Analysis of the psychology behind digital ransom notes, commissioned by SentinelOne, sheds light on the range of social engineering tactics used by cyber attackers.
SentinelOne, the company transforming endpoint protection by delivering unified, multi-layer protection driven by machine learning and intelligent automation, has commissioned a new report examining ransomware ‘splash screens’ – the initial warning screens of ransomware attacks.
The report “Exploring the Psychological Mechanisms used in Ransomware Splash Screens” by Dr. Lee Hadlington PhD,1 senior lecturer of cyberpsychology at De Montfort University, London, reveals how social engineering tactics are used by cyber criminals to manipulate and elicit payments from individuals. It provides analysis of the language, visuals and payment types from 76 splash screens, to highlight how key social engineering techniques – fear, authority, scarcity (or urgency) and humour – are exploited by cyber criminals in ransomware attacks.
The report also examines the differing levels of sophistication on the part of the attackers and comes in the wake of recent global ransomware attacks which have struck both public sector and private organisations, causing massive disruption and costing businesses millions2 in lost revenue.
From the analysis of the splash screen samples, common trends highlighted include:
“We know that psychology plays a significant part in cyber crime – what’s been most interesting from this study is uncovering the various ways that key social engineering techniques are used to intimidate or influence victims” said Hadlington. “With ransomware on the rise, it’s important that we improve our understanding of this aspect of the attack and how language, imagery and other aspects of the initial ransom demand are used to coerce victims.”
“Although ransomware has leapt to the top of the public’s consciousness following recent attacks, what’s been less well documented is exactly how the criminals are manipulating their targets into paying up,” said Tony Rowan, chief security consultant at SentinelOne. “This report sheds light on the most common tactics used, with the aim that, through awareness, we are better placed to advise individuals and businesses how not to be duped by these criminals’ claims.”
A copy of the full “Psychology of Digital Ransom Notes” report is available for download here.
Notes for Editors
Dr. Lee Hadlington PhD FHEA CPsychol AFBPsS, Senior Lecturer in Cyberpsychology and Chartered Psychologist, Psychology and Technology Research Group. De Monfort University, Leicester
Predictive, Pre-Deployment, Post Installation and Health Check Wireless Surveys carried out by certified wireless engineers.
We look at Wi-Fi fundamentals, explore the benefits of and technology behind Wi-Fi 6, Wi-Fi 6E and what the future holds for Wi-Fi 7
Net-Ctrl provide network and structured cabling solutions as either a stand-alone installation, or to compliment products and solutions that we offer.
Connect-the-Classroom scheme is allowing schools to upgrade their infrastructure to a solution that should last 10 years
Net-Ctrl provides two excellent support packages in addition to any equipment purchased. Find out about our Silver or Gold support package
IP-CCTV site survey to assess camera locations and requirement and existing Mobotix solution health checks.
Net-Ctrl offers our Cloud WLAN. Delivering market-leading patented technology managed by the Net-Ctrl engineering team.
Net-Ctrl offers a range of wireless network solutions. We explore some common questions related to these solutions.
Offering end-to-end, affordable and competitive financing solutions to help you achieve your business goals.