Assessing Ransomware Mitigation Strategies in Swedish Organizations: A Focus on Phishing Emails

Abstract: Ransomware has been a growing threat to today's organizations, with irreparable damages and billions of dollars lost, it is crucial for organizations to implement mitigation strategies that can counter these attacks. With phishing attempts being the primary attack vector, it is evident that organizations need to implement the best practices in order to avoid the consequences. Thus, this study addresses the question “How do the actual ransomware mitigation strategies implemented by Swedish organizations compare to the best practices suggested in literature, with a focus on phishing emails as a common means of ransomware transmission?” The study was conducted by utilizing semi-structured interviews and interviewing five participants that work or have worked as IT-security consultants which are then summarized and analyzed with a thematic analysis approach. Seven relevant themes and fifteen sub-themes were introduced and analyzed in order to answer the proposed research question: attack vector, security awareness training, technical solutions, challenges of solutions, frameworks, evolution and keeping yourself updated. All participants were contacted via Linkedin and the interviews were done virtually via Zoom. The findings of this study shows that Swedish organizations utilize a minimal amount of ransomware mitigation strategies due to the lack of resources, care and overall awareness regarding the topic. According to the interviewed participants, basic forms of technical solutions and administrative solutions are mostly implemented, however they are a lacking form of medium and can generally be bypassed easily. The primary factors that were brought up and introduced was security awareness training and technical solutions. Essentially, it all boils down to employee’s incompetence and lack of security awareness. No matter how many technical solutions that are implemented within an organization, if an employee is not aware that they shouldn’t click on malicious links, an infection might spread.