[pvestig]

We are compiling a census of actual ransomware attacks, with the objective of detecting possible clues to attribution. A unique feature of this census is examining the dialog structure of each attack—-how the attack unfolded as a conversation between the attacker and the victim. We do not need to know the identity of the victim, but do have a list of questions that we would like to pursue in a phone conversation with individuals willing to share their experiences. These questions concern the participants in the unfolding attack (characteristics of the victim; type of system infected; point of entry; what is known about the attacker or attackers; payment method and destination; whether and how law enforcement was involved), as well as the time-sequenced series of utterances among the participants. The study will be completed by the end of 2017, and a summary report will be made available to those who have contributed their experience to the census. If you would like to participate, please contact us at radarproject2017@gmail.com .

Topic