EPSRC logo

Details of Grant 

EPSRC Reference: EP/P011772/1
Title: EconoMical, PsycHologicAl and Societal Impact of RanSomware (EMPHASIS)
Principal Investigator: Boiten, Professor EA
Other Investigators:
Hadlington, Dr L Hernandez-Castro, Dr J Stepanova, Dr A
Arief, Dr LB Cartwright, Dr E
Researcher Co-Investigators:
Project Partners:
BT Dun Laoghaire Institute of Art Design & Flinders University of South Australia
National Crime Agency
Department: Faculty of Technology
Organisation: De Montfort University
Scheme: Standard Research
Starts: 01 July 2017 Ends: 30 June 2019 Value (£): 444,858
EPSRC Research Topic Classifications:
Criminology Human-Computer Interactions
EPSRC Industrial Sector Classifications:
Information Technologies
Related Grants:
EP/P01187X/1 EP/P011721/1 EP/P011861/1
Panel History:
Panel DatePanel NameOutcome
10 Nov 2016 Human Dimensions of Cyber Security Announced
Summary on Grant Application Form
The project considers the economical, psychological and social effects of ransomware.

Ransomware is a particular type of malware, and a new crime of extortion committed online. Malicious software gets installed through a phishing email or a drive-by download on a website. When it runs, it performs an action such as the encryption of the user's files, and asks a ransom for this action to be undone. The victim is coerced into paying through psychological manipulations which sometimes masquerade as advice. Due to the subtle ways that the technological aspects of the crime blend with - and are exploited through - various human dimensions, it has profound economic, psychological and societal impacts upon its victims, which makes its eradication all the more complicated. Law Enforcement Agencies have estimated that losses to criminals using ransomware are many millions of pounds, but the true costs may never be known because victims have shown to be particularly reluctant to report.

This project sets out to answer the following questions:

Why is ransomware so effective as a crime and why are so many people falling victim to it?

Who is carrying out ransomware attacks?

How can police agencies be assisted?

What interventions are required to mitigate the impacts of ransomware?

In order to do so, the project gathers data from Law Enforcement Agencies (which have agreed to closely collaborate with the project), through surveys of the general public and SMEs, and through interviews with stakeholders. The data will be analysed using script analysis, behavioural analysis, and other profiling techniques, leading to narratives regarding the criminals, the victims, and the typical ransomware scenario. Economical and behavioural models of ransomware will then be constructed and used to improve ransomware mitigation and advice, as well as support for law enforcement.
Key Findings
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Potential use in non-academic contexts
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Impacts
Description This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Summary
Date Materialised
Sectors submitted by the Researcher
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Project URL:  
Further Information:  
Organisation Website: http://www.dmu.ac.uk