RT Article
T1 Examining ransomware payment decision-making among small- and medium-sized enterprises
JF European journal of criminology
VO 22
IS 4
SP 625
OP 645
A1 Matthijsse, Sifra R.
A1 Moneva, Asier
A1 van ’t Hoff-de Goede, M. Susanne
A1 Leukfeldt, E. R. 1982-
A2 Moneva, Asier
A2 van ’t Hoff-de Goede, M. Susanne
A2 Leukfeldt, E. R. 1982-
LA English
YR 2025
UL https://krimdok.uni-tuebingen.de/Record/1939333199
AB Ransomware is currently one of the most prominent cyberthreats for organizations. Small- and medium-sized enterprises are particularly vulnerable to ransomware victimization and more inclined toward paying the ransom. However, while a few studies have been conducted on victimization of ransomware, little is known about how small- and medium-sized enterprises respond to victimization and what factors contribute to the decision to pay the ransom. This study uses a survey with a vignette experiment conducted among 445 owners and managers of Dutch small- and medium-sized enterprises to gain more insight into the factors that are related to the decision to pay the ransom in the event of ransomware victimization. Findings show that the likelihood that the ransom is paid is low. While the affordability of the ransom demand seems unrelated to the likelihood of paying, being advised by a cybersecurity company to pay the ransom and not having a back-up significantly increases the likelihood of the ransom being paid. The findings provide insight into factors that make ransomware victims vulnerable to extortion. Furthermore, implications for how ransomware attacks can be mitigated are discussed.
K1 Cybercrime
K1 ransomware
K1 Victimization
K1 vignette
DO 10.1177/14773708241285671