Improving Backup System Evaluations in Information Security Risk Assessments to Combat Ransomware

  •  Jason Thomas    
  •  Gordon C. Galligher    


Ransomware is the fastest growing malware threat and accounts for the majority of extortion based malware threats causing billions of dollars in losses for organizations around the world. Ransomware is a global epidemic that afflicts all types of organizations that utilize computing infrastructure. Once systems are infected and storage is encrypted, victims have little choice but to pay the ransom and hope their data is released or start over and rebuild their systems. Either remedy can be costly and time consuming. However, backups can be used to restore data and systems to a known good state prior to ransomware infection. This makes backups the last line of defense and most effective remedy in combating ransomware. Accordingly, information security risk assessments should evaluate backup systems and their ability to address ransomware threats. Yet, NIST SP-800-30 does not list ransomware as a specific threat. This study reviews the ransomware process, functional backup architecture paradigms, their ability to address ransomware attacks, and provides suggestions to improve the guidance in NIST SP-800-30 and information security risk assessments to better address ransomware threats.

This work is licensed under a Creative Commons Attribution 4.0 License.
  • ISSN(Print): 1913-8989
  • ISSN(Online): 1913-8997
  • Started: 2008
  • Frequency: quarterly

Journal Metrics

WJCI (2021): 0.557

Impact Factor 2021 (by WJCI):  0.304

h-index (December 2022): 40

i10-index (December 2022): 179

h5-index (December 2022): N/A

h5-median(December 2022): N/A

( The data was calculated based on Google Scholar Citations. Click Here to Learn More. )