware do not impact large business and manufacturing unit, they target small scale
business and manufacturing firm because these firm do not have extra security and safety
features to manage cyber-attack. There are certain types of challenges faced by the business
organization during ransomware attack creating certain type of vulnerabilities, these are:
Loss of money: This is one of the most common challenge faced by the business
organization during cyber-attack, loss of money can be seen when ransomware attack impact
individual user. Ransomware cyber attackers only target small scale business unit mainly
because of two major reason. At first, cyber security of these company or business unit are not
powerful enough to stop cyber-attack and secondly, the flow of money remain high and stable in
these business unit. Moreover, manufacturing units are highly economic and stable in terms of
financial abilities, these units maintain flow of budget to continue their production (Tandon and
Nayyar, 2019). That is why, cyber attacker prefers these small scale business units for collecting
ransom on the basis of ransomware attack. When manufacturing and business unit face
ransomware cyber-attack, they ensure back is ready to provide safety to business account,
ransomware block assess of user towards their file which means firm cannot assess their account
and manage cyber security.
Loss of reputation: This is one of the major challenges faced by the firm due to cyber-
attack in which firm lose reputation and trust of customer, even employee leave company
increasing high employee turnover. Loss of reputation is major challenge for those business unit
that are rapidly growing and enjoying stable growth, reputation does matter for these business
unit because without reputation, they cannot perform major business activities. Ransomware is
common type of cyber-attack which have major impact over firm’s performance and reputation,
large manufacturing unit have safety measure to manage cyber-attack and secure their reputation
in the market but in the case of small manufacturing unit, cyber-attack majorly impacts their
reputation and even sustain their growth impacting their future stability in the market. Challenges
arrive during and after ransomware attack in which data is lost, reputation is lost, investors are
lost, customers are lost and even employee will leave the firm.
Staff burnout: This is another major issue faced by business organization during
ransomware attack, after attack, firm might lose their reputation in the eyes of investor and
customer but this also impact employee performance (Malecki, 2019). Cyber-attack create
tension in the workplace, even IT experts and cyber professional face problem managing
23

vulnerabilities arrive from cyber-attack. Employee might leave the organization because of
safety concern, even their personal data and information remain unsecure during and after
ransomware malware attack. Staff burnout and loss of professional impact performance of firm
in the market and impact their revenue generating capabilities. Staff burnout is major issue due to
cyber-attack but mainly impact reputation of firm which impact new hiring process as well, new
candidate will not consider those firm who have faced cyber-attack for their safety reasons.
Manufacturing unit may face challenge of winding up because labour and unit worker might
leave the process in the middle without any extra efforts to manage the attack.
Legal challenges: Firm might face legal challenges due to cyber-attack in which cyber
attacker use stolen data of one organization to attack another business unit, this will create an
issue between two organizations. After cyber-attack, attackers might use name and ID of victim
firm to defame and impact another same scale unit, these type of activity will create tension
between two firms creating legal challenges. However, these situations do not arrive in
ransomware attack because these type of attack are structured to ask for ransom rather than
stealing and destroying data and information. Legal challenges are faced by firm, due to loss of
reputation firm might face challenge regarding trust in the market, cyber-attack destroy
reputation of firm which give birth to new type of challenges which make it hard to survive in
the market.
Loss of data: Loss of data is most common challenge faced by victim firm from cyber-
attack, data and information is lost due to cyber-attack impacting process of firm and their
growth. However, data losing is common in cyber-attack but depending on type of data,
company calculate loss occur after the attack (Bhagwat and Patil, 2020). Ransomware cyber-
attack demand user to pay a certain amount, after completion of payment, system is free from
attacker’s side. Ransomware is type of financial attack in which firm lose their financial stability,
amount needed to be paid to these attackers to free the system. Losing data is critical issue for
business firm, they cannot bear the loss of data due to cyber-attack.
It has been evaluated that cyber-attacks always imposed serious or vulnerable consequences
for anyone, there is a myth which says that only big merchandise are more prone to such
malicious activities but it is not true, normal person can also be a cyber-attack victim as well as
small businesses are also more prone to such disastrous situations (Hemalatha and et.al, 2021).
Ransomware is most common type of attack which normally can be seen, as just by one click on
24

link will give whole information access to hackers, therefore there are different type of
cybercrime which attackers commit. It is considered as big crime where attackers are penalised
by huge amount as well as long term prison is also there as a punishment. There are suitable
mitigation strategies which can be deployed against cyber risk, cyber cell team work on
identifying link to attackers, they update security in existing system so that it helps in preventing
from such events. First of all, it is more prominent to conduct a cybersecurity risk assessment, as
it gives complete assistance in disclosing potential gaps within security management so that early
precautions can be prepared. Risk assessment also helps in providing better insight into useful
asset which must requires a strong protection so that security can be updated accordingly. In
most of the case organisation who do not have this facility are likely to face unstable situation
because they were not prepared for sudden exposure of risk. Therefore, conducting risk audit can
inform the IT team to analyse the vulnerabilities areas which can be exploited and prioritize so
that consequences can be remediated first (Tully and et.al, 2020). Developing a network access
control is one of the best strategy that can be deployed as it is the further stage after risk audit
where firms is familiar with their crucial asset, so that they will proceed to create a strong control
over network access that is able to restrict third party access.
Ransomware attacks are becoming ubiquitous as they are integrated with more sophisticated
and set risks, ransomware as a service considerably utilises the affiliate model which
encompasses the network of attackers, where it is giving several opportunities for them to
increase attacks and avail huge ransom price. Thus ransomware software from such cyber-
criminal group like Darkside enables the attackers to target victims and implement their
malware. Therefore, such activities need to be stop for the well-being of humans, hence
safeguarding network and system is one of the major aspect that can be used to restrict
ransomware attacks. Backups are essential, it just requires a backup system which allows for the
multiple iterations of backups that are saved in a system, there are some instances where backup
copy includes encrypted and infected files, therefore to avoid such situation it is important to
regularly test backup data for ensuring data integrity for better operational work (Ophoff and
Lakay, 2018). Antivirus and anti-spam is also well known solutions that enables system to
regularly scans antivirus programs that updates the signature, thus it helps in protecting system
from any kind of vulnerabilities. Executing anti-spam also helps in restricting phishing emails to
enter into the network, organisations can also proceed to add warning banner for their all emails
25

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

from outer sources so that it will aware the users to not click on such suspicious links. Disabling
macros scripts is another appropriate solution, it needed office viewer system for using Microsoft
office to forward file through email instead of using full office applications. From the above
information added in the project suggests that poor IT infrastructure of SME lead them to face
cyber-attack situation, as usually they don’t spend capitals resources over maintenance of system
as well as they do not hire the expert in order to deal with IT related problems. Thus it is
important for them to have such system in order to arrange all their security measures to protect
their essential assets, otherwise delay or failure in this will lead them to stand in a situation
where do not found any solution.
Maintaining all systems and updating patched security is one of the measure that fight
against ransomware attack, as it involves all hardware devices like smart phones, computer
system as well as include cloud locations and latest patched system (Gupta, Jindal and Bedi,
2021). Hence, by using centralised patch system and executing white listing system policies will
help in safeguarding from implementation of the program that is constant in ransomware
locations like temporary folders. Using proxy server for network access and adding ad blocking
system also provide better security measure as it prohibits the common ransomware access like
personal email accounts. Implementing IDS (Intrusion detection system) is also essential process
that controls malicious activities just by comparing network with signatures in order to identify
any cyber threats. Robustness in IDS plays a significant role in updating the signature and alerts
the organisation to promptly detect any risk so that mitigation strategies can be implemented. By
reducing the attack surface can also be beneficial as it generally refers to vulnerabilities areas
which cyber attackers uses to access the system. Therefore, minimising entry points for attacks
involves assessment of some points like physical attack surface which simply suggest that if
organisation have poor credential then hackers are more likely to access the business premises
and stole useful information. Hence, it is essential to use appropriate attack surface intelligence
that assists the business to acknowledge their security posture and other threat landscape that will
guide them to detect any vulnerabilities so that prompt solution can be executed against it
(Bouhamed, and et.al, 2021). Therefore, these are the potential mitigation factors which SME
can proceed to deploy, other important thing is that to strengthen their IT infrastructure and to
provide awareness trainings to employee so that they will not click on any suspicious link, as
26

well as employee knowledge in it will lead to better preparation of mitigation strategies,
therefore early arrangement can also help in reducing chances of loss.
CHAPTER 5 CONCLUSION AND RECOMMENDATION
CONCLUSION
From the above overall evaluation, it has been concluded that cyber-attack activities
imposed various and unbeatable challenges for the small business organisation. Above research
project has included all relevant information that helps in accomplishing the main goal of the
research. It illustrated the detailed information regarding aim, objectives and research questions
where it also included the information regarding why researcher has selected this ransomware
topic for the study, where rationale section is made that shows the information as why study is
being conducted over this topic. Moving further research also has included the different
arguments of authors which is highlighted in literature review chapter, where different themes
have been discussed related to ransomware attacks and responses which the business applied
against such attacks, where critical evaluation has also done that included the counter arguments
of the authors.
Research methodologies have special importance in research projects without use of this it is
impossible for the researcher to reach to the better study conclusion, thus different techniques
have been implied in this project, where major focus is shown for the qualitative analysis
because of its advantages over other methods, this project has also taken the use of inductive
approach in order to accomplished research objectives. Other techniques also utilised in project
which are interpretivism philosophy, exploratory approach, regarding data collection project has
covered the two segments, in first part it has included the questionnaire section where questions
are being asked to participants, while in other segment interview process is done for 5
respondents. Finally, research has also included the information where recommendations are
main heading that is made for the businesses to utilised some effectual strategies that work
appropriately against ransomware attacks and from other cyber-attack.
RECOMMENDATION
It is obvious that ransomware imposed certain challenges for the business, in such
scenario it is foremost for the businesses to proceed with suitable strategies that work against
27

ransomware attack. Some of the strategies which the SME can proceed with to deploy are as
follows:
Make regular backups: Up to date backup always plays a significant role, it assists in
efficiently recovering from ransomware attacks (Dan-Suteu, 2018). In such SME can begin to
make regular backups of their files and also to check whether it is working according to their
expectations or not. Organisations can proceed to use cloud services, but they need to make sure
that their cloud services are incorporating with security services.
Prevent malware from being delivered to other systems: SME can easily minimise the
probability of suspicious content reaching to their system by combination of such services like to
filter any file type that they are expecting to receive it. they can also begin to block some
websites which is found as suspicious or malicious (Adamsky and et.al 2018). Organisations can
also proceed to uses their signatures for restricting the malicious codes, such combinations can
be done with the help of network services like mail filtering which is in association with spam
filtering, it usually blocks the suspicious mail and also remove the executable attachments.
Restrict malware to run over devices: It is important to prevent the malware from running over
systems, otherwise businesses will not be able to protect their critical information. In such they
should proceed with centrally controlling their devices in order to allow only those applications
that are trusted by enterprise for running on devices, it can be done by using technologies that
involve AppLocker. It is also suggested to SME to consider whether they are using antivirus
software or anti malware products, it helps in reducing chances of attack for system, for that it is
also essential for the businesses to keep on checking their system and keep it up to date so their
system will be protected from any malicious attacks.
Preparation for the events: Ransomware attack are more devastating for the corporation as
their systems are no longer able to perform as well as there will no data recovery, in some
scenario businesses have faced serious issue they think of shut down their business (Alshaikh,
Ramadan and Hefny, 2020). In such businesses can proceed to first determine their most
important assets and analyse the impact which those assets will create if they are affected by
malware attack. It is recommended to businesses to be ready and plan for attack, they need to
formulate the strategies and also enables the better external and internal communication strategy
so that final outcomes can be reached.
28

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Therefore, above have discussed the range of strategies which the SME can proceed to
follow or implement, along with this it is also important for them to use encryption process for
securing their data. typically, this process helps in preventing from any cyber threat, strong
encryption also imposed barriers for attackers to decrypt the file.
29

REFERENCES
Books and journals
Adamsky, F. and et.al 2018. Integrated protection of industrial control systems from cyber-
attacks: The ATENA approach. International Journal of Critical Infrastructure
Protection. 21. pp.72-82.
Agrafiotis and et.al., 2018. A taxonomy of cyber-harms: Defining the impacts of cyber-attacks
and understanding how they propagate. Journal of Cybersecurity, 4(1), p.tyy006.
Agrafiotis, I. and et.al 2018. A taxonomy of cyber-harms: Defining the impacts of cyber-attacks
and understanding how they propagate. Journal of Cybersecurity. 4(1). p.tyy006.
Aldaraani, N. and Begum, Z., 2018, April. Understanding the impact of ransomware: A survey
on its evolution, mitigation and prevention techniques. In 2018 21st Saudi Computer
Society National Computer Conference (NCC) (pp. 1-5). IEEE.
Alhayani and et.al., 2021. Best ways computation intelligent of face cyber attacks. Materials
Today: Proceedings.
Alhelou, H.H., Golshan, M.E.H. and Hatziargyriou, N.D., 2019. A decentralized functional
observer based optimal LFC considering unknown inputs, uncertainties, and cyber-
attacks. IEEE Transactions on Power Systems. 34(6). pp.4408-4417.
Alshaikh, H., Ramadan, N. and Hefny, H.A., 2020. Ransomware prevention and mitigation
techniques. Int J Comput Appl. 117. pp.31-39.
Amir, E., Levi, S. and Livne, T., 2018. Do firms underreport information on cyber-attacks?
Evidence from capital markets. Review of Accounting Studies, 23(3), pp.1177-1206.
Angelov, P.P., Gu, X. and Príncipe, J.C., 2017. A generalized methodology for data
analysis. IEEE transactions on cybernetics, 48(10), pp.2981-2993.
Askarifar, S., Rahman, N.A.A. and Osman, H., 2018. A review of latest wannacry ransomware:
Actions and preventions. J. Eng. Sci. Technol. 13. pp.24-33.
Aslan, Ö. and Yilmaz, A.A., 2021. A new malware classification framework based on deep
learning algorithms. Ieee Access, 9, pp.87936-87951.
Bae, S.I., Lee, G.B. and Im, E.G., 2020. Ransomware detection using machine learning
algorithms. Concurrency and Computation: Practice and Experience. 32(18). p.e5422.
Bansal and et.al., 2020. Studying ransomware attacks using web search logs. In Proceedings of
the 43rd International ACM SIGIR Conference on Research and Development in
Information Retrieval (pp. 1517-1520).
Bhagwat, L.B. and Patil, B.M., 2020. Detection of ransomware attack: A review. In Proceeding
of International Conference on Computational Science and Applications (pp. 15-22).
Springer, Singapore.
Bouhamed, O. and et.al, 2021, May. Lightweight ids for uav networks: A periodic deep
reinforcement learning-based approach. In 2021 IFIP/IEEE International Symposium on
Integrated Network Management (IM) (pp. 1032-1037). IEEE.
30

Broesch and et.al., 2020. Navigating cross-cultural research: methodological and ethical
considerations. Proceedings of the Royal Society B, 287(1935), p.20201245.
Conti, M., Dargahi, T. and Dehghantanha, A., 2018. Cyber threat intelligence: challenges and
opportunities. Cyber Threat Intelligence, pp.1-6.
Cr, K., 2020. Research methodology methods and techniques.
Cusack, G., Michel, O. and Keller, E., 2018. Machine learning-based detection of ransomware
using SDN. In Proceedings of the 2018 ACM International Workshop on Security in
Software Defined Networks & Network Function Virtualization (pp. 1-6).
Dan-Suteu, S.A., 2018. Boosting Cyber Security Innovation and Culture through Public-Private
Research Projects. In The International Scientific Conference eLearning and Software for
Education (Vol. 4, pp. 20-25). " Carol I" National Defence University.
Dimitriadis, A. and et.al 2020. D4I-Digital forensics framework for reviewing and investigating
cyber attacks. Array. 5. p.100015.
Dunkerley, M. and Tumbarello, M., 2020. Mastering Windows Security and Hardening: Secure
and protect your Windows environment from intruders, malware attacks, and other cyber
threats. Packt Publishing Ltd.
Gupta, N., Jindal, V. and Bedi, P., 2021. LIO-IDS: handling class imbalance using LSTM and
improved one-vs-one technique in intrusion detection system. Computer Networks. 192.
p.108076.
Hemalatha, J. and et.al, 2021. An efficient densenet-based deep learning model for malware
detection. Entropy. 23(3). p.344.
Humayun, M., and et.al 2021. Internet of things and ransomware: Evolution, mitigation and
prevention. Egyptian Informatics Journal. 22(1). pp.105-117.
Ilker, K.A.R.A. and Aydos, M., 2020, October. Cyber fraud: Detection and analysis of the
crypto-ransomware. In 2020 11th IEEE Annual Ubiquitous Computing, Electronics &
Mobile Communication Conference (UEMCON) (pp. 0764-0769). IEEE.
Kapoor, A. and et.al 2021. Ransomware detection, avoidance, and mitigation scheme: a review
and future directions. Sustainability. 14(1). p.8.
Kavallieratos, G., Katsikas, S. and Gkioulos, V., 2018. Cyber-attacks against the autonomous
ship. In Computer security (pp. 20-36). Springer, Cham.
Krosnick, J.A., 2018. Improving question design to maximize reliability and validity. The
Palgrave handbook of survey research, pp.95-101.
Kumar, P.R. and Ramlie, H.R.E.B.H., 2021, January. Anatomy of Ransomware: Attack Stages,
Patterns and Handling Techniques. In International Conference on Computational
Intelligence in Information System (pp. 205-214). Springer, Cham.
Kurt, M.N., Yılmaz, Y. and Wang, X., 2018. Real-time detection of hybrid and stealthy cyber-
attacks in smart grid. IEEE Transactions on Information Forensics and Security. 14(2).
pp.498-513.
Lai, R., Qiu, X. and Wu, J., 2019. Robustness of asymmetric cyber-physical power systems
against cyber attacks. IEEE Access. 7. pp.61342-61352.
Liu, J. and et.al 2020. Security control for T–S fuzzy systems with adaptive event-triggered
mechanism and multiple cyber-attacks. IEEE Transactions on Systems, Man, and
Cybernetics: Systems. 51(10). pp.6544-6554.
Liu, J. and et.al 2018. Quantized stabilization for T–S fuzzy systems with hybrid-triggered
mechanism and stochastic cyber-attacks. IEEE Transactions on Fuzzy Systems. 26(6).
pp.3820-3834.
31

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Liu, J. and et.al 2020. Security control for T–S fuzzy systems with adaptive event-triggered
mechanism and multiple cyber-attacks. IEEE Transactions on Systems, Man, and
Cybernetics: Systems. 51(10). pp.6544-6554.
Mahmoud, M.S., Hamdan, M.M. and Baroudi, U.A., 2019. Modeling and control of cyber-
physical systems subject to cyber attacks: A survey of recent advances and
challenges. Neurocomputing, 338, pp.101-115.
Maigida, A.M. and et.al 2019. Systematic literature review and metadata analysis of ransomware
attacks and detection mechanisms. Journal of Reliable Intelligent Environments. 5(2).
pp.67-89.
Malecki, F., 2019. Best practices for preventing and recovering from a ransomware
attack. Computer Fraud & Security, 2019(3), pp.8-10.
Manesh, M.R. and Kaabouch, N., 2019. Cyber-attacks on unmanned aerial system networks:
Detection, countermeasure, and future research directions. Computers & Security. 85.
pp.386-401.
Mishra, S.B. and Alok, S., 2022. Handbook of research methodology.
Mohajan, H.K., 2018. Qualitative research methodology in social sciences and related
subjects. Journal of Economic Development, Environment and People, 7(1), pp.23-48.
Mohammad, A.H., 2020. Ransomware evolution, growth and recommendation for
detection. Modern Applied Science. 14(3). p.68.
Mohurle, S. and Patil, M., 2017. A brief study of wannacry threat: Ransomware attack
2017. International Journal of Advanced Research in Computer Science, 8(5),
pp.1938-1940.
Mousavinejad, E. and et.al 2019. Distributed cyber attacks detection and recovery mechanism for
vehicle platooning. IEEE Transactions on Intelligent Transportation Systems. 21(9).
pp.3821-3834.
Mousavinejad, E. and et.al 2019. Distributed cyber attacks detection and recovery mechanism for
vehicle platooning. IEEE Transactions on Intelligent Transportation Systems. 21(9).
pp.3821-3834.
Newman, M. and Gough, D., 2020. Systematic reviews in educational research: Methodology,
perspectives and application. Systematic reviews in educational research, pp.3-22.
Ophoff, J. and Lakay, M., 2018, August. Mitigating the ransomware threat: a protection
motivation theory approach. In International Information Security Conference (pp. 163-
175). Springer, Cham.
Pandey, P. and Pandey, M.M., 2021. Research methodology tools and techniques. Bridge Center.
Rinjit, K., 2020. Research methodology.
Rüdiger, S. and Dayter, D., 2017. The ethics of researching unlikeable subjects. Applied
Linguistics Review, 8(2-3), pp.251-269.
Saad, A. and et.al 2020. On the implementation of IoT-based digital twin for networked
microgrids resiliency against cyber attacks. IEEE transactions on smart grid. 11(6).
pp.5138-5150.
Sethuraman, S.C., Vijayakumar, V. and Walczak, S., 2020. Cyber attacks on healthcare devices
using unmanned aerial vehicles. Journal of medical systems. 44(1). pp.1-10.
32

Shi, K. and et.al 2020. Hybrid-driven finite-time H∞ sampling synchronization control for
coupling memory complex networks with stochastic cyber attacks. Neurocomputing. 387.
pp.241-254.
Souza and et.al., 2019. Effects of Qualitative Data Analysis Softwares in the Quality of
Researches. Revista de Administração Contemporânea, 23, pp.373-394.
Tahoun, A.H. and Arafa, M., 2021. Cooperative control for cyber–physical multi-agent
networked control systems with unknown false data-injection and replay cyber-
attacks. ISA transactions. 110. pp.1-14.
Takahashi, J., 2018. An overview of cyber security for connected vehicles. IEICE
TRANSACTIONS on Information and Systems. 101(11). pp.2561-2575.
Tandon, A. and Nayyar, A., 2019. A comprehensive survey on ransomware attack: A growing
havoc cyberthreat. Data Management, Analytics and Innovation, pp.403-420.
Trautman, L.J. and Ormerod, P.C., 2018. Wannacry, ransomware, and the emerging threat to
corporations. Tenn. L. Rev. 86. p.503.
Tully, J. and et.al, 2020. Healthcare challenges in the era of cybersecurity. Health security. 18(3).
pp.228-231.
Vidyarthi and et.al., 2019. Static malware analysis to identify ransomware
properties. International Journal of Computer Science Issues (IJCSI), 16(3), pp.10-17.
Yamin and et.al., 2021. Weaponized AI for cyber attacks. Journal of Information Security and
Applications, 57, p.102722.
Yin, X.C. and et.al 2019. Toward an applied cyber security solution in IoT-based smart grids: An
intrusion detection system approach. Sensors. 19(22). p.4952.
Zimba, A., Wang, Z. and Chen, H., 2018. Multi-stage crypto ransomware attacks: A new
emerging cyber threat to critical infrastructure and industrial control systems. Ict
33