Nina-Birte Schirrmacher, Jan Ondrus, Felix Ter Chian Tan
In Proceedings of the 22nd Pacific Asia Conference on Information Systems, Yokohama, Japan, 26-30 June, 2018
Publication year: 2018

Abstract

The growth of the information security industry reflects the global threat of cybercriminal activities. Cybercriminal activities impose significant costs on the global economy. Yet, although cybercriminal activities are underpinned by information systems (IS), research is scarce on how digitalization facilitates cybercrimes. To understand, anticipate and control successful cybercriminal modi operandi, crime researchers need to understand the capabilities inherent in cybercriminals. We analyze the case of the WannaCry attack, a global unprecedented ransomware attack, from an IS capability perspective. Our preliminary analysis suggests a three-phase process model of the dynamic environment of WannaCry consisting of cybercriminals and counterparties. During each phase, cybercriminals relied on different types of IS capabilities to continue their operations within a changing context.