Ransomware represents a category of malicious software designed to restrict access to digital systems or data, typically by encryption, until a ransom is paid by the victim. Over the past decades, ransomware has evolved from its initial appearance in 1989 into one of the most prevalent and financially damaging forms of malware. Its increasing sophistication, automation, and commercialization through Ransomware-as-a-Service models have contributed to a significant rise in cyber-enabled organized crime. Although numerous case studies, systematic reviews, and surveys have examined specific aspects of ransomware there remains a lack of up-to-date, comprehensive state-of-the-art analyses reflecting the latest attack trends and mitigation approaches. In this paper, we present a systematic literature review of existing ransomware research using eight digital libraries. Our analysis categorizes common attack vectors, operational methods, and exploitable weaknesses of ransomware. Furthermore, we synthesize current knowledge on effective prevention, detection, and mitigation strategies applicable at different stages of an attack lifecycle. The findings contribute to a consolidated understanding of ransomware evolution and provide actionable insights for enhancing future defensive measures against this pervasive cybersecurity threat.
Tröster et al. (Thu,) studied this question.