Date of Award

Spring 5-12-2023

Degree Type


Degree Name

Master of Science (MS)


Computer Science

First Advisor

Margaret McCoey




This paper explores ransomware and it’s effect on organizations with the intent of uncovering the ideal way for an organization to handle an attack. It begins with a short introduction of ransomware and it’s similarities and differences to traditional crimes, such as theft. Then the paper explains the two main categories of ransomware – crypto-ransomware and locker ransomware – and how most variants are derived from these categories. It includes a description of each category and the typical ways an organization would encounter it. The paper examines the emergence of ransomware-as-a-service (RaaS) and how it’s divide-and-conquer nature allows cybercriminals to specialize in either malware development or network penetration. In addition, RaaS has enabled criminals with low-level programming skills to partake in and profit from ransomware. It discusses the most common RaaS business models and some of the most prolific and dangerous variants. The paper analyzes cryptocurrency’s role in ransomware attacks and how it perpetuates the anonymity of the cybercriminals. It also investigates the evolution of ransomware from it’s origin until 2020 and the different variants that have emerged. Then the paper shifts to focus on what can be done to combat ransomware. It looks at preventative measures, reactive measures, and mitigation. Finally, the paper concludes with the best way for an organization to handle a ransomware attack.