Institute of Cyber Security for Society (iCSS) event 19th November 2021

Cyber security

To counter the ransomware threat, we need to go beyond understanding what ransomware is and seek an understanding of why ransomware is” - Diana Selck-Paulsson (Orange Cyberdefense)

The Cyber Security Seminar at the Institute of Cyber Security for Society (iCSS) University of Kent on Friday 19th November will be a virtual seminar on MS Teams at 11am and details are below.


Attendees are asked to use this link to join the seminar. This seminar is open to everyone (i.e., those internal to Kent and any external colleagues). Externals should email Dr Jason Nurse before to let the team know that you plan on attending. Thank you!



Ransomware has been with us for some time now, it’s been evolving into an impactful threat globally and most importantly it has evolved in its form. Traditionally, ransomware has encrypted files and systems of victims, resulting in a demand for payment to decrypt and thus re-again access. Modern ransomware however has developed into a crime that consists of several components, different actors are involved in different stages of a modern ransomware attack. This lets us question if the name of ransomware is still accurate? We propose that what we are currently witnessing is cyber extortion (Cy-X), which sometimes includes the encryption of files and system but other times excludes this essential part and moves on to extort the victims based on sensitive data that was exfiltrated.

In this presentation we want to explore the challenge of modern ransomware and propose better terminology to what we are currently witnessing. We then want to get a better understanding why ransomware is by applying a theoretical framework from the discipline of criminology. By applying a framework called Routine Activity Theory, we are looking at three pillars that increase the likelihood for a crime – such as cyber extortion – to occur. The trio of factors are: a Motivated Offender, a Suitable Victim, and the lack of a Capable Guardian. The framework was developed for ‘real world’ crime, but by examining how each of these three elements might manifest in ransomware / cyber extortion, we can start to benefit from the guidance the framework offers on how this form of crime might be reduced.

Throughout the presentation we will share the current status of modern ransomware based on data collected from the leak sites on the dark web where we put special focus on the victimology.


Speaker Bio

Diana is a Threat Research Analyst for Orange Cyberdefense, based in Malmo, Sweden, where among other projects she heads the company’s efforts to track, analyze and report on current ransomware trends such as the human-operated ransomware activities seen throughout the past 2 years. Diana has a Masters in International Criminology from the University of Hamburg, as well as a Bachelor’s Degree in Socio-Economics.

Her primary interests and focus are on data analysis, researching cybercrime trends, victimology and the human element in cyber security. Besides that she thinks that knowledge sharing is pretty cool and therefore created a local meetup called “Critical Tech” that encourages to look at technology more critical and aims to raise awareness on technological developments introduced to broader society.