Artificial Intelligence Advances

Ransomware attacks have been spreading broadly in the last few years, where attackers deny users’ access to their systems and encrypt their files until they pay a ransom, usually in Bitcoin. Of course, that is the worst thing that can happen; especially for organizations having sensitive information. In this paper we proposed a cyber security awareness program intended to provide end-users with a rescue checklist in case of being attacked with a ransomware as well as preventing the attack and ways to recover from it. The program aimed at providing cyber security knowledge to 15 employees in a Sudanese trading and investment company. According to their cyber behaviour before the program, the participants showed a low level cyber security awareness that with 72% they are likely of being attacked by a ransomware from a phishing email, which is well known for spreading ransomware attacks. The results revealed that the cyber security awareness program greatly diminished the probability of being attacked by a ransomware with an average of 28%. This study can be used as a real-life ransomware attack rescue plan.

Cyber security;Awareness;Ransomware attack;Phishing email

[1] Adhikari, D. 2016. Exploring the differences between social and behavioral science. Behavioral Development Bulletin, 21(2), 128–135.

[2] Wayne Patterson, Cynthia E. Winston-Proctor - Behavioral Cybersecurity_ Applications of Personality Psychology and Computer Science (2019, Taylor & Francis_CRC).

[3] Cuthbertson A. (2017): “Ransomware attacks rise 250 percent in 2017, Hitting U.S. Hardest,” Newsweek, September 28, 2017. www.newsweek.com/ransomware-attacks-rise-250-2017-us-wannacry-614034.

[4] C. Everett, “Ransomware: To pay or not to pay?", Comp. Fraud &

[5] Secur., vol. 2016, no. 4, pp. 8{12, 2016

[6] (doi: 10.1016/S1361-3723(16)30036-7).

[7] Young, H., van Vliet, T., van de Ven, J., Jol, S., Broekman, C.: Understanding human factors in cyber security as a dynamic system. In: International Conference on Applied Human Factors and Ergonomics, pp. 244–254. Springer, Cham (2018).

[8] Gavin Watson, Andrew Mason and Richard Ackroyd (Auth.) - Social Engineering Penetration Testing. Executing Social Engineering Pen Tests, Assessments and Defense (2014, Syngress).

[9] Connolly LY, Lang M, Gathegi J, et al. Organizational culture, procedural countermeasures and employee security behaviour: a qualitative study. Inf Comp Secur 2017;25:118-36.

[10] Hull G, John H, Arief B. Ransomware deployment methods and analysis: views from a predictive model and human responses. Crime Science 2019;8:2-22.

[11] Internet Security Threat Report Volume 22 https://s1.q4cdn.com/585930769/files/doc_downloads/lifelock/ISTR22_Main-FINAL-APR24.pdf.

[12] C. Everett, Ransomware: To pay or not to pay?", Comp. Fraud &

[13] Secur., vol. 2016, no. 4, pp. 8{12, 2016

[14] (doi: 10.1016/S1361-3723(16)30036-7).

[15] “What you need to know about the WannaCry ransomware",

[16] Symantec, Threat Intelligence, Oct. 2017, [Online]. Available:

[17] https://www.symantec.com/blogs/threat-intelligence/wannacryransomware-attack.

[18] Wisniewska, M., Wisniewski, Z.: The relationship between knowledge security and the propagation of innovation. Adv. Intell. Syst. Comput. 783, 176–184 (2019).

[19] Hull G, John H, Arief B. Ransomware deployment methods and analysis: views from a predictive model and human responses. Crime Science 2019;8:2-22.

[20] Brewer R. Ransomware attack: detection, prevention and cure. Network Secur 2016;2016:5-9.

[21] Mohammed Daffalla Elradi, Altigani Abd alraheem Altigani,Osman Idriss Abaker. Cyber Security Awareness among Students and Faculty Members in a Sudanese College. Electrical Science &Engineering,Volume 02, Issue 02, October 2020.