Start Date
16-8-2018 12:00 AM
Description
The standardization, inter-connectivity and pervasiveness of information systems, combined with the increasing ability to collect and utilize data, enhance the value they offer a user. These strengths however can also be turned into a weakness and vulnerability by ransomware (RW). RW can utilize the functionality of current systems both to infect them but also to increase the magnitude of the attack. This research proposes a model of the impact of the RW attack on the user’s trust, which in turn has an effect on their decision to pay the ransom or follow the guidance from the relevant institutions. The model shows that the effectiveness of the attack, the trust in the competence of the attacker and ransomware demands that are reasonable and easy to fulfill, positively influence the intention to pay the ransom. The initial institutional response, institutional trust and institutional solution influence the intention to follow the institutional guidance.
Recommended Citation
Zarifis, Alex and Cheng, Xusen, "The Impact of Extended Global Ransomware Attacks on Trust: How the Attackers Competence and Institutional Trust Influence the Decision to Pay" (2018). AMCIS 2018 Proceedings. 31.
https://aisel.aisnet.org/amcis2018/Security/Presentations/31
The Impact of Extended Global Ransomware Attacks on Trust: How the Attackers Competence and Institutional Trust Influence the Decision to Pay
The standardization, inter-connectivity and pervasiveness of information systems, combined with the increasing ability to collect and utilize data, enhance the value they offer a user. These strengths however can also be turned into a weakness and vulnerability by ransomware (RW). RW can utilize the functionality of current systems both to infect them but also to increase the magnitude of the attack. This research proposes a model of the impact of the RW attack on the user’s trust, which in turn has an effect on their decision to pay the ransom or follow the guidance from the relevant institutions. The model shows that the effectiveness of the attack, the trust in the competence of the attacker and ransomware demands that are reasonable and easy to fulfill, positively influence the intention to pay the ransom. The initial institutional response, institutional trust and institutional solution influence the intention to follow the institutional guidance.